中央大學。范錚強 1 security issues and e-payment 中央大學. 資訊管理系范錚強...

中央大學。范錚強 1

Security Issues and e-Payment

中央大學 . 資訊管理系范錚強

mailto: [email protected]://www.mgt.ncu.edu.tw/~ckfarn

2007.05

11/12


Outline

Security

Payment


Security Is Everyone’s Business

The DHS (Department of Homeland Security) strategy includes five national priorities:

A national cyberspace security response system

A national cyberspace security threat and vulnerability reduction program

A national cyberspace security awareness and training program

Securing governments’ cyberspace

National security and international security cooperation


安全威脅有多大？

2002 年電腦犯罪及安全調查來源： Computer Secrity Institute (CSI), Computer Crime and Security Survey 200

2

90% 電腦受過各種安全破壞40% 偵測到系統外部入侵 (2000 年為 25%)

85% 電腦偵測到病毒

環境惡劣，你如何自保？公司資產如何保障？


Security Is Everyone’s Business

Accomplishing these priorities requires concerted effort at five levels:

Level 1—The Home User/Small Business

Level 2—Large Enterprises

Level 3—Critical Sectors/Infrastructure

Level 4—National Issues and Vulnerabilities

Level 5—Global


What kinds of security questions arise?

From the user’s perspective:How can the user be sure that the Web server is owned and operated by a legitimate company?

How does the user know that the Web page and form do not contain some malicious or dangerous code or content?

How does the user know that the owner of the Web site will not distribute the information the user provides to some other party?



From the company’s perspective:How does the company know the user will not attempt to break into the Web server or alter the pages and content at the site?How does the company know that the user will not try to disrupt the server so that it is not available to others?



From both parties’ perspectives:How do both parties know that the network connection is free from eavesdropping by a third party “listening” on the line?

How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered?


Basic Security Issues

Authentication 身份確認The process by which one entity verifies that another entity is who he, she, or it claims to be

Authorization 充分授權The process that ensures that a person has the right to access certain resources

Auditing 稽核軌跡The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions


Basic Security Issues

Privacy 隱私權保密

Integrity 資料正確性不可竄改資料真實性

Non-repudiation 不可否認性


Exhibit 11.1 General Security Issues at EC Sites

身份確認隱私 /資料完整性

不可否認性


資料安全的威脅

外來的攻擊天災意外


Types of Threats and Attacks

nontechnical attackAn attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network


Nontechnical Attacks: Social Engineering

A type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access

向屬下要帳號密碼A multiprong approach should be used to combat social engineering

Education and trainingPolicies and proceduresPenetration testing


technical attack

An attack perpetrated using software and systems knowledge or expertisecommon (security) vulnerabilities and exposures (CVEs)

Publicly known computer security risks, which are collected, listed, and shared by a board of security-related organizations (cve.mitre.org)National Infrastructure Protection Center (NIPC)A joint partnership under the auspices of the FBI between governmental and private industry; designed to prevent and protect the nation’s infrastructure



denial-of-service (DoS) attackAn attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources

distributed denial-ofservice (DDoS) attackA denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer



MalwareA generic term for malicious software

VirusA piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it

wormA software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine


Common mistakes in managing security risks:

Undervalued information

Narrowly defined security boundaries

Reactive security management

Dated security management processes

Lack of communication about security responsibilities


Security Risk Management

A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks

Security risk management consists of three phases:Asset identificationRisk assessmentImplementation


Securing EC Communications

access controlMechanism that determines who can legitimately use a network resource

passive tokensStorage devices (e.g., magnetic strips) that contain a secret code used in a two-factor authentication system

active tokensSmall, stand-alone electronic devices that generate one-time passwords used in a two-factor authentication system



biometric systemsAuthentication systems that identify a person by measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice

physiological biometricsMeasurements derived directly from different parts of the body (e.g., fingerprint, iris, hand, facial characteristics)

fingerprint scanning 指紋掃瞄iris scanning 視網膜掃瞄

behavioral biometricsMeasurements derived from various actions and indirectly from various body parts (e.g., voice scans or keystroke monitoring)



public key infrastructure (PKI)A scheme for securing e-payments using public key encryption and various technical components

encryptionThe process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it

plaintextAn unencrypted message in human-readable form



ciphertextA plaintext message after it has been encrypted into a machine-readable form

encryption algorithmThe mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa

keyThe secret code used to encrypt and decrypt a message



symmetric (private) key systemAn encryption system that uses the same key to encrypt and decrypt the message

Data Encryption Standard (DES)The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000


Exhibit 11.4 Symmetric (Private) Key Encryption


Public (Asymmetric) Key Encryption

public key encryptionMethod of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa

public keyEncryption code that is publicly available to anyone


Digital Signatures

digital signatureAn identifying code that can be used to authenticate the identity of the sender of a document

hashA mathematical computation that is applied to a message, using a private key, to encrypt the message

message digestA summary of a message, converted into a string of digits, after the hash has been applied

digital envelopeThe combination of the encrypted original message and the digital signature, using the recipient’s public key


非對稱金鑰

又稱 RSA 加密由 R/S/A 三位學者發明，由數學方式產生一對不相同的金鑰兩者之間無法經由任何數學運算獲得，必須同時產生其中之一由私人保存，另一個則公開經由私鑰加密者，只能由公鑰解密，反過來也一樣


非對稱式金鑰，防止外洩

信息明文

信息密文

R 公鑰加密

信息密文

信息明文

S

RR 私鑰解密


非對稱式金鑰，防止否認

信息明文

信息密文

R 公鑰加密

信息密文

信息明文

S

RR 私鑰解密

S 公鑰解密

S 私鑰加密


PKI/CA

PKI – Public Key Infrastructure公開金鑰架構利用非對稱金鑰來進行的加解密機制

CA – Certificate Authority憑證中心：公鑰憑證發行單位需要有公信力有層級性的發行單位


事前向有公信力的憑證機構註冊，由其簽發公鑰憑證。

發證者名稱有效日期持有人姓名持有人公鑰

CA 簽章

公開供鑑別簽署者身分

范錚強

X509

XXXX 契約

電子文件

110111001數位簽章

( 類似印鑑登記 )

公鑰憑證

一對一配對關係

簽章私鑰簽章公鑰

非對稱金鑰的發行


憑證中心

申請電子印鑑

電子證書

提供服務的企業

其他企業顧客

核發

0101010101

附上電子簽章

接受各界查詢並確認電子印鑑使用者的身分

電子文件

電子文件

0101010101

向認證中心查證電子印鑑之真偽

線上申請

線上處理

范錚強

15

網際服務網─提供線上申辦服務

1 2

3

4

5

電子認證

范錚強

范錚強


Secure Socket Layer (SSL)

Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality

在用戶不知覺的情況之下，交換資料的電腦間交換非對稱金鑰

Transport Layer Security (TLS)

As of 1996, another name for the SSL protocol


Securing EC Networks

firewallA network node consisting of both hardware and software that isolates a private network from a public network

application-level proxyA firewall that permits requests for Web pages to move from the public Internet to the private network

bastion gatewayA special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet

proxiesSpecial software programs that run on the gateway server and pass repackaged packets from one network to the other


Exhibit 11.7 Application Level Proxy (Bastion Gateway Host)


Securing EC Networks

demilitarized zone (DMZ)Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall.

personal firewallA network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card.


Exhibit 11.8 Demilitarized Zone (DMZ)


virtual private network (VPN)

A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify the identity of anyone using the network

protocol tunnelingMethod used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address


資訊安全的威脅

惡意非人為、無意硬體破壞竊盜、搗毀自然災害、儲存媒體

損毀

資料破壞資料竄改、資料增刪、系統性更動資料

程式師無能、不小心、遺漏

資料外洩資料複製、網路截取、詐騙

不小心

網路入侵竊取資料、破壞、將受侵電腦作為犯罪工具

──

資料安全不只是 MIS 的事！


安全的基本基本觀念

安全不是絕對的安全和易用性的兩難

安全是有價的你願意付出什麼樣的代價？你的安全風險 exposure 有多高？

資訊安全有技術面和人性面破壞安全者，都是「人」

主要是內部的人人性！！


安全和易用性

想一想，你回家和出門時…進門需要開十個鎖出門需要鎖十道門…

你十天之後會做什麼？

風險和安全措施的對稱


資訊安全的確保

評估風險和損失針對可能的威脅加以防護以技術加上來制度（或習慣）來防範

瞭解技術的特性以技術來加強、以制度來確保

鏈條的強度，是最弱一環的強度


你花 100 萬買了一輛新車

請問：以下什麼行動是合理的？你花了 50 萬裝了一個防盜設備你雇用專人 24 小時輪班看守你花了 3 萬買失竊險

什麼叫合理？


你家附近最近小偷猖獗

弟弟提議加裝一套新的鎖頭你檢驗後，發現新鎖頭雖然是你能負擔的鎖頭中最好的，但還是無法保障 100% 安全請問，買不買？


企業環境

法律環境

保險

安全方案

國際標準

企業體

流程管制

人事管制

文件管制

使用者管制復原計畫

安全政策

應用軟體

輸入輸出管制

程式管制

稽核軌跡

進出管控

隔離

操作管制

安全的「洋蔥」

硬體資料

通訊管制


技術掛帥的環境

重視實體安全、通訊安全忽略管理面、人性面幸好…

資訊安全防護在 1999/2000 年，出現國際標準： BS7799/ISO17799/ISO27001


BS7799/ISO17799

英國的資訊安全標準被國際標準組織接受內容：資訊安全的管控

從政策、程序、存取、復原等完整的資訊安全考量


BS7799 的安全十大項目

安全政策：提供管理面的指導性原則安全組織資產分類與管理

依風險和損害對資產採取分級分類人事管制

減少人為錯誤、偷竊、欺詐或濫用設施的風險實體和環境安全


BS7799 的主要內容 2

通訊與操作管制存取管制安全體系的建立和維持復原計畫

防止商業活動的中斷，並保護關鍵的業務過程免受重大故障或災難的影響

符合法律和規章


安全管理重點

Process life cycle control全程的管理和安全確保，而非侷限於技術面

SOP做你說你要做的事，但你要做什麼？為何？

Check and balance權責分離、制衡

Recovery萬一出事，如何處理？


Chapter 12Electronic Payment Systems


傳統支付和收款

企業間支票押匯

企業面對消者現金支票信用卡 /簽帳卡金融卡預付機制

如：禮卷、電話卡


押匯 letter of credit (LC)

交易履約保證機制A written agreement by a bank to pay the seller, on account of the buyer, a sum of money upon presentation of certain documents

PlayersBuyer

Buyer’s bank

Seller

Seller’s bank


金額的分類

大額付款沒有上限

一般消費付款數百至數萬元

小額支付數百元以下：交通費、便利商店


1 ATM 跨行提款服務

2 ATM24 小時服務

3 ATM 跨行轉帳服務

4

5 金融 EDI 跨行付款

9 金融 XML 支付款 /融資系統

ATM Process

Financial EDI System

Interactive Financial Exchange 8 行動銀行

Network Banking

6 網路銀行

無人銀行、電話銀行

7 PC Banking

電子化金融作業


電子支付的融資機制的價值

付款者付款成本對帳

收款者收款成本對帳融資


金流和融資

企業營運的命脈資金

支付的小問題、融資的大問題在無法改善 cash-to-cash 的條件之下，如何取得資金CCC: Cash-to-cash cycle = 應收帳款 + 存貨 - 應付帳款天數

全球佈局下的思考方向供應商如何取得融資？銀行如何降低融資風險？

創新的金融工具可能性訂單融資、出貨融資、應收帳款融資、應收帳款轉移


對帳

對帳為收、付雙方共同同意支付的項目傳統

企業間：對帳企業對消費者：帳單

電子化：電子帳單的可行性即時對帳


金流的特性

金流的處理牽涉到資金的轉移可能影響貨幣發行量基本上，很多金流行為都受到嚴格的管制 heavily regulated

台灣的金融管制非常保守但需要在現行法規下運作


電子化的支付

電匯轉帳有限的時差手續費相對於支付金額小額支付產生問題

無法取代支票


台灣支票的特性

期票：非即期支票例：三個月期票可以「貼現」

支付＋融資並非簡單的支付電子化則必須配合融資的項目進行

電子支票必須解決融資問題才能有效中央銀行推動：可以「背書轉讓」

成果有限、易用性不高應收帳款融資

Factoring傳統上有極高的手續費（折現利率）


傳統的融資

抵押融資票貼支票貼現

利用大規模的契約融資多見於大型工程

交易成本高、能見度低、風險高


以交易為基礎的融資

信用貸款而非質押貸款交易融資的問題未來付款者的可性賴度交易的真實性還款的掌握


C 計畫中的 eFinancing

中心廠供應商1. Order

以交易為基礎的融資

銀行

4. OrderInfo

2.LoanRequest

3. OrderInquiry

5. Loan6. Payment

7. BalancePayment


eFinancing 和風險能見度

利率

風險

缺乏能見度，只能從歷史資料判斷風險。利率與實質風險無關

具交易能見度，能動態判斷風險。利率與風險掛勾

高風險：排拒

低風險：誘因


多商品融資方式

供貨狀

況

1 2 3 4 5 6 7

中心廠付款

A/R確認

出貨訂單檢

驗寄存

供貨過

程

融資項

目

拉貨指

示

8

發票


C計畫 1


C計畫 2


C計畫 3


C計畫 4


The Payment Revolution

Crucial FactorsIndependence

Interoperability and portability

Security

Anonymity

Divisibility

Ease of use

Transaction fees

Regulations


消費者付款方式

帳號扣款零花整付必須先設定帳號無法服務零星的需求

隨花隨付付款卡預付卡行動支付


Using Payments Cards Online

payment cardElectronic card that contains information that can be used for payment purposes

Three forms of payment cards:Credit cards

VISA, MasterCard

Charge cardsAmerican Express

Debit cardsATM cards


Processing Credit Cards Online

authorizationDetermines whether a buyer’s card is active and whether the customer has sufficient funds

settlementTransferring money from the buyer’s to the merchant’s account

payment service provider (PSP)A third-party service connecting a merchant’s EC systems to the appropriate acquirers. PSPs must be registered with the various card associations they support


Using Payments Cards Online

Key participants in processing credit card payments online include the following:

Acquiring bank

Credit card association

Customer

Issuing bank

Merchant

Payment processing service

Processor


Smart Cards

An electronic card containing an embedded microchip that enables predefined operations or the addition, deletion, or manipulation of information on the card

悠遊卡、 iCash


Exhibit 12.2 Smart Card


Types of Smart Cards

contact cardA smart card containing a small gold plate on the face that when inserted in a smart card reader makes contact and passes data to and from the embedded microchip

contactless (proximity) cardA smart card with an embedded antenna, by means of which data and applications are passed to and from a card reader unit or other device without contact between the card and the card reader


Applications of Smart Cards

stored-value cardA card that has monetary value loaded onto it and that is usually rechargeable

Retail Purchasese-purse

Smart card application that loads money from a card holder’s bank account onto the smart card’s chip

Common Electronic Purse Specification (CEPS)Standards governing the operation and interoperability of e-purse offerings


Applications of Smart Cards

交通費To eliminate the inconvenience of multiple types of tickets used in public transportation, most major transit operators in the United States are implementing smart card fare-ticketing systems

小額支付：電子錢包身份辨識

Because they have the capability to store personal information, including pictures, biometric identifiers, digital signatures, and private security keys, smart cards are being used in a variety of identification, access control, and authentication applications


E-Micropayments

Small online payments, typically under US $10台灣便利商店平均每單低於 100元

用信用卡、金融卡，需支付手續費手續費比例過高

Companies with e-micropayment products:BitPass (bitpass.com)Paystone (paystone.com)PayLoadz (payloadz.com)Peppercoin (peppercoin.com)


預付卡的管制限制

香港的「八達通」交通、便利商店

悠遊卡台北市交通「特許」

悠遊聯名卡兩個錢包

如何解決


手機支付

創新應用的機會二維條碼 + 簡訊但台灣簡訊費用過高

手機響鈴時的訊號響鈴時，傳送的手機號碼等信息的利用


Electronic Bill Presentment and Payment

electronic bill presentment and payment (EBPP)

Presenting and enabling payment of a bill online. Usually refers to a B2C transaction


Exhibit 12.4 E-Bill Presentment


Types of E-Billing

Online banking

Biller direct

Bill consolidator

可能應用：台電帳單全台 600 萬戶

請估算帳單成本、收費成本


Advantages of E-Billing

Reduction in expenses related to billing and processing payments

Electronic advertising inserts can be customized to the individual customer

Reduces customer’s expenses


Exhibit 12.5 E-Billing Process for Single Biller


Exhibit 12.6 E-Billing Processes for Bill Consolidator


Current B2B Payment Practices

Financial supply chains of most companies are characterized by inefficiencies created by a number of factors, including:

The time required to create, transfer, and process paper documentationThe cost and errors associated with manual creation and reconciliation of documentationThe lack of transparency in inventory and cash positions when goods are in the supply chainDisputes arising from inaccurate or missing dataFragmented point solutions that do not address the complete end-to-end processes of the trade cycle

中央大學。范錚強 1 security issues and e-payment 中央大學. 資訊管理系 范錚強...

Documents

中央大學。范錚強 1 security issues and e-payment 中央大學. 資訊管理系范錚強...