Common Security - E-Commerce - Lecture Slides, Slides of Fundamentals of E-Commerce

Download Common Security - E-Commerce - Lecture Slides and more Slides Fundamentals of E-Commerce in PDF only on Docsity! Most Common Security Threats in the E-commerce Environment
Malicious code – Viruses – Worms – Trojan horses – Bots, botnets
Unwanted programs – Browser parasites – Adware – Spyware Docsity.com Most Common Security Threats (cont.)
Social engineering
Phishing – Deceptive online attempt to obtain confidential information
E-mail scams
Spoofing legitimate Web sites
Use of information to commit fraudulent acts (access checking accounts), steal identity Docsity.com Sony: Press the Reset Button
What organization and technical failures led to the April 2011 data breach on the PlayStation Network?
Can Sony be criticized for waiting 3 days to inform the FBI?
Have you or anyone you know experienced data theft? Docsity.com Most Common Security Threats (cont.)
Sniffing – Eavesdropping program that monitors information traveling over a network
Insider jobs
Poorly designed server and client software
Social network security
Mobile platform threats – Same risks as any Internet device – Malware, botnets, vishing/smishing Docsity.com Think Your Smartphone Is Secure?
What types of threats do smartphones face?
Are there any particular vulnerabilities to this type of device?
What did Nicolas Seriot’s “Spyphone” prove?
Are apps more or less likely to be subject to threats than traditional PC software programs? Docsity.com Encryption
Encryption – Transforms data into cipher text readable only by sender and receiver – Secures stored information and information transmission – Provides 4 of 6 key dimensions of e-commerce security:
Message integrity
Nonrepudiation
Authentication
Confidentiality Docsity.com Symmetric Key Encryption
Sender and receiver use same digital key to encrypt and decrypt message
Requires different set of keys for each transaction
Strength of encryption – Length of binary key used to encrypt data
Advanced Encryption Standard (AES) – Most widely used symmetric key encryption – Uses 128-, 192-, and 256-bit encryption keys
Other standards use keys with up to 2,048 bits Docsity.com