Professional Documents
Culture Documents
E-Commerce Security
E-Commerce Security
UNIT 7:
E-COMMERCE SECURITY
LECTURER: MBOM 1
GENERAL OBJECTIVES
LECTURER: MBOM 2
CHALLENGES OF STOPPING E-
COMMERCE CRIMES
LECTURER: MBOM 3
CONFIDENTIALITY, INTEGRITY AND
AVAILABILITY.
Confidentiality
Information should not be disclosed without authorization.
Integrity
Information should not be altered without authorization
Availability
Ensures that information and all its assets is accessible to legitimate users at
an acceptable level of service.
Note
All the Confidentiality, integrity availability functions depend on
Authentication, Authorization and Nonrepudiation
Nonrepudiation
It is an assurance that online customers cannot falsely deny (repudiate) their
transactions.
LECTURER: MBOM 4
CYBERSECURITY
LECTURER: MBOM 5
CYBERSECURITY THREATS AND ATTACKS
LECTURER: MBOM 6
SOCIAL ENGINEERING ATTACK
LECTURER: MBOM 8
MALWARE ATTACK
LECTURER: MBOM 11
DENIAL-OF-SERVICE ATTACK
Denial of Service (DoS) attacks happen when an attacker
(or attack group) bombards a network or individual system
with a large amount of traffic or data requests. By
overloading a system with false traffic, it can render that
system inoperable to users trying to legitimately access it.
A distributed denial-of-service (DDoS) attack occurs
when multiple machines are operating together to attack
one target. DDoS attackers often leverage the use of a
botnet—a group of hijacked internet-connected devices to
carry out large scale attacks.
LECTURER: MBOM 12
CYBER SECURITY TIPS FOR
ORGANIZATIONS
1. Build up security awareness throughout your
organization.
2. Control access to your company information
3. Keep backups of important company data.
4. Implement and maintain strong password policies.
5. Protect your network and the devices within it from
cyber threats.
LECTURER: MBOM 13
SECURING E-COMMERCE NETWORKS
Several technologies exist that ensure that an
organization’s network boundaries are secure from attacks
including
1. Use of firewalls
2. Use of data encryption
3. Use of virtual private networks
4. Use of intrusion detection systems (IDS)
5. Use of access control methods
6. Training of e-commerce users
LECTURER: MBOM 14