Upload
supermanrav
View
221
Download
0
Embed Size (px)
Citation preview
8/14/2019 Security Ppt2007 - Copy
1/25
Security Issues for the E-Busin
Economy
RAVI KUMAR (EC 7th Sem,ASCT) SAQUIB ARSHAD (
[email protected] saquibsecu
8/14/2019 Security Ppt2007 - Copy
2/25
Overview
What is E-Business?
Areas of E-Business.
What is security?
Different Kinds of Threats. Common security attacks and counter
Security Tools.
Security Policies.
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
3/25
E-business
Utilization of Information and Communication Technology (ICT)
the actvities of Business.
Production processes
Customer-focused processes
Internal management processes
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
4/25
ASCT,BHOPAL
Area ofE-Business
Financial institutions and banks
Internetservice providers
Pharmaceutical companies
Government and defense agencies
Contractorsto various government a
Multinational corporations
8/14/2019 Security Ppt2007 - Copy
5/25
ASCT,BHOPAL
What is Security
Dictionary.com says:
1.Freedom from risk or danger; safety.
2.Freedom from doubt, anxiety, or fear; confide
3.Something that gives or assuressafety, as:
1.A group or department of private guards:Call ba visitor actssuspicious.
2.Measures adopted by a governmentto preventintruders.
3.Measures adopted, asby a business or homeowcrime such asburglary or assault:Security was lax smaller plant.
etc.
8/14/2019 Security Ppt2007 - Copy
6/25
8/14/2019 Security Ppt2007 - Copy
7/25
ASCT,BHOPAL
What is Security
Dictionary.com says:
1.Freedom from risk or danger; safety.
2.Freedom from doubt, anxiety, or fear; confide
3.Something that gives or assuressafety, as:
1.A group or department of private guards:Call ba visitor actssuspicious.
2.Measures adopted by a governmentto preventsabotage, or attack.
3.Measures adopted, asby a business or homeowcrime such asburglary or assault:Security was lax smaller plant.
etc.
8/14/2019 Security Ppt2007 - Copy
8/25
ASCT,BHOPAL
What is Security
Dictionary.com says:
1.Freedom from risk or danger; safety.
2.Freedom from doubt, anxiety, or fear; confide
3.Something that gives or assuressafety, as:
1.A group or department of private guards:Call ba visitor actssuspicious.
2.Measures adopted by a governmentto preventsabotage, or attack.
3.Measures adopted, asby a business or homeowcrime such asburglary or assault:Security was lax smaller plant.
etc.
8/14/2019 Security Ppt2007 - Copy
9/25
ASCT,BHOPAL
Why do we need securi
Protect vital information while still a
accessto those who need it
Trade secrets, medical records, etc.
Provide authentication and access coresources
Guarantee availability of resources
Ex:59s (99.999% reliability)
8/14/2019 Security Ppt2007 - Copy
10/25
Different Kinds ofThrea
Physical breakdowns.
Operating mistakes.
Planning mistakes. Intentional attacks for fun and prof
Own personnel is usually consider
largest security threats
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
11/25
ASCT,BHOPAL
TCP Attacks
If an attacker learnsthe associated T
for the connection,then the connec
be hijacked!
Attacker can insert malicious data instream, and the recipient will believe
from the original source
Ex.Instead of downloading and runnin
program,you download a virus and exe
8/14/2019 Security Ppt2007 - Copy
12/25
8/14/2019 Security Ppt2007 - Copy
13/25
Sniffing
Data packets are interrupt in trans
varioussoftware programsthat are f
Typical servicesthat are sniffed are
FTP,SMTP (E-mail) packets ifunencry
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
14/25
DENIAL OF SERVICE ATTAC
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
15/25
Security Issues for the E-Busin
Economy
RAVI KUMAR (EC 7th Sem,ASCT) SAQUIB ARSHAD (
[email protected] saquibsecu
8/14/2019 Security Ppt2007 - Copy
16/25
8/14/2019 Security Ppt2007 - Copy
17/25
Firewalls
A firewall is like a castle with a draw
Only one point of access into the netw
This can be good or bad
Can be hardware or software
Ex.Some routers come with firewall fu
ipfw, ipchains, pf on Unix systems,Win
and Mac OS X have built in firewalls
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
18/25
FirewallInstallation
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
19/25
Anti-Viruses
Virus protection software.
Identify known viruses when they at
strike.
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
20/25
ASCT,BHOPAL
Intrusion Detection
Used to monitor for suspicious activ
network
Can protect against known software ex
buffer overflows Open Source IDS
8/14/2019 Security Ppt2007 - Copy
21/25
Security Policies
Identity
Passwords
Access Control
Digital Certificate
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
22/25
Any part of the system can be attacked
New attacks crop up all the time
A host can be made fairly secure with skills ansystem administration, security tools and secu
A firewall limits traffic between two networks
Still, remember that the main threat is the peothe computers
Three people can keep a secret only if two of thdead
-Ben
Summary
ASCT,BHOPAL
8/14/2019 Security Ppt2007 - Copy
23/25
8/14/2019 Security Ppt2007 - Copy
24/25
8/14/2019 Security Ppt2007 - Copy
25/25