security requirements in ebusiness

Security requirements in E-business-overview

security

catchy word for marketing, products vendor, consultant, and consumers of IT

enterprise

needs to be focused in the area of its core competence

Information technology has become the key enabler to an enterprise to meet this challenge

implement an IT governance model within the enterprise

protecting an enterprise information

• stored

• maintained

• monitored

• updated

• transmitted

• weeded using this technology

new challenges

• information theft • electronic frauds • cyber vandalism • legal charges or litigation.

study the information security assurance requirements from the

enterprise perspective

road map

understand how to develop a road map that fit the need for all its stakeholders namely

• shareholders • employees • vendors • customers • regulatory bodies.

Chief security officers

accountable for expenditures should recognize that “information security” is not part of IT infrastructure

Information securityThis includes• Policy• Process• Procedure• Measure• metric

Security life cycle

Risk assessment

• identification and design of IT controls• implementation• use of metrics to measure• monitor and report • bring in changes to protect the enterprise IT

infrastructure.

security threats

There are security threats in India which rank 63 with an attack rate of 1781 attacks per 1,00,000 internet users.

categories of threats• Malicious software • spooling • scanning • snooping • scavenging• spamming• tunneling• malfunction • human error• physical environment

Information harvesting

Technique of without actually breaking into a system, some remotely accessible programs can be exploited to return information that was meant to be available

Denial of service

attacks are commonly launched from one or more points on the internet that are external to the victim own system or network.

Causes of DOS attacks

• TCP floods• ICMP echo• UDP floods• Source IP address• Source destination ports• Other IP header values

ways of propagation

• Central source propagation• Back chaining propagation• Autonomous propagation

Virus, worms and Trojan horses

malicious programs that can damage to your computer and information on your computer

Concept of encryption & decryption

Encryption algorithm

Decryptionalgorithm

Network

Sending device

Receiving device

They can slow down the internet and might even use your computer to

spread themselves to your friends, family ,co-workers and test of the

web.

virus

piece of computer code that attaches itself to a program or file so it can spread from computer to computer, infecting as it travels.

worm

designed to copy itself from one computer to another , but it automatically by taking control of features on the computer that can transport files or information.

Trojan horse

computer programs that appear to be useful software but affect security and cause lot of damage

“Like” us on Facebook: http://www.facebook.com/welearnindia p // /

“Follow” us on Twitter:http://twitter com/WeLearnIndiahttp://twitter.com/WeLearnIndia

Watch informative videos on Youtube: http://www.youtube.com/WelingkarDLP