Page 78 - DCAP306_DCAP511_E-COMMERCE_AND_E-BUSINESS
P. 78

Unit 6:  Security Framework




                               In case of Hassan Consulting's Shopping  Cart, an attacker could execute remote
                               command execution because  the software  did not reject the usage of shell Meta
                               characters such as, |, ; ,&.

               6.2   Security Solutions
               Today, setting up a secured e-commerce system comes with an unexpected cost for online merchants
               and business owners. E-Commerce Web sites that run on Web applications have become an easy target
               for theft on information and burglary. Attackers come up with new hacking techniques to steal credit
               cards and other sensitive customer information. Hence, it is essential to establish strict security features
               in e-commerce systems for Web site owners to maintain the consumer trust.
               Cryptography techniques can be used to safeguard the e-commerce Web sites. Cryptography consists of
               encryption and decryption techniques. Encryption converts the confidential information into a coded
               language that is difficult to understand by unauthorized  users. Decryption, also known as reversing
               encryption decodes the coded information and translates back into its original form.

               While encrypting a password, each alphabet or numerical character contained in the password should
               be shifted by a specific number of positions so that it becomes difficult to trace it.

                               Consider you have to encrypt a password  that is eight  characters long and you
                               decide to shift each character by six positions. The encrypted scheme for such an
                               example is as shown below:
                               C - I
                               O - U
                               N - T
                               S - Y
                               T - Z
                               A - G
                               N – T
                               T – Z
                               This way the word “CONSTANT” would look like “IUTYZGTZ” which is not easily
                               understandable.
               Cryptographic systems are categorized into symmetric and asymmetric cryptosystems. In Symmetric
               cryptosystems, only a single secret key is shared by users engaged in secure communication. Whereas,
               in asymmetric cryptosystems two keys namely, private and public key are used for communication.
               6.2.1   Symmetric Cryptosystems

               Symmetric cryptosystems make use of a single key to establish communication between two users.
               Hence, every time a new pair of users engages  in a secured communication, a new key has to be
               generated.



                Did you know?   Cryptosystems were used commercially in the year 1977, when the Data Encryption
                             Standard (DES) was accepted as a United States Federal standard.

               Symmetric systems function in two modes:
               1.   Block Cipher Mode: In this mode, the information is divided into fixed size blocks. These blocks
                    are encrypted and communicated to the receiver. On the receiving end, the encrypted information
                    is decrypted and the original information is retrieved.

               2.   Stream Cipher Mode: In this mode, the information is encrypted and sent to the receiver. The
                    information is not divided into blocks, as this mode is capable of operating on information of any
                    size. Upon decryption, information of the same size is retrieved as a plain text.





                                                      LOVELY PROFESSIONAL UNIVERSITY                                                 71
   73   74   75   76   77   78   79   80   81   82   83