securityissuesine-business-140611022943-phpapp01.pptx

7/21/2019 securityissuesine-business-140611022943-phpapp01.pptx

1/30

E-Business Issues In Cyberspace

Presented By:-

Rahul Kumar

Preeti Sachdeva


2/30

Security

To protect data from unauthorised access and virus(malicious code & trojan horse).


3/30

Basic Security Issues

Authentication Authorisation

Confidentiality

Integrity

Non repudiation


4/30

Authentication

The process by hich one entity can verifies thatanother entity is ho.


5/30

Authorisation

The process that ensures that the person has theright to access certain resources.


6/30

Confidentiality

!eeping private or sensitive information from beingdisclosed to unauthorised individuals" entities or

processes.


7/30

Interity

The ability to protect data from being altered ordestroyed by unauthorised access or accidental

manner.


8/30

!on Repudiation

The ability to limit parties from refusing thatlegitimate transaction too# place" usually by means

of a signature.


9/30

"ypes of Security "hreats

$enial of %ervice nauthori'ed Access

Theft and raud


10/30

#enial of Service

To primary types of $% attac#s* %pamming

+iruses


11/30

Spammin

%ending unsolicited commercial emails to individuals ,-mail bombing caused by a hac#er targeting one

computer or netor#" and sending thousands of

email messages to it.

%urfing involves hac#ers placing softare agents

onto a third-party system and setting it off to send

reuests to an intended target.

$$% (distributed denial of service attac#s) involves

hac#ers placing softare agents onto a number of

third-party systems and setting them off to

simultaneously send reuests to an intended target


12/30

$iruses

Self-replicating computer programsdesigned to perform unwanted events.


13/30

%nauthori&ed Access

Illegal access to systems" applications or data

/assive unauthori'ed access 0listening to communications channel for

finding secrets. 1ay use content for damaging purposes

Active unauthori'ed access

1odifying system or data

1essage stream modification

Changes intent of messages" e.g." to abort or delay a negotiation on a

contract

1asuerading or spoofing 0sending a message that appears to be from

someone else. Impersonating another user at the 2name (changing the rom field) or I/

levels (changing the source and3or destination I/ address of pac#ets in the

netor#)

%niffers0softare that illegally access data traversing across the netor#.

%oftare and operating systems4 security holes


14/30

"heft and 'raud

raud occurs hen the stolen data is used or modified.

Theft of softare via illegal copying from company4s servers.

Theft of hardare" specifically laptops.


15/30


16/30

Encryption

The process of scrambling a message in such a ay

that it is difficult" e8pecting or time consuming for

an unauthorised person to unscramble (decrypt) it.


17/30

#ecryption

The process of unscrambling a message in such a

ay that it is understand by authorised person.


18/30

Cryptoraphy

It is the process of encryption and decryption of

message or data by using different algorithms or

softare9s.


19/30


20/30

Virtual Private Network

A netor# that uses the public internet to carry

information but remains private by using encryption

to scramble the communications" authentication to

ensure that information has not to been tampered

ith" and access control to verify the identity ofanyone using the netor#.


21/30


22/30

(ate)ay

5ateay provide a secure ay to do online transactions i.e.

payment of various orders.


23/30

Biometric System

Authentication systems that identify a person by

measurement of a biological characteristics.

There are various types of biometrics systems*-

:. /hysiological 6iometrics

;. 6ehavioural 6iometrics

. +oice %canning

?. !eystro#e 1onitoring


24/30

#iital Sinature

An identifying code that can be used to authenticate

the identity of the sender of a document.


25/30

#iital Certificate

A method for verification that the holder of a public

or a private #ey is ho he or she claim to be.


26/30

Secure Soc*et +ayer

/rotocol that utili'es standard certificate for

authentication and data encryption to ensyre privacy

or confidentiality.


27/30

"ransaction +ayer Security

It or# same as %ecure %oc#et 7ayer (%%7) and it is

another name of %%7 after :@@?.


28/30


29/30


30/30

ThankYou

securityissuesine-business-140611022943-phpapp01.pptx

Documents