security requirements in ebusiness
Upload: we-learn-a-continuous-learning-forum-from-welingkars-distance-learning-program
Post on 20-Jan-2015
644 views
DESCRIPTION
In this presentation, we will discuss about the security requirement in an e-business, related challenges, risk assessment and threats. We will also talk about the concept of encryption and decryption. To know more about Welingkar School’s Distance Learning Program and courses offered, visit: http://www.welingkaronline.org/distance-learning/online-mba.htmlTRANSCRIPT
Security requirements in E-business-overview
security
catchy word for marketing, products vendor, consultant, and consumers of IT
enterprise
needs to be focused in the area of its core competence
Information technology has become the key enabler to an enterprise to meet this challenge
implement an IT governance model within the enterprise
protecting an enterprise information
• stored
• maintained
• monitored
• updated
• transmitted
• weeded using this technology
new challenges
• information theft • electronic frauds • cyber vandalism • legal charges or litigation.
study the information security assurance requirements from the
enterprise perspective
road map
understand how to develop a road map that fit the need for all its stakeholders namely
• shareholders • employees • vendors • customers • regulatory bodies.
Chief security officers
accountable for expenditures should recognize that “information security” is not part of IT infrastructure
Information securityThis includes• Policy• Process• Procedure• Measure• metric
Security life cycle
Risk assessment
• identification and design of IT controls• implementation• use of metrics to measure• monitor and report • bring in changes to protect the enterprise IT
infrastructure.
security threats
There are security threats in India which rank 63 with an attack rate of 1781 attacks per 1,00,000 internet users.
categories of threats• Malicious software • spooling • scanning • snooping • scavenging• spamming• tunneling• malfunction • human error• physical environment
Information harvesting
Technique of without actually breaking into a system, some remotely accessible programs can be exploited to return information that was meant to be available
Denial of service
attacks are commonly launched from one or more points on the internet that are external to the victim own system or network.
Causes of DOS attacks
• TCP floods• ICMP echo• UDP floods• Source IP address• Source destination ports• Other IP header values
ways of propagation
• Central source propagation• Back chaining propagation• Autonomous propagation
Virus, worms and Trojan horses
malicious programs that can damage to your computer and information on your computer
Concept of encryption & decryption
Encryption algorithm
Decryptionalgorithm
Network
Sending device
Receiving device
They can slow down the internet and might even use your computer to
spread themselves to your friends, family ,co-workers and test of the
web.
virus
piece of computer code that attaches itself to a program or file so it can spread from computer to computer, infecting as it travels.
worm
designed to copy itself from one computer to another , but it automatically by taking control of features on the computer that can transport files or information.
Trojan horse
computer programs that appear to be useful software but affect security and cause lot of damage
“Like” us on Facebook: http://www.facebook.com/welearnindia p // /
“Follow” us on Twitter:http://twitter com/WeLearnIndiahttp://twitter.com/WeLearnIndia
Watch informative videos on Youtube: http://www.youtube.com/WelingkarDLP