Download - E-Commerce Engineer - Security in E-Commerce
1
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
E-Commerce Engineer - Security in E-Commerce
Encryption and Security Measures
2
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Definition of Security problems
A security-system is correct, if it has the following parameters:
• Closeness• Holistic• Continuity• Venture proportion
3
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
General problems of the information-security
• Security problems of the design and the development procedure
• Information-security• Data-security• Dependable working
4
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Security problems of the design and the development
• Documentation, documents– security classification– critical hardware and network items
5
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The information-security
• Regulation of the data-access rights• Identification and validation• Information-security on the information-system
level• Virus defence
6
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Data-manipulating rights control
• Scope of authority issue• Control• Data-access rights• Unauthorized data-access attempt• Firewall configuration
7
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Identification and validation
• User identification• Validation• Secession• Multilevel identification and validation system• Misregistration
8
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Information-security on the informatics-system level
• Information-security on the level of:– Operating system– Application defence– Menu-system – File system
9
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Virus defence
• System-servers• Application servers• Data medium• New software• For a longer time unused software
10
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The data-security
• Security of the data-recording• Security of the data-storage• Security of the data-access
11
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Security of the data-recording
• Input-data accuracy• Data-transmission• Development of the data-recording policy• Logging of the data-recording events• Data-recording rights• Input warrants• Semantic and syntax monitoring of input data
12
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Security of data-storage
• Development of data-storage policies• After-processing control• Redundant-storage• Data encryption
13
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Security of data-access
• Development of data distribution policies• Development of the data-access rights• Data-integration
14
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Dependable working 1
• Infrastructure– physical defence of storage and computer rooms– dependable power supply– bias control
• HRM- human resource management– staff trusty operation– viewpoints– personal factors
15
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Dependable working 2
• Audition of reliability• Restart• Data medium– storage– security copies– archiving
16
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Dependable working 3
• Hardware– physical defence– conditions of the dependable operation– floppy-drive disabling– service– bound of workstation– communication network
17
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Dependable working 4
• Software– legality– virus defence– testing for fail-safe operation– documentation– source-code availability
18
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
IT security in the the running system
• Access regulation• Access control• Integration control• Data-security• Fail-spanning• Restart• Development and observance of operating
policies• Disaster-plan
19
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Cryptographic-protocol of e-commerce 1
• Identification– partner-identification– server- identification– client- identification
• Message-authentication• Verifying digital signatures• Secret-sharing
20
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Cryptographic-protocol of e-commerce 2
• Encryption-key maintenance– generation– allocation– authentication– revocation– key server
• Time-stamp
21
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Developers and products of the cryptographic standards 1
• ANSI standards– DSA-based digital signature– RSA -based digital signature– Ellipse-curve based digital signature (ECDSA)
22
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Developers and products of the cryptographic standards 2
• FIPS (US) standards– Escrowed encryption standard (EES)– Data encryption standard (DES)– Advanced encryption standard (AES)– Hash standard for digital signature (SHS)– Digital signature standard (DDS) using a Digital
signature algorithm (DSA)
23
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Developers and products of the cryptographic standards 3
• RSA Laboratories specifications, PKCS (Public-Key Cryptography Standards)– RSA standard– Diffie-Helmann key standard– ITU (International Telecommunication Union)– X.509 authentication framework
24
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Developers and products of the cryptographic standards 4
• PEM (privacy-enchanted mail)• W3C commendations• ETSI (European Telecommunications Standards
Institute) standards
25
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The RSA-based encryption 1
• Algorithm of the RSA– selection of parameters– encryption keys– message-handling
26
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Message-handling
• The message encryption:Encoding the m (0<m<n, (m,n)=1) message:
c ≡ me mod n,
c - the encrypted message
• Decoding of c(0<c<n) encrypted message:m ≡ cd mod n,
m - the resolved message
The condition (m,n)=1 ensures the unambiguous coding
27
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The RSA-based encryption 2
• The RSA attributes (algorithms)– the RSA algorithm can be easily computerized– its security is adequate– simple mathematical background– well known– typical parameters– applied acceleration– Wassenaar command– patent
28
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The RSA-based encryption 3
• RSA attributes (offensives)– factorisation of n : full-hacking– selection small d : full-hacking– selection of small e : some of the messages can be
hacked
29
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The RSA-based encryption 4
• Preparation of the RSA parameters– methods for selection of p and q and for the
factorisation of n– the prime-dissociation current highest efficiency– finding primes– selection of parameter d – selection of parameter e– the RSA summing up and evaluation
30
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Functional encrypting
• Encrypting data files
• RSA SecurID method– advantages– disadvantages
31
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The SHIELD-system 1
• Inventor and developer of the SHIELD-program is:Balogh Zoltán
• The SHIELD function– Operation– Attributes
• countermoves• signal• notes
32
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
The SHIELD-system 2
• Comparison with other defence systems
– with the DES
– with the RSA
33
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Firewall and e-mail screening 1
• The structure of the security system of a local area networked organisation– Usually steps of building up the security system– Security-policy– E-mail– Outer connection from the Internet
34
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Firewall and e-mail screening 2
• The firewall configuration– The network tools of the firewall – Risks you want to avoid using a firewall– Filtering options– Firewall types– Downloads– AVG FREE EDITION
35
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Firewall and e-mail screening 3
• E-mail screening– Arrange of scope of the screening– User-level screening– Spam notification– The attachment-screening
36
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Laws for data-security
• Current laws in Hungary• Current laws in the European Union
37
E-COMMERCE JOBS This project (Project number: HU/01/B/F/PP-136012) is carried out with the financial support of the Commssion of the European Communities under the Leonardo da Vinci Programme
Database ModelsVer: 1.0
Other information
• MTA SZTAKI– Post Address: H-1518 Budapest, P.O. Box 63.– Phone: +36 (1) 279-6000– Telefax: +36 (1) 466-7503
• Éva Feuer– Post Address: H-1518 Budapest, P.O. Box 63.– Phone: +36 (1) 279-6285– Telefax: +36 (1) 466-7503