Security issues in eCommerce: Design and implementation by Kenneth Fung
Introduction:
Electronic commerce utilizes different technologies and forms such as electronic banking and trading, electronic funds transfer (EFT), electronic data interchange (EDI), electronic mail (e-mail), electronic catalogs, electronic conferences and all forms of communications to transmit data (James, 1999). Security is a major concern in e-commerce. Businesses, universities, organizations and governments are developing policies and technologies to address the security issues and concerns of e-commerce. Electronic transactions on the Internet can potentially be subject to interception, tracking or attack. On-line currency and information transmissions have to be secured. E-commerce systems security has to protect the databases, contents and payments mechanism against cyber-crimes.
The following are some of the measures that developers and managers designed to address e-commerce security problems.
Firewall:
A firewall is simply a barrier between two networks, the internal network (trusted network) and an external network, (Internet). Firewalls examine incoming and outgoing packets according to the firewall policies and either let them through or block them (Stallings, 1999).
One common packet screening method is called packet filtering. It examines the source and destination addresses and ports of incoming packets and denies or allows packets to enter based on a set of predefined rules. Packet filters are inexpensive, are transparent to users, and have a negligible impact on network performance. Configuring packet filtering is complex and requires knowledge of network, transport, and application protocols. Packet filtering is susceptible to IP spoofing (Stallings, 1999). A hacker may be able to gain access to a corporate network by changing Internet Protocol (IP) addresses in packet headers to ones that are acceptable.
Application gateway is another type of firewall. They use application proxies for Internet services, such as HTTP, FTP, and telnet. They run on a server acting as a server to the application client and as a client to the application server. They evaluate network packets for valid application-specific data. Application proxies are more secure than packet filters. Network address translation hides internal IP addresses from outside the trusted network. Due to double processing, it causes performance degradation (Stallings, 1999).
Companies have to protect their information with encryption when they connect their systems to the Internet. Encryption uses an encryption algorithm to translate plain text into an incomprehensible cipher text. It is transmitted via the Internet. At the appropriate destination, the cipher text is deciphered back to plain text again. A numeric value key is part of the encryption algorithm that sets the encryption process. Many different types of encryption algorithms are available. Some of the common ones are Public and Private keys cryptography, DES, RSA, S/MIME, SET, SSL, and Digital Signature. Cryptography is used in e-commerce security. It makes secure websites and electronic safe transmissions possible. Data transmission must be encrypted. This allows people to do online banking, online trading, and make online purchases with their credit cards, without worrying that any of their account information is being compromised. In cryptography, there are two types of cryptosystems: public key cryptography, secret key cryptography (James, 1999).
In secret key (symmetric key) cryptography, the sender and receiver of a message know and use the same secret key. Symmetric key cryptography is a 56-bit key. Today, specialized computers can reduce the breaking time and cost involved. They have made cracking 56 bit keys possible. Secret key cryptography deals with encryption as well as authentication. The sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. This method is known as secret-key or symmetric cryptography. The problem is having the sender and receiver agree on the secret key without letting anyone else finding out. Anyone who intercepts the key in transit can later read, modify, and forge all messages encrypted or authenticated using that key. The key management in secret-key cryptography is very difficult especially in open systems with a large number of users. The advantage of secret-key cryptography is that it is fast (Stallings, 1999).
Data Encryption Standard (DES):
The DES (data encryption standard) uses secret key cryptosystem. It is the first standard cipher of the business world. Many software applications and Automated Teller Machines use DES. To date no one has published a system for cracking DES. However, it can be cracked using the brute force method by trying all keys until one works. Advanced computer systems can work out the mathematical formulae defined in keys and decode messages within a reasonable time.
Public-key cryptography:
In public-key cryptography, the public-key cryptosystems have two primary uses, encryption and digital signatures. Each person gets a pair of keys, one public key and one private key. The public key is published, while the private key is kept secret. All communications involve only public keys, and no private key is ever transmitted or shared. The public keys have to be associated with their users in a trusted (authenticated) directory (Zimmermann, 1998). Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Public-key cryptography is used for privacy (encryption) and for authentication (digital signatures). The private key is always associated mathematically to the public key. It is possible to attack a public-key system by deriving the private key from the public key. The defense against this type of attack is to make the problem of deriving the private key from the public key as difficult as possible. The RSA public-key cryptosystem is designed as such so that deriving the private key from the public key would require the attacker to factor a large number that is computationally infeasible to perform.
Rivest Shamir Adleman (RSA) Digital signature:
RSA is a public-key cryptosystem that offers both encryption and digital signatures (authentication). It is suitable to be a secure electronic envelope for small messages and as signing messages. It generates public keys and private keys by calculating the module of two very large prime numbers (Zimmermann, 1998). With RSA encryption, authentication does not require sharing of private keys. Each person uses only another's public key or his own private key. Anyone can send an encrypted message or verify a signed message. The person who has the right private key can decrypt or sign a message. It is currently difficult to obtain the private key from the public key. RSA is based on the assumption that factoring is difficult. The discovery of an easy method of factoring would "break" RSA.
Secure Electronic Transaction Protocol (SET)
Visa and MasterCard developed the SET protocol as a method for secure, cost effective bankcard transaction over open networks. It includes protocols for purchasing goods and services electronically, requesting authorization of payment, and requesting “credentials” (certificates) binding public keys to authenticate. Once it fully adopted, it instills the necessary confidence that secure electronic transactions is in place. It provides merchants and customers the trust to take part in electronic commerce. SET supports DES for bulk data encryption and RSA for signatures and public-key encryption of data encryption keys and bankcard numbers.
In e-commerce, it is important to verify the sender. Sender authentication is any process which one has to prove and verify certain information. The information can be the origin of a document, the identity of the sender and/or the computer, the time and date a document was sent and /or signed. A digital signature is a cryptography way to verify the origin of a document and the identity of the sender. It is based on both the document and the signer’s private key. Using a hash function and a private signing function, the signer produces a digital signature encrypted with the signer’s private key. It is better than a written signature. Both digital signatures and hand written signatures are used because it is very hard to find two people with the same signature. Digital signature is very much harder. To send a signed document, the sender applies a hash function to the message, creating what is called a message digest. This digest is considerably shorter than the original message. By using the hash function, the sender converts a message of arbitrary length and shrinks it down to a fixed length. To create a digital signature, the sender signs (encrypts) the message digest. This saves a considerable amount of time, though it does create a slight insecurity. The sender sends the encrypted message digest and the message. The sender may or may not encrypt the message. To authenticate the signature, the recipient supplies the same hash function as the sender to the message, decrypts the encrypted message digest using the sender’s public key and compare the two. If the two results are the same, the recipient has successfully authenticated the signature. If the two do not match, someone is trying to forge the digital signature, the message has been altered or there was an error during transmission (Heath, 2000).
Secure/Multipurpose Internet Mail Extensions (S/MIME)
E-mail is a major part of e-commerce. S/MIME is a protocol that adds digital signatures and encryption to Internet Multipurpose Internet Mail Extension (MIME) messages. An e-mail message has two parts, the header and the body. The header has a collection of field/value pairs to provide essential information in the transmission of the message. The body is normally an unstructured part of the e-mail message. S/MIME adds security at the application level in communications. It is used to secure messages between users, applications, and computers over an insecure network. It is applicable to any situation in which data must be securely transferred, stored, forwarded, and authenticated. S/MIME is used in Electronic Data Interchange (EDI), in storage and transfer bank statements and financial forms, to transfer stock trades, communication of brokerage statements and mortgage payment services. Companies can also use it for electronic bill presentment and payment online as well as online software sales and subscription services (Heath, 2000).
Secure sockets Layer (SSL):
The SSL is a handshake protocol to provide security and privacy over the Internet. It is application independent. It works with hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Telnet. The SSL protocol negotiates the encryption keys, authenticates the server before data is exchanged. It maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication. The SSL Handshake protocol has two phases: Server authentication and an optional client authentication. In the server authentication phase, the server, in response to a client’s request, sends its certificate and its cipher preferences. The client generates a master key which it encrypts with the server’s public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key. In the optional client authentication phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client’s digital signature on the challenge and its public-key certificate (Heath, 2000).
Security professional uses a firewall that is capable of detecting and rejecting attempts at "spoofing" IP addresses. When IP addresses are assigned to each server, client, and network device, if you want to give certain users access over the Internet to sensitive internal files and data, you will have to authenticate the user. Passwords are the most common method of authentication used. An experienced hacker can easily guess passwords. In additional to passwords, organizations authenticate users with "something you know," and "something you have". “Your mother’s maiden name” and “Your birthday” are examples of “Something you know”. For “Something you have”, organizations use things like such as tokens and smart cards. Tokens are small credit cards or calculator size devices that users carry around. When the user attempts to connect to a server, the authentication server issues a challenge. The user replies with the appropriate response. Many of these tokens also require the user to type in a PIN (Stallings, 1999).
Reference:
Heath, J. (2000). How electronic encryption works
and how it will change your business. Viacorp.com
[Online]. Available: http://www.viacorp.com/crypto.html [2001, August 10].
James, M. L. (1999). Electronic Commerce: Security
Issues. Research Paper - Science,
Technology, Environment and Resource Group, Parliamentary Library, Parliament
of Australia.
Stallings, W. (1999). Network Security Essentials: Applications and Standards. Upper
Saddle River, NJ: Prentice-Hall.
Zimmermann, P. R. (1998). Cryptography for the Internet. Scientific American, 279(4), 10 - 115