Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson 2 The Business Landscape Threats to E-Commerce.

Published byEllen Chandler Modified over 8 years ago

Similar presentations

Presentation on theme: "Lesson 2 The Business Landscape Threats to E-Commerce."— Presentation transcript:

1 Lesson 2 The Business Landscape Threats to E-Commerce

2 Why E-Commerce?  Fast  Efficient  Anonymous  Lowers labor cots  Lowers capital expenditures (facility, maintenance, upgrades)

3 How large is E-Commerce?  Big business  San Antonio Express:  Nov/Dec 01: $13.8B  Nov/Dev 00: $12B  13% of 2001 Holiday budget  NPR:  Nov/Dec 03: $20B  29% growth over 2002, same period

4 Types of Business on the Internet  Banking  Investing  B2B  Healthcare  Loans/Mortgage

5 Commonly Used Terminology EDI: electronic data interchange…data over proprietary networks VAN: value added networks (same as EDI) Internet: allowed small businesses to compete on even terms with big businesses doing EDI/VAN Intranet: internal network usually supporting back office administrative functions Extranet: external network connecting different businesses…the extension of LANs over Internet

6 Threats to E-Commerce  Internal—the achilles heel  Security breach—countermeasures: screen employees, intrusion detection systems, auditing  Carelessness—countermeasures: training and education, access control  External—the main focus of security  No hard data on true threat as most companies are not forthcoming with information (hurts business  Survey of Fortune 500 Companies  42% reported unauthorized use 32% reported losing upwards of $100M

7 Type of External Threats  Vandalism: WWW defacement  Sabotage: usually orchestrated for some ulterior motive  Breach of Privacy or Confidentially  EMAIL  Phone Calls  Credit Card number  Surfing Habits

8 Type of External Threats(2)  Theft and Fraud, recent events  Moldova ISP modem hijacking via trojan horse software  Russian E-Bay Credit Card Scam  Violations of Data Integrity  Incorrect data can lower E-commerce trust  Ruin investments  Denial of Service (DOS)  Early Virus/Worms  Emergence of Blended Threats

9 E-Commerce Security—Systems Approach  The Key Components:  Client Security – Operating system, Use of active content (Java, Active X)  Secure Transport—Secure Sockets Layer(SSL), Secure HTTP (SHTTP), PKI  Web Server Security—Common Gateway Interface Scripts  Operating System Security—the foundation for all security “The security of the system is only as strong as the weakest link”

10 E-Commerce Security Example Typical WEB SERVER W/Backend Database CLIENT SERVER WEB SERVER DBA SERVER Router FIREWALL Database

11 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router

12 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping

13 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping HARDEN OPERATING SYSTEM

14 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping HARDEN OPERATING SYSTEM RESTRICTED READ/WRITE

15 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping HARDEN OPERATING SYSTEM RESTRICTED READ/WRITE USE STATEFUL INSPECTION

16 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping HARDEN OPERATING SYSTEM RESTRICTED READ/WRITE USE STATEFUL INSPECTION SSH/VPN

17 USE ACL CLIENT SERVER WEB SERVER DBA SERVER Router Enforce Port Mapping HARDEN OPERATING SYSTEM RESTRICTED READ/WRITE USE STATEFUL INSPECTION SSH/VPN Physical Security Security Policies

18 Types of Attacks  Criminal Attacks  Intellectual Property Theft  Identity Theft  Brand Theft  Privacy Violations  DDoS and Dos  Surveillance/Traffic Analysis  Publicity Attacks

19 Criminal Attacks How can I acquire the maximum financial return by attacking the system?”  Fraud: e-check, credit cards, ATM networks  SCAMs: sale of internet services, sale of merchandise, auctions, pyramid and multi-level marketing schemes, business opportunities  Destructive Attacks  Terrorist  Vengeful employees  Hackers

20 Intellectual Property Theft  Trade Secrets  Company Databases  Music ($11B/year)  Software (1997, Business Software Alliance: $15B/year)

21 Other Thefts  Indentity Theft  Credit cards  SSN  Brand Theft  Forged domain name transfer request (SEX.COM)  Page-jacking: web sites steal traffic away from other sites  MCI 1-800-COLLECT and ATT 1-800 C0LLECT

22 Privacy Violations  Targeted attacks---computer security thwarts these  Data Harvesting—works on correlation, automation supports

23 Summary  Benefits of E-Commerce  Common Terminology  Threats to E-Commerce  Key Components of E-Commerce Security  Types of Attacks

Download ppt "Lesson 2 The Business Landscape Threats to E-Commerce."

Similar presentations

Laptop Security in the current IT world W3 group.

Laptop Security in the current IT world W3 group.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Chapter 9 Information Systems Ethics, Computer Crime, and Security.

Chapter 9 Information Systems Ethics, Computer Crime, and Security.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Principles of Information Systems, Sixth Edition Electronic Commerce Chapter 8.

Principles of Information Systems, Sixth Edition Electronic Commerce Chapter 8.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Internet, Intranet and Extranets

Internet, Intranet and Extranets
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Securing the Borderless Network March 21, 2000 Ted Barlow.

Securing the Borderless Network March 21, 2000 Ted Barlow.
Chapter 5 Security and Encryption

Chapter 5 Security and Encryption
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Principles of Information Systems, Sixth Edition 1 Electronic Commerce Chapter 8.

Principles of Information Systems, Sixth Edition 1 Electronic Commerce Chapter 8.
PYP002 Intro.to Computer Science Introduction to Networks1 Networks Chapter 17.

PYP002 Intro.to Computer Science Introduction to Networks1 Networks Chapter 17.
Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
EMTM 553 Electronic Commerce Systems

EMTM 553 Electronic Commerce Systems
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
© Prentice Hall 2002 7.1 CHAPTER 7 Electronic Commerce Applications.

© Prentice Hall CHAPTER 7 Electronic Commerce Applications.

Similar presentations

Ads by Google