This document discusses web security requirements for e-commerce. It outlines threats like intellectual property theft, client computer vulnerabilities, insecure communication channels, and server exploits. It then explains the security triad of confidentiality, integrity and availability. Various methods to ensure each are described, including passwords, encryption, access controls and system updates. Network security and firewall types like packet filtering, application proxies and network address translation are also summarized. The document concludes by noting limitations of solely focusing on the security triad and importance of balancing all aspects of security.
4. Confidentiality
Ensures that data or an information system
is accessed by only an authorized person.
User Id’s and passwords, access control
lists (ACL) and policy based security are
some of the methods through which
confidentiality is achieved
5. Integrity
Integrity assures that the data or
information system can be trusted. Ensures
that it is edited by only authorized persons
and remains in its original state when at
rest. Data encryption and hashing
algorithms are key processes in providing
integrity
6. Availability
Data and information systems are
available when required. Hardware
maintenance, software
patching/upgrading and network
optimization ensures availability
7. NETWORK SECURITY
Network security consists of the provisions
and policies adopted by a network administrator to
prevent and monitor unauthorized access, misuse,
modification, or denial of a computer network and
network-accessible resources. Network security
involves the authorization of access to data in a
network, which is controlled by the network
administrator. Users choose or are assigned an ID and
password or other authenticating information that
allows them access to information and programs
within their authority. Network security covers a
variety of computer networks, both public and
private, that are used in everyday jobs conducting
transactions and communications among businesses,
government agencies and individuals.
8. FIREWALLS
A firewall is
a hardware or software system
that prevents unauthorized
access to or from a network.
They can be implemented in
both hardware and software,
or a combination of both.
Firewalls are frequently used to
prevent unauthorized Internet
users from accessing private
networks connected to the
Internet. All data entering or
leaving the Intranet pass
through the firewall, which
examines each packet and
blocks those that do not meet
the specified security criteria.
Types of firewall:-
Network layer or
packet filters
Application-layer
Proxies
Network address
translation
9. Network layer or packet filters
Network layer firewalls generally make their
decisions based on the source
address, destination address and ports in
individual IP packets. A simple router is the
traditional network layer firewall, since it is not
able to make particularly complicated
decisions about what a packet is actually
talking to or where it actually came from.
Modern network layer firewalls have become
increasingly more sophisticated, and now
maintain internal information about the state of
connections passing through them at any time.
10. Application-layer
Application layer firewalls defined, are hosts
running proxy servers, which permit no traffic
directly between networks, and they perform
elaborate logging and examination of traffic
passing through them. Since proxy applications
are simply software running on the firewall, it is a
good place to do lots of logging and access
control. Application layer firewalls can be used as
network address translators, since traffic goes in
one side and out the other, after having passed
through an application that effectively masks the
origin of the initiating connection, Chris Partsenidis
says.
11. Proxies
Proxy firewalls offer more security than other types
of firewalls, but this is at the expense of speed and
functionality, as they can limit which applications
your network can support.In Proxy firewall traffic
does not flow through a proxy. Instead, computers
establish a connection to the proxy, which serves
as an intermediary, and initiate a new network
connection on behalf of the request. This prevents
direct connections between systems on either side
of the firewall and makes it harder for an attacker
to discover where the network is, because they will
never receive packets created directly by their
target system.
12. Network address translation
Firewalls often have network address
translation {NAT} functionality, and the hosts
protected behind a firewall commonly have
addresses in the "private address range“. Firewalls
often have such functionality to hide the true
address of protected hosts. Originally, the NAT
function was developed to address the limited
number of IPv4 routable addresses that could be
used or assigned to companies or individuals as
well as reduce both the amount and therefore cost
of obtaining enough public addresses for every
computer in an organization. Hiding the addresses
of protected devices has become an increasingly
important defense against network
reconnaissance
13. Problems of CIA Triad
Although the CIA triad is a fundamental
model for information security, it also
focuses on a limited view of IT security
that is centered on information. While the
priority is to protect the information and
ensure that data resources are available,
the CIA model does not address
prevention of an unauthorized person
from using the system’s hardware
resources.
14. Another issue is the information security
professionals will concentrate on the
“confidentiality” part of the triad, essentially
ignoring the other components of a balanced
security approach. For instance, when the
“accessibility” component of the triad is
neglected, this could mean severe disruptions
to communications, costing millions and
significantly impacting an industry. Thus, it is
necessary for security professionals to
contribute skills and knowledge during the
purchasing and selection process for an
organization’s communications network.
15. Conclusion
This Presentation gives a glimpse about
the security concerns for E-Commerce
and requirement for a secure E-
Commerce environment . It comprises of
Security Triads I.e C.I.A (Confidentiality
, Integrity, Availability). It also explains
about Firewall and its various types.
Network security issue and the problems
faced in Network triads are also
discussed.