Notes for BSc CSIT

Secure Sockets Layer SSL (Secure Sockets Layer) It is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).  It is used by most companies to provide security and privacy and establishes a secure session between a browser and a server.  A channel is the two way-way communication stream established between the browser and the server, and the definition of channel security indicates three basic requirements:           - The channel is reliable.         -  The channel is private.             - The channel is authenticated. This encryption is preceded by a ‘data handshake’ and has two major phases: The first phase is used to establish private communication and uses the key-agreement algorithm. The second phase is used for client authentication. ...

  ROLES OF SSL IN E-COMMERCE  To secure online credit card transactions.  To secure system logins and any sensitive information exchanged online.  To secure webmail and applications like Outlook Web Access, Exchange, and Office Communications Server.  To secure workflow and virtualization applications like Citrix Delivery Platforms or cloud-based computing platforms.  To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.  To secure the transfer of files over HTTPS and FTP(s) services such as website owners updating new pages to theirs.  To secure intranet-based traffic such as internal networks, file sharing, extranets, and database connections.  To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway. 

 Firewalls and Its Types:  The most commonly accepted network protection is a barrier—a firewall between the corporate network and the outside world (untrusted network).  A firewall is a method of placing a device—a computer or a router— between the network and the Internet to control and monitor all traffic between the outside world and the local network.  Typically, the device allows insiders to have full access to services.  While granting access from the outside only selectively, based on log-on name, password, IP address, or other identifiers as shown in the figure below.   In general, a firewall is a protection device to shield vulnerable areas from some form of danger.   In the context of the Internet, a firewall is a system—a router, a personal computer, a host, or a collection of hosts—set up specifically to shield a site or subnet from protocols and services that can be abused from hosts on the outside of the subnet.   A f...

  Security Protocols on the Internet   We will discuss here some of the popular protocols used over the internet to ensure secured online transactions. Some of them are SSL, SHTTP, SET... 1) Secure Socket Layer (SSL)  It is the most commonly used protocol and is widely used across the industry.  It meets the following security requirements −  Authentication, Encryption,  Integrity, Non-reputability  "HTTPS://" is to be used for HTTP URLs with SSL, whereas "HTTP:/" is to be used for HTTP URLs without SSL. SSL was originally designed by Netscape.  It was developed to provide encryption and authentication between a web client and a web server.  SSL begins with a handshake phase that consists of two main steps:  a) Negotiating the encryption algorithm  b) Authenticating identity (optional)            After that,  encrypted data can be sent. a)Negotiating the encryption algorithm:   - SSL sess...

Technology Solutions A great deal of progress has been made by private security firms, corporate and home users, network administrators, technology firms, and government agencies.   Protecting Internet communications (encryption)  Securing channels of communication (SSL (secure sockets layer), S-HTTP, VPNs) URL changes from HTTP to HTTPS SSL: Protocol that provides secure communications between client and server   Protecting networks (firewalls)   Protecting servers and clients Protecting Internet Communication ENCRYPTION: The process of transforming plain text or data into ciphertext that cannot be read by anyone other than the sender and the receiver. The purpose of encryption is a) to secure stored information and b) to secure information transmission. Encryption can provide four of the six key dimensions of e-commerce security Message integrity: provides assurance that the message has not been altered Nonrepudiation: prevents the user from denying he or...

 The security strategy of e-commerce are given below:-                                                     OR,

Security tools of e-commerce The security tools of e-commerce are as follows:- 1) Digital certificates: An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be and to provide the receiver with the means to encode a reply.   2) Encryption: Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as ciphertext. 3) Firewall: Firewalls can be either hardware or software but the ideal firewall configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins. 4) Digital signature: A digital certificate, an electronic docum...

 E-commerce Security Requirement commerce over open networks (such as the internet) can secure if the following happens: Server Security Message Privacy (or confidentiality) Message integrity Authentication Authorization Audit mechanism and non-repudiation Payment and settlement 1. Server Security: Use firewalls and proxy servers Every packet going from the firm's computer to the internet or vice versa will be checked  “Security” against ” attacks” such as viruses, unauthorized access of hackers, the trojan horse can be provided. 2. Message Privacy  A key requirement for E-commerce it assures that the communication between trading parties are not revealed to others, therefore unauthorized party can not read or understand the message 3. Message integrity another key requirement for e-commerce it assures that the communication between trading parties is not alerted by an enemy.  4. Authentication Assures that the “sender” of the message is actually the person he/she cl...

An intrusion detection system (IDS)  An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. While anomaly detection and reporting are the primary functions, some intrusion detection systems are capable of taking actions when a malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious Internet Protocol (IP) addresses. An IDS can be contrasted with an intrusion prevention system (IPS), which monitors network packets for potentially damaging network traffic, like an IDS, but has the primary goal of preventing threats once detected instead of primarily detecting and recording threats. How do intrusion detection systems work? Intrusion detection systems are used to detect anomalies to catch hackers before they do real damage to a network. They can be either network- or host-based. A host-based intrusion detection system is installed on the client compute...

 Security mechanisms:  The different security mechanisms of e-commerce are: - 1)Cryptography,  2) Hash Functions ,   3)DIGITAL SIGNATURES,  4)Authentication and Acess Control,  5) Intrusion Detection System(IDS)    , 6) Secured Socket Layer   1)Cryptography It is the art and science of making a cryptosystem that is capable of providing information security. Cryptography deals with the actual securing of digital data. It refers to the design of mechanisms based on mathematical algorithms that provide fundamental information security services. You can think of cryptography as the establishment of a large toolkit containing different techniques in security applications.                                           OR,  Cryptography  The science of coding and decoding messages is to keep these messages secure.  Coding (see enc...