Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American.

Published byIrma Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American."— Presentation transcript:

1 E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American

2 Information Security as developed by the National Security Telecommunication and Information Systems Security Committee Protection of: Protection of: Information Information Hardware that store information Hardware that store information Hardware that transmit information Hardware that transmit information From direct and indirect attacks From direct and indirect attacks Without affecting availability to authorized users Without affecting availability to authorized users

3 Deliberate Security Threat Espionage (national security) Espionage (national security) Industrial Espionage Industrial Espionage Competitive intelligence (could be legal) Competitive intelligence (could be legal) Shoulder surfing Shoulder surfing Hacking Hacking Sabotage (ex.denial of service by zombies) Sabotage (ex.denial of service by zombies) Vandalism Vandalism Theft Theft

4 Some techniques Port scanning – enter through an open port Port scanning – enter through an open port Password crack (brute force or dictionary) Password crack (brute force or dictionary) Software scanning (what software is run) Software scanning (what software is run) Write scripts that can be used by software (malware) Write scripts that can be used by software (malware) Back doors (system passwords not changed) Back doors (system passwords not changed) Get access to a site and go from there to a trusted site Get access to a site and go from there to a trusted site Man in the middle Man in the middle

5 Protection Take all precautions Take all precautions Also have backup plans (contingency plan) Also have backup plans (contingency plan) Off site systems Off site systems Disaster recovery Disaster recovery

6 Firewall Technologies Packet filtering Packet filtering Application firewall (proxy server) Application firewall (proxy server) state inspection state inspection Dynamic packet filtering Dynamic packet filtering Kernel proxy Kernel proxy NAT NAT

7 Packet filtering and dynamic packet filtering

8 Cryptography Study of secret codes Study of secret codes Encrypting Encrypting Applying a substitution code Applying a substitution code Decrypting Decrypting Using the key to decode Using the key to decode Single key or multiple keys can be used Single key or multiple keys can be used

Download ppt "E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American."

Similar presentations

Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.

Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Internet Security In the 21st Century Presented by Daniel Mills.

Internet Security In the 21st Century Presented by Daniel Mills.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Security.

MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Security.

Similar presentations

Ads by Google