Download presentation
Presentation is loading. Please wait.
2
中央大學。范錚強 1 Security Issues in EC 中央大學. 資訊管理系 范錚強 mailto: ckfarn@mgt.ncu.edu.tw http://www.mgt.ncu.edu.tw/~ckfarn 2011.05 9
3
中央大學。范錚強 2 What Is EC Security? Computer security refers to the protection of data, networks, computer programs, computer power and other elements of computerized information systems
4
中央大學。范錚強 33 安全威脅有多大? 2008 年電腦犯罪及安全調查 來源: Computer Security Institute (CSI), CSI Survey 2007 美國企業因資訊安全問題而衍生的損 失,平均高達 35 萬 (2006: 17 萬 ) 46% 企業遭受到資訊安全破壞 (2006:53%; 2005: 56%) 52% 電腦偵測到非法使用
5
中央大學。范錚強 4
6
5
7
6 What kinds of security questions arise? From the user’s perspective: How can the user be sure that the Web server is owned and operated by a legitimate company? How does the user know that the Web page and form do not contain some malicious or dangerous code or content? How does the user know that the owner of the Web site will not distribute the information the user provides to some other party?
8
中央大學。范錚強 7 What kinds of security questions arise? From the company’s perspective: How does the company know the user will not attempt to break into the Web server or alter the pages and content at the site? How does the company know that the user will not try to disrupt the server so that it is not available to others?
9
中央大學。范錚強 8 What kinds of security questions arise? From both parties ’ perspectives: How do both parties know that the network connection is free from eavesdropping by a third party “ listening ” on the line? How do they know that the information sent back-and-forth between the server and the user ’ s browser has not been altered?
10
中央大學。范錚強 9 Basic Security Terminology business continuity plan A plan that keeps the business running after a disaster occurs. Each function in the business should have a valid recovery capability plan cybercrime Intentional crimes carried out on the Internet exposure The estimated cost, loss, or damage that can result if a threat exploits a vulnerability fraud Any business activity that uses deceitful practices or devices to deprive another of property or other rights
11
中央大學。范錚強 10 Basic Security Terminology 2 malware (malicious software)\ A generic term for malicious software Phishing A crimeware technique to steal the identity of a target company to get the identities of its customers Risk The probability that a vulnerability will be known and used social engineering A type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action that compromises a computer or network
12
中央大學。范錚強 11 Basic Security Terminology 3 Spam The electronic equivalent of junk mail Vulnerability Weakness in software or other mechanism that threatens the confidentiality, integrity, or availability of an asset (recall the CIA model). It can be directly used by a hacker to gain access to a system or network Zombies Computers infected with malware that are under the control of a spammer, hacker, or other criminal
13
中央大學。范錚強 12
14
中央大學。范錚強 13 Threats and Attacks: Unintentional and Intentional Unintentional Threats Human error (標錯價) Environmental hazards (天然災害) Malfunctions in the computer system Intentional Attacks and Crimes
15
中央大學。范錚強 14 Criminals and Social Engineering cybercriminal A person who intentionally carries out crimes over the Internet. hacker Someone who gains unauthorized access to a computer system. cracker A malicious hacker, such as Maxwell in the opening case, who may represent a serious problem for a corporation. Vulnerable Areas Are Being Attacked
16
中央大學。范錚強 15 Security Requirements in EC Authentication 身份確認 Process to verify (assure) the real identity of an individual, computer, computer program, or EC Web site Authorization 授權 Process of determining what the authenticated entity is allowed to access and what operations it is allowed to perform Nonrepudiation 不可否認 Assurance that online customers or trading partners cannot falsely deny (repudiate) their purchase or transaction Auditing 稽核軌跡 The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions
17
中央大學。范錚強 16 CIA security triad (CIA triad) Three security concepts important to information on the Internet: confidentiality, integrity, and availability
18
中央大學。范錚強 17 CIA Triad Confidentiality Assurance of data privacy and accuracy. Keeping private or sensitive information from being disclosed to unauthorized individuals, entities, or processes Integrity Assurance that stored data has not been modified without authorization; a message that was sent is the same message that was received Availability Assurance that access to data, the Web site, or other EC data service is timely, available, reliable, and restricted to unauthorized users
19
中央大學。范錚強 18 General Security Issues at EC Sites 身份確認 隱私 / 資料完整性 不可否認性
20
中央大學。范錚強 19 資料安全的威脅 外來的攻擊 天災 意外
21
中央大學。范錚強 20 Types of Threats and Attacks nontechnical attack An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network
22
中央大學。范錚強 21 Nontechnical Attacks: Social Engineering A type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access 向屬下要帳號密碼 A multiprong approach should be used to combat social engineering Education and training Policies and procedures Penetration testing
23
中央大學。范錚強 22 technical attack An attack perpetrated using software and systems knowledge or expertise common (security) vulnerabilities and exposures (CVEs) Publicly known computer security risks, which are collected, listed, and shared by a board of security- related organizations (cve.mitre.org) National Infrastructure Protection Center (NIPC) A joint partnership under the auspices of the FBI between governmental and private industry; designed to prevent and protect the nation ’ s infrastructure
24
中央大學。范錚強 23 Types of Threats and Attacks denial-of-service (DoS) attack An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources distributed denial-ofservice (DDoS) attack A denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer
25
中央大學。范錚強 24 Types of Threats and Attacks Malware A generic term for malicious software Virus A piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it worm A software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine
26
中央大學。范錚強 25 Security Risk Management A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks Security risk management consists of three phases: Asset identification Risk assessment Implementation
27
中央大學。范錚強 26 Securing EC Communications public key infrastructure (PKI) A scheme for securing e-payments using public key encryption and various technical components encryption The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time- consuming for an unauthorized person to unscramble (decrypt) it plaintext An unencrypted message in human-readable form
28
中央大學。范錚強 27 Securing EC Communications ciphertext A plaintext message after it has been encrypted into a machine-readable form encryption algorithm The mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa key The secret code used to encrypt and decrypt a message
29
中央大學。范錚強 28 Securing EC Communications symmetric (private) key system An encryption system that uses the same key to encrypt and decrypt the message Data Encryption Standard (DES) The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000
30
中央大學。范錚強 29 Exhibit 11.4 Symmetric (Private) Key Encryption
31
中央大學。范錚強 30 Public (Asymmetric) Key Encryption public key encryption Method of encryption that uses a pair of matched keys — a public key to encrypt a message and a private key to decrypt it, or vice versa public key Encryption code that is publicly available to anyone
32
中央大學。范錚強 31 Digital Signatures digital signature An identifying code that can be used to authenticate the identity of the sender of a document hash A mathematical computation that is applied to a message, using a private key, to encrypt the message message digest A summary of a message, converted into a string of digits, after the hash has been applied digital envelope The combination of the encrypted original message and the digital signature, using the recipient’s public key
33
中央大學。范錚強 32 非對稱金鑰 又稱 RSA 加密 由 R/S/A 三位學者發明,由數學方式產生一對 不相同的金鑰 兩者之間無法經由任何數學運算獲得,必須 同時產生 其中之一由私人保存,另一個則公開 經由私鑰加密者,只能由公鑰解密,反過來 也一樣
34
中央大學。范錚強 33 非對稱式金鑰,防止外洩 信息 明文 信息 密文 R 公鑰加密 信息 密文 信息 明文 S R R 私鑰解密
35
中央大學。范錚強 34 非對稱式金鑰,防止否認 信息 明文 信息 密文 R 公鑰加密 信息 密文 信息 明文 S R R 私鑰解密 S 公鑰解密 S 私鑰加密
36
中央大學。范錚強 35 PKI/CA PKI – Public Key Infrastructure 公開金鑰架構 利用非對稱金鑰來進行的加解密機制 CA – Certificate Authority 憑證中心:公鑰憑證發行單位 需要有公信力 有層級性的發行單位
37
中央大學。范錚強 36 事前向有公信 力的憑證機構 註冊,由其簽 發公鑰憑證。 發證者名稱 有效日期 持有人姓名 持有人公鑰 CA 簽章 公開供鑑別 簽署者身分 范錚強 X509 XXXX 契約 電子文件 110111001 數位簽章 ( 類似印鑑登記 ) 公鑰憑證 一對一配對 關係 簽章私鑰簽章公鑰 非對稱金鑰的發行
38
中央大學。范錚強 37 憑證中心憑證中心 申請電子印鑑申請電子印鑑 電子 證書 提供服務的企業 其他企業 顧客 核發核發 0101010101 附上電子簽章 接受各界查詢並確認 電子印鑑使用者的身分 電子文件 0101010101 向認證中心查證 電子印鑑之真偽 線上申請 線上處理 范錚強 15 網際服務網 ─ 提供線上申辦服務 12 3 4 5 電子認證 范錚強
39
中央大學。范錚強 38 Secure Socket Layer (SSL) Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality 在用戶不知覺的情況之下,交換資料的電 腦間交換非對稱金鑰 Transport Layer Security (TLS) As of 1996, another name for the SSL protocol
40
中央大學。范錚強 39 Securing EC Networks demilitarized zone (DMZ) Network area that sits between an organization ’ s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall. personal firewall A network node designed to protect an individual user ’ s desktop system from the public network by monitoring all the traffic that passes through the computer ’ s network interface card.
41
中央大學。范錚強 40 資訊安全的威脅 惡意非人為、無意 硬體破壞 竊盜、搗毀自然災害、儲存媒體 損毀 資料破壞 資料竄改、資料增刪、 系統性更動資料 程式師無能、不小心、 遺漏 資料外洩 資料複製、網路截取、 詐騙 不小心 網路入侵 竊取資料、破壞、將受 侵電腦作為犯罪工具 ── 資料安全不只是 MIS 的事!
42
中央大學。范錚強 41 安全的基本基本觀念 安全不是絕對的 安全和易用性的兩難 安全是有價的 你願意付出什麼樣的代價? 你的安全風險 exposure 有多高? 資訊安全有技術面和人性面 破壞安全者,都是「人」 主要是內部的人 人性!!
43
中央大學。范錚強 42 安全和易用性 想一想,你回家和出門時 … 進門需要開十個鎖 出門需要鎖十道門 … 你十天之後會做什麼? 風險和安全措施的對稱
44
中央大學。范錚強 43 資訊安全的確保 評估風險和損失 針對可能的威脅加以防護 以技術加上來制度(或習慣)來防範 瞭解技術的特性 以技術來加強、以制度來確保 鏈條的強度,是最弱一環的強度
45
中央大學。范錚強 44 你花 100 萬買了一輛新車 請問:以下什麼行動是合理的? 你花了 50 萬裝了一個防盜設備 你雇用專人 24 小時輪班看守 你花了 3 萬買失竊險 什麼叫合理?
46
中央大學。范錚強 45 你家附近最近小偷猖獗 弟弟提議加裝一套新的鎖頭 你檢驗後,發現新鎖頭雖然是你能負擔 的鎖頭中最好的,但還是無法保障 100% 安全 請問,買不買?
47
中央大學。范錚強 46 企業環境 法律環境 保險 安全方案 國際標準 企業體 流程 管制 人事管制 文件 管制 使用者 管制 復原計畫 安全政策 應用軟體 輸入輸出管制 程式 管制 稽核 軌跡 進出管控 隔離 操作管制 安全的「洋蔥」 硬體 資料 通訊管制
48
中央大學。范錚強 47 技術掛帥的環境 重視實體安全、通訊安全 忽略管理面、人性面 幸好 … 資訊安全防護在 1999/2000 年,出現國際標 準: BS7799/ISO17799/ISO27001
49
中央大學。范錚強 48 BS7799/ISO17799 英國的資訊安全標準 被國際標準組織接受 內容:資訊安全的管控 從政策、程序、存取、復原等 完整的資訊安全考量
50
中央大學。范錚強 49 BS7799 的安全十大項目 安全政策:提供管理面的指導性原則 安全組織 資產分類與管理 依風險和損害對資產採取分級分類 人事管制 減少人為錯誤、偷竊、欺詐或濫用設施的風險 實體和環境安全
51
中央大學。范錚強 50 BS7799 的主要內容 2 通訊與操作管制 存取管制 安全體系的建立和維持 復原計畫 防止商業活動的中斷,並保護關鍵的業務 過程免受重大故障或災難的影響 符合法律和規章
52
中央大學。范錚強 51 安全管理重點 Process life cycle control 全程的管理和安全確保,而非侷限於技術面 SOP 做你說你要做的事,但你要做什麼?為何? Check and balance 權責分離、制衡 Recovery 萬一出事,如何處理?
53
中央大學。范錚強 52 Business Continuity and Disaster Recovery Planning Disaster avoidance An approach oriented toward prevention. The idea is to minimize the chance of avoidable disasters (such as fire or other human-caused threats). Risk-management and cost-benefit analysis Risk-Management Analysis Ethical Issues
54
中央大學。范錚強 53 EC Security Policies and Training Acceptable use policy (AUP) Policy that informs users of their responsibilities when using company networks, wireless devices, customer data, and so forth.
Similar presentations
