Ecommerce: Security and Control

1
Ecommerce Security and Control

• James Vickers, Boston College
• http//www.jamesvickers.com/
• jamie_at_boston.ac.uk

2
Overview

• Why are modern day information systems so
  vulnerable to destruction, error, abuse, and
  system quality problems?
• What types of controls are available for
  ecommerce systems?
• What special measures must be taken to ensure the
  reliability, availability and security of
  electronic commerce and digital business
  processes?
• Why are auditing ecommerce systems and
  safeguarding data quality so important?

3
The business predicament

• Do we design systems that over-controlled, and
  therefore not functional, or unrestricted and
  under-controlled?
• How do we applying quality assurance standards in
  large ecommerce systems projects

4
The business predicament

• The major concerns for businesses
• Disaster
• The possible destruction of computer hardware,
  programs, data files, and other equipment
• Security
• Preventing unauthorized access, alteration,
  theft, or physical damage to equipment
• Errors
• Computer actions that may disrupt or destroy
  organizations record-keeping and operations
• Bugs
• Program code defects or errors
• Maintenance Nightmare
• Maintenance costs high due to organizational
  change, software complexity, and faulty system
  analysis and design

5
The general processing model
Unfortunately, all of these stages can contain
elements of failure, unless a strategy is
implemented, and software quality assurance
standards are implemented
Figure 1
6
The cost of poor design
Figure 2
7
The business predicament

• Control
• What is needed?
• Methods, policies, and procedures
• Why is it needed?
• Ecommerce systems may provide (limited) access to
  a business central infrastructure
• Ensures protection of organizations assets
• Ensures accuracy and reliability of records, and
  operational adherence to management standards
• When should this occur?
• From the ideas inception, to the completion of
  the ecommerce system

8
Controlling our ecommerce plan

• At a business level
• Market research into user needs, and identified
  areas for business expansion
• A business and financial plan for forecasting
  frequency of use, and suspected revenue turnover
• A strategy on how to implement this plan,
  alongside our current business plan (if we are
  expanding a brick and mortar business that is).
• A review of our internal technical skills are
  our staff competent enough to implement this, or
  should we outsource.

9
Controlling our ecommerce plan

• General controls
• Establish framework for controlling design,
  security, and use of computer programs
• Include software, hardware, computer operations,
  data security, implementation, and administrative
  controls. These may include
• Personnel controls Ensuring that only authorised
  personal undertake elements of the project
• Customer controls Ensuring that protection is
  provided from the global customer layer of the
  ecommerce system, to the business infrastructure
  layer of business operations

10
Controlling our ecommerce plan

• Protecting our company
• On-line transaction processing Transactions
  entered online are immediately processed by
  computer, and recorded for audit
• Fault-tolerant computer systems Contain extra
  hardware, software, and power supply components
  in case of element failure
• High-availability computing Tools and
  technologies enabling system to recover from a
  crash, or power cut
• Disaster recovery plan Plan of action in case of
  ecommerce system failure. Ask yourself the
  question, if we trade online and the shop front
  is gone, how do we trade?
• Load balancing Heavy traffic will need
  distribution over a large servers

11
Controlling our ecommerce plan

• Protecting our company
• Mirroring Duplicating all processes and
  transactions of ecommerce on backup server to
  prevent any interruption
• Clustering Linking two computers together so
  that a second computer can act as a backup to the
  primary computer or speed up processing
• Firewalls For prevent unauthorised users from
  accessing a private internal network, or
  accessing private data. Dont forget this covered
  under the data protection act.
• Intrusion Detection Systems or Personnel to
  monitor vulnerable points in the network to
  detect or deter unauthorized intruders

12
Controlling our ecommerce plan

• How many of you have assumed that security of
  ecommerce systems is an Internet threat only?
• I would bet the majority of you..
• Now we need to forget that we have planned for
  ecommerce systems, and consider in depth our
  security issues
• We shall look at security in terms of the whole
  networked community, not just ecommerce.
• Why? Because security is more often than not
  overlooked at a local level, never mind at a
  global level!
• Security is a major concern, not just at a global
  interface level, but at an internal business
  level too

13
Security

• This raises big questions..
• What is security?
• What constitutes security?
• What examples can we provide of security?

14
Security needs

• Who says we need security?
• Data Protection Acts 1984 98
• Telecommunications (Lawful Business Practice)
  (Interception of Communications) Regulations 2000
• Allows employers to monitor or record
  communications without consent
• to establish the existence of facts relevant to
  the business
• to ascertain compliance with regulations
• to ascertain standards which ought to be achieved
  by staff
• to detect unauthorised use

15
Information Security

• Reformed
• Two major reforms over last several decades
• Computer Security
• Network Security
• Widespread use of data processing
• Security previously handled by
• Physical means Filing cabinet and lock
• Administrative means Personnel

• Computers
• Introduction meant that new regulations had to be
  imposed by organisations to secure data
• Shared systems, were worse because of sending /
  retrieving data of numerous systems

16
Information Security

• Routing Services
• Security Office
• Server Protection

17
Why the reforms?

• Computer Security
• Evolved with the need to protect data
• Needed to prevent hackers
• Needed to abide by data protection act

• Network Security
• Heightened by the need for distributed systems
• Heightened by the need for secure networks and
  communications
• Need to protect data during transmission
• Ensure data is authentic

18
Local Information Security

• Various methods available
• DVD-RAM Drive
• SANs
• RAID Arrays
• Most efficient (and common) method
• DAT / DLT
• Data security is big business!
• Storage off-site
• Storage in safes
• Fireproof!
• Bombproof!

19
Security Requirements

• Classified in three ways
• Confidentiality
• Authorised parties can read the data
• Disclosure of data to relevant source
• Integrity
• Authorised parties can modify the data
• Changes status of the data by relevant source
• Availability
• Authorised parties can access the data

20
What next?

• We have planned.
• We have designed.
• We have restricted access.
• We have investigated our needs.
• We then sit back and wait while our systems are
  attacked.

21
Network Attacks!

• Passive
• Eavesdropping
• Release of message contents
• Extracting information from mail messages,
  telephone conversations etc
• Traffic Analysis
• Analysis of message lengths, Tx Rx, to guess
  the types of information being Tx Rx.

22
Network Attacks

• Active Attacks
• Masquerade
• One node pretends to be another node.
• Tx is fooled into thinking that Rx has received
  message.
• Replay
• Captures data and then retransmits to fool Tx
  into thinking the message was unauthorised
• Modification of Message
• The Tx message is intercepted, and modified to
  the intruders benefit e.g. Funds Balances etc.
• Message is forwarded to intended Rx
• Denial of Service
• Inhibits or hinders data communications traffic,
  but targeting the management and communications
  facilities

23
Network Attacks

• Active
• Opposite to passive
• Difficult to prevent (Could be done by physical
  protection)
• Detect, and recover
• Detection can also be a prevention, as intruder
  is often found

• Passive
• Sniffers / Probes
• Difficult to detect
• Do not alter data
• Can prevent these attacks
• Prevention, rather than detection

24
Network Attacks
Passive Threats
Active Threats
Release of message content
Traffic analysis
Masquerade
Replay
Modification of message contents
Denial of service
25
Global Electronic Security-Encryption

• Automation
• Automation of Tx and Rx is done through
  encryption
• This ensures authenticated and unique data
• Provides a security layer to the network
• Encryption
• We shall look at encryption in two ways
• Symmetric Encryption
• Public-key Encryption (Asymmetric)
• Well known examples
• THWATE
• Comodo
• Both versions of Verisign SSL.

26
Encryption

• Symmetric (Single Key)
• Pre-1970s public key encryption standard
• Stallings (2000) says that the idea has been used
  by such adversaries as Julius Caesar and the
  German U-Boot commanders
• Requirements for symmetric encryption
• Strong algorithm to protect the key
• Even if intruder access message, key should be
  protected
• Tx Rx must obtain the secret key in a secret
  fashion

27
Encryption

• Symmetric (Single Key)
• Encryption is made up of 5 major areas
• Plaintext Original method before encryption
• Encryption algorithm Transforms plain text
• Secret Key Provides extra substitutions and
  transformations to the Encryption Algorithm
• Ciphertext The new message that is created to be
  sent
• Decryption algorithm The encryption secret key
  in reverse algorithm

28
Encryption

• Symmetric

Secret Key
Secret Key
Plain Text
Ciphertext
Plain Text
Decryption Algorithm
Encryption Algorithm
Adapted from Stallings (2000), Figure 18.2, page
653
29
Encryption

• Symmetric Breaking the code
• Cryptanalysis
• Utilise analysis of the ciphertext to attempt to
  produce a secret key.
• Sometimes pairs two ciphertexts to attempt to
  deduce a common encoding
• If key is found, all future messages using that
  key are compromised
• Brute-force
• Attempts to try every combination of secret keys
  on the ciphertext to deduce the plain text.

30
Encryption

• Stallings (2000) quotes the times for breaking a
  secret key as follows

31
Encryption

• Public Key
• Biggest advancement in encryption in years
  because it use Mathematics to calculate the key.
• Public key cryptography uses two keys, rather
  than one hence, sometimes referred to
  asymmetric.
• Symmetric encryption is still in use, and will
  continue to be
• This is because of the computational overhead
  associated with public key encryption

32
Encryption

• Asymmetric (Public Key)
• Encryption is made up of 5(6) major areas
• Plaintext Original method before encryption
• Encryption algorithm Transforms plain text
• Public and Private Key Pair of keys that have
  been selected for encryption. One is used as
  encryption, one as decryption.
• Ciphertext The two new messages that are created
  to be sent, one by the public key, and one by the
  private key
• Decryption algorithm The encryption secret key
  in reverse algorithm

33
Encryption

• In English
• Each user generates a pair of keys for encryption
  and decryption.
• Each user places the public key in an accessible
  file. The companion private key is kept private.
• If A wishes to send a message to B, A encrypts
  the message using Bs public key.
• When B receives the message, B decrypts the
  message using its own private key. No one else
  can, because no-one else uses Bs private key

34
Digital Signatures

• Confirming the source
• Used extensively now due to the Internet
• When a digital signature is sent to the receiver,
  the message is encoded using the senders private
  key
• At the receiving end, the message should be able
  to be decoded using the senders public key.
• If it can be decoded, it can be assumed that the
  sender must have made the message and its okay
• If it cant be decoded, it can be assumed that
  the sender couldnt have made the message, and
  should be disposed of.

35
Protecting yourself

• Ports
• Open ports allow access to a variety of problems
• Port Scanner
• Nanoprobe
• Finding an open port tells you what services are
  available!
• Close down as many as necessary to make the
  system secure.

36
Firewalls

• Firewalls
• Firewalls are used to limit or allow connections
  through a network
• Firewalls are gateways that provide this
• They can limit or allow connections based on
• IP Address
• Port Number
• If you like firewalls are watchdogs for your
  computers open doors.

37
Firewall Sample
38
Firewall Sample
39
Security Challenges
Figure 3
40
Overview of Electronic Security Methods

• Encryption Encoding and scrambling of messages
  to prevent their access without specific
  authorization. Most commonly used when
  transferring sensitive data electronically across
  (e.g.) the Internet
• Authentication Providing secure mechanisms for
  accessing specific elements of the ecommerce
  system. Most common method is registration with
  the ecommerce system, and using usernames and
  passwords.
• Digital signature Digital code attached to
  electronically transmitted message to uniquely
  identify contents and sender. Implemented when
  receiver needs to be assured of author of message
  (adopted now in hardware and operating system
  drivers)
• Digital certificate Attachment to electronic
  message to verify the sender and to provide
  receiver with means to encode reply
• Secure Electronic Transaction (SET) Standard for
  securing credit card transactions over Internet
  and other networks

41
References

• Figures 1,2, 3 taken from Laudon.K., Laudon.P.
  2002. Essentials of Management Information
  Systems. New Jersey Prentice Hall.
• Stallings. W. 2000. Data and Computer
  Communications. New Jersey Prentice Hall