E Commerce security

E-Commerce Security
Challenges to Security
 Internet was never designed with security in mind.
 Many companies fail to take adequate measures to protect their internal systems from attacks.
 Security precautions are expensive {firewalls, secure web servers, encryption mechanisms}.
 Security is difficult to achieve.
Two Major Developments During the Past Decade:
1. Widespread Computerization
2. Growing Networking and Internetworking
The Internet
 Need for Automated Tools for Protecting Files and Other Information.
 Network and Internetwork Security refer to measures needed to protect data during its transmission from one
computer to another in a network or from one network to another in an internetwork.
 Network security is complex. Some reasons are:
 Requirements for security services are:


Confidentiality



Authentication



Integrity

 Key Management is difficult.


Creation, Distribution, and Protection of Key information calls for the need for secure services, the same services
that they are trying to provide.

Security Issues
Security concerns generally include the following issues:
•

Confidentiality:
–
–

Ensuring that information in the network remains private.

–
•

Knowing who can read data.

This is done via encryption.

Identification and Authentication:
–

•

Making sure that message sender or principal are authentic.

Availability
–

System resources are safeguarded from tampering and are available for authorized users at the time and in
the format needed

Made by: Mayank Kashyap

Email: mayank_kashyap@ymail.com

•

Integrity:
–

•

Access Control:
–

•

Ensuring that principal cannot deny that they sent the message.

Privacy
–

•

Restricting the use of resources to authorized principals.

Nonrepudiation:
–

•

Making sure that information is not accidental or maliciously altered or corrupted in transit.

Individual rights to nondisclosure

Firewalls:
–

A filter between corporate network and the Internet to secure corporate information and files from intruders
but allowing access to authorized principals.

Threats and Attacks
 Unauthorized access
 Loss of message confidentiality or integrity
 User Identification
 Access Control
 The bigger the system, the safer it is


MVS mainframe users (5%)



UNIX users (25%)



Desktop(windows) users (50%)

 nontechnical attack
An attack that uses chicanery to trick people into revealing sensitive information or performing actions that
compromise the security of a network
 social engineering
A type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action
that compromises a computer or network
•

Fraud:
–
–

•

Resulting in direct financial loss.
Funds might be transferred from one account to another, or financial records might simply be destroyed.

Theft:
–

Theft of confidential, proprietary, technological, or marketing information belonging to the firm or to the
customer.



–

•

Disruption:
–

•

An intruder may disclose such information to a third party, resulting in damage to a key customer, a client, or
the firm itself.

Disruption of service resulting in major losses to business or inconvenience to the customer.

Fear that credit card
information will be stolen deters online purchases
Hackers target credit card files and other customer information files on merchant servers; use stolen data to
establish credit under false identity
One solution: New identity verification mechanisms

 technical attack
An attack perpetrated using software and systems knowledge or expertise
 time-to-exploitation
 The elapsed time between when a vulnerability is discovered and the time it is exploited
 SpywareGuideA public reference site for spyware
 zero-day incidents
Attacks through previously unknown weaknesses in their computer networks
 denial of service (DOS) attack
An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target
computer with the aim of overloading its resources
 Web server and Web page hijacking
 botnet
A huge number (e.g., hundreds of thousands) of hijacked Internet computers that have been set up to forward
traffic, including spam and viruses, to other computers on the Internet
 malware
A generic term for malicious software
 virus
A piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it
requires that its host program be run to activate it
 worm
A software program that runs independently, consuming the resources of its host in order to maintain itself, that is
capable of propagating a complete working version of itself onto another machine
 macro virus (macro worm)


A virus or worm that executes when the application object that contains the macro is opened or a particular
procedure is executed
 Trojan horse
A program that appears to have a useful function but that contains a hidden function that presents a security risk
 Trojan-Phisher-Rebery
A new variant of a Trojan program that stole tens of thousands of stolen identities from 125 countries that the
victims believed were collected by a legitimate company
 banking Trojan
A Trojan that comes to life when computer owners visit one of a number of online banking or e-commerce sites
 rootkit
A special Trojan horse program that modifies existing operating system software so that an intruder can hide the
presence of the Trojan program
•

Bad applets (malicious mobile code)–

•

malicious Java applets or ActiveX controls that may be downloaded onto client and activated merely by
surfing to a Web site

Zombied PC’s - A zombie computer (often shortened as zombie) is a computer connected to the Internet that has
been compromised by a hacker, computer virus or Trojan horse.

Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks of one
sort or another under remote direction. Most owners of zombie computers are unaware that their system is being used
in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies.
•

Phishing - is the criminally fraudulent process of attempting to acquire sensitive information such as usernames,
passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
–

–

•

Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a
fake website whose look and feel are almost identical to the legitimate one.
Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of
current web security technologies.

Sniffing:
–

•

type of eavesdropping program that monitors information traveling over a network; enables hackers to steal
proprietary information from anywhere on a network

Spoofing:
–

Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else

Encryption
The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an
unauthorized person to unscramble (decrypt) it
 plaintext
An unencrypted message in human-readable form


 ciphertext
 A plaintext message after it has been encrypted into a machine-readable form

 encryption algorithm
The mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa
In cryptography, encryption is the process of encoding messages (or information) in such a way that eavesdroppers or
hackers cannot read it, but that authorized parties can.[1]:374 In anencryption scheme, the message or information (referred
to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.). This is usually
done with the use of an encryption key, which specifies how the message is to be encoded. Any adversary that can see the
ciphertext should not be able to determine anything about the original message. An authorized party, however, is able to
decode the ciphertext using a decryption algorithm, that usually requires a secret decryption key, that adversaries do not
have access to. For technical reasons, an encryption scheme usually needs a key-generation algorithm to randomly produce
keys.
Types of Encryption Algorithms
 Symmetric


DES

( Digital Encryption Standard)

 Asymmetric ( Public Key Cryptography)


RSA

(Rivest Shamir Adleman)

There are two basic types of encryption schemes: Symmetric-key and public-key encryption.[1]:375-376 In symmetric-key
schemes, the encryption and decryption keys are the same. Thus communicating parties must agree on a secret key before
they wish to communicate. In public-key schemes, the encryption key is published for anyone to use and encrypt messages.
However, only the receiving party has access to the decryption key and is capable of reading the encrypted
messages.[2] Public-key encryption is a relatively recent invention: historically, all encryption schemes have been symmetrickey (also called private-key) schemes.[1]:4



Cryptography
is the practice and study of techniques for secure communication in the presence of third parties (called adversaries).[2]More
generally, it is about constructing and analyzing protocols that overcome the influence of adversaries[3] and which are related
to various aspects in information security such as data confidentiality, data integrity, authentication, and nonrepudiation.[4] Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering.
Applications of cryptography include ATM cards, computer passwords, and electronic commerce.
Cryptography prior to the modern age was effectively synonymous with encryption, the conversion of information from a
readable state to apparent nonsense. The originator of an encrypted message shared the decoding technique needed to
recover the original information only with intended recipients, thereby precluding unwanted persons to do the same

The modern field of cryptography can be divided into several areas of study
Types of Cryptography
There are two main types of cryptography:


Secret key cryptography



Public key cryptography

In cryptographic systems, the term key refers to a numerical value used by an algorithm to alter information, making that
information secure and visible only to individuals who have the corresponding key to recover the information.
Secret key cryptography is also known as symmetric key cryptography. With this type of cryptography, both the sender and
the receiver know the same secret code, called the key. Messages are encrypted by the sender using the key and decrypted
by the receiver using the same key. Symmetric-key cryptography refers to encryption methods in which both the sender and
receiver share the same key (or, less commonly, in which their keys are different, but related in an easily computable way).
This was the only kind of encryption publicly known until June 1976.
This method works well if you are communicating with only a limited number of people, but it becomes impractical to
exchange secret keys with large numbers of people. In addition, there is also the problem of how you communicate the
secret key securely.
Public key cryptography, also called asymmetric encryption, uses a pair of keys for encryption and decryption. With public key
cryptography, keys work in pairs of matched public and private keys.
The public key can be freely distributed without compromising the private key, which must be kept secret by its owner.
Because these keys work only as a pair, encryption initiated with the public key can be decrypted only with the corresponding
private key. The following example illustrates how public key cryptography works:


Ann wants to communicate secretly with Bill. Ann encrypts her message using Bill’s public key (which Bill made
available to everyone) and Ann sends the scrambled message to Bill.



When Bill receives the message, he uses his private key to unscramble the message so that he can read it.





When Bill sends a reply to Ann, he scrambles the message using Ann’s public key.



When Ann receives Bill’s reply, she uses her private key to unscramble his message.

The major advantage asymmetric encryption offers over symmetric key cryptography is that senders and receivers do not
have to communicate keys up front. Provided the private key is kept secret, confidential communication is possible using the
public keys.

Cryptanalysis
The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, thus permitting its subversion or
evasion

PUBLIC KEY AND PRIVATE KEY
Public-key cryptography refers to a cryptographic system requiring two separate keys, one of which is secret and one of
which is public. Although different, the two parts of the key pair are mathematically linked. One key locks or encrypts the
plaintext, and the other unlocks or decrypts the ciphertext. Neither key can perform both functions by itself. The public key
may be published without compromising security, while the private key must not be revealed to anyone not authorized to
read the messages.

here are three primary kinds of public key systems:
public key distribution systems
digital signature systems
public key cryptosystems( which can perform both public key distribution and digital signature services)

How it works
The distinguishing technique used in public-key cryptography is the use of asymmetric key algorithms, where the key used to
encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic keys – a public
encryption key and a private decryption key. The publicly available encrypting-key is widely distributed, while the private
decrypting-key is known only to its proprietor. The keys are related mathematically, but the parameters are chosen so that
calculating the private key from the public key is either impossible or prohibitively expensive. Because the key pair is



mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and
vice versa.
For example, if Bob wants to send sensitive data to Alice, and wants to be sure that only Alice may be able to read it, he will
encrypt the data with Alice's Public Key. Only Alice has access to her corresponding Private Key and as a result is the only
person with the capability of decrypting the encrypted data back into its original form.

As only Alice has access to her Private Key, it is possible that only Alice can decrypt the encrypted data. Even if someone else
gains access to the encrypted data, it will remain confidential as they should not have access to Alice's Private Key.

DIGITAL SIGNATURE
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known
sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the
message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial
transactions, and in other cases where it is important to detect forgery or tampering.
Digital signatures employ a type of asymmetric cryptography. For messages sent through a nonsecure channel, a properly
implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital
signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures
are more difficult to forge than the handwritten type.
PROCESS



Uses of digital signatures
Authentication
For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an
account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a
request could be a grave mistake.
Integrity
If a message is digitally signed, any change in the message after signature will invalidate the signature.
Non-repudiation
By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to
the public key only does not enable a fraudulent party to fake a valid signature.


DIGITAL CERTIFICATE
In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document
that uses a digital signature to bind a public key with an identity — information such as the name of a person or an
organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
 Issued by trusted third parties known as Certificate Authorities (CAs)
 Used to authenticate an individual or an organization
 Digital Certificates are usually given for a period of one year
 They can be revoked
 It is given at various security levels.
 Digital Certificates can be issued by any one as long as there are people willing to believe them.
 Digital Certificates are part of the authentication mechanism. The other part is Digital Signature.
 For ex.digital certificates in mobile applications
Contents of a typical digital certificate
Serial Number: Used to uniquely identify the certificate.
Subject: The person, or entity identified.
Signature Algorithm: The algorithm used to create the signature.
Signature: The actual signature to verify that it came from the issuer.
Issuer: The entity that verified the information and issued the certificate.
Valid-From: The date the certificate is first valid from.
Valid-To: The expiration date.
Key-Usage: Purpose of the public key (e.g. encipherment, signature, certificate signing...).
Public Key: The public key.
Thumbprint Algorithm: The algorithm used to hash the public key certificate.
Thumbprint: The hash itself, used as an abbreviated form of the public key certificate.

Difference between digital certificate and digital signature
A digital signature is used to verify a message's authenticity. It is basically an encrypted hash of the message (message
digest). The recipient can check if the message was tampered with by hashing the received message and comparing this value
with the decrypted signature. To decrypt the signature, the corresponding public key is required.
A digital certificate is used to bind public keys to persons or other entities. If there were no certificates, the signature could
be easily be forged, as the recipient could not check if the public key belongs to the sender. Thus, digital certificate is used to
verify public key's authenticity.



The Hypertext Transfer Protocol (HTTP)
is an application protocol for distributed, collaborative, hypermedia information systems.[1] HTTP is the foundation of data
communication for the World Wide Web.
Hypertext is a multi-linear set of objects, building a network by using logical links (the so-called hyperlinks) between the
nodes (e.g. text or words). HTTP is the protocol to exchange or transfer hypertext.
HTTP Secure
Hypertext Transfer Protocol Secure (HTTPS) is a communications protocol for secure communication over a computer
network, with especially wide deployment on the Internet. Technically, it is not a protocol in and of itself; rather, it is the
result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security
capabilities of SSL/TLS to standard HTTP communications.
In its popular deployment on the internet, HTTPS provides authentication of the web site and associated web server that one
is communicating with, which protects against man-in-the-middle attacks. Additionally, it provides bidirectional encryption of
communications between a client and server, which protects against eavesdropping and tampering with and/or forging the
contents of the communication.[1] In practice, this provides a reasonable guarantee that one is communicating with precisely
the web site that one intended to communicate with (as opposed to an imposter), as well as ensuring that the contents of
communications between the user and site cannot be read or forged by any third party.

•

It is a protocol used to secure web transactions

•

HTTP is a request response communication mechanism between a web browser and a web server.

•

Do not confuse between the two- HTTPS and S-HTTP

•

Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS
protocol to provide encrypted communication and secure identification of a network web server.

•

HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in
corporate information systems.

•

HTTPS and S-HTTP were both defined in the mid-1990s to address this need. Netscape and Microsoft supported
HTTPS rather than S-HTTP, leading to HTTPS becoming the de facto standard mechanism for securing web
communications.

•

It provides:
•

Confidentiality

•

Authenticity

•

Integrity

•

Ensures nonrepudiation

•

It is more robust that SSL

•

But is not widely popular because of Netscape market penetration.

•

It is compatible with HTTP and can integrate with HTTP applications.

•

It allows client machine and server machine to communicate easily through encrypted data exchange over Internet



•

It supports only symmetric key cryptography and does not require digital certificates or public key.

•

As it operates on application layer, it provides user authentication and is capable of securing only parts of
documents.

Difference from HTTP
HTTPS URLs begin with "https://" and use port 443 by default, whereas HTTP URLs begin with "http://" and use port 80 by
default.
HTTP is insecure and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to
website accounts and sensitive information. HTTPS is designed to withstand such attacks and is considered secure against
such attacks (with the exception of older deprecated versions of SSL).
HTTPS is typically slower than HTTP. When large amounts of data are processing over a port performance differences
become evident.
 Secure Socket Layer (SSL)
The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the
Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer
located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is
included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL
also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard
until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back
and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the
public-and-private key encryption system from RSA, which also includes the use of a digital certificate.
Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or
confidentiality.
SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control
Protocol (TCP) layers.
The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a
server program in a network or between program layers in the same computer.
•

It is a key protocol for secure Web transactions.

•

Secures data packets at the network layer.

•

Originally it was developed by Netscape.

•

Now it is widely used as a standard for encrypting data on the Internet.

•

It is used by all Netscape’s browser products and Microsoft Internet Explorer 3.0 or higher versions.

•

One requirement for using SSL is that both merchant’s web server and customer’s web browser must use the same
security system.

•

Advantage of this protocol is that as it is used by all URLs beginning with http, no problem arise in interfacing online.

•

It provides three basic services:
•

Server authentication

•

Client authentication

•

Encrypted SSL connection



•

SSL server authentication uses public key cryptography to validate the server’s digital signature.

•

Similarly public key cryptography is used to validate client’s machine.

•

It allows client and server to select an encryption algorithm for secure connection.

•

The key to this algorithm is transmitted using public key cryptography.

•

Communication is performed using secret key.

 FIREWALLS
 firewall
A single point between two or more networks where all traffic must pass (choke point); the device authenticates,
controls, and logs all traffic. In computing, a firewall is software or hardware-based network security system that controls the
incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed
through or not, based on a rule set. A network's firewall builds a bridge between the internal network or computer it
protects, upon securing that the other network is secure and trusted, usually an external (inter)network, such as the Internet,
that is not assumed to be secure and trusted.[1]
Many personal computer operating systems include software-based firewalls to protect against threats from the public
Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can
perform basic routing functions

 Firewalls can be designed to protect against:
 Remote login
 Application backdoors
 SMTP session hijacking
 Macros
 Viruses
 Spam
There are different types of firewalls depending on where the communication is taking place
Network layer or packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing
packets to pass through the firewall unless they match the established rule set
Application-layer



Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic),
and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without
acknowledgment to the sender).
On inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked computer
worms and trojans. The additional inspection criteria can add extra latency to the forwarding of packets to their destination.
Proxies
A proxy server (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by
responding to input packets (connection requests, for example) in the manner of an application, while blocking other
packets. A proxy server is a gateway from one network to another for a specific network application, in the sense that it
functions as a proxy on behalf of the network user
Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly
have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such functionality to hide the true
address of protected hosts
 personal firewall
A network node designed to protect an individual user’s desktop system from the public network by monitoring all
the traffic that passes through the computer’s network interface card
A personal firewall differs from a conventional firewall in terms of scale. A personal firewall will usually protect only the
computer on which it is installed, as compared to a conventional firewall which is normally installed on a designated interface
between two or more networks, such as a router or proxy server. Hence, personal firewalls allow a security policy to be
defined for individual computers, whereas a conventional firewall controls the policy between the networks that it connects.
Features
Common personal firewall features:


Protects the user from unwanted incoming connection attempts



Allows the user to control which programs can and cannot access the local network and/or Internet and provide the
user with information about an application that makes a connection attempt



Block or alert the user about outgoing connection attempts



Hide the computer from port scans by not responding to unsolicited network traffic



Monitor applications that are listening for incoming connections



Monitor and regulate all incoming and outgoing Internet users



Prevent unwanted network traffic from locally installed applications



Provide information about the destination server with which an application is attempting to communicate

Limitations


If the system has been compromised by malware, spyware or similar software, these programs can also manipulate the
firewall, because both are running on the same system. It may be possible to bypass or even completely shut down
software firewalls in such a manner.



The alerts generated can possibly desensitize users to alerts by warning the user of actions that may not be malicious.



Software firewalls that interface with the operating system or with other firewalls or security software at the kernel mode
level may potentially cause instability and/or introduce security flaws



Intrusion detection system
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for
malicious activities or policy violations and produces reports to a management station. Some systems may attempt to stop an
intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention
systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting
attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies,
documenting existing threats and deterring individuals from violating security policies. IDPSes have become a necessary
addition to the security infrastructure of nearly every organization.[1]
IDPSes typically record information related to observed events, notify security administrators of important observed events
and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from succeeding. They
use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g.
reconfiguring a firewall) or changing the attack's content.

All Intrusion Detection Systems use one of two detection techniques:
Statistical anomaly-based IDS
A statistical anomaly-based IDS determines normal network activity like what sort of bandwidth is generally used, what
protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic
is detected which is anomalous(not normal).
Signature-based IDS
Signature based IDS monitors packets in the Network and compares with pre-configured and pre-determined attack patterns
known as signatures.
Limitations


Noise can severely limit an Intrusion detection system's effectiveness. Bad packets generated from software bugs,
corrupt DNS data, and local packets that escaped can create a significantly high false-alarm rate.[5]



It is not uncommon for the number of real attacks to be far below the false-alarm rate. Real attacks are often so far
below the false-alarm rate that they are often missed and ignored.[5]



Many attacks are geared for specific versions of software that are usually outdated. A constantly changing library of
signatures is needed to mitigate threats. Outdated signature databases can leave the IDS vulnerable to new
strategies.[5]





For signature-based IDSs there will be lag between the new threat discovered and signature being applied in IDS for
detecting the threat. During this lag time the IDS will be unable to identify the threat

Virtual private network (VPN)
A network that uses the public Internet to carry information but remains private by using encryption to scramble the
communications, authentication to ensure that information has not been tampered with, and access control to verify the
identity of anyone using the network. A virtual private network (VPN) extends a private network across public networks like
the Internet. It enables a host computer to send and receive data across shared or public networks as if they were an integral
part of the private network with all the functionality, security and management policies of the private network.[1] This is done
by establishing a virtual point-to-pointconnection through the use of dedicated connections, encryption, or a combination of
the two.
The VPN connection across the Internet is technically a wide area network (WAN) link between the sites. From a user
perspective, the extended network resources are accessed in the same way as resources available from the private
network—hence the name "virtual private network

Security mechanisms
To prevent disclosure of private information, VPNs typically allow only authenticated remote access and make use of
encryption techniques.
VPNs provide security by the use of tunneling protocols and through security procedures[7] such as encryption. The VPN
security model provides:


confidentiality such that even if the network traffic is sniffed at the packet level (see network sniffer and Deep packet
inspection), an attacker would only see encrypted data



sender authentication to prevent unauthorized users from accessing the VPN.



message integrity to detect any instances of tampering with transmitted messages

Public-key infrastructure



A public-key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage,
distribute, use, store, and revoke digital certificates.[1]
In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate
authority (CA). The user identity must be unique within each CA domain. The third-party Validation Authority (VA) can
provide this information on behalf of CA. The binding is established through the registration and issuance process, which,
depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision.
The PKI role that assures this binding is called the Registration Authority (RA). The RA ensures that the public key is bound to
the individual to which it is assigned in a way that ensures non-repudiation
Public-key cryptography is a cryptographic technique that enables users to securely communicate on an insecure public
network, and reliably verify the identity of a user via digital signatures.[2]
A public-key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to
verify that a particular public key belongs to a certain entity. The PKI creates digital certificates which map public keys to
entities, securely stores these certificates in a central repository, and revokes them if needed.[3][4][5]
A PKI consists of:[4][6][7]


A certificate authority (CA) that both issues and verifies the digital certificates.



A registration authority which verifies the identity of users requesting information from the CA



A central directory—i.e. a secure location in which to store and index keys.



A certificate management system[clarification needed]



A certificate policy

Broadly speaking, there are three approaches to getting this trust: certificate authorities (CAs), web of trust (WoT), and
simple public-key infrastructure (SPKI).
Advantages


Improving business processes by enabling time optimization, managing errors and reducing costs.



Improving client and user satisfaction, enabling communications from anywhere and at any time.



The Administration must specially assure its procedures, which means that the security mechanisms used should
offer a high trust level.



Electronic Administration significantly improves citizen service levels, thus increasing citizen satisfaction.

One of the key benefits of PKI technology is the business process optimization, guaranteeing the security of electronic data
and eliminating physical paper needs. Here are some examples:





In the health sector scenario, data access control and data protection are essential for supplying information
concerning a patient’s health record, which is confidential. Electronic signatures will also be applied to electronic
prescriptions, improving the security of the current prescription system and optimizing the process.



In the banking scenario, digital certificates are required to control clients’ access to their banking accounts and to
digitally sign transaction orders. In this scenario, secure validation of the digital certificate prior to accepting the
transaction will be increasingly important the greater the transactional sum.



In the defence sector, data confidentiality and authenticity is particularly important. Stored data, e-mail messages
and communications are encrypted with strong encryption algorithms and keys.

a. What is firewall? What is the purpose of firewall? How do we implement firewall? What are the various types of
firewall?
Ans. A firewall is a device (usually a router or a computer) installed between the internal network of an organization and the
rest of the Internet. It is designed to forward some packets and filter (not forward) others. A firewall can be used to deny
access to a specific host or a specific service in the organization. A firewall is usually classified as a packet-filter firewall or a
proxy-based firewall.
A firewall is a security device that can be a software program or a dedicated network appliance. The main purpose of a
firewall is to separate a secure area from a less secure area and to control communications between the two. Firewalls can
perform a variety of other functions, but are chiefly responsible for controlling inbound and outbound communications on
anything from a single machine to an entire network.

Types of Firewall:
1. Packet-Filter Firewall
a. A firewall can be used as a packet filter.
b. It can forward or block packets based on the information in the network layer and transport layer headers.
c. A packet-filter firewall is a router that uses a filtering table to decide which packets must be discarded (not
forwarded).
d. A packet filter firewall filters at the network or transport layer.
2. Proxy Firewall
a. Sometimes we need to filter a message based on the information available in the message itself (at the application
layer). E.g. Organization allowing access only to customers having business relations.
a. In this case testing must be done at the application level (using URLs).


b. One solution is to install a proxy computer (sometimes called an application gateway),which stands between the
customer (user client) computer and the corporation computer.
c. A proxy firewall filters at the application layer.
Conceptually, the usage of firewalls at:
1.
Network layer
2.
Application layer
They are not as different as you might think, and latest technologies are blurring the distinction to the point where it's no
longer clear if either one is ``better'' or ``worse.'' As always, you need to be careful to pick the type that meets your needs.
This is which depends on what mechanisms the firewall uses to pass traffic from one security zone to another. The
International Standards Organization (ISO) Open Systems Interconnect (OSI) model for networking defines seven layers,
where each layer provides services that ``higher-level'' layers depend on. In order from the bottom, these layers are physical,
data link, network, transport, session, presentation, application.
The important thing to recognize is that the lower-level the forwarding mechanism, the less examination the firewall can
perform. Generally speaking, lower-level firewalls are faster, but are easier to fool into doing the wrong thing.
3.2.1 Network layer firewalls
These generally make their decisions based on the source, destination addresses and ports (see Appendix C for a more
detailed discussion of ports) in individual IP packets. A simple router is the ``traditional'' network layer firewall, since it is not
able to make particularly sophisticated decisions about what a packet is actually talking to or where it actually came from.
Modern network layer firewalls have become increasingly sophisticated, and now maintain internal information about the
state of connections passing through them, the contents of some of the data streams, and so on. One thing that's an
important distinction about many network layer firewalls is that they route traffic directly though them, so to use one you
either need to have a validly assigned IP address block or to use a ``private internet'' address block [3]. Network layer
firewalls tend to be very fast and tend to be very transparent to users.

Figure 1: Screened Host Firewall



In Figure 1, a network layer firewall called a ``screened host firewall'' is represented. In a screened host firewall, access to and
from a single host is controlled by means of a router operating at a network layer. The single host is a bastion host; a highlydefended and secured strong-point that (hopefully) can resist attack.
Figure 2: Screened Subnet Firewall

Example Network layer firewall : In figure 2, a network layer firewall called a ``screened subnet firewall'' is represented. In a
screened subnet firewall, access to and from a whole network is controlled by means of a router operating at a network
layer. It is similar to a screened host, except that it is, effectively, a network of screened hosts.
3.2.2 Application layer firewalls
These generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform
elaborate logging and auditing of traffic passing through them. Since the proxy applications are software components
running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as
network address translators, since traffic goes in one ``side'' and out the other, after having passed through an application
that effectively masks the origin of the initiating connection. Having an application in the way in some cases may impact
performance and may make the firewall less transparent. Early application layer firewalls such as those built using the TIS
firewall toolkit, are not particularly transparent to end users and may require some training. Modern application layer
firewalls are often fully transparent. Application layer firewalls tend to provide more detailed audit reports and tend to
enforce more conservative security models than network layer firewalls.
Figure 3: Dual Homed Gateway



Example Application layer firewall : In figure 3, an application layer firewall called a ``dual homed gateway'' is represented. A
dual homed gateway is a highly secured host that runs proxy software. It has two network interfaces, one on each network,
and blocks all traffic passing through it.
The Future of firewalls lies someplace between network layer firewalls and application layer firewalls. It is likely that network
layer firewalls will become increasingly ``aware'' of the information going through them, and application layer firewalls will
become increasingly ``low level'' and transparent. The end result will be a fast packet-screening system that logs and audits
data as it passes through. Increasingly, firewalls (network and application layer) incorporate encryption so that they may
protect traffic passing between them over the Internet. Firewalls with end-to-end encryption can be used by organizations
with multiple points of Internet connectivity to use the Internet as a ``private backbone'' without worrying about their data
or passwords being sniffed.

b. Why do we need VPN even if there are other options provided such as “setting up own network” or “opting for
lease lines”. Explain with reasons.

VPN is a group of computers (or discrete networks) networked together through over a public network—namely, the
internet. Businesses use VPNs to connect remote datacenters, and individuals can use VPNs to get access to network
resources when they're not physically on the same LAN (local area network), or as a method for securing and encrypting their
communications when they're using an un-trusted public network.


When you connect to a VPN, you usually launch a VPN client on your computer (or click a link on a special website), log in
with your credentials, and your computer exchanges trusted keys with a far away server. Once both computers have verified
each other as authentic, all of your internet communication is encrypted and secured from eavesdropping.
The most important thing you need to know about a VPN: It secures your computer's internet connection to guarantee that
all of the data you're sending and receiving is encrypted and secured from prying eyes.
Whether the VPNs you're familiar with are the ones offered by your school or business to help you work or stay connected
when you're traveling or the ones you pay to get you watch your favorite shows in another country as they air, they're all
doing the same thing.
Benefits for using VPN:
A VPN alone is just a way to bolster your security and access resources on a network that are not physically connected to.
VPN users fall into a few separate categories:


The student/worker. This person has responsibilities to attend to, and uses a VPN provided by their school or
company to access resources on their network when they're at home or traveling. In most cases, this person already
has a free VPN service provided to them, so they're not exactly shopping around. Also, if they're worried about
security, they can always fire up their VPN when using airport or cafe WI-Fi to ensure no one's snooping on their
connection



The downloader. Whether they're downloading legally or illegally, this person doesn't want on some company's
witch-hunt list just because they have a torrent application installed on their computer. VPNs are the only way to
stay safe when using something like BitTorrent



The privacy minded and security advocate. Whether they're a in a strictly monitored environment or a completely
free and open one, this person uses VPN services to keep their communications secure and encrypted and away from
prying eyes whether they're at home or abroad. To them, unsecured connections mean someone's reading what you
say.



The globetrotter. The person wants to check out their favorite TV shows as they air instead of waiting for
translations or re-broadcasts (or watch the versions aired in other countries,) listen to location-restricted streaming
internet radio, or want to use a new web service or application that looks great but for some reason is limited to a
specific country or region.



Some combination of the above. Odds are, even if you're not one of these people more often than not, you're some
mix of them depending on what you're doing. In all of these cases, a VPN service can be helpful, whether it's just a
matter of protecting yourself when you're out and about, whether you handle sensitive data for your job and don't
want to get fired, or you're just covering your own ass from the MPAA.



E Commerce security

More Related Content

E Commerce security