Intro to E-commerce E-commerce Test 2 – HazeldineChapter 5-The Computer Security Institute’s annual Computer Crime and Security Survey is another source of information.oIn 2011, the survey was based on the responses of 351 security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions, and universities. The survey reported that 46% of responding organizations experienced a computer security incident within the past year. Figure 5.1illustrates the carious types of attacks against computer systems reported. (Malware infection)-Integrity:refers to the ability to ensure that information being displayed on a web site, or transmitted or received over the Internet, has not been altered in any way by an unauthorized party.-Nonrepudiation:refers to the ability to ensure that e-commerce participants do not deny (i.e. repudiate) their online actions.-Confidentiality:refers to the ability to ensure that messages and data are available only to those who are authorized to view them. oConfidentiality is sometimes confused with privacy, which refers to the ability to control the use of information a customer provides about himself or herself to an e-commerce merchant.-E-commerce merchants have two concerns to privacy:1.They must establish internal policies that govern their own use of customer information.2.They must protect that information from illegitimate or unauthorized sue.-The more security measures added to an e-commerce site, the more difficult it is to use the slower the site becomes.-Digital security is purchases at the price of slowing down processors and adding significantly to data storage demands on storage devices.-Trojan horse:appears to be benign, but then does something other than expected.oIt is not itself a virus because it does not replicate, but is often a way for viruses or other malicious code such as bots or rootkits (a program whose aim is to subvert control of the computer’s operating system) to be introduced into a computer system.-Bots:(short for robots) are a type of malicious code that can be covertly installed on your computer when attached to the Internet. o90% of the world’s spam, and 80% of the world’s malware, is delivered by botnets.-Botnets:are collections of captured computers used for malicious activities such as sending spam, participating in a DDoS attack, stealing information from computers, and storing network traffic for later analysis.-Spyware:on the other hand, can be used to obtain information such as a user’s keystrokes, copies of e-mail and instant messages, and even take screenshots (and thereby capture passwords or other confidential data).
-Today, the most frequent cause of stolen cards and car information is the systematic hacking and looting of a corporate server where the information on millions of credit card purchases is stored.