Presentation is loading. Please wait.

Presentation is loading. Please wait.

PART THREE E-commerce in Action Norton University E-commerce in Action.

Published byBrittney Hood Modified over 8 years ago

Similar presentations

Presentation on theme: "PART THREE E-commerce in Action Norton University E-commerce in Action."— Presentation transcript:

1 PART THREE E-commerce in Action Norton University E-commerce in Action

2 Chapter 7: Online Security and Payment Systems
Norton University E-commerce in Action

3 Learning Objectives Understand the scope of e-commerce crime and security problems. Describe the key dimensions of e-commerce security. Understand the tension between security and other values. Identify the key security threats in the e-commerce environment. Describe how technology helps protect the security of messages sent over the Internet. Norton University E-commerce in Action

4 Understand the scope of e-commerce crime and security problems
While the overall size of cyber-crime is unclear at this time, cyber-crime against e-commerce sites is growing rapidly, the amount of losses is growing, and the management of e-commerce sites must prepare for a variety of criminal assaults. Norton University E-commerce in Action

5 The key dimensions of e-commerce security
There are six key dimensions to e-commerce security: - Integrity - Non-repudiation - Authenticity - Confidentiality - Privacy - Availability Norton University E-commerce in Action

6 The key dimensions of e-commerce security (Cont.)
Integrity: Ensures that information displayed on a Web site or sent or received via the Internet has not been altered in any way by an unauthorized party. Non-repudiation: Ensure that e-commerce participants do not deny (repudiate) their online actions. Norton University E-commerce in Action

7 The key dimensions of e-commerce security (Cont.)
Authenticity: Verifies an individual’s or business’s identity. Confidentiality: Determines whether information shared online, such as through communication or an order process, can be viewed by anyone other than the intended recipient. Norton University E-commerce in Action

8 The key dimensions of e-commerce security (Cont.)
Privacy: Deals with the use of information shared during an online transaction consumers want to limit the extent to which their personal information can be divulged to other organizations, while, merchants want to protect such information from falling into the wrong hand. Availability: Determines whether a Web site is accessible and operational at any given moment. Norton University E-commerce in Action

9 The tension between security and other values
Although computer security is considered necessary to protect e-commerce activities, it is not without a downside. Two major areas where there are tensions between security and Web site operations include: Ease of use and Public safety. Norton University E-commerce in Action

10 The tension between security and other values (Cont.)
Ease of use: The more security measures that are added to an e-commerce site, the more difficult it is to use and the slower the site becomes, hampering ease of use. Security is purchased at the price of slowing down processors and adding significantly to data storage demands. Too much security can harm profitability, while not enough can potentially put a company out of business. Norton University E-commerce in Action

11 The tension between security and other values (Cont.)
Public safety: There is a tension between the claims of individuals to act anonymously and the needs of public officials to maintain public safety that can be threatened by criminals or terrorists. Norton University E-commerce in Action

12 The security threats in the e-commerce environment
The nine most common and most damaging forms of security threats to e-commerce sites include: - Malicious code - Unwanted programs (adware, spyware, etc.) - Phishing - Hacking and cyber-vandalism - Spoofing - Denial of Service attacks - Sniffing - Insider jobs - Poorly designed server and client software Norton University E-commerce in Action

13 The security threats in the e-commerce environment (Cont.)
Malicious code: Viruses, worms, Trojan horses, and bot networks are a threat to a system’s integrity and continued operation, often changing how a system functions or altering documents created on the system. Unwanted programs (adware, spyware, etc.): A kind of security threat that arises when programs are surreptitiously installed on your computer or computer network with. Norton University E-commerce in Action

14 The security threats in the e-commerce environment (Cont.)
Phishing: Any deceptive, online attempt by a third party to obtain confidential information for financial gain. Hacking and cyber-vandalism: Intentionally disrupting, defacing, or even destroying a site. Norton University E-commerce in Action

15 The security threats in the e-commerce environment (Cont.)
Credit card fraud/theft: One of the most feared occurrences and one the main reasons more consumers do not participate in e-commerce. The most common cause of credit card fraud is a lost or stolen card that is used by someone else, followed by employee theft of customer numbers and stolen identities (criminals applying for credit card using false identities). Norton University E-commerce in Action

16 The security threats in the e-commerce environment (Cont.)
Spoofing: Occurs when hackers attempt to hide their true identities or misrepresent themselves by using fake addresses or masquerading as someone else. Spoofing also can involve redirecting a Web link to an address different from the intended one, with the site masquerading as the intended destination. Norton University E-commerce in Action

17 The security threats in the e-commerce environment (Cont.)
Denial of Service attacks: Hackers flood a Web site with useless traffic to inundate and overwhelm the network, frequently causing it to shut down and damaging a site’s reputation and customer relationships. Sniffing: A type of eavesdropping program that monitors information traveling over a network, enabling hackers to steal proprietary information from anywhere on a network, including messages, company files, and confidential report. The threat of sniffing is that confidential or personal information will be made public. Norton University E-commerce in Action

18 The security threats in the e-commerce environment (Cont.)
Insider jobs: Although the bulk of Internet security efforts are focused on keeping outsiders out, the biggest threat is from employees who have access to sensitive information and procedures. Poorly designed server and client software: The increase in complexity and size of software programs has contributed to an increase in software flaws or vulnerabilities that hackers can exploit weaknesses. Norton University E-commerce in Action

19 How technology helps protect the security of messages sent over the Internet ?
Encryption is the process of transforming plain text or data into cipher text that cannot be read by anyone other than the sender and the receiver. Encryption can provide four of the six key dimensions of e-commerce security. Message integrity, Non-repudiation, Authentication and Confidentiality. Norton University E-commerce in Action

20 How technology helps protect the security of messages sent over the Internet ? (Cont.)
Message integrity: Provides assurance that the sent message has not been altered. Non-repudiation: Prevents the user from denying that he or she sent a message. Authentication: Provides verification of the identity of the person (or computer) sending the message. Confidentiality: Gives assurance that the message was not read by others. Norton University E-commerce in Action

Download ppt "PART THREE E-commerce in Action Norton University E-commerce in Action."

Similar presentations

Primary Threats to Computer Security

Primary Threats to Computer Security
Lecture 14 Securing Information Systems

Lecture 14 Securing Information Systems
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
E-commerce business. technology. society. Kenneth C. Laudon

E-commerce business. technology. society. Kenneth C. Laudon
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Chapter 5 Security and Encryption

Chapter 5 Security and Encryption
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Similar presentations

Ads by Google