E-Commerce: Security Challenges and Solutions

Dr. Khalid Al-Tawil

College of Computer Sciences & Engineering

King Fahd University of Petroleum and Minerals

Outline of the Presentation

Internet Security
Cryptography

Firewalls
E-Commerce Challenges

E-Commerce Security
Global & Local Issues

Challenges to Security
Internet was never designed with security in mind.
Many companies fail to take adequate measures to protect their internal systems from attacks. Security precautions are expensive {firewalls, secure web servers, encryption mechanisms}. Security is difficult to achieve.

Introduction
Two Major Developments During the Past Decade: 1. Widespread Computerization 2. Growing Networking and Internetworking The Internet Need for Automated Tools for Protecting Files and Other Information. Network and Internetwork Security refer to measures needed to protect data during its transmission from one computer to another in a network or from one network to another in an internetwork.

Continue
Network security is complex. Some reasons are: Requirements for security services are:
Confidentiality Authentication Integrity

Key Management is difficult. Creation, Distribution, and Protection of Key information calls for the need for secure services, the same services that they are trying to provide.

Cyberterrorists
In 1996 the Pentagon revealed that in the
previous year it had suffered some two

hundred fifty thousand attempted intrusions

into its computers by hackers on the Internet Nearly a hundred sixty of the break-ins were successful.

Continue
Security Attacks:
Interruption Interceptor Modification Fabrication Viruses

Passive Attacks: Interception(confidentiality)

Release of message contents Traffic Analysis

Continue
Active Attacks:
Interruption (availability)

Modification (integrity)
Fabrication (integrity)

Security Threats
Unauthorized access Loss of message confidentiality or integrity User Identification Access Control Players:
User community Network Administration Introducers/Haclers

The bigger the system, the safer it is

MVS mainframe users (5%) UNIX users (25%) Desktop users (50%)

Introduction to Security Risks

Hackers and crackers

The Internet: open

$$

Your network: data! virus

The Main Security Risks

Data being stolen
Electronic mail can be intercepted and read Customers credit card numbers may be read

Login/password and other access information stolen Operating system shutdown Filesystem corruption User login information can be captured

Viruses
Unauthorized software being run
Games

Widely distributed software

Shareware Freeware Distributed software

Possible Security Holes

Passwords
Transmitted in plain text Could be temporarily stored in unsafe files Could be easy to guess

Directory structure
Access to system directories could be a threat

In the operating system software

Some operating system software is not designed for secure operation Security system manager should subscribe to
comp.security.unix comp.security.misc alt.security

Security Strategies
Use a separate host
Permanently connected to the Internet, not to your network. Users dial in to a separate host and get onto the Internet through it.

Passwords
Most important protection Should be at least eight characters long Use a mixture of alpha and numeric Should not be able to be found in dictionary
should not be associated with you!

Change regularly

Continue
Every transaction generates record in a security log file
Might slow traffic and host computer Keeps a permanent record on how your machine is accessed

Tracks
Generates alarms when someone attempts to access secure area Separate the directories that anonymous users can access Enforce user account logon for internal users Read web server logs regularly

Cryptography
The Science of Secret writing.
Encryption: Data is transformed into unreadable form. Decryption: Transforming the encrypted data back into its original form. Encryption Plaintext Ciphertext

Decryption

Types of Cipher
Transposition Substitution

Types of Cryptosystems
Conventional Cryptosystems
Secret key Cryptosystems. One secret key for Encryption and Decryption.

Example: DES

Public key cryptosystems

Two Keys for each user
Public key (encryptions)
Private key (decryptions)

Example: RSA

Types of Cryptosystems (Secret Key)

Both the encryption and decryption keys are kept secret.
Example: To encrypt, map each letter into the third letter forward in the alphabet order; To decrypt, map each letter into the third letter back.

Problems with Secret Key Cryptosystems:

Key transfer Too many keys

Secret Key Cryptosystems (DES)

Data Encryption Standard (1977) Started with an IBM Project called LUCIFER (1971) DES key length: 56-bits Uses 16 iterations with
Transportation Substitution XOR operations

DES Criticism
Key length Design of S-Boxes in hidden

Future
Multiple DES IDEA ( International Data Encryption Algorithm)

Types of Cryptosystems (Public Key)

Only the decryption key is kept secret. The encryption key is made public. Each user has two keys, one secret and one public. Public keys are maintained in a public directory. To send a message M to user B, encrypt using the public key of B. B decrypts using his secret key. Signing Messages For a user Y to send a signed message M to user X.
Y encrypts M using his secret key. X decrypts the message using Ys public key.

Public Key
A M
encryption

Public key of B

B
Private Key of B

Ciphertext C

Insecure communications or storage. Territory of the Intruder

C
decryption

A wants to send M in a secure manner to B

Firewalls
A firewall is a barrier placed between the private network and the outside world. All incoming and outgoing traffic must pass through it. Can be used to separate address domains. Control network traffic. Cost: ranges from no-cost (available on the Internet) to $ 100,000 hardware/software system. Types:
Router-Based Host Based Circuit Gateways

Firewall
Filter Inside
Gateway(s)

Filter Outside

Schematic of a firewall

Firewall Types (Router-Based)

Use programmable routers Control traffic based on IP addresses or port information. Examples:
Bastion Configuration Diode Configuration

To improve security: Never allow in-band programming via Telnet to a firewall router. Firewall routers should never advertise their presence to outside users.

Bastion Firewalls
External Router Host PC Secured Router

Internet

Private Internal Network

Firewall Types (Host-Based)

Use a computer instead of router.
More flexible (ability to log all activities) Works at application level Use specialized software applications and service proxies. Need specialized programs, only important services will be supported.

Continue
Example: Proxies and Host-Based Firewalls
Proxies and Host-Based Firewalls Internal Network Filtering Router (Optimal)
Host running only proxy versions of FTP,Telnet and so on.

Internet

Electronic Mail Security

E-mail is the most widely used application in the Internet.
Who wants to read your mail ?
Business competitors
Reporters,Criminals Friends and Family

Two approaches are used:

PGP: Pretty Good Privacy PEM: Privacy-Enhanced Mail

E-mail Security (PGP)

Available free worldwide in versions running on:
DOS/Windows

Unix
Macintosh

Based on:
RSA
IDEA MD5

Continue
Where to get PGP
Free from FTP site on the Internet Licensed version from ViaCrypt in USA

Example:
pgp -kg ID-A pgp esa m.txt ID-B pgp message Signature Encryption Decryption

E-mail Security (PEM)

A draft Internet Standard (1993).
Used with SMTP.

Implemented at application layer.

Provides:
Disclosure protection Originator authenticity Message integrity

Summary of PGP Services

Function
Message encryption key

Algorithms used
IDEA, RSA

Description
A message is encrypted using IDEA . The session is encrypted using RSA recipients public key. A hash code of a message is created using MD5. This is encrypted using RSA with the senders private key.

Digital signature

RSA, MD5

Compression
E-mail compatibility

ZIP
Radix 64 conversion

A message may be compressed using ZIP.

To provide transparency for e-mail applications.

Summary of PEM Services

Function
Message encryption

Algorithms used
DES

Description
A message is encrypted using DES-CBC. The session key is encrypted using RSA with the recipients public key. A hash code of a message is created using MD2 or MD5. This is encrypted using RSA with the senders private key. To provide transparency for e-mail applications.

Authentication and Digital signature(asymmetric encryption) E-mail compatibility

RSA with MD2 or MD5

Radix 64 conversion

E-Commerce: Challenges
Trusting others electronically
E-Commerce infrastructure

Security threats the real threats and the perceptions Network connectivity and availability issues
Better architecture and planning

Global economy issues

Flexible solutions

E-Commerce: Challenges
Trusting others electronically
Authentication

Handling of private information

Message integrity

Digital signatures and non-repudiation

Access to timely information

E-Commerce: Challenges Trusting Others

Trusting the medium
Am I connected to the correct web site? Is the right person using the other computer? Did the appropriate party send the last email? Did the last message get there in time, correctly?

E-Commerce: Solutions Trusting Others

Public-Key Infrastructure (PKI)
Distribute key pairs to all interested entities

Certify public keys in a trusted fashion

The Certificate Authority

Secure protocols between entities Digital Signatures, trusted records and non-repudiation

E-Commerce: Challenges Security Threats

Authentication problems
Impersonation attacks

Privacy problems
Hacking and similar attacks

Integrity problems
Repudiation problems

Secure Protocols
How to communicate securely:
SSL the web security protocols IPSEC the IP layer security protocol SMIME the email security protocol SET credit card transaction security protocol Others

Secure Sockets Layer (SSL)

Platform and Application Independent
Operates between application and transport layers Web Applications
HTTP NNTP FTP Telnet Etc. Future Apps

SSL
TCP/IP

Secure Sockets Layer (SSL)

Negotiates and employs essential functions
for secure transactions
Mutual Authentication
Data Encryption

Data Integrity

As simple and transparent as possible

SSL 3.0 Layers

Record Layer
Fragmentation, Compression, Message Authentication (MAC), Encryption

Alert Layer
close errors, message sequence errors, bad MACs, certificate errors

Why did SSL Succeed

Simple solution with many applications ebusiness and e-commerce
No change in operating systems or network stacks very low overhead for deployment Focuses on the weak link the open wire, not trying to do everything to everyone Solution to authentication, privacy and integrity problems and avoiding classes of attacks

SSL and Security Attacks or how to design secure protocols

Man in the middle
Spoofing attacks Replay attacks and transaction freshness Negotiation attacks Snooping attacks

S-HTTP
Secured HTTP (S-HTTP)
Security on application layer Protection mechanism:
Digital Signature Message authentication Message encryption

Support private & public key cryptograph Enhanced HTTP data exchange

S-HTTP vs. SSL

User Interface
Application Layer
S-HTTP HTTP, SMTP, FTP, Telnet, Other Apps.

SSL Transport Layer Internet Layer Network Layer

PCT

SET

Transport Control Protocol Internet Protocol (IP) Network

SSL
Operate on transport layer Encryption only for integrity and confidentiality Support HTTP, Telnet, FTP, Gopher, etc.

S-HTTP
Operate on application layer Encryption and digital signature Work only with (HTTP)

Application independent
Provide P-to-P protection DES, RSA, RC-2 and RC-4 with different size of keys One step security

Application dependant
More secure than SSL at end point even after data transfer

No particular cryptographic
system Multiple times encryption

Secured Electronic Transactions (SET)

Developed by VISA & MasterCard
SET Specifications:
Digital Certificates (Identification) Public Key (Privacy)

On-Line Shopping Steps:

C.H. Obtain Digital Wallets C.H. Obtain Digital Certificates C.H. & Merchants conduct Shopping Dialog Authentication & Settlement Process

E-Commerce: Challenges Connectivity and availability

Issues with variable response during peak time
Guaranteed delivery, response and receipts Spoofing attacks
Attract users to other sites

Denial of service attacks

Prevent users from accessing the site

Tracking and monitoring networks

E-Commerce: Challenges Global Economy

Variable connectivity levels and cost
Variable economies and cultures Taxation and intellectual property issues

Interoperability between different economies

Existing Technologies Overview

Networking Products
Firewalls Remote access and Virtual Private Networks (VPNs) Encryption technologies Public Key Infrastructure Scanners, monitors and filters Web products and applications

Encryption Technologies
Hardware assist to speed up performance
Encryption at different network layers; Layer2

through application layers

Provide both public-key systems as well as

bulk encryption using symmetric-key methods

Stored data encryption and recovery

PKI
A set of technologies and procedures to
enable electronic authentication Uses public key cryptography and digital certificates Certificate life-cycle management

PKI Architecture
Switched segment

Internet

FIGURE 1: PKI SYSTEM BLO CK DI AGRAM [Numeric labels correspond to list above]

DMZ ( DM Zone)

1
Internet Applications

Cer tificate Request Web Ser ver s

3
Cer tificate Directory

RA Zone RAO Zone

Status Query 5 6
RAO Stations (Operators at Consoles)

Certificate Request 4
RA Stations

RA DB

Store new certificate, CRL Update

CA Zone
7 8 CA DB
CA Stations

Scanners, Monitors and Filters

Too much network traffic without designed policies
Scanners understand the network configurations Monitors provide intrusion detection based on preset patterns Filters prevent unwanted traffic based of type, for example virus detection

Web Products
Secure web servers SSL enabled
Application servers generally lacking any

security support
A number of toolkits to enable applications to utilize security functions Integration into existing (legacy) infrastructure is difficult

What is Missing??
Solid architecture practices
Policy-based proactive security management Quantitative risk management measures especially regarding e-commerce or ebusiness implementations

E-Commerce Architecture
Support for peak access
Replication and mirroring, round robin

schemes avoid denial of service

Security of web pages through certificates

and network architecture to avoid spoofing

attacks

Proactive Security Design

Decide on what is permissible and what is
right Design a central policy, and enforce it everywhere Enforce user identities and the use of

credentials to access resources

Monitor the network to evaluate the results

PKI and E-Commerce

Identity-based certificate to identify all users
of an application Determine rightful users for resources Role-based certificates to identify the authorization rights for a user

Architectures for E-Commerce

Central Policy Node A P P L I C A T I O N Enforcement Nodes Perimeter

PKI based policy decisions To other networks

PKI based user access

Existing EPS:
Electronic Cash
Imitates Paper Cash Examples: CyberCash, CyberCoin, DigiCash and Virtual Smart Cards

Electronic Checking
Same as Paper Checks Use Automated Clearing House (ACH) Examples: CheckFree, NetCheque and NetChex Not well developed as E-Cash or Credit Card

Credit Cards
Not used in Internet until SET become Internet Standard

E-Commerce: Are We Ready?

Infrastructure?
Security? Policies & legal issues? Arabic content?

E-Commerce: Future
Was expected to reach 37,500 (million US $)
in 2002. It reached 50,000 (million US $) in

1998
Expected to reach 8 million company in 2000.

(40% of total commerce)

Arab word, about 100 million US $

Continue
B-to-B E-Commerce will grow faster than Bto-C E-Commerce E-business is expected to grow faster in: Europe 118% Annual growth rate worldwide 86% * Number of companies is expected to reach 8 million by 2002 **
* Study by Nortel Networks (Financial Times 28/1/2000) ** British Telecom