security issues in ec

53
中中中中 中中中 1 Security Issues in EC 中中中中 . 中中中中中 中中中 mailto: [email protected] http://www.mgt.ncu.edu.tw/~ckfarn 2011.05 9

Upload: gavin

Post on 23-Jan-2016

33 views

Category:

Documents


0 download

DESCRIPTION

9. Security Issues in EC. 中央大學 . 資訊管理系 范錚強 mailto: [email protected] http://www.mgt.ncu.edu.tw/~ckfarn 2011.05. What Is EC Security?. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Security Issues in EC

中央大學。范錚強 1

Security Issues in EC

中央大學 . 資訊管理系范錚強

mailto: [email protected]://www.mgt.ncu.edu.tw/~ckfarn

2011.05

9

Page 2: Security Issues in EC

中央大學。范錚強 2

What Is EC Security?

Computer security refers to the protection of data, networks, computer programs, computer power and other elements of computerized information systems

Page 3: Security Issues in EC

中央大學。范錚強 33

安全威脅有多大?

2008 年電腦犯罪及安全調查來源: Computer Security Institute (CSI), CSI Survey 2007

美國企業因資訊安全問題而衍生的損失,平均高達 35 萬 (2006: 17 萬 )

46% 企業遭受到資訊安全破壞 (2006:53%; 2005: 56%)

52% 電腦偵測到非法使用

Page 4: Security Issues in EC

中央大學。范錚強 4

Page 5: Security Issues in EC

中央大學。范錚強 5

Page 6: Security Issues in EC

中央大學。范錚強 6

What kinds of security questions arise?

From the user’s perspective:How can the user be sure that the Web server is owned and operated by a legitimate company?

How does the user know that the Web page and form do not contain some malicious or dangerous code or content?

How does the user know that the owner of the Web site will not distribute the information the user provides to some other party?

Page 7: Security Issues in EC

中央大學。范錚強 7

What kinds of security questions arise?

From the company’s perspective:How does the company know the user will not attempt to break into the Web server or alter the pages and content at the site?How does the company know that the user will not try to disrupt the server so that it is not available to others?

Page 8: Security Issues in EC

中央大學。范錚強 8

What kinds of security questions arise?

From both parties’ perspectives:How do both parties know that the network connection is free from eavesdropping by a third party “listening” on the line?

How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered?

Page 9: Security Issues in EC

中央大學。范錚強 9

Basic Security Terminology

business continuity planA plan that keeps the business running after a disaster occurs. Each function in the business should have a valid recovery capability plan

cybercrimeIntentional crimes carried out on the Internet

exposureThe estimated cost, loss, or damage that can result if a threat exploits a vulnerability

fraudAny business activity that uses deceitful practices or devices to deprive another of property or other rights

Page 10: Security Issues in EC

中央大學。范錚強 10

Basic Security Terminology 2

malware (malicious software)\A generic term for malicious software

PhishingA crimeware technique to steal the identity of a target company to get the identities of its customers

RiskThe probability that a vulnerability will be known and used

social engineeringA type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action that compromises a computer or network

Page 11: Security Issues in EC

中央大學。范錚強 11

Basic Security Terminology 3

SpamThe electronic equivalent of junk mail

VulnerabilityWeakness in software or other mechanism that threatens the confidentiality, integrity, or availability of an asset (recall the CIA model). It can be directly used by a hacker to gain access to a system or network

ZombiesComputers infected with malware that are under the control of a spammer, hacker, or other criminal

Page 12: Security Issues in EC

中央大學。范錚強 12

Page 13: Security Issues in EC

中央大學。范錚強 13

Threats and Attacks: Unintentional and Intentional

Unintentional ThreatsHuman error (標錯價)Environmental hazards (天然災害)Malfunctions in the computer system

Intentional Attacks and Crimes

Page 14: Security Issues in EC

中央大學。范錚強 14

Criminals and Social Engineering

cybercriminal

A person who intentionally carries out crimes over the Internet.

hacker

Someone who gains unauthorized access to a computer system.

cracker

A malicious hacker, such as Maxwell in the opening case, who may represent a serious problem for a corporation.

Vulnerable Areas Are Being Attacked

Page 15: Security Issues in EC

中央大學。范錚強 15

Security Requirements in EC

Authentication 身份確認Process to verify (assure) the real identity of an individual, computer, computer program, or EC Web site

Authorization 授權Process of determining what the authenticated entity is allowed to access and what operations it is allowed to perform

Nonrepudiation 不可否認Assurance that online customers or trading partners cannot falsely deny (repudiate) their purchase or transaction

Auditing 稽核軌跡The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions

Page 16: Security Issues in EC

中央大學。范錚強 16

CIA security triad (CIA triad)

Three security concepts important to information on the Internet: confidentiality, integrity, and availability

Page 17: Security Issues in EC

中央大學。范錚強 17

CIA Triad

Confidentiality Assurance of data privacy and accuracy. Keeping private or sensitive information from being disclosed to unauthorized individuals, entities, or processes

Integrity Assurance that stored data has not been modified without authorization; a message that was sent is the same message that was received

AvailabilityAssurance that access to data, the Web site, or other EC data service is timely, available, reliable, and restricted to unauthorized users

Page 18: Security Issues in EC

中央大學。范錚強 18

General Security Issues at EC Sites

身份確認 隱私 /資料完整性

不可否認性

Page 19: Security Issues in EC

中央大學。范錚強 19

資料安全的威脅

外來的攻擊天災意外

Page 20: Security Issues in EC

中央大學。范錚強 20

Types of Threats and Attacks

nontechnical attackAn attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network

Page 21: Security Issues in EC

中央大學。范錚強 21

Nontechnical Attacks: Social Engineering

A type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access

向屬下要帳號密碼A multiprong approach should be used to combat social engineering

Education and trainingPolicies and proceduresPenetration testing

Page 22: Security Issues in EC

中央大學。范錚強 22

technical attack

An attack perpetrated using software and systems knowledge or expertisecommon (security) vulnerabilities and exposures (CVEs)

Publicly known computer security risks, which are collected, listed, and shared by a board of security-related organizations (cve.mitre.org)National Infrastructure Protection Center (NIPC)A joint partnership under the auspices of the FBI between governmental and private industry; designed to prevent and protect the nation’s infrastructure

Page 23: Security Issues in EC

中央大學。范錚強 23

Types of Threats and Attacks

denial-of-service (DoS) attackAn attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources

distributed denial-ofservice (DDoS) attackA denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer

Page 24: Security Issues in EC

中央大學。范錚強 24

Types of Threats and Attacks

MalwareA generic term for malicious software

VirusA piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it

wormA software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine

Page 25: Security Issues in EC

中央大學。范錚強 25

Security Risk Management

A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks

Security risk management consists of three phases:Asset identificationRisk assessmentImplementation

Page 26: Security Issues in EC

中央大學。范錚強 26

Securing EC Communications

public key infrastructure (PKI)A scheme for securing e-payments using public key encryption and various technical components

encryptionThe process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it

plaintextAn unencrypted message in human-readable form

Page 27: Security Issues in EC

中央大學。范錚強 27

Securing EC Communications

ciphertextA plaintext message after it has been encrypted into a machine-readable form

encryption algorithmThe mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa

keyThe secret code used to encrypt and decrypt a message

Page 28: Security Issues in EC

中央大學。范錚強 28

Securing EC Communications

symmetric (private) key systemAn encryption system that uses the same key to encrypt and decrypt the message

Data Encryption Standard (DES)The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000

Page 29: Security Issues in EC

中央大學。范錚強 29

Exhibit 11.4 Symmetric (Private) Key Encryption

Page 30: Security Issues in EC

中央大學。范錚強 30

Public (Asymmetric) Key Encryption

public key encryptionMethod of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa

public keyEncryption code that is publicly available to anyone

Page 31: Security Issues in EC

中央大學。范錚強 31

Digital Signatures

digital signatureAn identifying code that can be used to authenticate the identity of the sender of a document

hashA mathematical computation that is applied to a message, using a private key, to encrypt the message

message digestA summary of a message, converted into a string of digits, after the hash has been applied

digital envelopeThe combination of the encrypted original message and the digital signature, using the recipient’s public key

Page 32: Security Issues in EC

中央大學。范錚強 32

非對稱金鑰

又稱 RSA 加密由 R/S/A 三位學者發明,由數學方式產生一對不相同的金鑰兩者之間無法經由任何數學運算獲得,必須同時產生其中之一由私人保存,另一個則公開經由私鑰加密者,只能由公鑰解密,反過來也一樣

Page 33: Security Issues in EC

中央大學。范錚強 33

非對稱式金鑰,防止外洩

信息明文

信息密文

R 公鑰加密

信息密文

信息明文

S

RR 私鑰解密

Page 34: Security Issues in EC

中央大學。范錚強 34

非對稱式金鑰,防止否認

信息明文

信息密文

R 公鑰加密

信息密文

信息明文

S

RR 私鑰解密

S 公鑰解密

S 私鑰加密

Page 35: Security Issues in EC

中央大學。范錚強 35

PKI/CA

PKI – Public Key Infrastructure公開金鑰架構利用非對稱金鑰來進行的加解密機制

CA – Certificate Authority憑證中心:公鑰憑證發行單位需要有公信力有層級性的發行單位

Page 36: Security Issues in EC

中央大學。范錚強 36

事前向有公信力的憑證機構註冊,由其簽發公鑰憑證。

發證者名稱有效日期持有人姓名持有人公鑰

CA 簽章

公開供鑑別簽署者身分

范錚強

X509

XXXX 契約

電子文件

110111001數位簽章

( 類似印鑑登記 )

公鑰憑證

一對一配對關係

簽章私鑰 簽章公鑰

非對稱金鑰的發行

Page 37: Security Issues in EC

中央大學。范錚強 37

憑證中心

申請電子印鑑

電子證書

提供服務的企業

其他企業顧客

核發

0101010101

附上電子簽章

接受各界查詢並確認電子印鑑使用者的身分

電子文件

電子文件

0101010101

向認證中心查證電子印鑑之真偽

線上申請

線上處理

范錚強

15

網際服務網─提供線上申辦服務

1 2

3

4

5

電子認證

范錚強

范錚強

Page 38: Security Issues in EC

中央大學。范錚強 38

Secure Socket Layer (SSL)

Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality

在用戶不知覺的情況之下,交換資料的電腦間交換非對稱金鑰

Transport Layer Security (TLS)

As of 1996, another name for the SSL protocol

Page 39: Security Issues in EC

中央大學。范錚強 39

Securing EC Networks

demilitarized zone (DMZ)Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall.

personal firewallA network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card.

Page 40: Security Issues in EC

中央大學。范錚強 40

資訊安全的威脅

惡意 非人為、無意硬體破壞 竊盜、搗毀 自然災害、儲存媒體

損毀

資料破壞 資料竄改、資料增刪、系統性更動資料

程式師無能、不小心、遺漏

資料外洩 資料複製、網路截取、詐騙

不小心

網路入侵 竊取資料、破壞、將受侵電腦作為犯罪工具

──

資料安全不只是 MIS 的事!

Page 41: Security Issues in EC

中央大學。范錚強 41

安全的基本基本觀念

安全不是絕對的安全和易用性的兩難

安全是有價的你願意付出什麼樣的代價?你的安全風險 exposure 有多高?

資訊安全有技術面和人性面破壞安全者,都是「人」

主要是內部的人人性!!

Page 42: Security Issues in EC

中央大學。范錚強 42

安全和易用性

想一想,你回家和出門時…進門需要開十個鎖出門需要鎖十道門…

你十天之後會做什麼?

風險和安全措施的對稱

Page 43: Security Issues in EC

中央大學。范錚強 43

資訊安全的確保

評估風險和損失針對可能的威脅加以防護以技術加上來制度(或習慣)來防範

瞭解技術的特性以技術來加強、以制度來確保

鏈條的強度,是最弱一環的強度

Page 44: Security Issues in EC

中央大學。范錚強 44

你花 100 萬買了一輛新車

請問:以下什麼行動是合理的?你花了 50 萬裝了一個防盜設備你雇用專人 24 小時輪班看守你花了 3 萬買失竊險

什麼叫合理?

Page 45: Security Issues in EC

中央大學。范錚強 45

你家附近最近小偷猖獗

弟弟提議加裝一套新的鎖頭你檢驗後,發現新鎖頭雖然是你能負擔的鎖頭中最好的,但還是無法保障 100% 安全請問,買不買?

Page 46: Security Issues in EC

中央大學。范錚強 46

企業環境

法律環境

保險

安全方案

國際標準

企業體

流程管制

人事管制

文件管制

使用者管制復原計畫

安全政策

應用軟體

輸入輸出管制

程式管制

稽核軌跡

進出管控

隔離

操作管制

安全的「洋蔥」

硬體資料

通訊管制

Page 47: Security Issues in EC

中央大學。范錚強 47

技術掛帥的環境

重視實體安全、通訊安全忽略管理面、人性面幸好…

資訊安全防護在 1999/2000 年,出現國際標準: BS7799/ISO17799/ISO27001

Page 48: Security Issues in EC

中央大學。范錚強 48

BS7799/ISO17799

英國的資訊安全標準被國際標準組織接受內容:資訊安全的管控

從政策、程序、存取、復原等完整的資訊安全考量

Page 49: Security Issues in EC

中央大學。范錚強 49

BS7799 的安全十大項目

安全政策:提供管理面的指導性原則安全組織資產分類與管理

依風險和損害對資產採取分級分類人事管制

減少人為錯誤、偷竊、欺詐或濫用設施的風險 實體和環境安全

Page 50: Security Issues in EC

中央大學。范錚強 50

BS7799 的主要內容 2

通訊與操作管制存取管制安全體系的建立和維持復原計畫

防止商業活動的中斷,並保護關鍵的業務過程免受重大故障或災難的影響

符合法律和規章

Page 51: Security Issues in EC

中央大學。范錚強 51

安全管理重點

Process life cycle control全程的管理和安全確保,而非侷限於技術面

SOP做你說你要做的事,但你要做什麼?為何?

Check and balance權責分離、制衡

Recovery萬一出事,如何處理?

Page 52: Security Issues in EC

中央大學。范錚強 52

Business Continuity and Disaster Recovery Planning

Disaster avoidanceAn approach oriented toward prevention. The idea is to minimize the chance of avoidable disasters (such as fire or other human-caused threats).

Risk-management and cost-benefit analysisRisk-Management Analysis

Ethical Issues

Page 53: Security Issues in EC

中央大學。范錚強 53

EC Security Policies and Training

Acceptable use policy (AUP)

Policy that informs users of their responsibilities when using company networks, wireless devices, customer data, and so forth.