Fall 99 Mngt 3862/99 James Clark Electronic Exchange of Information Participant Network What could go wrong in this setting ?

Fall 99 Mngt 3862/99 James Clark

Electronic Exchange of Information

ParticipantParticipant ParticipantParticipantNetworkNetwork

What could go wrong in this setting ?


Three Scenarios

Alice buys a book from Bob’s book store.

Inter-corporate trading for Charlie’s Plastic Company.

Daisy electronic market.


Alice Buys a Book

Alice shops for a book on the internet using WWW.

She finds the desired book from Bob’s book store and makes the order using a web form provided by Bob’s.

Bob confirms that the order really comes from Alice’s.

She sends her credit card number, suitably encrypted.

The book is delivered through UPS.


Inter-Corporate Trading

Charlie’s Plastic Makers is a medium-sized company in Canada with long-established requirements for high-quality plastic which it buys from Plasticorp.

Plasticorp aims to reduce costs of customer transactions by using secure messaging with its regular customers.

Origin and confidentiality of all correspondence must be ensured.


Daisy's Electronic Market

Daisy is an entrepreneurial small businessperson who works from her home basement.

She buys items from suppliers willing to do business wholly electronically, repackages them, and sells them through a WWW storefront.

Effective marketing of the web page and very low overhead provide Daisy’s competitive edge.


What are the issues? Accountability -- Security relevant activities on a system can be traced to

individuals who may be held responsible for their actions Availability -- System resources are safeguarded from tampering and are

available for authorized users at the time and in the format needed Access Control -- Access to the system resources is limited to authorized

individuals, entities, or processes Confidentiality -- Information is not accessed by or disclosed to unauthorized

individuals, entities, or processes Identification and Authentication -- Verification that the originator of a

transaction is the originator Integrity -- Information is not undetectably altered or destroyed by an

unauthorized person or process Non-repudiation -- Undeniable proof of participation by the sender and/or

receiver in a transaction Privacy – individual rights to nondisclosure


Security Overview (Figure 5-1)

Countermeasures are procedures, either physical or logical, that recognize, reduce, or eliminate a threat


What is Security?

Dictionary Definition: protection or defense against attack, interference, espionage, etc.


E-comm Requirements


ConfidentialityConfidentiality private exchange of information only from originator

to intended recipient

IntegrityIntegrity no modification to the information exchanged

without consent

Authentication/IdentificationAuthentication/Identification ensuring that an individual is who she claims to be.


Security – The Business Challenge

Who’s the bad guy? Competitors, foreign governments, network hackers, disgruntled ex-employees, news and media, unauthorized customers, employees, etc?

How do I protect my information from the bad guys, without making employees and authorized users less productive?

How can I administer security consistently, reliably, and cost effectively across all of my distributed information resources ?

Insiders80%

Outsiders20%

Studies show 80% of real security problems are caused by authorized users


What Is Hacking?

Unauthorized or Unintended use of information Technology assets for… Personal gainPersonal gain

Theft, fraud PrestigePrestige RevengeRevenge TerrorismTerrorism


Why is hacking a problem?

Hacks mean business…and they hurt Corporate imageCorporate image

Customer & Employee PrivacyCustomer & Employee Privacy

Real $$$$ often in millionsReal $$$$ often in millions


Hacked Web Site Before….


…And After


Security Threats


InterruptionInterruption InterceptionInterception ModificationModification MasqueradeMasqueradeIntranet has 3 separate components SecrecySecrecy IntegrityIntegrity AvailabilityAvailability


Protecting ElectronicCommerce Assets

You cannot hope to produce secure commerce systems unless there is a written security policy What assets are to be protected What is needed to protect those assets Analysis of the likelihood of threats Rules to be enforced to protect those

assets


Security Policy

AffordabilityAffordability – how much does it cost? FunctionalityFunctionality – Are the computers still

easy to use Cultural CompatibilityCultural Compatibility – Does it conflict

with normally accepted practices at the site

LegalityLegality – does it meet the company’s legal requirements


Security Mechanisms

Isolated IntranetIsolated Intranet – simple & secure but no access to to internet.

firewall

Proxy Servers-Proxy Servers-only IP address of proxyonly IP address of proxy Access ControlAccess Control

Access control files Restrictions by IP Address

Data Security MechanismsData Security Mechanisms Basic security in HTTP Encryption


Firewall CapabilityFirewall can Focus for security decisions Enforce security policy Log internet activity Limit exposure

keeps one section of intranet separate from another

Firewall can not Protect against malicious insiders Protect against connections that do not go

through it Protect against new threats Protect against viruses


On 8 February, 1587 Elizabeth I of England signed Mary's death warrant, and she was executed at Fotheringay Castle. The execution did not go well for Mary as the executioner was unable to sever her neck with one blow, and was forced to use a grinding motion on her to complete the task.

All because of weak encryption.


Encryption

Helps guarantee privacy & authentication

Two types of encryption public-key encryption Private key - symmetric-key cryptography


Private Key Encryption

1. Doug places document in strongbox1. Doug places document in strongbox

3. Box is transported to Nola3. Box is transported to Nola

5. Nola retrieves document5. Nola retrieves document

2. Doug locks box with key to the lock2. Doug locks box with key to the lock 4. Nola uses duplicate key

and unlocks box.4. Nola uses duplicate key and unlocks box.

Also referred to as symmetric key or secret key cryptography


Symmetric Key Encryption( Private Key )

EncryptionEncryption

““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”

““AxCv;5bmEseTfid3)AxCv;5bmEseTfid3)fGsmWe#4^,sdgfMwifGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!r3:dkJeTsY8R\s@!q3%”q3%”


DecryptionDecryption

Plain-text inputPlain-text input Plain-text outputPlain-text outputCipher-textCipher-text

Same keySame key

(shared secret)(shared secret)


Examples & Problems If N people need to

communicate pairwise, then N(N-1)/2 keys need to distributed.

How should the secret key be exchanged?

Any symmetric key method that uses more than 40 bit keys are viewed as strong encryption.

Export is limited by regulation.

Examples of Algorithms

DES SkipJack IDEA RC2 & RC4


Public Key Encryption

1. Doug places document in strongbox1. Doug places document in strongbox

3. Box is transported to Nola3. Box is transported to Nola

5. Nola retrieves document5. Nola retrieves document

2. Doug locks box with righty key to the lock2. Doug locks box with righty key to the lock 4. Nola gets copy of Bob’s lefty key

and unlocks box.4. Nola gets copy of Bob’s lefty key and unlocks box.


Public Key Encryption


““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”


Clear-text inputClear-text input Clear-text outputClear-text outputCipher-textCipher-text

DifferentDifferent keys keys

Recipient’sRecipient’s public keypublic key

Recipient’s Recipient’s private keyprivate key

privatepublic

EncryptionEncryption DecryptionDecryption


Public Key Pairs

private

private

publicpublic

Public and private keys are always Public and private keys are always generated as agenerated as a matchedmatched pairpair

Keys are mathematically related but it is Keys are mathematically related but it is computationally infeasiblecomputationally infeasible to deduce a to deduce a private key from its public keyprivate key from its public key

Private keys are kept secret - preferably by Private keys are kept secret - preferably by being stored in a tamper-resistant chipbeing stored in a tamper-resistant chip

private

private

Public keys are just that - Public keys are just that - public!public!

MM

SMART SMART CARDCARD123 89 3486123 89 3486


Key Management Ideally, every person has two key pairs:

Key-exchange key pair Signature key pair Key pairs are distinct

Public and private keys are always generated as a pair at the user’s machine

Public key can be openly shared Private key is always kept private

(it never leaves the machine where it was generated)


Key Pair Use

Key-exchange key pair Recipient’s public key is used to send

a randomly chosen communication key

Signature key pair Sender’s private signing key is used

in digital signature operations Recipient verifies signature using

sender’s public signing key


Main Differences In private key systems, the same key is

used to encrypt and decrypt. So a single key has to be shared between devices/individuals who need to communicate.

In public key systems, two keys are generated. A message encrypted with one, can be decrypted with the other. Concept of a private (secret) key and a public key.


Problems With Public Key Encryption

Computationally very complex 1000 times slower on average than private key

systems.

Key management how can an individual trust the public key?

How do they know that it really belongs to an individual?

the need for certification authorities Verisign USPS


Browser check

Ensure Your BrowserIs SecureThe information-like credit card numbers- you share with Web sites is only as safe as your Web browser. Use the free Browser Check to ensure you've got the latest, most secure Web browser.

With one click, Browser Check instantly tells you:

•What browser and version you're using •Your browser's encryption strength-standard 40-bit SSL, or 128-bit SSL: the strongest encryption available •Upgrade recommendations


Encryption Options

Secure HTTP (S-HTTP ) Secure Sockets Layer (SSL ) most popular

Private Communication Technology (PCT)

Secure Electronic Transfer (SET)


Secure Socket Layer (SSL)

Netscape has designed a security protocol called Secure Sockets Layer (SSL) which provides data encryption server authentication message integrity optional client authentication for a TCP/IP

connection Web pages that have a SSL

connection start with https: instead of http:


Normally the padlock or key icon will change and become closed or

unbroken when entering a secure site

Secure Secure SiteSite


Table Summary of Security Issues


Definitions

access access code access control authentication authorization Certificate Authority crack data integrity digital certificate digital envelope digital signature firewall hack hacker IP spoofing

password PKI Pretty Good Privacy S-HTTP S/MIME secure server security SET smart card SOCKS SSL token Trojan horse username virus

Documents

Fall 99 Mngt 3862/99 James Clark Electronic Exchange of Information Participant Network What could go wrong in this setting ?