Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design.

Published byRebecca Boone Modified over 10 years ago

Similar presentations

Presentation on theme: "E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design."— Presentation transcript:

1 E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design and implementation of e-procurement infrastructure E-Procurement for Improving Governance

2 E-Procurement for Improving Governance Integrity Protection of e-Procurement Systems In this session, you will review: Security Issues in an eProcurement platform; Risk Management - Confidentiality Integrity and Availability (CIA); Integrity Protection – must have Security Mechanisms; Integrity Protection – must have Security Controls; Lessons learned from operating the Italian eProcurement System Topics

3 E-Procurement for Improving Governance An e-procurement system shares the same security issues of any electronic system eProcurement Systems from a Security Perspective

4 E-Procurement for Improving Governance In a eProcurement system, the higher the value or confidentiality of the transaction through the system, the higher the security level. The security level will affect a number of security decisions: User identification - verification of use by unique user identification; Authentication - validation that the users identification belong to the user; Access control – managing who has access to the computer system; Integrity - verification that data does not change in any point of the process; Non-repudiation – ensuring that messages are sent and received by untended parties; Confidentiality - information is only accessible to those with authorized access. eProcurement Systems Present a Multi-Faceted Security Problem

5 E-Procurement for Improving Governance The level of security for a computer system is based on a number of different elements, from physical components to procedures and business processes. Some components are technical (encryption) and some are non-technical (security policies). The required level of security required will differ for each type of the system, based on the specific combination of business and security goals and requirements. How to Choose the Right Security Level Tool Security

6 E-Procurement for Improving Governance All security controls, mechanisms, and safeguards are intended to address one or more of these principles, and All risks, threats, and vulnerabilities are measured for their potential capability to compromise one or all of these AIC principles. AIC Triads – Security Principles Availability - The reliability and accessibility of data and resources to the authorized individuals in a timely manner Integrity - ensuring that information and systems are not modified maliciously or accidentally Confidentiality – ensuring that information is not disclosed to unauthorized subjects

7 E-Procurement for Improving Governance Risk Management and Analysis Risk Management is the process of identifying and assessing risk, reducing it to an acceptable level, and implementing the right mechanisms to maintain that level. There is no 100 percent secure environment. Every environment has vulnerabilities and threats to a certain degree. Step 1 Asset and information value assignment Step 1 Asset and information value assignment Step 3 Risk analysis and assessment Step 3 Risk analysis and assessment Step 4 Countermeasure selection and implementation Step 4 Countermeasure selection and implementation Step 2 Identify vulnerabilities and threats Step 2 Identify vulnerabilities and threats

8 E-Procurement for Improving Governance A vulnerability is a software, hardware, or procedural weakness that may provide an attacker an unauthorized access to resources within the environment. A threat is any potential danger to information or systems. A threat agent is the entity that takes advantage of a vulnerability. A risk is the likelihood of a threat agent taking advantage of a vulnerability and the corresponding business impact. An exposure is an instance of being exposed to losses from a threat agent. A countermeasure may be a software configuration, a hardware device, or procedure that eliminates a vulnerability. Security Definitions

9 E-Procurement for Improving Governance Physical Controls: Facility protection, security guards, locks, monitoring, environmental controls, intrusion detection Physical Controls: Facility protection, security guards, locks, monitoring, environmental controls, intrusion detection Technical Controls: Logical access controls, encryption, security devices, identification and authentication Technical Controls: Logical access controls, encryption, security devices, identification and authentication Administrative Controls: Policies, standards, procedures, guidelines, screening personnel, and security-awareness training Administrative, technical, and physical controls should work in a synergistic manner to protect the assets of eProcurement system Top-Down Approach to Security Company data and assets

10 E-Procurement for Improving Governance CedeNameDescriptionC.I.A M01Configuration Data of environmental devices Configuration data of (electric powre control, chilling equipment, smoke sensors, CCTV etc.) 50200400 M02Configuration dataServer Configuration Data (S.O. middleware, applications network devices etc.) 50400 M03Access CredentialServer Credential (user-id e password) 400 M04Asset DataAsset Data regarding devices (server, network devices, etc.). 50400 M05Backup dataConfiguration adn production data backup 400 M07E-procurement data Data regarding orders, users, Transaction, bid, tender etc. 400 Initial Risk Value = 6558 (before countermeasures) Residual Risk Value = 924 (after countermeasures) Target Risk Value = 723 Risk Analysis – A Real Case

11 E-Procurement for Improving Governance Digital Signature Integrity Protection: Must Have Security Mechanisms Encryption

12 E-Procurement for Improving Governance Encryption is the capability of hiding data in such way that its true form is not revealed unless the user has special information. Usually in computing terms, this means that a key is provided to encrypt (hide) data or to decrypt (reveal) data. Encryption Symmetric encryption where K=K1=K2 Asymmetric encryption where K1K2 Many encryption systems deal with two types of encryption:

13 E-Procurement for Improving Governance Symmetric Decrypt Symmetric Encryption The same symmetric key is used by the receiver to decrypt the message. The sender generates a random symmetric key and encrypts the message using it. Advantage - Symmetric encryption is extremely fast Disadvantage - How to securely transfer the secret key at the receivers site and keep it secure?

14 E-Procurement for Improving Governance Asymmetric encryption provides the ability to hide some information and then allow someone else access to the information but not allow that person to hide information using the same key Asymmetric Encryption (Public Key Cryptography) Disadvantage - Asymmetric encryption is slow. It involves a very computationally intense sequence of operations Advantage - With an asymmetric algorithm, the secret key (private key) is never to be transmitted; it always remains securely kept by its owner.

15 E-Procurement for Improving Governance When a legal document is signed, all parties to the transaction act on certain basic assumptions regarding the signature: –The signer intended to sign. –The signer is who he or she claims to be and is authorized to sign. –The signature is that of the signer and is unique to the signer. –The signature binds the signer to whatever the electronic document states. –The document will not be changed once the parties have signed it. –A signature on one document will not be transferred fraudulently to another document. –The signer cannot later deny or repudiate the signature in an attempt to invalidate his or her relationship to the document Carrying these assurances in respect to e-signatures can be difficult. Electronic Signatures for Electronic Documents

16 E-Procurement for Improving Governance Digital Signature Process

17 E-Procurement for Improving Governance Public Key Infrastructure Certificate Authorities are Trusted Third Parties charged with the responsibility to generate trusted certificates for requesting individuals and organizations. Certificates contain the requestors public key and are digitally signed by the CA Before the certificate is issued, CA must verify the identity of the requestor. These certificates can then facilitate automatic authentication of two parties involved without the need for out-of-band communication. Public Key Infrastructure (PKI) is an arrangement that binds public keys with respective user identified by means of a Certificate Authority (CA). The user identity must be unique for each CA For each user, the users identity, the public key, their binding, validity conditions and other attributes are made impossible to forge in public key certificates issued by the CA.

18 E-Procurement for Improving Governance Public Key Infrastructure

19 E-Procurement for Improving Governance Integrity Protection – Must have Security Control Authentication and Access control Separation of duties Transaction Assurance Logging Integrity Protection

20 E-Procurement for Improving Governance The precondition for access control is to make sure that the person or program requesting access is identified without doubt. Authentication and Authorization Something you know: Login procedures: user ID and user secret (password) Susceptible to Password leaks Commonly used passwords Explicitly told Voluntarily Trojan horse Trial and error Something you know: Login procedures: user ID and user secret (password) Susceptible to Password leaks Commonly used passwords Explicitly told Voluntarily Trojan horse Trial and error Something you have: Several subcategories, for example Cryptographic smart cards: Store users digital certificate and/or private key Used to prevent private keys from being hacked from users computer Something you have: Several subcategories, for example Cryptographic smart cards: Store users digital certificate and/or private key Used to prevent private keys from being hacked from users computer It is something that you are: Biometrics (finger prints, iris scanning etc.) It is something that you are: Biometrics (finger prints, iris scanning etc.) Common authentication mechanisms are based on:

21 E-Procurement for Improving Governance Authorization Authorization is based on authentication. What needs protection? How to protect? A Role is a set of permissions for individual protected resources. Role Assignment is the set of permissions granted to a specific user that allows the user to execute a specific sensitive operation or to access a protect resource Protected Resources Sensitive Operations and Transactions

22 E-Procurement for Improving Governance Access control models are governed by the following principles: Default is No Access to ensure that no security holes go unnoticed. Need to know individuals should be given access only to the information that they absolutely require in order to perform their job duties –Discretionary access control (DAC) –Mandatory access control (MAC) –Role-based access control Logging - Whatever access controls are in place, all access (successful or failed) to sensitive data must be logged. Access Control Model

23 E-Procurement for Improving Governance Separation of duties refers to a type of administrative control that prevents a single individual from initiating and approving a material eProcurement transaction. Ideally, digital systems would be engineered to provide a higher level of control than is possible with manual processes, but in practice, the opposite usually happens. Today's best-practice model is to use role-based access control (RBAC), an operational model for the implementation of privileges in a complex environment. Separation of duties is essential for control over e- procurement processes and transactions. Separation of Duties – What and Why

24 E-Procurement for Improving Governance Separation of Duties – How Five major steps are necessary to create and manage a robust and auditable responsibility control infrastructure that can ensure that users have the necessary access to data elements, without having too much access: Process mapping Risk assessment of processes Role and rule definition User authentication Ongoing role maintenance

25 E-Procurement for Improving Governance Transaction Assurance Transaction Authentication uses an electronic signature to provide transaction verification. Transaction Verification Data integrity Protecting against unauthorized changes to the transaction by ensuring that changes to data are detectable. Data origin authentication Verifying that the identity of the user submitting the transaction is as claimed. Hence, data origin authentication implicitly authenticates the user. Digital Signature based on a public-key cryptography Message Authentication Code (MAC) based on secret-key cryptography Transaction assurance refers to a process that helps ensure the reduction of fraud and mitigates a risk of unauthorized access by using a variety of data integrity and non-repudiation technologies.

26 E-Procurement for Improving Governance This can help to: Increase enterprise incident response capabilities by providing situational awareness; Provide security information management for long-term trending, analysis and regulatory compliance. Logging To ensure the confidentiality, integrity and availability of eProcurement data, a log management tool must be adopted to: Automate the collection and consolidation of log data Automate event log data analysis and report generation Perform basic event management Monitor login attempts and report discrepancies Identify and respond to privacy and security incidents

27 E-Procurement for Improving Governance Secure by design – each component is designed keeping in mind the potential weaknesses and deploying the necessary safeguards. Identity proofing of users is based on a registration process (online and out-of-band control) by which the system uniquely identifies a person before provisioning an identity. Processes (e.g. framework agreement) are designed according to theseparation of duties principle. Planned vulnerability and security assessments (every six months). Each major change (in both application layer and technical layer) is evaluated against the AIC triads, and residual risks are documented. Logs are analyzed monthly for unexpected behaviours and activities (e.g. nightly access peaks from other countries). Applicability of Security Alerts from CERT are evaluated on a monthly basis and security patches are applied if suitable. Security of an eProcurement Platform

Download ppt "E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design."

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Access Control Methodologies

Access Control Methodologies
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Key Management in Cryptography

Key Management in Cryptography

Similar presentations

Ads by Google