1 E-business Security and Control

2 Opening Case: Visa 10 commandments for online merchants – Maintaining a network firewall – Keeping security patches up to date – Encrypting stored data – Restricting data access on the basis of need to know – Using updated antivirus software, etc.

3 Threat of Accidents and Malfunctions

4 Figure 13.1

5 Operator error Hardware malfunction Software bugs Data errors Accidental disclosure of information Damage to physical facilities Inadequate system performance Liability for system failure

6 Threat of Computer Crime

7 Figure 13.2

8 Theft Theft of software and equipment Unauthorized use of access codes and financial passwords Theft by entering fraudulent transaction data Theft by stealing or modifying data Internet hoaxes for illegal gain Theft by modifying software

9 Sabotage and Vandalism Trap door – A set of instructions that permits a user to bypass the computer systems security measures Trojan horse – A program that appears to be valid but contains hidden instructions that can cause damage

10 Logic bomb – A type of Trojan horse set to activate when a particular condition occurs Virus – A special type of Trojan horse that can replicate itself and spread Denial of service attack – Sabotaging a Web site by flooding it with incoming messages

11 Factors that Increase the Risks The nature of complex systems Human limitations Pressures in the business environment

12 Methods for Minimizing Risks Controlling system development and modifications – Software change control systems Providing security training – Physical access controls

13 Controlling Access to Data, Computers, and Networks Guidelines for manual data handling Access privileges Access control based on what you know – Password – Password schemes Access control based on what you have Access control based on where you are Access control based on who you are

14 Controlling incoming data flowing through networks and other media virus protection – Commercially available virus protection products – Firewall – Firewall software that inspects each incoming data packet, and decides whether it is acceptable based on its IP address

15 Figure 13.7

16 Making the Data Meaningless to Unauthorized Users Public key encryption – encryption method based on two related keys, a public key and a private (secret) key – Also used to transmit the secret key used by the Data Encryption Standard (DES) – Digital signatures – use public key encryption to authenticate the sender of a message and the message content

17 Figure 13.8

18 Controlling Traditional Transaction Processing Data preparation and authorization Data validation Error correction Backup and recovery

19 Maintaining Security in Web-Based Transactions Public key infrastructure (PKI) Public key infrastructure (PKI) – Certification authority (CA) – Certification authority (CA) – a company that issues digital certificates Computer-based records that identify the CA, identify the sender that is being verified, contain the senders public key, an is digitally signed by the CA

20 Transaction Privacy, Authentication, Integrity, and Nonrepudiation Web transactions are encrypted using the Secure Socket Layer (SSL) protocol – Encrypts the transmission using a temporary key generated automatically based on session information Transaction authentication – the process of verifying the identity of the participants in a transaction

21 Transaction integrity – ensuring that information is not changed after the transaction is completed Nonrepudiation – ensuring that neither party can deny that the transaction occurred

22 Difficulties With Security Methods for Web Transactions Secure Electronic Transaction (SET) method: – Proposed by a consortium of credit card companies – More secure than SSL – Costly, and very slow adoption rate

23 Motivating Efficient and Effective Operation Monitoring information system usage – Business process performance – Information system performance – Unusual activity Charging users to encourage efficiency – Chargeback systems try to motivate efficient usage by assigning the cost of information systems to the user departments

24 Auditing the Information System Auditing ensures that financial operations are neither misrepresented nor threatened due to defective procedures or accounting systems Auditing around the computer vs. auditing through the computer

25 Preparing for Disasters Disaster plan – a plan of action to recover from occurrences that shut down or harm major information systems

Major categories of security exposures within IT/IS environment: - Acts of God? Such as fire, floods, hurricanes and other natural catastrophes etc… -Mechanical failure: as when the H/W, S/W corrupts data, disc/tape is damaged etc…. -Human carelessness: data entry errors, accident during testing, mislaid/physical damage disc/tape Etc….

Major categories of security exposures within IT/IS environment (Contd…) -Malicious damage: such as sabotage, a malicious user or programmer etc…. -Crime: embezzlement, industrial espionage, employees selling secrets etc…. -Invasion of privacy – may be due to casual curiosity, malicious invasion of privacy, Obtaining data by a competing org. etc….

DISASTER CATEGORIES The fundamental hurdles to overcome when planning for disaster recovery is to realize that the seemingly large variety of possible disasters can actually be reduced to a manageable number. In point of fact, all disasters can be grouped into one or more of only THREE categories. These are: - loss of information, - loss of access - loss of personnel.

Introduction to Risk Analysis There are a number of distinct approaches to risk analysis. However, these essentially break down into two types: -quantitative Risk Analysis -Qualitative Risk Analysis

Quantitative Risk Analysis this approach employs two fundamental elements; 1)the probability of an event occurring and 2)the likely loss should it occur. it also uses a single figure produced from these elements - This is called the 'Annual Loss Expectancy (ALE)' or the 'Estimated Annual Cost (EAC)'. -This is calculated for an event by simply multiplying the potential loss by the probability.

31 Qualitative Risk Analysis (The relational model)

Qualitative Risk Analysis This is by far the most widely used approach to risk analysis. Probability data is not required and only estimated potential loss is used. Most qualitative risk analysis methodologies make use of a number of interrelated elements: a) THREATS These are things that can go wrong or that can 'attack' the system. Examples might include fire or fraud. Threats are ever present for every system.

Introducing Risk Analysis b) VULNERABILITIES These make a system more prone to attack by a threat or make an attack more likely to have some success or impact. For example, for fire a vulnerability would be the presence of inflammable materials (e.g. paper). c) CONTROLS These are the countermeasures for vulnerabilities. There are four types: –Deterrent controls reduce the likelihood of a deliberate attack

Introducing Risk Analysis (Contd..) CONTROLS (Continued from the previous page) –Preventative controls protect vulnerabilities and make an attack unsuccessful or reduce its impact –Corrective controls reduce the effect of an attack –Detective controls discover attacks and trigger preventative or corrective controls

35 (The Information Security Process)

36 Information Security Architecture