Security Threats and Protection Mechanisms. Learning Objectives Internet security issues (intellectual property rights, client, communication channels,

Security

Threats and Protection Mechanisms

Learning Objectives

Internet security issues (intellectual property rights, client, communication channels, servers)

Specific security objectives for protecting Web business assets and customer privacy

How to protect: clients, data in transit, server computers.

Organizations that promote computer, network, and Internet security

Security Overview

Computer security is the protection of assets from unauthorized access, use, alteration, or destruction

Two types of security:• Physical security• Logical security

Vocabulary: Any act or object that poses a danger to computer

assets is known as a threat Countermeasure is a procedure that recognizes,

reduces, or eliminates a threat An eavesdropper is a person or device that can listen

in on and copy Internet transmissions

Aspects of Security

Three computer security categories: • Secrecy• Integrity• Availability

Secrecy refers to protecting against unauthorized data disclosure and ensuring the authenticity of the data’s source

Integrity refers to preventing unauthorized data modification

Necessity refers to preventing data delays or denials

Risk Management

The risk management model shows four general actions to take according to the severity of a threat

Security Policy

A security policy is a written statement describing which assets to protect and why they are being protected, who is responsible for that protection, and which behaviors are acceptable and which are not

The first step an organization must take in creating a security policy is to determine what assets to protect and from whom

Specific elements of a security policy address the following points:

• Authentication and access control• Secrecy and data integrity• Audit• Procedures

Security elements in e-commerce

There are three elements in e-commerce transactions• Client• Communication channel• Server

• Each element must be protected• Each element has its own

requirements and special characteristics

Threats to the Client

Active web content, i.e. non-static pages which contain instructions which execute in the client (for example: ActiveX, Java Applets, JavaScript, other plug-ins)

Systems software bugs (e.g. Microsoft RPC bugs have allowed the proliferation of the Blaster worm)

Software application bugs (e.g. Microsoft Outlook bugs can be exploited by viruses)

Result: Unauthorized access or control of the client

ActiveX Controls

ActiveX is an object that contains programs and properties that Web designers place on Web pages to perform particular tasks

ActiveX controls run only on computers running Windows and only on browsers that support them

Because ActiveX controls have full access to client computers they can cause secrecy, integrity, or necessity violations

Java Applets

Java adds functionality to business applications and can handle transactions and a wide variety of actions on the client computer

The Java sandbox confines Java applet actions to a set of rules defined by the security model

These rules apply to all untrusted Java applets Bugs in the Java VM can cause security

compromises

JavaScript

JavaScript is a scripting language that enables Web page designers to build active content

Errors in JavaScript implementations can invoke privacy and integrity attacks

JavaScript programs do not operate under the restrictions of the Java sandbox security model

Other Active Content

Plug-ins are programs that interpret or execute instructions embedded in downloaded graphics, sounds, and other objects

Popular plug-ins include Macromedia Flash, Microsoft Media Player and Apple Quicktime.

Active content, including all forms, enables Web pages to take action

Plug-ins perform their duties by executing commands buried within the media they are manipulating

Although active content gives life to static Web pages it also introduces unique challenges for protecting the client

Viruses

A virus is software that attaches itself to another file and can executes when host program is activated thus bypassing normal authorization controls

E.g. a MS Word macro virus is coded as a small program and is embedded in a Word document

Viruses can take any number of actions e.g. email everyone in the address book or make phone calls

Viruses often use application software bugs

Client compromises

Clients can be compromised by exploiting system software bugs to take over computers

A Trojan horse is a program hidden inside another program or Web page that masks its true purpose

A worm is a program that has the instructions to look for and capture other computers on the net after infecting one

A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers

Threats to the Communication Channel

The Internet is the medium over which e-commerce data is transferred

Messages on the Internet travel a random path from a source node to a destination node

The content of messages is not protected and anyone on the message path can record its contents

If communication is sensitive additional measures must be taken to protect the data

This is a core requirement for e-commerce

Specific Threats

Secrecy Capture user identity preferences or record

their activities Capture transaction details Capture payment information

Integrity modify transactions modify user credential (e.g. delivery address)

Availability make shop unavailable to customers

Threats to the Server

Servers have software vulnerabilities that can be exploited to cause destruction or to acquire information illegally

E.g. databases connected to the Web contain information that could damage a company if it were disclosed or altered

Physical security and access control is also very important

Threats to Intellectual Property

Intellectual property is the ownership of ideas and control over the tangible or virtual representation of those ideas

IP includes: Names, for example trademarks and

domain names (Cybersquatting, name changing, name stealing)

Digital intellectual property, including art, logos, and music posted on Web sites, is protected by laws

Computer Security Resources

CERT SANS Institute Internet Storm Center Center for Internet Security U.S. Dept. of Justice Cybercrime National Infrastructure Protection

Center

Protecting Electronic Commerce Assets

Monitoring Active Content

Most browsers are equipped to recognize when they are about to download Web page containing active content

Users can configure the user of active content by their browser

For example, configure Java VM using the Java security console

Microsoft Internet Explorer

Microsoft Internet Explorer

Netscape Navigator

Netscape Navigator

Antivirus Software

Antivirus software is a defense strategy Antivirus software matches the contents of a

file under examination against a database of virus “signatures”

Thus, antivirus software cannot protect against viruses that have not been discovered earlier and recorded in the database

One of the most likely places to find a virus is in an electronic mail attachment

Some Web e-mail systems let users scan attachments using antivirus software before downloading e-mail

Protecting e-commerce communications

Providing e-commerce channel security means:• Providing channel secrecy• Guaranteeing message integrity• Ensuring channel availability• A complete security plan includes authentication

Businesses must prevent eavesdroppers from reading the Internet messages that they intercept

Best available way to do this is via encryption

Encryption

Encryption is a mathematical technique which encodes information using a key to transform the original information into a string of characters that is unintelligible

The program that transforms text into cipher text is called an encryption program

At the other end of the communication channel each message is decrypted using the same or a related key by a decryption program

Types of Encryption

Asymmetric encryption or public-key encryption, encodes messages by using two mathematically related numeric keys: a public key and a private key

Symmetric encryption or private-key encryption, encodes a message using a single numeric key to encode and decode data

Hash Functions

Hash algorithms are one-way functions.

A hash algorithm has these characteristics:• It uses no secret key• The message digest it produces cannot be

inverted to produce the original information• The algorithm and information about how it

works are publicly available• Hash collisions are nearly impossible.

MD5 is an example of a hash algorithm

Encryption Methods

Encryption Algorithms and Standards

Secure Sockets Layer (SSL)

Digital Certificates

A digital certificate verifies that a user or Web site is who it claims to be

The digital certificate contains a means for sending an encrypted message to the entity

A Web site’s digital certificate is a shopper’s assurance that the Web site is the real store

Proof of validity and management of digital certificates is provided by the certification authority

Digital Certificates in IE

Ensuring Transaction Integrity

Integrity violations can occur whenever a message is altered while in transit between the sender and receiver

Ensuring transaction integrity, two separate algorithms are applied to a message:• Hash function• Digital signature

Digital Signature

An encrypted message digest is called a digital signature

A purchase order accompanied by the digital signature provides the merchant positive identification of the sender and assures the merchant that the message was not altered

Used together, public-key encryption, message digests, and digital signatures provide quality security for Internet transactions

Transaction Delivery

A denial or delay of service attack removes or absorbs resources

One way to deny service is to flood the server with a large number of packets

To prevent such attacks, a robust network architecture should be in place and network countermeasures should be in place

Protecting the Web Server

The e-commerce server which incorporates a Web server, responds to requests from Web browsers through the HTTP protocol and CGI scripts

Security measures for commerce servers:• Access control and authentication• Operating system controls• Firewall

Access Control and Authentication Access control and authentication refers to

controlling who and what has access to the e-commerce server

Operating systems often provide access control list security to restrict file access to selected users

Users identify themselves using either a password or a token

An access control list (ACL) is a list or database of people who can access the files and resources

Firewalls

A firewall is a system that is installed at the entry point of a network

The firewall provides the first line of defense between a network and the Internet or other network that could pose a threat

Acting as a filter, firewalls permit selected messages to flow into and out of the protected network

Types of Firewalls

Packet-filter firewalls examine all the data flowing back and forth between the trusted network

Application layer firewalls filter traffic based on the application they request

Proxy severs are firewalls that communicate with the Internet on the private network’s behalf

IP Protection

A watermark is data imperceptibly added to the original digital asset in order to convey hidden copyright data

A watermark can be used to verify the lawful use of the asset

It should not reduce the quality of the digital asset Still in its infancy as a market Other techniques (less powerful) are based on

mechanisms built-in the hardware or the software Examples include DVD and MS Media Player but

more often than not can be bypassed