Select Committee on European Union Written Evidence


Memorandum by Cap Gemini Ernst & Young

1.  THE AIM

The aim of this short paper is to present the reader a picture of the relationship between e-business solutions, the threats to secure e-business and the security measures required to support them. It addresses the need for measures to counter common threats and describes the electronic, physical and procedural security techniques that are required.

2.  SECURE E-BUSINESS

  The digital economy is expanding exponentially requiring enterprises to adopt paperless business processes. The information content of such business processes may be created using popular applications or customised systems. This content may pass through a pre-defined hierarchy, undergoing modifications at almost every step. Conducting business in this scenario requires highly reliable security solutions. Assuring the information flow of such content goes beyond mere signing of the document.

3.  THE THREAT

  There a number of threats to e-business:

    —  Hacking—Attempts to break into your service via: the telephone network, the Internet or an internal network abuse;

    —  Unauthorised leakage of sensitive information—e-mail and attachments, website abuse, unprotected servers or networks;

    —  Denial of Service (DOS) attacks—designed to shut you down, no hacking, high profile loss of revenue (Yahoo, Amazon, buy.com);

    —  Importing of malicious code and viruses from the Internet—viruses in file attachments (I Love You!), Trojan Horses, Bad Cookies;

    —  Misuse of the Net and resources by your staff—illegal material, offensive material, unofficial use of bandwidth (large music downloads); and

    —  Website abuse—attacks on websites (RBS, CIA, FBI).

4.  SECURITY MEASURES

  There are five key measures to ensure secure e-business:

    —  Access Control/System Design;

    —  Authentication;

    —  Data Integrity;

    —  Data Privacy and Confidentiality; and

    —  Non-repudiation.



5.  ACCESS CONTROL/SYSTEM DESIGN

  Establishing a link between an organisation internal network and the Internet can create a number of additional access points into the internal operating system. Furthermore, because the Internet is global, unauthorised access attempts might be initiated from anywhere in the world. These factors present a heightened risk to systems and data, necessitating strong security measures to control access. Because the security of any network is only as strong as its weakest link, the functionality of all related systems must be protected from attack and unauthorised access. Specific risks include the destruction, altering, or theft of data or funds; compromised data confidentiality; denial of service (system failures); a damaged public image; and any resulting legal implications. Perpetrators may include hackers, unscrupulous vendors, former or disgruntled employees, or even agents of espionage.

6.  AUTHENTICATION

  Essential in electronic commerce is the need to verify that a particular communication, transaction, or access request is legitimate. To illustrate, computer systems on the Internet are identified by an Internet protocol (IP) address, similar to a telephone that is identified by a phone number. Through a variety of techniques, generally known as "IP spoofing" (ie impersonating), one computer can actually claim to be another. Likewise, user identity can be misrepresented as well. In fact, it is relatively simple to send an e-mail message that appears to have come from someone else, or even send it anonymously. Therefore, authentication controls are necessary to establish the identities of all parties to a communication.

7.  DATA INTEGRITY

  Potentially, the open architecture of the Internet and modern networks can allow those with specific knowledge and tools to alter or modify data during a transmission. Data integrity could also be compromised within the data storage system itself, both intentionally and unintentionally, if proper access controls are not maintained. Steps must be taken to ensure that all data is maintained in its original or intended form.

  The Security Measures supporting Confidentiality may also support Integrity. For instance, access controls may be able to set independent Read, Modify and Write permissions. Important Security Measures include the use of:

    —  anti-virus software to prevent the import of malicious code;

    —  an inherently non-alterable medium—such as CD-ROM—to store the backups of Trading Records;

    —  a "master copy" of all records for comparison;

    —  a mathematical checksum of Trading Records and Messages to ensure data has not been modified.

8.  DATA PRIVACY AND CONFIDENTIALITY

  Unless otherwise protected, all data transfers, including electronic mail, travel openly over the Internet and can be monitored or read by others. Given the volume of transmissions and the numerous paths available for data travel, it is unlikely that a particular transmission would be monitored at random. However, programs, such as "sniffer" programs, can be set up at opportune locations on a network, like Web servers (ie computers that provide services to other computers on the Internet), to simply look for and collect certain types of data. Data collected from such programs can include account numbers (eg credit cards, deposits, loans) or passwords.

  Due to the design of the Internet, data privacy and confidentiality issues extend beyond data transfer and include any connected data storage systems, including network drives. Any data stored on a Web server may be susceptible to compromise if proper security precautions are not taken.

9.  NON-REPUDIATION

  Non-repudiation involves creating proof of the origin or delivery of data to protect the sender against false denial by the recipient that the data has been received or to protect the recipient against false denial by the sender that the data has been sent. To ensure that a transaction is enforceable, steps must be taken to prohibit parties from disputing the validity of, or refusing to acknowledge, legitimate communications or transactions.

10.  MOBILE DEVICES

  With the burgeoning use of mobile or hand-held devices we thought it appropriate to include a few lines of the possibilities surrounding these.

  The first thing to note is that it has led to the above and other security measure issues being re-considered.

  It can be assumed that the growth in mobile computing—which will eventually include WAP (Wireless Application Protocol) enabled mobile telephones (those with built in Web browsers), mobile Web access to PCs, enhancements to PDA (Personal Digital Assistant, eg Palm Pilots) facilities, and other devices—will result in more (opportunities for) viruses, the dissemination of malicious software code, and increased attempts to hack and cause Denial of Service.

  Another very simple security concern is that more people are now leaving their mobile 'phones behind on the London Underground more often than umbrellas. Recent high profile media attention has shown the potential for secure information going astray due to portable PCs being "lost" on public transport.

  As the facilities to store or access confidential information on mobile devices increase, together with the inherent difficulties around inventory management of such devices as they proliferate throughout a company's IT infrastructure, there will be a real risk of third parties obtaining such devices and gaining access to information. The problem will continue to grow and get worse and even standard procedures such as updating anti-virus software (on the mobile device) will be critical.

  The five key measures described above will become even more crucial in this "new world" of mobile computing and, as Richard Barber of security company Integralis says, ". . . Information Security will become the catchword, not network security . . . ".

  Projects are known to be in progress to develop centrally-managed anti-virus facilities for WAP-enabled mobiles. It is also expected that the use of additional authentication techniques will be actively deployed for corporate mobile computing users over and above standard PIN (personal identification numbers), for example, biometrics, smart cards, tokens. This will vary depending on the use to which the devices are put (eg information access v conducting financial transactions).

  To date we are not aware of any significant virus attacks on hand held devices.

11.  SUMMARY

  Stephen Cobb, Director of Special Projects for the National Computer Security Association, summarised these same components in the following quote from the paper Security Issues in Internet Commerce:

    The challenge is to transmit and receive information over the Internet while insuring that it is inaccessible to anyone but sender and receiver (privacy), it has not been changed during transmission (integrity), the receiver can be sure it came from the sender (authenticity), the sender can be sure the receiver is genuine (non-fabrication), and the sender cannot deny he or she sent it (non-repudiation).

30 May 2000


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2000