Ecommerce security

584 views

Published on

ecommerce policy

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
584
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ecommerce security

  1. 1. Ecommerce Security<br />Dr Ali Sekhavati<br />Elmira Aghagoli<br />8861008<br />
  2. 2. Ecommerce Policy<br />Account numbers (in databases, logs, files, backup media, etc.) must be stored securely, for example, by means of encryption (128-bit minimum) or truncation.<br />
  3. 3. Ecommerce Policy<br />The secure internal networks must use network address translation (NAT) to hide IP addresses.<br />NAT server<br />
  4. 4. Ecommerce Policy<br />All router, switch, and firewall configurations must be secured <br />
  5. 5. Ecommerce Policy<br />Each non-consumer user with ecommerce access is required to authenticate using a unique username and password<br />
  6. 6. Ecommerce Policy<br />Employees, administrators, or third parties who need to access the ecommerce network remotely must connect with the VPN<br />
  7. 7. Ecommerce Policy<br />Equipment and media containing cardholder data must be physically protected against unauthorized access. <br />All cardholder data printed on paper or received by fax must be protected against unauthorized access. <br />
  8. 8. Ecommerce Policy<br />An intrusion detection system (IDS) must be used on the ecommerce networks. <br />Security alerts from the IDS must be continuously monitored, and the latest IDS signatures must be installed.<br />
  9. 9. Symmetric encryption<br />Data<br />Data<br />
  10. 10. Asymmetric Encryption<br />Private key and publik key<br />
  11. 11. security<br />Authentication<br /> Encryption Data Integrity<br /> Data confidentiality<br />

×