1
E-business Security and Control
2
Opening Case: Visa• “10 commandments” for online merchants
– Maintaining a network firewall– Keeping security patches up to date– Encrypting stored data– Restricting data access on the basis of need to
know– Using updated antivirus software, etc.
3
Threat of Accidents and Malfunctions
4
Figure 13.1
5
• Operator error• Hardware malfunction• Software bugs• Data errors• Accidental disclosure of information• Damage to physical facilities• Inadequate system performance• Liability for system failure
6
Threat of Computer Crime
7
Figure 13.2
8
Theft• Theft of software and equipment• Unauthorized use of access codes and
financial passwords• Theft by entering fraudulent transaction
data• Theft by stealing or modifying data• Internet hoaxes for illegal gain• Theft by modifying software
9
Sabotage and Vandalism• Trap door
– A set of instructions that permits a user to bypass the computer system’s security measures
• Trojan horse– A program that appears to be valid but contains
hidden instructions that can cause damage
10
• Logic bomb– A type of Trojan horse set to activate when a
particular condition occurs• Virus
– A special type of Trojan horse that can replicate itself and spread
• Denial of service attack– Sabotaging a Web site by flooding it with incoming
messages
11
Factors that Increase the Risks• The nature of complex systems• Human limitations• Pressures in the business environment
12
Methods for Minimizing Risks• Controlling system development and
modifications– Software change control systems
• Providing security training– Physical access controls
13
Controlling Access to Data, Computers, and Networks
• Guidelines for manual data handling• Access privileges• Access control based on what you know
– Password Password schemes
• Access control based on what you have• Access control based on where you are• Access control based on who you are
14
• Controlling incoming data flowing through networks and other media– Commercially available virus protectionvirus protection
products– FirewallFirewall software that inspects each incoming
data packet, and decides whether it is acceptable based on its IP address
15
Figure 13.7
16
Making the Data Meaningless to Unauthorized Users
• Public key encryption – encryption method based on two related keys, a public key and a private (secret) key– Also used to transmit the secret key used by the
Data Encryption Standard (DES)– Digital signatures – use public key encryption
to authenticate the sender of a message and the message content
17
Figure 13.8
18
Controlling Traditional Transaction Processing
• Data preparation and authorization• Data validation• Error correction• Backup and recovery
19
Maintaining Security in Web-Based Transactions
• Public key infrastructure (PKI)Public key infrastructure (PKI)– Certification authority (CA)Certification authority (CA) – a company that
issues digital certificates• Computer-based records that identify the CA,
identify the sender that is being verified, contain the sender’s public key, an is digitally signed by the CA
20
Transaction Privacy, Authentication, Integrity, and Nonrepudiation
• Web transactions are encrypted using the Secure Socket Layer (SSL) protocol– Encrypts the transmission using a temporary
key generated automatically based on session information
• Transaction authentication – the process of verifying the identity of the participants in a transaction
21
• Transaction integrity – ensuring that information is not changed after the transaction is completed
• Nonrepudiation – ensuring that neither party can deny that the transaction occurred
22
Difficulties With Security Methods for Web Transactions
• Secure Electronic Transaction (SET) method:– Proposed by a consortium of credit card
companies– More secure than SSL– Costly, and very slow adoption rate
23
Motivating Efficient and Effective Operation
• Monitoring information system usage– Business process performance– Information system performance– Unusual activity
• Charging users to encourage efficiency– Chargeback systems try to motivate efficient
usage by assigning the cost of information systems to the user departments
24
Auditing the Information System• Auditing ensures that financial operations
are neither misrepresented nor threatened due to defective procedures or accounting systems
• Auditing around the computer vs. auditing through the computer
25
Preparing for Disasters
• Disaster plan – a plan of action to recover from occurrences that shut down or harm major information systems
Major categories of security exposures within IT/IS environment:
- Acts of God? Such as fire, floods, hurricanes andother natural catastrophes etc…
- Mechanical failure: as when the H/W, S/W corruptsdata, disc/tape is damaged etc….
- Human carelessness: data entry errors, accident during testing, mislaid/physical damage disc/tape Etc….
Major categories of security exposures within IT/IS environment (Contd…)
- Malicious damage: such as sabotage, a malicious user or programmer etc….
- Crime: embezzlement, industrial espionage, employees selling secrets etc….
- Invasion of privacy – may be due to casual curiosity,malicious invasion of privacy, Obtaining data by a competing org. etc….
DISASTER CATEGORIES
The fundamental hurdles to overcome when planning fordisaster recovery is to realize that the seemingly largevariety of possible disasters can actually be reduced to amanageable number.
In point of fact, all disasters can be grouped into one ormore of only THREE categories. These are:
- loss of information, - loss of access- loss of personnel.
Introduction to Risk Analysis
There are a number of distinct approaches to risk
analysis.
However, these essentially break down into two
types:
- quantitative Risk Analysis
- Qualitative Risk Analysis
Quantitative Risk Analysis
this approach employs two fundamental elements; 1) the probability of an event occurring and 2) the likely loss should it occur.
it also uses a single figure produced from these elements
- This is called the 'Annual Loss Expectancy (ALE)' or the 'Estimated Annual Cost (EAC)'.
- This is calculated for an event by simply multiplying the potential loss by the probability.
31
Qualitative Risk Analysis (The relational model)
Qualitative Risk Analysis
This is by far the most widely used approach to risk analysis. Probability data is not required and only estimated potential loss is used.
Most qualitative risk analysis methodologies make use of a number of interrelated elements:
a) THREATS These are things that can go wrong or that can 'attack' the system. Examples might include fire or fraud. Threats are ever present for every system.
Introducing Risk Analysis
b) VULNERABILITIES These make a system more prone to attack by a threat or make an attack more likely to have some success or impact. For example, for fire a vulnerability would be the presence of inflammable materials (e.g. paper).
c) CONTROLS These are the countermeasures for vulnerabilities. There are four types:
– Deterrent controls reduce the likelihood of a deliberate attack
Introducing Risk Analysis (Contd..)
CONTROLS (Continued from the previous page)
– Preventative controls protect vulnerabilities and make an attack unsuccessful or reduce its impact
– Corrective controls reduce the effect of an attack
– Detective controls discover attacks and trigger preventative or corrective controls
35
(The Information Security Process)
36
Information Security Architecture