Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-business and Network Security

Published byOlivier Pelletier Modified over 5 years ago

Similar presentations

Presentation on theme: "E-business and Network Security"— Presentation transcript:

1 E-business and Network Security
Done by: Zeyana Saif Alkindi

2 e-Business vs e-Commerce
Improving business performance through low cost and open connectivity: New technologies in the value chain Connecting value chains across businesses in order to : Improve service/reduce costs Open new channels Transform competitive landscapes E-Commerce: marketing selling buying of products and services on the Internet This is our definition. Yours may be just as valid. e-Commerce is largely what you see in the press: transactions using open networks. Often also concentrated on consumer commerce over the world wide web. e-Business is the use of information networks to gain competitive advantage Universal connectivity between enterprises and value chains Process enhancement Innovative business models e-Business is different than e-commerce - e-business is about blowing up your business model - much broader than selling books on the Internet e-Business is more than selling and marketing online!

3 Web Concepts for E-Business
Client/Server Applications Communication Channels TCP/IP

4 Client/Server Applications
Request Client Server Response

5 Communication Channels
Internet Client Server Intranet Extranet

6 OSI Model Application Allows access to network resources
Presentation Translates, encrypts and compresses data Session Establishes, manages and terminates sessions Transport Provides end-to-end message delivery & error recovery Network Moves packets from source to destination; Provides internetworking Data Link Organizes bits into frames; Provides node-to-node delivery Physical Transmits bits; Provides mechanical and electrical specifications

7

8 B2C Transaction ISP Katie’s Bank CD Store Merchant’s Bank Katie’s
Katie sends Order Form Katie’s Bank CD Store Merchant’s Bank ISP Online CD Store CD Warehouse Web Server Internet Payment Network Katie’s order Order printed at CD warehouse CD arrives 2-3 days after order is received

9

10 Security Threats Security threats A to D can be handled by providing secure transmission - cryptographic methods Threat E and similar types managed by access control methods Other types of security threats Illegal access of server computing system (webjacking) Illegal access client computing system Unauthorized use of client information

11 Objectives of e-business security
Privacy and Confidentiality Integrity Availability Legitimate use Auditing or Traceability Non-repudiation

12 Current Processes and Tools for Implementing E-Business Security

13 Three key security elements
Network security System level security, and Transaction level security The idea is that this process will help ensure that an organization’s resources as well as customer's and business partners' privacy are protected when conducting e-business transactions

14 Network Level Security
Network level security provides protection against attackers who attempt to deny service to legitimate users by gaining control of machines or resources within a private network. The most common way to protect private networks that are connected to the Internet from these kinds of attacks is with firewall technology

15 System Level Security System level security is the ability to utilize operating system functions and applications in combination with hardware architecture to help protect against corruption of service and control user access to system resources (files, programs, databases and so on) The biggest cause of security problems is bad management

16 Transaction Level Security
The actual act of completing transactions on the internet depends on transaction level security. Transaction level security refers to the ability of two entities on the Internet to conduct a transaction privately and with authentication.

17 Secure Protocols How to communicate securely:
SSL – “the web security protocols” IPSEC – “the IP layer security protocol” SMIME – “the security protocol” SET – “credit card transaction security protocol”

18 Secure Sockets Layer Platform and Application Independent Operates between application and transport layers is a commonly-used protocol for managing the security of a message transmission on the Internet. Solution to authentication, privacy and integrity problems and avoiding classes of attacks

19 SSL Characteristics Operates at the TCP/IP transport layer
Encrypts (decrypts) input from application (transport) layer Any program using TCP can be modified to use SSL connections SSL is flexible in choice of which symmetric encryption, message digest, and authentication algorithms can be used When SSL client makes contact with SSL server they try to pick strongest encryption methods they have in common. SSL provides built in data compression compress first then encrypt

20 SSL Characteristics When SSL connection established browser-to-server and server-to-browser communications are encrypted. This includes: URL of requested document Contents of the document Contents of browser forms Cookies sent from browser to server Cookies sent from server to browser Contents of HTTP header

21 HTTPS Hypertext Transfer Protocol Secure (HTTPS) is a combination of Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol. It provides encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems.

22

23 Secure Electronic Transaction
1. Customer browses and decides to purchase 2. SET sends order and payment information Customer Merchant 7. Merchant completes order 3. Merchant forwards payment information to bank 9. Issuer sends credit card bill to customer 8. Merchant captures transaction Bank Visa 6. Bank authorizes payment 4. Bank checks with issuer for payment authorization Bank 5. Issuer authorizes payment Customer’s bank “Issuer” Merchant’s bank

24 E-business Security Just as a physical business takes security precautions , such as locking the doors and using safe for money and important documents , so too does an e-business need to take security measure. Get Cyber Safe Learn how this online resources can help you protect your business and safeguard private information Payment card industry Security Standards Council The payment card industry (PCI) Data Security Standard should be followed by anyone that handles credit card information. If you do not follow this standards you could be find and unable to accept credit cards as payment

25 How to Protect Your e-Business
Sign up for computer security firm ESET's website protection for your e-business. This service offers endpoint (computer) and web server solutions. It protects mail, files and the gateway between your website and other computers. Manage the security solution from one convenient console and identify potential issues or events. You can add multiple users who work on behalf of the e-business. The business edition of the software also allows you to meet certain compliance requirements, such as compatibility with Cisco Network Admission Control.

26 How to Protect Your e-Business
To Protect your e-business with technology offered by ArcSight. This company, owned by Hewlett-Packard, offers high-level solutions to manage threats to online businesses, including the information technology infrastructure. The Enterprise Threat and Risk Management platform secures and manages the flow of information on your website. It protects against cyber theft, fraud, espionage and other potential threats to enterprising e-businesses.

27 How to Protect Your e-Business
Use VeriSign service to add a layer of protection to your e-business. VeriSign offers SSL (Secure Sockets Layer) technology to protect web transmissions and e-commerce protection. The service offers daily website malware scanning to thwart potential attacks. The VeriSign seal helps assure potential customers of your website's safety.

28 How to Protect Your Customers
Amazon : HELP E: bay: Help PayPal

29 Thank You

Download ppt "E-business and Network Security"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
CP3397 ECommerce.

CP3397 ECommerce.
Cryptography and Network Security

Cryptography and Network Security
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Chapter 8 Web Security.

Chapter 8 Web Security.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Similar presentations

Ads by Google