Presentation is loading. Please wait.

Presentation is loading. Please wait.

ECT 455 E-Commerce Web Site Engineering

Published byمريم همدانی Modified over 6 years ago

Similar presentations

Presentation on theme: "ECT 455 E-Commerce Web Site Engineering"— Presentation transcript:

1 ECT 455 E-Commerce Web Site Engineering
Electronic Payment Systems Internet Transaction Security 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

2 Agenda Market news Privacy Issues Digital payment Transaction security
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

3 Consumer Trust and Privacy
Consumer WebWatch Only 29% trust Web sites that sell products or services Sites for commerce: 95% disclosure of all fees; 93% disclosure of the site’s policy on using personal information News and information sites: 65% disclosure of privacy polices, 59% clear labeling of advertisement Search engine sites: 60% don’t know about ad sponsorship, 80% want search engines to revel these practices. 57% read policies about credit cards; 35% privacy policies; 22% “About Us” Consumer WebWatch: “A Matter of Trust: What Users Want From Web Sites” 4/16/02 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

4 Internet and the Right to Privacy
Self-regulated medium: The Internet industry governs itself Violation of Privacy Right or Better Service? FTC Study: 97% collected personal information, only 62% informed the users about such practice; 57% contained 3rd party tracking devices Privacy advocates argue that these efforts violate individuals’ privacy rights Online marketers and advertisers suggest that online companies can better serve their users by recording the likes and dislikes of online consumers Financial Services Modernization Act of 1999 Establishes a set of regulations concerning the management of consumer information 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

5 Network Advertising Initiative (NAI)
Approved by the FTC in July 1999 to support self regulation NAI currently represents 90 percent of Web advertisers Determines the proper protocols for managing a Web user’s personal information on the Internet Prohibits the collection of consumer data from medical and financial sites Allows the combination of Web-collected data and personal information 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

6 DoubleClick: Marketing with Personal Information
Regulation of the Internet could limit a company’s efforts to buy and sell advertising DoubleClick Advertising network of over 1,500 sites and 11,000 clients Abacus Direct Corp Names, addresses, telephone numbers, age, gender, income levels and a history of purchases at retail, catalog and online stores Digital redlining Skewing of an individual’s knowledge of available products by basing the advertisements the user sees on past behavior 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

7 Protecting Your Business: Privacy Issues
Privacy policy The stated policy regarding the collection and use of visitor’s personal information Privacy policy services and software PrivacyBot.com; TRUSTe Core Fair Information Practices by FTC Consumers should be made aware that personal information will be collected have a say in how this information will be used have the ability to check the information collected to ensure that it is complete and accurate The information collected should be secured The Web site should be responsible for seeing that these practices are followed 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

8 Electronic Payment Systems
Efficient and effective payment services accepted by consumers and businesses are essential to e-commerce. Requirements: Convenient for web purchasing Transportable over the network Strong enough to thwart electronic interference Cost-effective for extremely low-value transactions 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

9 Electronic Payment Systems
Banking and Financial Payments Bank-to-bank transfer (EFT) Home Banking -- CitiBank, Wells Fargo Payment through an Intermediary Open Market * First Virtual (FirstVirtual Pin) * * Both refer to their earlier business models 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

10 Electronic Payment Systems
Electronic Currency Payment Systems Electronic Cash -- Internetcash.com Electronic Checks -- NetCheque e-Wallets Smart Cards American Express (blue smart card) Visa Micropayments Echarge, (echarge.com) paystone.com 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

11 More Retailing Payment Systems
Credit Cards -- Visa or MasterCard Private Label Credit/Debit Cards Charge Cards -- American Express; echarge Peer-to-peer payments (between consumers) PayPal (billpoint) 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

12 Credit-Card Transactions
Popular form of payment for online purchases Resistance due to security concerns Many cards offer capabilities for online and offline purchases Mastercard American Express Blue 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

13 Credit-Card Transaction Enablers
Companies that have established business relationships with financial institutions that will accept online credit-card payments for merchant clients Trintech Cybercash (Verisign) 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

14 E-Wallets E-wallets Credit-card companies offer a variety of e-wallets
Keep track of your billing and shipping information so that it can be entered with one click at participating sites Store e-checks, e-cash and credit-card information Credit-card companies offer a variety of e-wallets Visa e-wallets MBNA e-wallet allows one-click shopping at member sites A group of e-wallet vendors have standardized technology with Electronic Commerce Modeling Language (ECML) Yahoo Wallet (wallet.yahoo.com) 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

15 Digital Currency Digital cash
Stored electronically, used to make online electronic payments Similar to traditional bank accounts Used with other payment technologies (digital wallets) Alleviates some security fears online credit-card transactions Allows those with no credit cards to shop online Merchants accepting digital-cash payments avoid credit-card transaction fees 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

16 Smart Cards Smart card Card with computer chip embedded on its face, holds more information than ordinary credit card with magnetic strip Contact smart cards To read information on smart cards and update information, contact smart cards need to be placed in a smart card reader Contactless smart cards Have both a coiled antenna and a computer chip inside, enabling the cards to transmit information Can require the user to have a password, giving the smart card a security advantage over credit cards Information can be designated as "read only" or as "no access" Possibility of personal identity theft 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

17 Security Considerations: E-commerce v.s. Paper-based Commerce
Security attributes of signed paper document Semi-permanence of ink embedded in paper fibers Particular printing process such as letterhead Watermarks Biometrics of signature Time stamp Obviousness of modifications, interlineations, and deletions 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

18 Security Considerations: E-commerce v.s. Paper-based Commerce
Computer-based document do not have such security attributes Computer-based records can be modified freely and without detection Certain supplemental control mechanisms must be applied to achieve a level of trustworthiness comparable to that on paper Paper-based and computer-based documents may not perform equal or exactly analogous function in business and law Ex. negotiable document of title 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

19 Security Issues in E-Commerce
User Authentication, User Authorization and Network Security Password protection, encrypted data transmission Firewalls Data & Transaction Security Encryption: Private Key vs. Public Key Privacy Payment Systems 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

20 Introduction to Secure Ecommerce
What is Security? What are we securing in ecommerce? Security is heterogeneous concept in general. All security, including e-commerce, deals with these 2 KEY concepts: Risk Trust Business risk management Risk analysis Risk mitigation Risk transfer 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

21 Security Risks to E-commerce
2004 CSI/FBI Computer Crime and Security Survey Direct financial loss resulting from fraud Payment account abuse Transfer funds without authorization Destroy or hide financial records Customer impersonation Exposure of confidential information False or malicious websites Customer Data Exposures Ex. H&R block erroneously import customers' data into others' tax returns (February 2000) Data theft 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

22 Security Risks to E-commerce
Damage to relations with customer or business partners An organization that suffers a security-related attack or failure may not publicize it Unforeseen cost Legal, public relations, or business resumption cost Recovering from a security compromise Public relations damage Masquerading Manipulation of web content Malicious rumor Uptake failure due to lack of confidence Security is an essential ingredient of any e-commerce solution 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

23 Internet security Consumers entering highly confidential information
Number of security attacks increasing Four requirements of a secure transaction Privacy – information not read by third party Integrity – information not compromised or altered Authentication – sender and receiver prove identities Non-repudiation – legally prove message was sent and received Availability Computer systems continually accessible 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

24 Security Attacks Info source Info destination Info source
Any actions that compromises the security of information systems Normal flow Interruption: attack on availability Info source Info destination Info source Info destination 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

25 Security Attacks (continued)
Info source Info destination Interception: Attack on confidentiality Modification: Attack on Integrity Info source Info destination Fabrication: Attack on authenticity Info source Info destination 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

26 Passive and Active Attacks
Passive attacks: eavesdropping on, or monitoring of, information transmission Release of message contents Traffic analysis Active Attacks: modification or creation of false information Masquerade: one entity pretends to be a different entity Ex. Session Hijacking: taking over an existing active session. It can bypass the authentication process and gain access to a machine 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

27 Passive and Active Attacks (continued)
Replay: passive capture of a data, retransmission to produce an unauthorized effect Modification of message: some portion of a legitimate message is altered, or that message are delayed or reordered, to produce an unauthorized effect Denial of service (DoS): prevents or inhibits the normal use or management of communication facilities SYN flooding Winnuke (Perl code of Winnuke) Unfortunately, there are NO security mechanisms to counter DoS 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

28 Key Solutions to Secure Ecommerce Issues
Firewalls Encryption Digital signatures and certificates Payment Systems 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

29 Model for Ecommerce Network Security
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

30 Firewalls A filter between a corporate network and the Internet that keeps the corporate network secure from intruders, but allows authenticated corporate users uninhibited access to the Internet An access policy, more than hardware and software 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

31 Types and Functions of Firewalls
Proxy Application Gateways An application gateway (proxy service), caching documents (Dual-homed vs. Screened-host gateway) Simple Traffic Logging Systems Predominant methods; record traffic flows IP Packet Screening Routers Filtering or blocking info packets based on screening rules 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

32 Dual Home Gateway: Bastion Host Gateway
Bastion Gateway Internet Local Network Proxies: Ftp, Http,… 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

33 Screen-host Gateway: Screened subnet gateway
Bastion Gateway Web server Internet Router Router Local Network Ftp server Proxies: Ftp, Http,… 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

34 Private Key Cryptography
Secret-key cryptography Same key to encrypt and decrypt message Sender sends message and key to receiver Problems with secret-key cryptography Key must be transmitted to receiver Different key for every receiver Key distribution centers used to reduce these problems Generates session key and sends it to sender and receiver encrypted with the unique key Encryption algorithms Dunn Encryption Standard (DES), Triple DES, Advanced Encryption Standard (AES) 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

35 Private (Secret)-key Cryptography
Encrypting and decrypting a message using a symmetric key                                                 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

36 Public Key Cryptography
Asymmetric – two inversely related keys Private key Public key If public key encrypts only private can decrypt and vice versa Each party has both a public and a private key Either the public key or the private key can be used to encrypt a message Encrypted with public key and private key Proves identity while maintaining security RSA public key algorithm 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

37 Public Key Encryption and Decryption
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

38 Encryption & Transaction Security Secret vs. Public Key Encryption
Secret-Key Encryption (single key) Symmetric encryption, DES Use a shared secret key for encryption and decryption Key distribution & disclosure fast, for bulk data encryption Public-Key Encryption (Pair of keys) Asymmetric encryption, RSA (Rivest, Shamin, Adlemann) Private/Public keys Need digital certificates and trusted 3rd parties Slower For less demanding applications 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

39 The Digital Envelope: “The Best of Both Worlds”:
Public Key Encryption Public Key of Recipient Private Key of Recipient Session Key Session Key Digital Envelope Session Key Session Key Private Key Encryption Original Text Cipher Text Original Text Sender Recipient 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

40 Digital Signatures Digital signature Timestamping
Authenticates sender’s identity Run plaintext through hash function Gives message a mathematical value called hash value Hash value also known as message digest Collision Occurs when multiple messages have same hash value Encrypt message digest with private-key Send signature, encrypted message (with public-key) and hash function Timestamping Binds a time and date to message, solves non-repudiation Third party, time-stamping agency, timestamps messages 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

41 Using a digital signature to validate data integrity
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

42 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

43 Digital Certificate A certificate is an electronic document used to identify an individual, a server, a company, or some other entity and to associate that identity with a public key. Public-key cryptography uses certificates to address the problem of impersonation Certificate authorities (CAs) are entities that validate identities and issue certificates. They can be either independent third parties or organizations running their own certificate-issuing server software 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

44 What is a Certificate Authority?
Trusted third party Issues and manages certificates Specific trust domains Describes relationships between parties Predefines policies and expectations Certificates validate memberships in domain Subscribers agree/depend on practices Acts as a arbiter of trust in a digital relationship 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

45 Digital Certificate A digital certificate includes:
the public key the name of the entity it identifies an expiration date the name of the CA that issued the certificate a serial number, and other information. Most importantly, a certificate always includes the digital signature of the issuing CA. The CA's digital signature allows the certificate to function as a "letter of introduction" for users who know and trust the CA but don't know the entity identified by the certificate. 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

46 What is a Digital Certificate?
Cryptographically encoded binary file Binds public key to individual Notarized by trusted third party Used to verify digital signature of owner Used to safely encrypt messages for owner “Digital ID” 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

47 An Illustrative Certificate
Name: “Richard” Key-Exchange Key: Signature Key: Serial #: Other Data: Expires: 6/19/02 Signed: CA’s signature 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

48 Role of Digital Certificates
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

49 Digital Certificate Process Description
CA (Certificate Authority) Creates certificate with applicant’s public key Uses its private key to encrypt the certificate Sends signed certificate to applicant Wants to send message and asks for signed certificate. Sends certificate to sender. Sender Recipient (applicant) Sender Uses public key of CA to decrypt certificate (this ensures the sender the true identity of the recipient) After decrypting the CA certificate, the sender uses the embedded public key of recipient to encrypt message 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

50 Public Key Infrastructure, Certificates and Certification Authorities
Public Key Infrastructure (PKI) Integrates public key cryptography with digital certificates and certification authorities Digital certificate Digital document issued by certification authority Includes name of subject, subject’s public key, serial number, expiration date and signature of trusted third party Verisign ( Leading certificate authority Periodically changing key pairs helps security 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

51 Digital Signatures & Certificates
Public key encryption Used for sender authentication Digital Certificates Use 3rd party certificate authority (CA) to authenticate the ownership of key Increased trust 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

52 Client Authentication
Password-Based Authentication. A server might require a user to type a name and password before granting access to the server. The server maintains a list of names and passwords; if a particular name is on the list, and if the user types the correct password, the server grants access. Certificate-Based Authentication. Client authentication based on certificates is part of the SSL protocol. The client digitally signs a randomly generated piece of data and sends both the certificate and the signed data across the network. The server uses techniques of public-key cryptography to validate the signature and confirm the validity of the certificate 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

53 Client Authentication
Password-Based Authentication. A server might require a user to type a name and password before granting access to the server. The server maintains a list of names and passwords; if a particular name is on the list, and if the user types the correct password, the server grants access. Certificate-Based Authentication. Client authentication based on certificates is part of the SSL protocol. The client digitally signs a randomly generated piece of data and sends both the certificate and the signed data across the network. The server uses techniques of public-key cryptography to validate the signature and confirm the validity of the certificate 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

54 Using a password to authenticate a client to a server
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

55 Using a certificate to authenticate a client to a server
2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

56 SET Secure Electronic Transaction
A collection of encryption and security specification used as an industry-wide, open standard for ensuring secure payment transaction over the Internet A method for interoperability of secure transactions software over multiple, popular hardware platforms and operating systems Developed by Visa and MasterCard, with GTE, IBM, Microsoft, Netscape, SAIC, Terisa Systems and Verisign. Based on encryption technology from RSA Data Security. 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

57 SET Secure Electronic Transaction
Use digital certificates to authenticate all the parties involved in a transaction SET-compliant software validates both merchant and cardholder before exchange of information Employs public-key encryption and digital signature Complete documentation in visa.com 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

58 SET Transaction Flow The customer interacts with the merchant Web site to select goods for purchase. The merchant sends an order description that wakes up the customer SET wallet. The customer checks the order and transmit a payment request back to the merchant’s SET module. The merchant sends the payment request to the payment gateway. The payment gateway validates the merchant and the customer and obtains an authorization from the customer’s issuing bank through an interchange network. The payment gateway sends an order capture token back to the merchant. The merchant sends a receipt to the customer wallet. The merchant uses the order capture token to settle the transaction. 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

59 Advantages of SET Over Channel Encryption
Participants are authenticated via certificates Financial institutions provide assurance, not software SET allows a wallet to clearly distinguish a payment from other uses of web forms SET prevents terminated merchants from obtaining account information (three party transaction) 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

60 3D Secure Developed by card associations to replace SET.
Does not require client software. Reduce the requirement s placed on the merchant. 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

61 Secure Sockets Layer (SSL)
A transport-level technology for authentication and data encryption between a Web server and a Web browser. SSL negotiates point-to-point security between a client and a server. SSL secures the routes of Internet communication, but it does not protect you from unscrupulous or careless people. Source: Use Public Key Do not protect private information. 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

62 Secure Sockets layer (SSL)
Uses public-key technology and digital certificates to authenticate the server in a transaction Protects information as it travels over Internet Does not protect once stored on receivers server Peripheral component interconnect (PCI) cards Installed on servers to secure data for an SSL transaction 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

63 SET versus SSL SET SSL Three party protocol Two party protocol
Application protocol Trust requirement: All participants have been authenticated for a specific role in payment card transaction processing SSL Two party protocol TCP/IP Communication protocol Trust requirement: communicating with a trustable server 2/24/2019 ECT 455/HCI 513 Susy Chan Ph.D.

Download ppt "ECT 455 E-Commerce Web Site Engineering"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
CP3397 ECommerce.

CP3397 ECommerce.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Computer and Network Security Risanuri Hidayat, Ir., M.Sc.

Computer and Network Security Risanuri Hidayat, Ir., M.Sc.
Chapter 8 Web Security.

Chapter 8 Web Security.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Supporting Technologies III: Security 11/16 Lecture Notes.

Supporting Technologies III: Security 11/16 Lecture Notes.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
1 Chapter 8: Security in Electronic Commerce IT357 Electronic Commerce.

1 Chapter 8: Security in Electronic Commerce IT357 Electronic Commerce.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Similar presentations

Ads by Google