Security and privacy of electronic banking by



Yüklə 159,16 Kb.
Pdf görüntüsü
səhifə11/13
tarix16.12.2023
ölçüsü159,16 Kb.
#183670
1   ...   5   6   7   8   9   10   11   12   13
security

d)
 
Server firewalls 
A firewall is like the moat surrounding a castle. It ensures that requests can only enter the system 
from specified ports, and in some cases, ensures that all accesses are only from certain physical 
machines.
A common technique is to setup a demilitarized zone (DMZ) using two firewalls. The outer 
firewall has ports open that allow ingoing and outgoing HTTP requests. This allows the client 
browser to communicate with the server. A second firewall sits behind the e-Commerce servers. 
This firewall is heavily fortified, and only requests from trusted servers on specific ports are 
allowed through. Both firewalls use intrusion detection software to detect any unauthorized 
access attempts.
Another common technique used in conjunction with a DMZ is a honey pot server. A honey pot 
is a resource (for example, a fake payment server) placed in the DMZ to fool the hacker into 
thinking he has penetrated the inner wall. These servers are closely monitored, and any access by 
an attacker is detected.
e)
 
Password policies 
Ensure that password policies are enforced for consumer s and internal users. 
f)
 
Intrusion detection and audits of security logs 
One of the cornerstones of an effective security strategy is to prevent attacks and to detect 
potential attackers. This helps understand the nature of the system's traffic, or as a starting point 
for litigation against the attackers.
Suppose that you have implemented a password policy: If a consumer makes 6 failed logon 
attempts, then his account is locked out. In this scenario, the company sends an email to the 
customer, informing them that his account is locked. This event should also be logged in the 
system, either by sending an email to the administrator, writing the event to a security log, or 
both.
You should also log any attempted unauthorized access to the system. If a user logs on, and 
attempts to access resources that he is not entitled to see, or performs actions that he is not 
entitled to perform, then this indicates the account has been co-opted and should be locked out. 
Analysis of the security logs can detect patterns of suspicious behavior, allowing the 
administrator to take action.
In addition to security logs, use business auditing to monitor activities such as payment 
processing. You can monitor and review these logs to detect patterns of inappropriate interaction 
at the business process level.
The infrastructure for business auditing and security logging is complex, and most likely will 
come as part of any middleware platform selected to host your site 
IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 
ISSN (Online): 1694-0814 
www.IJCSI.org
443
Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved.



Yüklə 159,16 Kb.

Dostları ilə paylaş:
1   ...   5   6   7   8   9   10   11   12   13




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin