Modern computer security involves the protection of electronic communications and the maintenance of network security. A successful, secure transaction must meet four funda-mental requirements: Privacy, integrity, authentication and nonrepudiation. The privacy issue is: How do you ensure that the information you transmit over the Internet has not been captured or passed on to a third party without your knowledge? The integrity issue is: How do you ensure that the information you send or receive has not been compromised or al-tered? The authentication issue is: How do the sender and recipient of a message verify their identities? The nonrepudiation issue is: How do you legally prove that a message was sent or received? In addition to these requirements, network security addresses the issue of availability: How do we ensure that the network and the computer systems to which it con-nects will remain in operation continuously?
The initial explosion of the e-business industry forced businesses and consumers to focus on Internet, network and wireless security. Although this growth has slowed today, security issues still must be addressed. In addition, as new means of conducting business over the Internet (such as wireless transactions) are developed, further challenges to Internet security are created. In the next several sections, we will explore Internet security and the technologies and protocols used to secure e-commerce transactions and communications.
1. Public-Key Cryptography
The channels through which data passes are not secure; therefore, any private information transmitted through these channels must be protected. To secure information, data can be encrypted. Cryptography transforms data by using a cipher, or cryptosystem (a mathemat-ical algorithm for the encryption of messages). An algorithm is a computer science term for “procedure.” A key (a string of digits that acts as a password in the cipher) makes the data incomprehensible to all but the sender and intended recipients. Unencrypted data is known as plain text, whereas encrypted data is called ciphertext. Only the intended recip-ients should possess the corresponding key to decrypt the ciphertext into plaintext.
Previously, organizations that wished to maintain a secure computing environment used symmetric cryptography, also known as secret-key cryptography. Secret-key cryp-tography uses the same secret key to encrypt and decrypt a message. When employing such cryptography, the sender encrypts a message using the secret key, then sends the encrypted message and the symmetric secret key to the intended recipient. However, prob-lems with this method arise because, before two people can communicate securely, they must find a secure way to exchange the secret key. The privacy and integrity of the mes-sage could be compromised if the key is intercepted as it is transmitted from sender to recipient over unsecure channels. In addition, since both parties in the transaction use the same key to encipher and decipher a message, it is impossible to authenticate which party created the message.
Public-key cryptography is used primarily for authentication, data integrity and secret-key exchange. Public-key cryptography is asymmetric. It uses two inversely related keys: A public key and a private key. The private key is kept secret by its owner, whereas the public key is openly distributed. If the public key is used to encrypt a message, only the corresponding private key can decrypt it, and vice versa (Fig. 32.3). Each party in a transaction has both a public key and a private key. To transmit a message securely, the sender uses the recipient’s public key to encrypt the message. The recipient then decrypts the message using his or her unique private key. Assuming that the private key has been kept secret, the message cannot be read by anyone other than the intended recipient; through this method, the system ensures the privacy of the message. The defining property of a secure public-key algorithm is that it is computationally infeasible to deduce the pri-vate key from the public key; although the two keys are mathematically related, the deri-vation of one from the other would take enormous amounts of computing power and time. An outside party cannot participate in communication without the correct keys. However, if a third party does obtain the decryption key, the security of the system is compromised. In such a case, the user can simply change the key, instead of changing the entire encryp-tion or decryption algorithm.
Digital signatures, the electronic equivalent of written signatures, are used in public-key cryptography to solve authentication and integrity problems. A digital signature authenticates the sender’s identity, and, like a written signature, it is difficult to forge. To create a digital signature, a sender first runs a plaintext message through a hash function, which is a mathematical calculation that gives the message a hash value. For example, you could take the plaintext message “Buy 100 shares of company X,” run it through a hash function and get a hash value of 42. The hash function could be as simple as adding up all the 1s in a message, although it is usually more complex. The hash value is also known as a message digest. The chance that two different messages will have the same message digest is statistically insignificant. Collision occurs when multiple messages have the same hash value. However, it is computationally infeasible to compute a message from its hash value or to find two messages with the same hash value.
Next, the sender uses a private key to encrypt the message digest. This step creates a digital signature and authenticates the sender, because only the owner of that private key could encrypt the message. The original message, which has been encrypted with the recip-ient’s public key, the digital signature and the hash function, are sent to the recipient. The recipient uses the sender’s public key to decipher the original digital signature and reveal the message digest. The recipient then uses his or her own private key to decipher the orig-inal message. Finally, the recipient applies the hash function to the original message. If the hash value of the original message matches the message digest included in the signature, message integrity is ensured—the message has not been altered in transmission.
One problem with public-key cryptography is that anyone with a set of keys could potentially assume another party’s identity. For example, imagine that a customer wants to place an order with an online merchant. How does the customer know that the Web site indeed belongs to that merchant and not to a third party who is masquerading as the mer-chant to steal credit-card information? Public Key Infrastructure (PKI) integrates public-key cryptography with digital certificates and certificate authorities to authenticate parties in a transaction. Wireless PKI (WPKI) is a security protocol specifically for wireless trans-missions. Like regular PKI, WPKI authenticates users via digital certificates and encrypts messages using public-key cryptography. The system also ensures nonrepudiation.
Digital certificates are digital documents issued by a certification authority (CA). A digital certificate includes the name of the subject (the company or individual being certi-fied), the subject’s public key, a serial number, an expiration date, the signature of the trusted certification authority and any other relevant information. A CA is a financial insti-tution or other trusted third party, such as VeriSign. Because the CA assumes responsibility for authentication, it must check information carefully before issuing a digital certificate. Once issued, digital certificates are publicly available and are held by the certification authority in certificate repositories. VeriSign, Inc., is a leading certificate authority. (To learn more about VeriSign, visit www.verisign.com.)
Many people still consider e-commerce to be unsecure. However, transactions using PKI and digital certificates are more secure than point-of-sale credit-card purchases or the exchange of private information over phone lines or through the mail. The key algorithms used in most secure online transactions are nearly impossible to compromise. By some esti-mates, the key algorithms used in public-key cryptography are so secure that a century would pass before millions of today’s computers working in parallel could break the codes.
The most commonly used public-key algorithm is RSA, an encryption system devel-oped in 1977 by MIT professors Ron Rivest, Adi Shamir and Leonard Adleman. With the emergence of the Internet and the World Wide Web, these researchers’ security work has become even more significant, playing a crucial role in e-commerce transactions. Today, RSA encryption and authentication technologies are used by most Fortune 1000 companies and leading e-businesses. The products are built into hundreds of millions of copies of the most popular Internet applications, including Web browsers, commerce servers and e-mail systems. For more information about RSA, cryptography and security, visit www.rsase-curity.com. Other organizations, such as Microsoft, also offer products to ensure secu-rity. (See the Microsoft Authenticode feature.)
2. Secure Sockets Layer (SSL)
The Secure Sockets Layer (SSL) protocol, developed by Netscape Communications, is a
non-proprietary protocol commonly used to secure communications between two comput-ers on the Internet and the Web.18,19 SSL is built into many Web browsers, including
Netscape Communicator and Microsoft Internet Explorer, as well as numerous other soft-ware products. Although SSL is not designed specifically to secure online transactions, most e-businesses use the technology for this purpose.
Microsoft Authenticode: Authenticating Software
How can consumers ensure that software ordered online is safe and has not been al-tered? Are there ways to avoid downloading a computer virus that could wipe out an entire system? Is the source of the software trustworthy? With the emergence of e-com-merce, software companies began offering their products online, enabling customers to download software directly to their computers. Security technology is used to ensure that the downloaded software is authentic and has not been altered. Microsoft Authen-ticode is a security feature built into Microsoft Internet Explorer. When combined with VeriSign digital certificates (or digital IDs), Authenticode authenticates the publisher of the software and detects whether the software has been modified.
To use Microsoft Authenticode technology, software publishers must obtain dig-ital certificates that are specifically designed for software publishing; such certificates can be obtained through certificate authorities, such as VeriSign. To obtain a certifi-cate, a software publisher provides its public key and identification information. In addition, publishers must sign agreements that they will not distribute harmful soft-ware, which gives customers legal recourse if any downloaded software from certified publishers causes harm.
Microsoft Authenticode uses digital-signature technology to sign software (Sec-tion 32.6). The signed software and the publisher’s digital certificate provide proof that the software is safe and has not been altered.
When a customer attempts to download a file, a dialog appears on the screen dis-playing the digital certificate and the name of the certificate authority. Links to the pub-lisher and the certificate authority are provided so that customers can learn more about each party before they agree to download the software. If Microsoft Authenticode determines that the software has been compromised, the transaction is terminated. To learn more about Microsoft Authenticode, visit the following sites: msdn.micro-
soft.com/workshop/security/authcode/signfaq.asp and msdn.microsoft.com/workshop/security/authcode/authwp.asp.
In a standard online correspondence, a sender’s message is passed to a socket, which receives and transmits information from a network. The socket then interprets the message through Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP is the standard set of protocols used for communication between computers on the Internet. Most Internet transmissions are sent as sets of individual message pieces, called packets. At the sending side, the packets of a message are numbered sequentially, and error-control information is attached to each packet. Each packet might travel a different path because IP routes packets in a manner so as to avoid traffic jams. The destination of a packet is determined by the IP address (an assigned address similar to that of a house in a neighborhood and used to iden-tify a computer on a network). At the receiving end, the TCP makes sure that all of the packets have arrived, puts them in sequential order and determines whether the packets have arrived without alteration. If the packets have been modified or any data has been lost, TCP requests retransmission. When all of the data is successfully transmitted, the message is passed to the socket at the recipient’s end. The socket translates the message back into a form that can be read by the recipient’s application.20 In a transaction using SSL, the sockets are secured using public-key cryptography.
SSL implements public-key technology, using the RSA algorithm and digital certifi-cates, to authenticate the server in a transaction and to protect private information as it passes from one party to another over the Internet. SSL transactions do not require client authentication; many servers consider valid credit-card numbers to be sufficient for authen-tication in secure purchases. The security process begins when a client sends a message to a server. The server responds, sending its digital certificate to the client for authentication. Using public-key cryptography to communicate securely, the client and server negotiate session keys to continue the transaction. Session keys are symmetric secret keys (explained in Section 32.6.1) that are used for the duration of that transaction. Once the keys are estab-lished, the communication proceeds between the client and the server by using the session keys and digital certificates. Encrypted data is passed through TCP/IP, just as regular packets travel over the Internet. However, before sending a message with TCP/IP, the SSL protocol breaks the information into blocks, compresses it and encrypts it. Conversely, after the data reaches the recipient through TCP/IP, the SSL protocol decrypts the packets, then decompresses and assembles the data. These extra processes provide an extra layer of secu rity between TCP/IP and applications. SSL is used primarily to secure point-to-point con-nections—transmissions of data from one computer to another. The Transport Layer Security (TLS) protocol, designed by the Internet Engineering Task Force, is both similar to and compatible with SSL. Additional information regarding TLS can be found at www.ietf.org/rfc/rfc2246.txt.
Although SSL protects information as it is passed over the Internet, it does not protect private information, such as credit-card numbers, once the information is stored on the mer-chant’s server. When a merchant receives credit-card information with an order, the infor-mation is often decrypted and stored on the merchant’s server until the order is placed. If the server is not secure and the data is not encrypted, an unauthorized party can access the information. Hardware devices, such as peripheral component interconnect (PCI) cards designed for use in SSL transactions, can be installed on Web servers to process SSL trans-actions. This reduces the time and power that a server must devote to SSL transaction pro-cessing, thus reducing processing time and power, leaving the server free to perform other tasks.19 For more information about the SSL protocol, explore the Netscape SSL tutorial at developer.netscape.com/tech/security/ssl/protocol.html and the Netscape Security Center site at www.netscape.com/security/index.html.
Wireless Transport Layer Security (WTLS) is the security protocol for the Wireless Appli-cation Protocol (WAP). WAP is a standard used for wireless communications on mobile phones and other wireless devices. WTLS secures connections between wireless devices and application servers. It provides wireless technology with data integrity, privacy, au-thentication and denial-of-service security. WTLS encrypts data sent between a WAP-en-abled wireless device and a WAP gateway, where messages are transferred from the wireless network to a wired network. At the gateway, data is decrypted from WTLS and subsequently, encrypted into SSL. For a few milliseconds, the data is not encrypted and, therefore, unsecure. The brief lapse in security is called the WAP gap. Although this flaw causes the system to be unsecure, it is extremely difficult to exploit the WAP gap in prac-tice. No one has ever reported an attack on the WAP gap that has successfully caused the compromise of any secure data.
4. IPSec and Virtual Private Networks (VPN)
Organizations are taking advantage of the existing Internet infrastructure to create Virtual Private Networks (VPNs), which link multiple networks, wireless users, customers and oth-er remote users. A VPN is created by establishing a “secure tunnel” between multiple net-works. Internet Protocol Security (IPSec) is one of the technologies used to secure the “tunnel” through which the data passes.
IPSec uses public-key and symmetric-key cryptography to ensure user authentication, data integrity and confidentiality. An IP packet is encrypted, and sent inside a regular IP packet. The recipient discards the outer IP packet, then decrypts the inner IP packet. For more information about IPSec, visit the IPSec Developers Forum at www.ip-sec.com and the IPSec Working Group of the IETF at www.ietf.org/html.charters/ ipsec-charter.html.
5. Security Attacks
Recent cyberattacks on e-businesses have made the front-pages of newspapers worldwide.
Denial-of-service attacks (DoS), viruses and worms have cost companies billions of dol-lars. Typically, a denial-of-service attack occurs when a network or server is flooded with data packets. The influx of data greatly increases the traffic on the network, overwhelming the servers and making it impossible for legitimate users to download information. A dis-tributed denial-of-service attack occurs when an unauthorized user gains illegitimate con-trol of a network of computers (usually by installing viruses on the computers) and then uses all the computers simultaneously to attack. These attacks cause networked computers to crash or disconnect from the network, making services unavailable for legitimate users.
Viruses are computer programs—often sent as e-mail attachments or disguised as audio clips, video clips and games—that attach to, or overwrite other programs in efforts to replicate themselves. Viruses can corrupt files or even wipe out a hard drive. The spread of a virus occurs through sharing “infected” files embedded in e-mail attachments, docu-ments or programs. Although worms are similar to viruses, a worm can spread and infect files on its own over a network; worms do not need to be attached to another program to spread. One of the most famous viruses to date is the ILOVEYOU virus which hit in May 2000, costing organizations and individuals billions of dollars. Viruses and worms are not limited to computers. In June 2000, a worm named Timofonica that was propagated through e-mail quickly made its way into the cell-phone network in Spain, sending prank calls and leaving text messages on subscribers’ phones.22
Who is responsible for viruses and denial-of-service attacks? Most often the responsible parties are referred to as hackers or crackers. Hackers and crackers are usually skilled pro-grammers. According to some, hackers break into systems just for the thrill of it, without causing harm to the compromised systems, whereas crackers have malicious intent. However, regardless of an attack’s consequences, hackers and crackers break the law by accessing or damaging private information and computers. Many vendors offer antivirus utilities that help protect computers against viruses and other threats. For more information on such protection features, visit McAfee at www.mcafee.com and Symantec at www.symantec.com.
6. Network Security
The goal of network security is to allow authorized users access to information and services while preventing unauthorized users from gaining access to, and possibly corrupting, the network. A basic tool used in network security is the firewall, which protects a local area network (LAN) from intruders outside the network. For example, most companies have in-ternal networks that allow employees to share files and access company information. Each LAN can be connected to the Internet through a gateway, which usually includes a firewall. A firewall acts as a safety barrier for data flowing into and out of the LAN. Firewalls can prohibit all data flow that is not expressly allowed, or they can allow all data flow that is not expressly prohibited. Although network security administrators can choose freely be-tween these options, decisions should weigh the need for security against the need for func-tionality. Personal firewalls also can be used to protect a single PC.
What happens if a hacker gets inside a firewall? How does a company know whether an intruder has penetrated the firewall? Also, how can a company detect whether unautho-rized employees are accessing restricted applications? Intrusion detection systems monitor networks and application log files (files containing information on files, including who accessed them and when). If an intruder accesses either the network or an unauthorized application, the system detects the intrusion, halts the session and sets off an alarm to notify the system administrator.
Copyright © 2018-2020 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.