Intro to E-commerce 9 - Intro to E-commerce E-commerce Test 2 Hazeldine Chapter 5 The Computer Security Institutes annual Computer Crime and Security

Intro to E-commerce 9 - Intro to E-commerce E-commerce Test...

This preview shows page 1 - 3 out of 8 pages.

Intro to E-commerce E-commerce Test 2 – Hazeldine Chapter 5 - The Computer Security Institute’s annual Computer Crime and Security Survey is another source of information. o In 2011, the survey was based on the responses of 351 security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions, and universities. The survey reported that 46% of responding organizations experienced a computer security incident within the past year. Figure 5.1 illustrates the carious types of attacks against computer systems reported. (Malware infection) - Integrity: refers to the ability to ensure that information being displayed on a web site, or transmitted or received over the Internet, has not been altered in any way by an unauthorized party. - Nonrepudiation: refers to the ability to ensure that e-commerce participants do not deny (i.e. repudiate) their online actions. - Confidentiality: refers to the ability to ensure that messages and data are available only to those who are authorized to view them. o Confidentiality is sometimes confused with privacy , which refers to the ability to control the use of information a customer provides about himself or herself to an e-commerce merchant. - E-commerce merchants have two concerns to privacy : 1. They must establish internal policies that govern their own use of customer information. 2. They must protect that information from illegitimate or unauthorized sue. - The more security measures added to an e-commerce site, the more difficult it is to use the slower the site becomes. - Digital security is purchases at the price of slowing down processors and adding significantly to data storage demands on storage devices. - Trojan horse: appears to be benign, but then does something other than expected. o It is not itself a virus because it does not replicate, but is often a way for viruses or other malicious code such as bots or rootkits (a program whose aim is to subvert control of the computer’s operating system) to be introduced into a computer system. - Bots: (short for robots) are a type of malicious code that can be covertly installed on your computer when attached to the Internet. o 90% of the world’s spam, and 80% of the world’s malware, is delivered by botnets. - Botnets: are collections of captured computers used for malicious activities such as sending spam, participating in a DDoS attack, stealing information from computers, and storing network traffic for later analysis. - Spyware: on the other hand, can be used to obtain information such as a user’s keystrokes, copies of e-mail and instant messages, and even take screenshots (and thereby capture passwords or other confidential data).
- Today, the most frequent cause of stolen cards and car information is the systematic hacking and looting of a corporate server where the information on millions of credit card purchases is stored.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture