Beruflich Dokumente
Kultur Dokumente
Commerce Threats
Security in Cyberspace
The electronic system that supports e-commerce is
susceptible to abuse and failure in many ways:
Fraud:
Resulting in direct financial loss.
Funds might be transferred from one account to
another, or financial records might simply be
destroyed.
Security in Cyberspace
Theft:
Theft of confidential, proprietary, technological, or
marketing information belonging to the firm or to
the customer.
An intruder may disclose such information to a
third party, resulting in damage to a key customer,
a client, or the firm itself.
Disruption:
Disruption of service resulting in major losses to
business or inconvenience to the customer.
Security in Cyberspace
Loss:
Loss of customer confidence stemming from
illegal intrusion into customer files or company
business, dishonesty, human mistakes, or network
failure.
Security Issues
Security concerns generally include the
following issues:
Confidentiality:
Knowing who can read data.
Ensuring that information in the network remains
private.
This is done via encryption.
Security Issues
Availability
System resources are safeguarded from tampering
and are available for authorized users at the time
and in the format needed
Integrity:
Making sure that information is not accidental or
maliciously altered or corrupted in transit.
Access Control:
Restricting the use of resources to authorized
principals.
Security Issues
Nonrepudiation:
Ensuring that principal cannot deny that they sent the
message.
Privacy
Individual rights to nondisclosure
Firewalls:
A filter between corporate network and the Internet to
secure corporate information and files from intruders but
allowing access to authorized principals.
Malicious code
Hacking and cybervandalism
Credit card fraud/theft
Zombied PC
Phishing
Denial of service attacks
Sniffing
Spoofing
Malicious Code
Malicious Code
Bad applets (malicious mobile code) malicious Java applets or ActiveX controls that may be
downloaded onto client and activated merely by surfing to
a Web site
Spoofing:
Misrepresenting oneself by using fake e-mail
addresses or masquerading as someone else