Exercise 9

1. S.E.T. and RSA 128-bit Encryption fort e-commerce

SET stands for Secure Electronic Transaction. SET is a standard protocol for securing credit card transactions over insecure networks, i.e. the internet. SET was initially supported by Mastercard, Visa, Microsoft, Netscape plus others. A SET user is given an 'electronic wallet' (digital certificate) and a transaction is conducted and verified using a combination of digital certificates and digital signatures among the puchaser, merchant and the purchasers bank.

RSA 128-bit encryption is a public-key cryptography algorithm that allows for secure communications over an insecure network through public and private keys. 128-bit RSA encryption is widely used today for secure communications over the internet as it is considered to be out of reach of current computing power.

2. Network and Host-based Intrusion Detection Systems

A Network Intrusion Detection System (NIDS) is an intrusion detection system that is used to detect malicious attacks on networks, including denial of services attacks, port scans etc through the monitoring of network traffic. The NIDS scans all incoming packets and looks for suspicious patterns known as signatures or rules. NIDS also scan outgoing packets as some attacks can be undertaken from within the monitored network or network segment.

Host-based Intrusion Detection System (HIDS) started in the early 1980's are intrusion detection system that monitors and analyzes the communication traffic in and out of a computer and also checking the integrity of your system files and watching for suspicious processes. HIDS can detect which program accesses which processes, also, they look at RAM, file system, log files etc to make sure that the contents appear as expected.

3. What is Phishing

Phishing is the fraudulent process of attempting to acquire sensitive information such as bank account details, user names, passwords, credit card numbers by masking itself as a legitimate and trustworthy entity. An email is sent to an unsuspecting user which looks quite legitimate and links to an illegitimate website that also looks legitimate, where the user is prompted for their username and password or credit card details.

4. SET Compared to SSL

SET is explained earlier in the post.

SSL stands for Secure Socket Layer, which is a cryptographic protocol that provides security over insecure networks, i.e. the internet. SSL encrypts segments of network communications at the transport layer. SSL uses public and private keys, the public key is used to encrypt data at the browser end and the private key is used by the e-commerce system to decrypt and read the data. SSL is a system used by millions of websites worldwide to protect the data of their online transactions.

5. Cookies

A cookie is a small amount of text that is sent by a web server that is stored on a computer by a web browser. Cookies are used by a web browser to "remember" specific information that is later used by a web browser. This information can consist of preferences, shopping cart contents and other data used by websites.

Cookies can be used for authentication and session tracking among others. HTTP cookies can be used by web servers to track a persons particular web movements. Cookies cannot be used to gain access to a computers hard drive or steal sensitive information about a person.

6. Firewall Security

Firewalls protect a PC through the blocking of ports according to specific criteria. If a computer is connected to the internet then it needs to be protected from vulnerabilities that can be exploited by external sources. Attacks on a system can come from a number of sources, whether it be from someone that wishes to steal or alter your data or viruses and worms. Through the use of a firewall these types of attacks can be minimized, however, not all attacks can be prevented by a security measures.

Firewalls can be hardware or software based and sit between a network and the internet for hardware and the operating system and the internet when installed on your home PC. Firewalls allow the user more control of what comes in and out of the network or local PC. They control and monitor ports, protocols url's and IP's etc. The acquiring of which type of firewall, hardware or software, is purely determined by the size and type of the network or PC it is to protect.

Zonealarm is a type of firewall that is specifically software based that is perceived by some users that protects a PC more effectively than an inbuilt firewall.

7. Measures to create trust

E-commerce provides security features such as SET, SSL, encryption and the use of Digital Certificates to create trust amoung their customers.

8. Other Authentication Techniques

CHAP Authentication - Challenge Handshake Authentication is a one-way authentication method, however, you use CHAP in both directions on the link to create a two-way authentication. This type of authentication requires a shared secret which is usually a username and password which is set up when the link is first established.

Form Based Authentication - This type of authentication is where websites use a web form to collect and authenticate credential information, like a username and password, from a user. This technique is useful for developers as it allows them to customize the authentication user interface. Internet banking use such authentication methods.