1 / 48

Understanding Electronic Commerce Security: Key Concepts and Risk Management

This guide provides an overview of the essential security concepts in electronic commerce, emphasizing risk management strategies to recognize, reduce, and eliminate threats. It covers key topics such as eavesdropping, unauthorized access, and the importance of protecting data integrity and secrecy. Additionally, it discusses the formulation of security policies to safeguard assets while ensuring compliance and defining acceptable behaviors. An understanding of cookies, both session and persistent, is also included, highlighting their role in securing client computers.

ide
Télécharger la présentation

Understanding Electronic Commerce Security: Key Concepts and Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Chapter 10: Electronic Commerce Security Electronic Commerce, Sixth Edition

    2. Electronic Commerce, Sixth Edition 2 Managing Risk Countermeasure General name for a procedure that recognizes, reduces, or eliminates a threat Eavesdropper Person or device that can listen in on and copy Internet transmissions Crackers or hackers Write programs or manipulate technologies to obtain unauthorized access to computers and networks

    3. Electronic Commerce, Sixth Edition 3 Risk Management Model

    4. Electronic Commerce, Sixth Edition 4 Computer Security Classifications Secrecy Protecting against unauthorized data disclosure and ensuring the authenticity of a data source Integrity Refers to preventing unauthorized data modification Necessity Refers to preventing data delays or denials (removal)

    5. Electronic Commerce, Sixth Edition 5 Security Policy and Integrated Security A written statement describing Which assets to protect and why they are being protected Who is responsible for that protection Which behaviors are acceptable and which are not First step in creating a security policy Determine which assets to protect from which threats

    6. Electronic Commerce, Sixth Edition 6 Requirements for Secure Electronic Commerce

    7. Electronic Commerce, Sixth Edition 7 Security for Client Computers Stateless connection Each transmission of information is independent Session cookies Exist until the Web client ends connection Persistent cookies Remain on a client computer indefinitely

    8. Electronic Commerce, Sixth Edition 8 Information Stored in a Cookie on a Client Computer

    9. Electronic Commerce, Sixth Edition 9

More Related