electronic security

1. ELECTRONIC
SECURITY
SYSTEM

2. Goal
 To develop students knowledge , skills ,and
positive attitude towards electronic security
systems .

3. Objectives

4. Outlines
 Definitions
 Importance of e-security systems (ESS)
 Objectives/Goals of ESS
 E- security threats
 Main security risks
 Types of E-commerce threats
 Elements of a COMPREHENSIVE SECURITY
Program

5. Definitions
 Electronic security system(ESS) means a security system
comprised of an interconnected series of devices or
components, including systems with audio and video signals
or other electronic systems, which emits or transmits an
audible, visual or electronic signal warning of intrusion and
provides notification of authorized entry or exit, which is
designed to discourage crime.

6. Importance of e- security
system
1.Assets Protection
2.Safe work place
3.Instant security updates
4.Protection when premises unattended
5.Conflict resolution
6.Value for money
7.Internal theft control
8.Monitoring high-risk areas
9.Automation and analytics

7. Objectives /Goals of (ESS)

8. - Confidentiality: if it is supposed to be secret, be careful
who hears it.
- Availability : Don’t let someone change something they
shouldn't.
- Exclusivity : Don’t let someone use something he
shouldn't.
- Necessity: prevention against data delays or removal.

9. – Secrecy: protection against unauthorized data disclosure
and authentication of data source.
– Integrity: prevention against unauthorized data
modification.
– Non-repudiation: prevention against any one party from
reneging on an agreement after the fact protect
corporation's image and reputation.

10. 1) Unauthorized access
2) Loss of message confidentiality or integrity
3) User Identification
4) Access Control
5) Players:
◦ User community
◦ Network Administration
◦ Introducers

11. “$$”
The Internet:
open
virus
Hackers and crackers

12. ⚫ Data being stolen
⚫Electronic mail can be intercepted and read
⚫Customer’s credit card numbers may be read
⚫ Login/password and other access information stolen
⚫ Operating system shutdown
⚫ Filesystem corruption
⚫ User login information can be captured

13. • Active Content
• Malicious Code
Client threats
Communication
channels
Threats
• Confidentiality Threats
• Integrity Threats
• Availability Threats
• Web-Server ,Commerce Server
Threats
• Password Hacking,Data base
Threats
Server Threats

15. ELEMENTS OF A COMPREHENSIVE SECURITY
PROGRAM
 Have Good Passwords
 Use Good Antiviral Products
 Use Good Cryptography
 Have Good Firewalls
 Have a Backup System
 Audit and Monitor Systems and Networks
 Have Training and Awareness Programs
 Test Your Security Frequently

16. Certification authority

17. ⦁ Malicious code
◦ Viruses
◦ Worms
◦ Trojan horses
◦ Bots, botnets
⦁ Unwanted programs
◦ Browser parasites
◦ Adware
◦ Spyware

18. ⦁ Phishing
◦ Deceptive online attempt to obtain confidential information
◦ Social engineering, e-mail scams, spoofing legitimate Web
sites
◦ Use information to commit fraudulent acts (access checking
accounts), steal identity
⦁ Hacking and cybervandalism
◦ Hackers vs. crackers
◦
Cybervandalism: intentionally disrupting, defacing,
destroying Web site
◦ Types of hackers: white hats, black hats, grey hats

19. ⦁ Credit card fraud/theft
◦ Fear of stolen credit card information deters online
purchases
◦ Hackers target merchant servers; use data to establish
credit under false identity
◦ Online companies at higher risk than offline
⦁ Spoofing: misrepresenting self by using fake e-
mail address
⦁ Pharming: spoofing a Web site
◦ Redirecting a Web link to a new, fake Web site

20. ۩Electronic data security is important at a time
when people are considering banking and
other financial transaction by PCs.
۩One major threat to data security is
unauthorized network monitoring also called
packet sniffing.

21. □ Messaging Security is a program that
provides protection for companies messaging
infrastructure.
□ It protects all the personal message of the
company which are related to company’s
vision and mission.

22. Message
and system integrity
Message
Authentication
MESSAGE
CONFIDENTIALITY

23. It is use to protect the systems from
unauthorized
access, disclosure, disruption, modification, p erusal,
inspection, recording or destruction.

24. Cryptographically
singed certificates
E-commerce
authentication
Third-party
authentication

25. Encryption is the mutation of information in
any form (text, video, and graphics) into a
representation unreadable by anyone without a
decryption key.

26. ⦁
No can figure out the private key from the
corresponding public key. Hence, the key
management problems is mostly confined to
the management of private keys
⦁
The need for sender and receiver to share
secret information over public channels is
completely eliminated.