1 / 53

Security Issues in EC

9. Security Issues in EC. 中央大學 . 資訊管理系 范錚強 mailto: ckfarn@mgt.ncu.edu.tw http://www.mgt.ncu.edu.tw/~ckfarn 2011.05. What Is EC Security?.

gavin
Download Presentation

Security Issues in EC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 9 Security Issues in EC 中央大學.資訊管理系 范錚強 mailto: ckfarn@mgt.ncu.edu.tw http://www.mgt.ncu.edu.tw/~ckfarn 2011.05 中央大學。范錚強

  2. What Is EC Security? • Computer security refers to the protection of data, networks, computer programs, computer power and other elements of computerized information systems 中央大學。范錚強

  3. 安全威脅有多大? 2008年電腦犯罪及安全調查 來源:Computer Security Institute (CSI), CSI Survey 2007 美國企業因資訊安全問題而衍生的損失,平均高達35萬 (2006: 17萬) 46%企業遭受到資訊安全破壞 (2006:53%; 2005: 56%) 52%電腦偵測到非法使用 中央大學。范錚強 3

  4. 中央大學。范錚強

  5. 中央大學。范錚強

  6. What kinds of security questions arise? • From the user’s perspective: • How can the user be sure that the Web server is owned and operated by a legitimate company? • How does the user know that the Web page and form do not contain some malicious or dangerous code or content? • How does the user know that the owner of the Web site will not distribute the information the user provides to some other party? 用戶怕廠商 中央大學。范錚強

  7. What kinds of security questions arise? • From the company’s perspective: • How does the company know the user will not attempt to break into the Web server or alter the pages and content at the site? • How does the company know that the user will not try to disrupt the server so that it is not available to others? 廠商怕用戶 中央大學。范錚強

  8. What kinds of security questions arise? • From both parties’ perspectives: • How do both parties know that the network connection is free from eavesdropping by a third party “listening” on the line? • How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered? 大家怕環境 中央大學。范錚強

  9. Basic Security Terminology • business continuity plan • A plan that keeps the business running after a disaster occurs. Each function in the business should have a valid recovery capability plan • cybercrime • Intentional crimes carried out on the Internet • exposure • The estimated cost, loss, or damage that can result if a threat exploits a vulnerability • fraud • Any business activity that uses deceitful practices or devices to deprive another of property or other rights 中央大學。范錚強

  10. Basic Security Terminology 2 • malware (malicious software)\ • A generic term for malicious software • Phishing • A crimeware technique to steal the identity of a target company to get the identities of its customers • Risk • The probability that a vulnerability will be known and used • social engineering • A type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action that compromises a computer or network 中央大學。范錚強

  11. Basic Security Terminology 3 • Spam • The electronic equivalent of junk mail • Vulnerability • Weakness in software or other mechanism that threatens the confidentiality, integrity, or availability of an asset (recall the CIA model). It can be directly used by a hacker to gain access to a system or network • Zombies • Computers infected with malware that are under the control of a spammer, hacker, or other criminal 中央大學。范錚強

  12. 中央大學。范錚強

  13. Threats and Attacks: Unintentional and Intentional • Unintentional Threats • Human error(標錯價) • Environmental hazards(天然災害) • Malfunctions in the computer system • Intentional Attacks and Crimes 中央大學。范錚強

  14. Criminals and Social Engineering • cybercriminal A person who intentionally carries out crimes over the Internet. • hacker Someone who gains unauthorized access to a computer system. • cracker A malicious hacker, such as Maxwell in the opening case, who may represent a serious problem for a corporation. • Vulnerable Areas Are Being Attacked 中央大學。范錚強

  15. Security Requirements inEC • Authentication身份確認 • Process to verify (assure) the real identity of an individual, computer, computer program, or EC Web site • Authorization授權 • Process of determining what the authenticated entity is allowed to access and what operations it is allowed to perform • Nonrepudiation不可否認 • Assurance that online customers or trading partners cannot falsely deny (repudiate) their purchase or transaction • Auditing 稽核軌跡 • The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions 中央大學。范錚強

  16. CIA security triad (CIA triad) Three security concepts important to information on the Internet: confidentiality, integrity, and availability 中央大學。范錚強

  17. CIA Triad • Confidentiality • Assurance of data privacy and accuracy. Keeping private or sensitive information from being disclosed to unauthorized individuals, entities, or processes • Integrity • Assurance that stored data has not been modified without authorization; a message that was sent is the same message that was received • Availability • Assurance that access to data, the Web site, or other EC data service is timely, available, reliable, and restricted to unauthorized users 中央大學。范錚強

  18. General Security Issues at EC Sites 身份確認 隱私/資料完整性 不可否認性 中央大學。范錚強

  19. 資料安全的威脅 • 外來的攻擊 • 天災 • 意外 中央大學。范錚強

  20. Types of Threats and Attacks • nontechnical attack • An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network 中央大學。范錚強

  21. Nontechnical Attacks: Social Engineering • A type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access • 向屬下要帳號密碼 • A multiprong approach should be used to combat social engineering • Education and training • Policies and procedures • Penetration testing 中央大學。范錚強

  22. technical attack • An attack perpetrated using software and systems knowledge or expertise • common (security) vulnerabilities and exposures (CVEs) • Publicly known computer security risks, which are collected, listed, and shared by a board of security-related organizations (cve.mitre.org) • National Infrastructure Protection Center (NIPC) • A joint partnership under the auspices of the FBI between governmental and private industry; designed to prevent and protect the nation’s infrastructure 中央大學。范錚強

  23. Types of Threats and Attacks • denial-of-service (DoS) attack • An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources • distributed denial-ofservice (DDoS) attack • A denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer 中央大學。范錚強

  24. Types of Threats and Attacks • Malware • A generic term for malicious software • Virus • A piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it • worm • A software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine 中央大學。范錚強

  25. Security Risk Management A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks • Security risk management consists of three phases: • Asset identification • Risk assessment • Implementation 中央大學。范錚強

  26. Securing EC Communications • public key infrastructure (PKI) • A scheme for securing e-payments using public key encryption and various technical components • encryption • The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it • plaintext • An unencrypted message in human-readable form 中央大學。范錚強

  27. Securing EC Communications • ciphertext • A plaintext message after it has been encrypted into a machine-readable form • encryption algorithm • The mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa • key • The secret code used to encrypt and decrypt a message 中央大學。范錚強

  28. Securing EC Communications • symmetric (private) key system • An encryption system that uses the same key to encrypt and decrypt the message • Data Encryption Standard (DES) • The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000 中央大學。范錚強

  29. Exhibit 11.4 Symmetric (Private) Key Encryption 中央大學。范錚強

  30. Public (Asymmetric) Key Encryption • public key encryption • Method of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa • public key • Encryption code that is publicly available to anyone 中央大學。范錚強

  31. Digital Signatures • digital signature • An identifying code that can be used to authenticate the identity of the sender of a document • hash • A mathematical computation that is applied to a message, using a private key, to encrypt the message • message digest • A summary of a message, converted into a string of digits, after the hash has been applied • digital envelope • The combination of the encrypted original message and the digital signature, using the recipient’s public key 中央大學。范錚強

  32. 非對稱金鑰 • 又稱RSA加密 • 由R/S/A三位學者發明,由數學方式產生一對不相同的金鑰 • 兩者之間無法經由任何數學運算獲得,必須同時產生 • 其中之一由私人保存,另一個則公開 • 經由私鑰加密者,只能由公鑰解密,反過來也一樣 中央大學。范錚強

  33. 非對稱式金鑰,防止外洩 R公鑰加密 S 信息 明文 信息 密文 R私鑰解密 R 信息 密文 信息 明文 中央大學。范錚強

  34. 非對稱式金鑰,防止否認 R公鑰加密 S 信息 明文 信息 密文 S私鑰加密 R私鑰解密 R 信息 密文 信息 明文 S公鑰解密 中央大學。范錚強

  35. PKI/CA • PKI – Public Key Infrastructure • 公開金鑰架構 • 利用非對稱金鑰來進行的加解密機制 • CA – Certificate Authority • 憑證中心:公鑰憑證發行單位 • 需要有公信力 • 有層級性的發行單位 中央大學。范錚強

  36. 非對稱金鑰的發行 公鑰憑證 電子文件 發證者名稱 有效日期 持有人姓名 持有人公鑰 事前向有公信 力的憑證機構 註冊,由其簽 發公鑰憑證。 XXXX契約 CA簽章 數位簽章 110111001 X509 (類似印鑑登記) 范錚強 一對一配對 關係 公開供鑑別 簽署者身分 簽章私鑰 簽章公鑰 中央大學。范錚強

  37. 電子認證 提供服務的企業 憑證 中心 線上處理 5 電子文件 接受各界查詢並確認 電子印鑑使用者的身分 0101010101 范錚強 核 發 申 請 電 子 印 鑑 1 2 向認證中心查證 電子印鑑之真偽 4 范錚強 網際服務網 電子 證書 ─提供線上申辦服務 3 線上申請 附上電子簽章 電子文件 范錚強 0101010101 其他企業 15 顧客 中央大學。范錚強

  38. Secure Socket Layer (SSL) • Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality • 在用戶不知覺的情況之下,交換資料的電腦間交換非對稱金鑰 • Transport Layer Security (TLS) • As of 1996, another name for the SSL protocol 中央大學。范錚強

  39. Securing EC Networks • demilitarized zone (DMZ) • Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall. • personal firewall • A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card. 中央大學。范錚強

  40. 資訊安全的威脅 資料安全不只是MIS的事! 中央大學。范錚強

  41. 安全的基本基本觀念 • 安全不是絕對的 • 安全和易用性的兩難 • 安全是有價的 • 你願意付出什麼樣的代價? • 你的安全風險 exposure 有多高? • 資訊安全有技術面和人性面 • 破壞安全者,都是「人」 • 主要是內部的人 • 人性!! 中央大學。范錚強

  42. 安全和易用性 • 想一想,你回家和出門時… • 進門需要開十個鎖 • 出門需要鎖十道門… • 你十天之後會做什麼? • 風險和安全措施的對稱 中央大學。范錚強

  43. 資訊安全的確保 • 評估風險和損失 • 針對可能的威脅加以防護 • 以技術加上來制度(或習慣)來防範 • 瞭解技術的特性 • 以技術來加強、以制度來確保 • 鏈條的強度,是最弱一環的強度 中央大學。范錚強

  44. 你花100萬買了一輛新車 • 請問:以下什麼行動是合理的? • 你花了50萬裝了一個防盜設備 • 你雇用專人24小時輪班看守 • 你花了3萬買失竊險 • 什麼叫合理? 風險和安全措施對稱 中央大學。范錚強

  45. 你家附近最近小偷猖獗 • 弟弟提議加裝一套新的鎖頭 • 你檢驗後,發現新鎖頭雖然是你能負擔的鎖頭中最好的,但還是無法保障100%安全 • 請問,買不買? 是否有效的改善現況? 中央大學。范錚強

  46. 企業環境 人事管制 安全政策 國際標準 通訊管制 輸入輸出管制 保險 進出管控 流程 管制 程式 管制 稽核 軌跡 文件 管制 隔離 操作管制 應用軟體 使用者 管制 安全方案 復原計畫 法律環境 企業體 安全的「洋蔥」 硬體 資料 中央大學。范錚強

  47. 技術掛帥的環境 • 重視實體安全、通訊安全 • 忽略管理面、人性面 • 幸好… • 資訊安全防護在1999/2000年,出現國際標準:BS7799/ISO17799/ISO27001 中央大學。范錚強

  48. BS7799/ISO17799 • 英國的資訊安全標準 • 被國際標準組織接受 • 內容:資訊安全的管控 • 從政策、程序、存取、復原等 • 完整的資訊安全考量 中央大學。范錚強

  49. BS7799 的安全十大項目 • 安全政策:提供管理面的指導性原則 • 安全組織 • 資產分類與管理 • 依風險和損害對資產採取分級分類 • 人事管制 • 減少人為錯誤、偷竊、欺詐或濫用設施的風險 • 實體和環境安全 中央大學。范錚強

  50. BS7799 的主要內容2 • 通訊與操作管制 • 存取管制 • 安全體系的建立和維持 • 復原計畫 • 防止商業活動的中斷,並保護關鍵的業務過程免受重大故障或災難的影響 • 符合法律和規章 中央大學。范錚強

More Related