Security Ppt2007 - Copy

8/14/2019 Security Ppt2007 - Copy

1/25

Security Issues for the E-Busin

Economy

RAVI KUMAR (EC 7th Sem,ASCT) SAQUIB ARSHAD (

[email protected] saquibsecu


2/25

Overview

What is E-Business?

Areas of E-Business.

What is security?

Different Kinds of Threats. Common security attacks and counter

Security Tools.

Security Policies.

ASCT,BHOPAL


3/25

E-business

Utilization of Information and Communication Technology (ICT)

the actvities of Business.

Production processes

Customer-focused processes

Internal management processes

ASCT,BHOPAL


4/25

ASCT,BHOPAL

Area ofE-Business

Financial institutions and banks

Internetservice providers

Pharmaceutical companies

Government and defense agencies

Contractorsto various government a

Multinational corporations


5/25

ASCT,BHOPAL

What is Security

Dictionary.com says:

1.Freedom from risk or danger; safety.

2.Freedom from doubt, anxiety, or fear; confide

3.Something that gives or assuressafety, as:

1.A group or department of private guards:Call ba visitor actssuspicious.

2.Measures adopted by a governmentto preventintruders.

3.Measures adopted, asby a business or homeowcrime such asburglary or assault:Security was lax smaller plant.

etc.


6/25


7/25

ASCT,BHOPAL

What is Security






2.Measures adopted by a governmentto preventsabotage, or attack.


etc.


8/25

ASCT,BHOPAL

What is Security






2.Measures adopted by a governmentto preventsabotage, or attack.


etc.


9/25

ASCT,BHOPAL

Why do we need securi

Protect vital information while still a

accessto those who need it

Trade secrets, medical records, etc.

Provide authentication and access coresources

Guarantee availability of resources

Ex:59s (99.999% reliability)


10/25

Different Kinds ofThrea

Physical breakdowns.

Operating mistakes.

Planning mistakes. Intentional attacks for fun and prof

Own personnel is usually consider

largest security threats

ASCT,BHOPAL


11/25

ASCT,BHOPAL

TCP Attacks

If an attacker learnsthe associated T

for the connection,then the connec

be hijacked!

Attacker can insert malicious data instream, and the recipient will believe

from the original source

Ex.Instead of downloading and runnin

program,you download a virus and exe


12/25


13/25

Sniffing

Data packets are interrupt in trans

varioussoftware programsthat are f

Typical servicesthat are sniffed are

FTP,SMTP (E-mail) packets ifunencry

ASCT,BHOPAL


14/25

DENIAL OF SERVICE ATTAC

ASCT,BHOPAL


15/25

Security Issues for the E-Busin

Economy

RAVI KUMAR (EC 7th Sem,ASCT) SAQUIB ARSHAD (

[email protected] saquibsecu


16/25


17/25

Firewalls

A firewall is like a castle with a draw

Only one point of access into the netw

This can be good or bad

Can be hardware or software

Ex.Some routers come with firewall fu

ipfw, ipchains, pf on Unix systems,Win

and Mac OS X have built in firewalls

ASCT,BHOPAL


18/25

FirewallInstallation

ASCT,BHOPAL


19/25

Anti-Viruses

Virus protection software.

Identify known viruses when they at

strike.

ASCT,BHOPAL


20/25

ASCT,BHOPAL

Intrusion Detection

Used to monitor for suspicious activ

network

Can protect against known software ex

buffer overflows Open Source IDS


21/25

Security Policies

Identity

Passwords

Access Control

Digital Certificate

ASCT,BHOPAL


22/25

Any part of the system can be attacked

New attacks crop up all the time

A host can be made fairly secure with skills ansystem administration, security tools and secu

A firewall limits traffic between two networks

Still, remember that the main threat is the peothe computers

Three people can keep a secret only if two of thdead

-Ben

Summary

ASCT,BHOPAL


23/25


24/25


25/25

Documents

Security Ppt2007 - Copy