IBT- Electronic Commerce The Legal Infrastructure Victor H. Bouganim WCL, American University.
Software Infrastructure for Electronic Commerce
description
Transcript of Software Infrastructure for Electronic Commerce
![Page 1: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/1.jpg)
Software Infrastructure for Electronic Commerce
Professor Fred B. SchneiderDept. of Computer Science
Cornell University
![Page 2: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/2.jpg)
2
Networked Computing Systems
Provide opportunities …– Increase speed/bandwidth of interaction.– New modes for interaction for customers.– New services.
Introduce risks ...– System development cost and timing.– Dependence on hardware/software.
![Page 3: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/3.jpg)
3
This week: CS lectures
Learn vocabulary and basic concepts for e-commerce relevant concepts and technologies.
Build intuitions for using concepts and for evaluating relevant technologies.
Where are the opportunities today? Tomorrow?
Acquire technology skepticism.Where are the risks today? Tomorrow?
![Page 4: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/4.jpg)
4
You are
– business-oriented person with strong interest in roles of computer and communications technology,
– user of computer applications (e.g. word, excel) but don’t know how to program,
– casual “surfer” of the internet (web) for information and/or purchases,
– and have not taken CS513, CS514, CS432, or CS632.
Intended Audience
![Page 5: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/5.jpg)
5
Lecturer Backgrounds
We are
– academic computer scientists who teach, research, and write,
– with industrial experience: Consulting to management.
Running “start-ups” (2 on-going; 1 sold).
CEO, CTO, chief scientist, tech advisory boards, etc.
![Page 6: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/6.jpg)
6
Lecturers
Fred B. Schneider (Computer security) [email protected] 4115C Upson Hall 255-9221
Ken Birman (Networks/Reliability) [email protected] 4119B Upson Hall 255-9199
Johannes Gehrke (Databases/data mining)
[email protected] 4108 Upson Hall 255-1045
![Page 7: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/7.jpg)
Trustworthy Networked Information Systems
All about the non-technical context for this technical subject.
![Page 8: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/8.jpg)
8
Networked Information Systems
Networked Information System (NIS) integrates– computers,– communications, and– people (as users and as operators).
Distinguishing characteristics:– Many interfaces to other systems.– Commercial off-the-shelf (COTS) hardware +
software.– Extensible system components.
![Page 9: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/9.jpg)
9
A Trustworthy NIS
Works correctly, despite– environmental disruption,– human user and operator errors,– hostile attacks, and– design and implementation errors.
Holistic and multidimensional problem:– Property of system, not just components.– Involves many interacting sub-properties.
![Page 10: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/10.jpg)
10
NIS software characteristics
Substantial legacy content.– Documentation missing or incomplete.– Difficult to modify or port.
Grows by accretion and agglomeration.– No master plan or architect.
… Nobody understands how/why the system works. Uses commercial off the shelf (COTS)
components and COTS middleware: Reduces costs and risks. Increases labor pool. Facilitates interoperability. Limited internals visibility / capacity for change. Dependence on 3rd party.
![Page 11: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/11.jpg)
11
Some relevant business trends
Organizations driven to operate faster / more efficiently (e.g. JIT production and services).
Climate of deregulation (e.g. power, telecom) promotes cost control and product enhancements.
Rise of electronic commerce.
![Page 12: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/12.jpg)
12
NIS as a response
NIS affects costs and products: Enables outsourcing of suppliers. (b2b) Enables diminishing capacity cushion.
Control is more difficult --- need automated support. Control is more necessary --- don’t have spare capacity. But cascading failures more likely.
Enables product enhancements, but complexity is increased so result is flaws and surprising behavior.
![Page 13: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/13.jpg)
13
Two Case Studies
Public switched telephone network (PTN)
Internet
![Page 14: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/14.jpg)
14
Changes in the PTN
Old model: Few telephone companies; regulated monopoly.
– Limited cost pressure.– Comparatively few services
New model: Many telephone companies; freely compete.
– Intense cost pressure stress facilities.– Many services, for marketing and
interworking.
![Page 15: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/15.jpg)
15
Redundancy in the PTN
Laying cable involves high cost per mile.– Carry more calls per cable; cut costs.– Fewer cables: less backup; more circuits
interrupted by each incident.
So, companies lease circuits from each other.
– Less aggregate spare capacity than appears at first glance.
Central offices are expensive -- land, auxiliary equipment, etc.So, fewer CO’s; each one is larger.
![Page 16: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/16.jpg)
16
New Services in the PTN
New services introduced for differential advantage…… but now more complexity in the network.
Must interoperate with other telco’s.– Check databases; hand off calls to proper
carrier, etc. Again, more complexity.
Newer equipment (cross-connects, muxes) are software-controlled.– Requires authorization.
![Page 17: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/17.jpg)
17
Many Telephone Companies
Past: Switches and protocols were designed under assuming few trustworthy telcos.
No firewalls exist for “SS7”.
Today: Anyone can be a phone company, inexperience matters even more than malice.
![Page 18: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/18.jpg)
18
State of the Internet
The Internet has always had many ISPs.
No one has a complete view of network state.
Engineering is hard; problems tend to occur at the seams.
Cluelessness abounds.
![Page 19: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/19.jpg)
19
Routing Issues
Tension responsiveness versus instability during changes.
– Configuration errors increase “flapping” rate.
Routing protocols are insecure.– Errors have already disrupted routing.
– Attacker could reroute traffic deliberately.
Need QoS-sensitive routing mechanisms.
![Page 20: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/20.jpg)
20
General Internet Security
Pretty bad… Some problems due to lack of
cryptography.– IP spoofing, password “sniffing”, etc.– IPSEC deployment should help this.
Most problems due to buggy code.– Cryptography won’t help this at all.– Reported bugs are in cryptographic modules.
![Page 21: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/21.jpg)
21
Everything is Interconnected
Phone and power companies use Internet technology.
Their operational systems are linked to their corporate systems, which are linked to the Internet.
And the Internet requires power, and is largely built on top of PTN circuits.
![Page 22: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/22.jpg)
22
What about Internet Telephony?
Many PTN-specific vulnerabilities (links, databases, etc.) will remain.
New reliance on IP routing, rather than PTN routing. New database needed, to map phone numbers to IP addresses.
Harder to move control functions out-of-band on the Internet.
![Page 23: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/23.jpg)
23
What if NIS is not trustworthy ... Information disclosure (stored or transmitted)
– personal embarrassment– compromise of corporate strategy– compromise of national security
Information alteration– affect government or corporate operations
New forms of warfare– disable capacity without physical destruction.– attack without physical penetration by attacker.– “time bomb” and undetectable attacks.
![Page 24: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/24.jpg)
24
Why isn’t NIS trustworthy? Cost!
COTS is cheaper than custom– Time-to-market determines market share.
– COTS producers believe: Customers prefer features to trustworthiness. Adding trustworthiness increases time-to-market.
Must use existing communications fabrics.– Few can shoulder the burden of laying cable.– Existing services (PSTN, Internet) not well
suited for NIS trustworthiness.
![Page 25: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/25.jpg)
25
Costs / Trustworthiness could change
Moore’s Law:– Semiconductor density doubles every 18-24
months.
COTS predominance implies trustworthiness investments can be highly leveraged.
Communications fabrics likely to undergo radical changes in coming years:– growth in cable, satellite, cellular.– new pricing for new services.
![Page 26: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/26.jpg)
26
Why invest in trustworthiness?
To manage risk! – Need: probabilities and costs of breaches.
… Security risks more difficult to identify and quantify than those that arise for reliability.
– Clear trend: migration from risk avoidance to risk management?
To create new market opportunities:– Fed Exp, Banking, e-commerce b2b/b2p
![Page 27: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/27.jpg)
27
Won’t market solve this problem?
No. Few customers understand:
What trustworthiness buys. What is risked by its absence.
(Reliability is an exception: strong market here.) Consumers seem to prefer functionality!
Producers/consumers cannot assess: Trustworthiness of products. Costs of having trustworthiness in products. Costs of not having trustworthiness in
products.
![Page 28: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/28.jpg)
28
Conveying product trustworthiness
No solution in sight or expected... Identifying metrics for reliability is realistic. Identifying metrics for security is misguided. What about standards/criteria/specifications?
• Process (e.g. SEI CMM, ISO 9000).
• Artifact (Good Housekeeping seal, Consumer Union, …).
– Cannot keep pace with evolving threats.
– Cannot keep pace with product development cycle.
– Evaluated products not good enough… Glue is important.
![Page 29: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/29.jpg)
29
Functionality versus Assurance
What does the rating convey?
Functionality: What it does.
Assurance: Confidence that that is what it does.
Functionality
Assurance
Danger
Conservative
![Page 30: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/30.jpg)
30
Cryptography: Political and Technical
Most security problems due to buggy code.
Inhibitory factors to deployment:– Government regulations (but they are changing!).– Reduced convenience and usability.– Sacrifice interoperability (e.g. email).– Increased computation/communication
requirements.– Lack of existing infrastructure.– Patent restrictions (notable expirations in Fall ‘00).
![Page 31: Software Infrastructure for Electronic Commerce](https://reader036.fdocuments.us/reader036/viewer/2022062723/56813d63550346895da73808/html5/thumbnails/31.jpg)
31
For Further Reading
Read Executive summary Chapters 1 and 6
of: Trust in Cyberspace, National Academy Press,
(1999). It can be found at: http://www.nap.edu/readingroom/books/trust