SEOMiningSEOMining


Web Infrastructure  «Prev  Next»
Lesson 5Security
Objective Describe the impact of security on eBusiness.

Security impact on eBusiness

While corporate presence on the Web has soared, many companies are simply providing information about themselves in the form of annual reports, product catalogs, and service information. They have not begun to provide full-scale transactions for buying and selling online. This restraint is primarily due to concerns about network and transaction security.

Security concerns and appropriate technologies

Security concerns and the tools to address them generally fall into two areas--user authorization and data and transaction security. This table clarifies these concerns.
Area of concern Explanation
User authorization This ensures that only valid users and programs have access to resources like user accounts, files, and databases.
Data and transaction security This ensures internal computers and databases from outside (Internet) access.

Most eBusiness solutions need to realize a high level of security for both areas of concern, and as indicated in the table above, they use a range of technologies to do so. The most important security technologies are:
  1. Firewalls
  2. Encryption
  3. Biometrics
  4. Digital certificates
  5. SSL
  6. Public-key infrastructure (commonly called PKI)

In this securtech_010fb, we'll explain these technologies in greater detail.
Firewalls are critical to an ebusiness solution. A firewall establishes security by defining the services and access permitted to various users. Effectively, it creates a barrier between a corporate network and an external network.
1) Firewalls are critical to an ebusiness solution. A firewall establishes security by defining the services and access permitted to various users. Effectively, it creates a barrier between a corporate network and an external network.
There are various types of firewalls. They include simple logging traffic systems, IP packet screening routers, hardened firewall hosts,
2) There are various types of firewalls. They include simple logging traffic systems, IP packet screening routers, hardened firewall hosts,
Encryption is another way to protect sensitive information. It is designed to secure information that travels over public channels such as copyrighted or confidential data.
3) Encryption is another way to protect sensitive information. It is designed to secure information that travels over public channels such as copyrighted or confidential data.
Two kinds of encryption exist: secret-key encryption and public-key encryption.
4) Two kinds of encryption exist: secret-key encryption and public-key encryption.
Secret-key encryption (also known as symmetric key encryption) involves the use of a shared key for encryption by the transmitter and decryption by the receiver.
5) Secret-key encryption (also known as symmetric key encryption) involves the use of a shared key for encryption by the transmitter and decryption by the receiver.
Public-key encryption (also known as asymmetric encryption) uses two keys, one to encrypt the message and another to decrypt the message.
6) Public-key encryption (also known as asymmetric encryption) uses two keys, one to encrypt the message and another to decrypt the message.
Public-key encryption (also known as asymmetric encryption) uses two keys, one to encrypt the message and another to decrypt the message.
7) Public-key encryption (also known as asymmetric encryption) uses two keys, one to encrypt the message and another to decrypt the message.
Biometrics are a means of using biology and or physiology to identify a user though either thumb prints, eye-scans, or voice recognition.
8) Biometrics are a means of using biology and or physiology to identify a user though either thumb prints, eye-scans, or voice recognition.
Digital certificates are attachments to electronic messages that are used for security purposes.
9) Digital certificates are attachments to electronic messages that are used for security purposes.
(SSL) Secure Socket Layer negotiates point-to-point security between clients and servers. By convention, Web pages that require an SSL connection starts with https: instead of http:
10) (SSL) Secure Socket Layer negotiates point-to-point security between clients and servers. By convention, Web pages that require an SSL connection starts with https: instead of http:
PKIs are key security tools for ebusiness. They are internet specific security suites that combine encryption technology software and services.
11) PKIs are key security tools for ebusiness. They are internet specific security suites that combine encryption technology software and services.
PKIs integrate public-key cryptography and digital certificate technology into an organization-wide security infrastructure.
12) PKIs integrate public-key cryptography and digital certificate technology into an organization-wide security infrastructure.
PKI services are comprehensive. Their functions include issuing digital certificates to users and servers as well as tools for managing corporate certificates
13) PKI services are comprehensive. Their functions include issuing digital certificates to users and servers as well as tools for managing corporate certificates,

Security Technologies
Question: What are the main security technologies discussed in this lesson?
Answer: Firewalls; Encryption; Biometrics; Digital certificates; SSL; Public-key infrastructure (PKI) If you would like to view and print out this information on security tools and their function, you may do so by looking at the information below.
Security Tool How it works
Firewall A firewall establishes security by defining the services and access permitted to various users. Effectively, it creates a barrier between a corporate network and an external network. Technically, a firewall is software and/or hardware that allows only external users with specific characteristics to access a protected network or site. It gives insiders full access to services while granting outsiders access to services only selectively, based on user names and passwords, an Internet IP address, or a domain name.
Encryption Encryption is designed to secure information that travels over public channels such as copyrighted or confidential data. It helps to ensure privacy, confidentiality, and integrity. Two kinds of encryption exist: secret-key encryption and public-key encryption: 1.Secret-key encryption (also known as symmetric key encryption) involves the use of a shared key for encryption by the transmitter and decryption by the receiver. 2. Public-key encryption (also known as asymmetric encryption) uses two keys, one to encrypt the message and another to decrypt the message. The two keys are mathematically related so that data encrypted with one key can only be decrypted by using the other.
Biometrics Biometrics are a means of using biology and/or physiology to identify a user though either thumb prints, eye-scans, or voice recognition. They are generally used for physical security for highly sensitive sites.
Digital certificates Digital certificates are attachments to electronic messages that are used for security purposes. They are one method of ensuring the identity of a person or entity in order to guarantee the integrity and to verify the origin of the user/order.
SSL A Secure Sockets Layer (SSL) negotiates point-to-point security between clients and servers. By convention, Web pages that require an SSL connection start with https: instead of http:.
Public-key infrastructure (PKI) PKIs are Internet-specific security suites that combine encryption technology, software, and services. They enable organizations to secure online business transactions and communication by integrating public-key cryptography and digital certificate technology into an organization-wide security infrastructure.
The next lesson considers the issues to keep in mind when selecting any one of these security tools.