E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American.

Slides:



Advertisements
Similar presentations
Ethics, Privacy and Information Security
Advertisements

Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Internet Security In the 21st Century Presented by Daniel Mills.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Security.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American.
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
1 Chapter Six IT Networks and Telecommunications Risks.
CPT 499 Internet Skills for Educators. Internet Security Why security Server software security problems Server software security solutions Security Policies.
Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
The Need for Security Principles of Information Security Chapter 2.
Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
All Input is Evil (Part 1) Introduction Will not cover everything Healthy level of paranoia Use my DVD Swap Shop application (week 2)
Password Security & Software Encryption n John Barthmaier n October 21, 2009.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
Ingredients of Security
Welcome Topic : Security.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
AQA A2 COMP 3: Internet Security. Lesson Aim By the end of the lesson: By the end of the lesson: Describe different security issues and recommend tools/techniques.
Topic 8 – Security Methods 1)TechMed scenario covers Security methods and devices, including biometrics In the scenario: Implied.
CPT 123 Internet Skills Class Notes Internet Security Session B.
Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.
E-Commerce & Bank Security By: Mark Reed COSC 480.
ESTABLISHING AND MANAGING IT SECURITY Prepared by : Siti Mahani Mahmud Yong Azua Mat Zaliza Azan.
Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Week-14 (Lecture-1) Malicious software and antivirus: 1. Malware A user can be tricked or forced into downloading malware comes in many forms, Ex. viruses,
Information Systems Design and Development Security Precautions Computing Science.
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.
Information Management System Ali Saeed Khan 29 th April, 2016.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Security on Peer-to-Peer Networks.
Protection of Data 31 Protection of Data 31. Protection of Data 31 Having looked at threats, we’ll now look at ways to protect data: Physical Barriers.
INTRODUCTION TO INFORMATION SYSTEMS LECTURE 11: SECURITY & ETHICAL CHALLENGES أ/ غدير عاشور
أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)
IT Security  .
Level 2 Diploma Unit 11 IT Security
Secure Software Confidentiality Integrity Data Security Authentication
CHAPTER 4 Information Security.
Security.
برنامج أمن أنظمة الحاسب
Encryption and Hacking
Security of Data  
Security.
Advanced Computer Networks
Network Security Mark Creighton GBA 576 6/4/2019.
G061 - Network Security.
Presentation transcript:

E-Commerce and Security Dr. John P. Abraham Professor University of Texas Pan American

Information Security as developed by the National Security Telecommunication and Information Systems Security Committee Protection of: Protection of: Information Information Hardware that store information Hardware that store information Hardware that transmit information Hardware that transmit information From direct and indirect attacks From direct and indirect attacks Without affecting availability to authorized users Without affecting availability to authorized users

Deliberate Security Threat Espionage (national security) Espionage (national security) Industrial Espionage Industrial Espionage Competitive intelligence (could be legal) Competitive intelligence (could be legal) Shoulder surfing Shoulder surfing Hacking Hacking Sabotage (ex.denial of service by zombies) Sabotage (ex.denial of service by zombies) Vandalism Vandalism Theft Theft

Some techniques Port scanning – enter through an open port Port scanning – enter through an open port Password crack (brute force or dictionary) Password crack (brute force or dictionary) Software scanning (what software is run) Software scanning (what software is run) Write scripts that can be used by software (malware) Write scripts that can be used by software (malware) Back doors (system passwords not changed) Back doors (system passwords not changed) Get access to a site and go from there to a trusted site Get access to a site and go from there to a trusted site Man in the middle Man in the middle

Protection Take all precautions Take all precautions Also have backup plans (contingency plan) Also have backup plans (contingency plan) Off site systems Off site systems Disaster recovery Disaster recovery

Firewall Technologies Packet filtering Packet filtering Application firewall (proxy server) Application firewall (proxy server) state inspection state inspection Dynamic packet filtering Dynamic packet filtering Kernel proxy Kernel proxy NAT NAT

Packet filtering and dynamic packet filtering

Cryptography Study of secret codes Study of secret codes Encrypting Encrypting Applying a substitution code Applying a substitution code Decrypting Decrypting Using the key to decode Using the key to decode Single key or multiple keys can be used Single key or multiple keys can be used

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.