SlideShare a Scribd company logo

Final ppt ecommerce

Download as PPTX, PDF
priyanka Garg
priyanka Garg
1 of 24
E-COMMERCE Heema Kumari Priyanka Kumari Manisha Kumari Awanti Amrit
Digital certificate A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer-based information. It is issued by a Certification Authority, and serves the same purpose as a driver’s license or a passport. Just like a passport, a digital certificate provides identifying information, is forgery resistant and can be verified because it was issued by an official, trusted agency. The certificate contains the name of the certificate holder, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signature ) and the digital signature of the certificate-issuing authority (CA) so that a recipient can verify that the certificate is real.CA can be banks ,government agencies etc.
Types of Digital Certificates There are four main types of digital certificates: 1. Server Certificates 2. Personal Certificates 3. Organization Certificates 4. Developer Certificates Certification Authority Functions: Accept applications for certificates Verify the identity of the person or organization applying for the certificate Issue certificates Revoke/Expire certificates Provide status information about the certificates that it has issued
DIGITAL CERTIFICATES
SECURING E-COMMERCE NETWORKS The selection and operation of technologies that ensure network security should be based on: Defense in depth Need-to-access basis policy of least privilege (POLP) Policy of blocking access to network resources unless access is required to conduct business Role-specific security Monitoring Patch management Incident response team (IRT)
FIREWALLS firewall A single point between two or more networks where all traffic must pass (choke point); the device authenticates, controls, and logs all traffic packet Segment of data sent from one computer to another on a network application-level proxy A firewall that permits requests for Web pages to move from the public Internet to the private network bastion gateway A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet
Intrusion Detection Systems (IDSs) A special category of software that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated action based on what it sees. personal firewall A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card.
virtual private network (VPN) A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify the identity of anyone using the network. protocol tunneling Method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address
proxies Special software programs that run on the gateway server and pass repackaged packets from one network to the other Demilitarized zone (DMZ) Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall
SECURING ECOMMERCE NETWORKS DIAGRAM
SECURING PROTOCOLS HTTPS SSL VPN IDS FIREWALLS PUBLIC KEY INFRASTRUCTURE
Hyper Text transfer protocols HTTPS is the Hyper-Text Transfer Protocol with SSL Encryption. It is the most popular network protocol for establishing secure connections for exchanging documents on the World-Wide Web. It is basically HTTP carried over a TCP socket, which has been secured using SSL Developed by Commerce Net Consortium Extension to HTTP that provides numerous security features Client and server authentication Spontaneous encryption Request/response non repudiation Provides symmetric and public-key encryption, and message digests (summaries of messages as integers) Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely.
HTTP messages contain two parts: the header and the body of the message. The header contains instructions to the recipients (browser and server) on how to process the message’s body. During the transfer transaction, both the client browser and the server, use the information contained in the HTTP header to negotiate formats they will use to transfer the requested information. The S-HTTP protocol extends this negotiation between the client browser and the server to include the negotiation for security matters. Hence S-HTTP uses additional headers for message encryption, digital certificates and authentication in the HTTP format which contains additional instructions on how to decrypt the message body.
Secure Sockets Layer SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook). It is used by the most companies to provide security and privacy and establishes a secure session between a browser and a server. A channel is the two way-way communication stream established between the browser and the server, and the definition of a channel security indicates three basic requirements: The channel is reliable. The channel is private. The channel is authenticated.
Secure Sockets Layer This encryption is preceded by a ‘data handshake’ and has two major stages: The first stage is used to establish private communication, and uses the key-agreement algorithm. The second stage is used for client authentication. Limitations of SSL: While the possibility is very slight, successful cryptographic attacks made against these technologies can render SSL insecure. A downside of both SSL protocols is that they both require to use cryptographic algorithms that place significant load on the computer systems involved in commerce transactions. For the low and medium e-commerce applications, there is no additional server cost to support SSL.
ROLES OF SSL IN E-COMMERCE To secure online credit card transactions. To secure system logins and any sensitive information exchanged online. To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server. To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange. To secure the transfer of files over https services such as website owners updating new pages to their To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections. To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.
WHAT IS VPN ? Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate. Became popular as more employees worked in remote locations .
Roles of VPNs Large-scale encryption between multiple fixed sites such as remote offices and central offices Network traffic is sent over the branch office Internet connection This saves the company hardware and management expenses
Intrusion Detection Systems (IDS) IDS classification Host-based IDS: monitor single host activity Network-based IDS: monitor network traffic logical components: Sensors collect data from various sources such as log files, network packets sends them to the analyzer Analyzers process data from sensors and determine if intrusion has occurred may also provide guidance for the actions to take user interface view the output and manage the behavior
IDS REQUIREMENT o run continually with minimal human supervision o be fault tolerant o resist subversion o minimal overhead on system serve a large number of users configured according to system security policies o allow dynamic reconfiguration
Fire wall A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card
Firewalls A firewall is a barrier placed between the private network and the outside world. All incoming and outgoing traffic must pass through it. Can be used to separate address domains. Control network traffic. Cost: ranges from no-cost (available on the Internet) to $ 100,000 hardware/software system. Types: Router-Based Host Based Circuit Gateways
PUBLIC KEY INFRASTRUCTURE A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
THANK YOU

Recommended

public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
Oliver Pfaff
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)
Venkatesh Jambulingam
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
Theo Gravity
 
Pki for dummies
Pki for dummiesPki for dummies
Pki for dummies
Alex de Jong
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructure
Aditya Nama
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
Sheetal Verma
 

Recommended

public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
Oliver Pfaff
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)
Venkatesh Jambulingam
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
Theo Gravity
 
Pki for dummies
Pki for dummiesPki for dummies
Pki for dummies
Alex de Jong
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructure
Aditya Nama
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
Sheetal Verma
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
Vivaka Nand
 
Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signature
Netri Chowdhary
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
rhassan84
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
Information Technology
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
Kumkum Sharma
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
CheapSSLUSA
 
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone BeforeScott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
DigiCert, Inc.
 
Cryptography
CryptographyCryptography
Cryptography
TanviGogri
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
Devam Shah
 
Digital signature
Digital signatureDigital signature
Digital signature
AJAL A J
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
jolly9293
 
Digital Certificates and Secure Web Access
Digital Certificates and Secure Web AccessDigital Certificates and Secure Web Access
Digital Certificates and Secure Web Access
bluntm64
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
Tony Fabeen
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
Shubham Sharma
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
saurav5884
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
Rishi Pathak
 
PKI by Gene Itkis
PKI by Gene ItkisPKI by Gene Itkis
PKI by Gene Itkis
Information Security Awareness Group
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Buddhika Karunanayaka
 
Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
Sumant Diwakar
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
priyanka Garg
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_Channels
Palani Kumar
 

More Related Content

What's hot

Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signature
Netri Chowdhary
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
Information Technology
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
Kumkum Sharma
 
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone BeforeScott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
DigiCert, Inc.
 

What's hot (20)

Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
 
Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signature
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone BeforeScott Rea - IoT: Taking PKI Where No PKI Has Gone Before
Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
 
Digital Certificates and Secure Web Access
Digital Certificates and Secure Web AccessDigital Certificates and Secure Web Access
Digital Certificates and Secure Web Access
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
 
PKI by Gene Itkis
PKI by Gene ItkisPKI by Gene Itkis
PKI by Gene Itkis
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
 

Similar to Final ppt ecommerce

Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
Divyank Jindal
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
willcoxjanay
 

Similar to Final ppt ecommerce (20)

Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_Channels
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.ppt
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications Technologies
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptx
 
Network security
Network securityNetwork security
Network security
 
Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)
 
RAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARY
 
Firewalls
FirewallsFirewalls
Firewalls
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Web Technology
Web TechnologyWeb Technology
Web Technology
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
 
Unit 6
Unit 6Unit 6
Unit 6
 
vpn
vpnvpn
vpn
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 

Final ppt ecommerce

  • 1. E-COMMERCE Heema Kumari Priyanka Kumari Manisha Kumari Awanti Amrit
  • 2. Digital certificate A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer-based information. It is issued by a Certification Authority, and serves the same purpose as a driver’s license or a passport. Just like a passport, a digital certificate provides identifying information, is forgery resistant and can be verified because it was issued by an official, trusted agency. The certificate contains the name of the certificate holder, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signature ) and the digital signature of the certificate-issuing authority (CA) so that a recipient can verify that the certificate is real.CA can be banks ,government agencies etc.
  • 3. Types of Digital Certificates There are four main types of digital certificates: 1. Server Certificates 2. Personal Certificates 3. Organization Certificates 4. Developer Certificates Certification Authority Functions: Accept applications for certificates Verify the identity of the person or organization applying for the certificate Issue certificates Revoke/Expire certificates Provide status information about the certificates that it has issued
  • 5. SECURING E-COMMERCE NETWORKS The selection and operation of technologies that ensure network security should be based on: Defense in depth Need-to-access basis policy of least privilege (POLP) Policy of blocking access to network resources unless access is required to conduct business Role-specific security Monitoring Patch management Incident response team (IRT)
  • 6. FIREWALLS firewall A single point between two or more networks where all traffic must pass (choke point); the device authenticates, controls, and logs all traffic packet Segment of data sent from one computer to another on a network application-level proxy A firewall that permits requests for Web pages to move from the public Internet to the private network bastion gateway A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet
  • 7. Intrusion Detection Systems (IDSs) A special category of software that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated action based on what it sees. personal firewall A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card.
  • 8. virtual private network (VPN) A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify the identity of anyone using the network. protocol tunneling Method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address
  • 9. proxies Special software programs that run on the gateway server and pass repackaged packets from one network to the other Demilitarized zone (DMZ) Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall
  • 11. SECURING PROTOCOLS HTTPS SSL VPN IDS FIREWALLS PUBLIC KEY INFRASTRUCTURE
  • 12. Hyper Text transfer protocols HTTPS is the Hyper-Text Transfer Protocol with SSL Encryption. It is the most popular network protocol for establishing secure connections for exchanging documents on the World-Wide Web. It is basically HTTP carried over a TCP socket, which has been secured using SSL Developed by Commerce Net Consortium Extension to HTTP that provides numerous security features Client and server authentication Spontaneous encryption Request/response non repudiation Provides symmetric and public-key encryption, and message digests (summaries of messages as integers) Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely.
  • 13. HTTP messages contain two parts: the header and the body of the message. The header contains instructions to the recipients (browser and server) on how to process the message’s body. During the transfer transaction, both the client browser and the server, use the information contained in the HTTP header to negotiate formats they will use to transfer the requested information. The S-HTTP protocol extends this negotiation between the client browser and the server to include the negotiation for security matters. Hence S-HTTP uses additional headers for message encryption, digital certificates and authentication in the HTTP format which contains additional instructions on how to decrypt the message body.
  • 14. Secure Sockets Layer SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook). It is used by the most companies to provide security and privacy and establishes a secure session between a browser and a server. A channel is the two way-way communication stream established between the browser and the server, and the definition of a channel security indicates three basic requirements: The channel is reliable. The channel is private. The channel is authenticated.
  • 15. Secure Sockets Layer This encryption is preceded by a ‘data handshake’ and has two major stages: The first stage is used to establish private communication, and uses the key-agreement algorithm. The second stage is used for client authentication. Limitations of SSL: While the possibility is very slight, successful cryptographic attacks made against these technologies can render SSL insecure. A downside of both SSL protocols is that they both require to use cryptographic algorithms that place significant load on the computer systems involved in commerce transactions. For the low and medium e-commerce applications, there is no additional server cost to support SSL.
  • 16. ROLES OF SSL IN E-COMMERCE To secure online credit card transactions. To secure system logins and any sensitive information exchanged online. To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server. To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange. To secure the transfer of files over https services such as website owners updating new pages to their To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections. To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.
  • 17. WHAT IS VPN ? Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate. Became popular as more employees worked in remote locations .
  • 18. Roles of VPNs Large-scale encryption between multiple fixed sites such as remote offices and central offices Network traffic is sent over the branch office Internet connection This saves the company hardware and management expenses
  • 19. Intrusion Detection Systems (IDS) IDS classification Host-based IDS: monitor single host activity Network-based IDS: monitor network traffic logical components: Sensors collect data from various sources such as log files, network packets sends them to the analyzer Analyzers process data from sensors and determine if intrusion has occurred may also provide guidance for the actions to take user interface view the output and manage the behavior
  • 20. IDS REQUIREMENT o run continually with minimal human supervision o be fault tolerant o resist subversion o minimal overhead on system serve a large number of users configured according to system security policies o allow dynamic reconfiguration
  • 21. Fire wall A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card
  • 22. Firewalls A firewall is a barrier placed between the private network and the outside world. All incoming and outgoing traffic must pass through it. Can be used to separate address domains. Control network traffic. Cost: ranges from no-cost (available on the Internet) to $ 100,000 hardware/software system. Types: Router-Based Host Based Circuit Gateways
  • 23. PUBLIC KEY INFRASTRUCTURE A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.