7 - eBusiness

M cheung william tan and carson woo intranet security

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: am Tan and Carson Woo 13 BUSI 335 Copyright © 2009-10 Y.M. Cheung, William Tan and Carson Woo Intranet Security Issues 14 Extranet • An extension of an Intranet into the public domain • Built for company partners such as customers, suppliers, and Firewalls can be defeated. vendors • Example: Tax News Network (http://www.taxnews.com/tnn_public) An attacker can assume a false identify such as a false IP address. by PricewaterhouseCoopers • Requires user authentication in order to access all or part of the Intranet of an organization • What is the difference between user authentication and basic What are additional layers of defense? password protection? Access limits through password control Encryption BUSI 335 Proxy servers Copyright © 2009-10 Y.M. Cheung, William Tan and Carson Woo 15 BUSI 335 Copyright © 2009-10 Y.M. Cheung, William Tan and Carson Woo 16 User Authentication vs. Basic Password Protection (cont’d) User Authentication vs. Basic Password Protection • Password Protection • Authentication is the process of determining whether – Step 1: An unknown visitor requests a password on the Web by supplying his/her personal information – Step 2: A Web server receives and processes the request someone is, in fact, who it is declared to be. • Passwords can often be stolen, accidentally revealed, or forgotten. • The use of digital certificates issued and verified by a – Step 3: A password is generated by the Web server and sent to the visitor by e-mail Certificate Authority (CA) as part of a Public Key Infrastructure is considered likely to become the standard way to perform authentication on the Internet. – Assumption: The visitor is honest about his/her information • User Authentication What is a Public Key? – The identity of the visitor is well determined BUSI 335 Copyright © 2009-10 Y.M. Cheung, William Tan and Carson Woo 17 BUSI 335 Copyright © 2009-10 Y.M. Cheung, William Tan and Carson Woo Secret-Key Encryption Public-Key Encryption Sec...
View Full Document

This document was uploaded on 03/04/2014 for the course COMM 335 at UBC.

Ask a homework question - tutors are online