Physical Security - E-Commerce - Lecture Slides, Slides of Fundamentals of E-Commerce

Download Physical Security - E-Commerce - Lecture Slides and more Slides Fundamentals of E-Commerce in PDF only on Docsity! "A company may have purchased the best security technologies that money can buy, trained their people so well that they lock up all their secrets before going home at night, and hired building guards from the best security firm in the business. The company is still totally vulnerable... the human factor is truly security's weakest link" Mitnick and Simon (2002). Docsity.com Can you feel safe in the e-world? Kevin Mitnick, The Art of Deception Docsity.com Where we are really exposed?
Physical Security  Reliability of equipment and network connection  Direct access  Accidental loss (e.g. memory sticks, laptops)  Robbery (physical)
Human Factor  passwords  lack of awareness what information is sensitive  accidental leakage of information (not intended e-mails)  disloyalty (dishonest or dissatisfied personnel) Docsity.com Where we are really exposed?
Malware  viruses, worms, Trojan horses and spyware
Hacker Attacks  Denial-of-service (DOS) attacks  Access to sensitive data  Altering the website  Access to customer or partner information  Corruption of business data Docsity.com Where we are really exposed?
Methods of hacker attacks:  Exploits - using system bugs or glitches, e.g.:
Buffer overflows
Input validation errors (SQL and code injections, directory traversal)
Cross-site scripting
HTTP header injections  Eavesdropping, wi-fi eavesdropping  Indirect attacks  Backdoors  Denial-of-service (DOS) attacks  Social attack (social engineering)  Direct access attacks (physical) Docsity.com