Title: Everything you want to know about the Internet, secure e-commerce, e-business, and other new digital economy but were afraid to ask Looking at current situation and future opportunities
1Everything you want to know about the Internet,
secure e-commerce, e-business, and other new
digital economy but were afraid to askLooking
at current situation and future opportunities
2Current affiliations
Bandung High-Tech Valley (BHTV)
3Introduction to the Internet
4The Internet means
- Information Bahn, the net, a global system
connecting public and private network to share
information among universities, governments,
business, individuals - Technology based on TCP/IP, web oriented
5The Internet
- Recognized as foundation of the New Digital
Networked Economy - Important!
- Numerous IT / Internet initiatives in the USA to
guarantee their domination
6The History of the Internet
- ARPANET (1969)
- MILNET (1980)
- NSFNET (1986)National Science Foundation Network
(NSFNET) linked researchers across the country
with five supercomputer centers - Commercial Internet (1995-Now)
- Let the game begins...
7Internet Technology
WAN
Internet
WAN
8Internet Growth
- Exponential
- Matthew Gray of the Massachusetts Institute of
Technologyhttp//www.mit.edu/people/mkgray/net/ - Internet Statistics and Demographicshttp//lcweb.
loc.gov/global/internet/inet-stats.html
9(No Transcript)
10Connection from home
Internet
ISP
ISP
- Modem
- Phone Line
- Computer
- ISP Connection
Client
Client
11Internet Services
- World Wide Web (WWW)
- Electronic Mail (Email)
- File Transfer Protocol (FTP)
- Internet Relay Chat (IRC), MUD
- Multimedia Applications
- Newsgroup
- Wide Area Information System
- and many more...
12Internet Apps
- Distance Learning
- Electronic Commerce
- Voice Over Internet
- Video On Demand
- WebTV/InternetTV
13New Internet Devices
14Introduction to e-commerce, e-business
15What is e-commerce?
- Commerce based on electronics / information
technology - e-commerce to commerce is like email to
conventional mail - Things that were not possible are now possible
- How many conventional mails you send to your
friends monthly? You send more emails.
16What is e-business
- Business utilizes electronics or IT
- E-business or Out-of-business
17Things that make you hmm
- Computers were only used to replace typewriter
- Computers can do more (not just an electronic
typewriter) - Save, recall, easy editing
- Transfer files without changing the format,
layout, content - File sharring
- Desktop publishing, arts
- Features that were difficult tointerpolate from
typewriter
18E-commerce E-business then
- Uses Internet (media technology, web)
- Internet and computer networks are not just
replacement of telephone and fax - The ability to exploit technology (information,
computing, communication) will win - Save cost, reduce time, reach the whole world,
better supply chain,
19Implications
- Advances in computing, communication should
increase our quality of life. Is it? - Longer working hours. Work even at home
- No life (family)
- Wider gaps between the have and the have nots
- Are you really ready for this?
20E-commerce E-Business in Indonesia
- Depends on readiness in
- Economy understanding the New Digital Economy
- Legal framework Cyberlaw (eg. Digital signature
law, IPR) - Hard infrastructure telcos, power, human
resources - Soft infrastructure IDNIC (domain), IDCERT
(security) - Community culture, ethics
21Indonesia Cybercommunity
- Define Indonesia cybercommunity!
- Since the Indonesian digital population is still
small, opportunity to create a better community.
No burden of size. - Ethics!
22Ethics Do well or do right?
- Business ethics is oxymoron
- Do the right thing!
- Corporate must have values
- From Silicon Valley, magazine of San Jose
Mercury News, 4.16.2000http//www.svmagazine.com/
2000/week17/features/Story01.html
23Example Propel.com 13 commandments
- Think and act like an owner
- Have fun
- Recognize accomplishment
- Keep a balance in your life
- Teach and learn from each other
- Communicate without fear of retribution
- Require quality beyond customer expectations
- Improve continuously
- Go the extra mile to take care of customer
- Play to win-win
- Act with sense of urgency
- Make and meet commitments
- Give back to the community
24Something to ponder
- In the end, your integrity is all youve
got(Jack Welch, GE)
25Reading materials
- From Business to E-Business in 8
Stepshttp//www.cognitiative.com
26Secure E-Commerce
27E-commerce Security
- Trust, security and confidence are esential to
underpin e-commerce - E-commerce will be accepted if the security is at
an acceptable level - Are we there yet? Is it acceptable?
- Business cannot wait
28E-security Statistics
- Difficult to get exact numbers due to negative
publicity - 1996. FBI National Computer Crime Squad, detected
computer crime 15, only 10 of that number is
reported. - 1996. American Bar Association survey of 1000
companies, 48 experienced computer fraud in the
last 5 years. - 1996. Di Inggris, NCC Information Security
Breaches Survey computer crime increased 200
from1995 to 1996. - 1997. FBI computer crime case in court increased
950 from 1996 to 1997, convicted in court
increased 88.
29More Statistics
- 1999 CSI/FBI Computer Crime and Security Survey
- Disgruntled employees 86
- Independent hackers 74
- US Competitors 53
- Foreign corp. 30
- Foreign gov. 21
- http//www.gosci.com
30The Point
- Security awareness is still low.No budget!
- Information Week (survey in USA, 1999), 1271
system or network manager, only 22 think that
security is important
31Vandalized Indonesian Sites
- Polri, Satelindo, BEJ, BCA
- DoS attack to various web sites
32Security Services
- Privacy / confidentiality
- Integrity
- Authentication
- Availability
- Non-repudiation
- Access control
- Some can be achived with cryptography
33Privacy / confidentiality
- Proteksi data pribadi yang sensitif
- Nama, tempat tanggal lahir, agama, hobby,
penyakit yang pernah diderita, status perkawinan - Data pelanggan
- Sangat sensitif dalam e-commerce, healthcare
- Serangan sniffer
34Integrity
- Informasi tidak berubah tanpa ijin (tampered,
altered, modified) - Serangan spoof, virus, trojan horse
35Authentication
- Meyakinkan keaslian data, sumber data, orang yang
mengakses data, server yang digunakan - penggunaan digital signature, biometrics
- Serangan password palsu
36Availability
- Informasi harus dapat tersedia ketika dibutuhkan
- server dibuat hang, down, crash
- Serangan terhadap Yahoo!, ebay, CNN
- Serangan Denial of Service (DoS) attack
37Non-repudiation
- Tidak dapat menyangkal (telah melakukan
transaksi) - menggunakan digital signature
- perlu pengaturan masalah hukum
38Access Control
- Mekanisme untuk mengatur siapa boleh melakukan
apa - biasanya menggunakan password
- adanya kelas / klasifikasi
39Jenis Serangan (attack)
- Menurut W. Stallings
- Interruption
- Interception
- Modification
- Fabrication
40Teknologi Kriptografi
- Penggunaan enkripsi untuk meningkatkan keamanan
- Private key vs public key
- Contoh DES, RSA
41Private Key Cryptosystem
Shared (secret) key
Decryption
Plaintext
Ciphertext
Plaintext
My phone555-1234
Y3_at_
My phone555-1234
42Private Key Cryptosystem
- Uses one secret key to encrypt and decrypt
- Problem in key distribution and management
- Key distribution requires separate channel
- The number of keys grows exponentially
- Advantage fast operation
- Examples DES, IDEA
43Public Key Cryptosystem
Public key repositoryCertificate Authority (CA)
Public key
Private key
Decryption
Plaintext
Ciphertext
Plaintext
My phone555-1234
Y3_at_
My phone555-1234
44Public Key Cryptosystem
- Uses different keys to encrypt and decrypt
- Less number of keys
- Requires extensive computing power to calculate
- Requires key repository
- Key management may be complicated
- Examples RSA, ECC
45Public Key Cryptosystem
- Public Key Infrastructure (PKI)Infrastruktur
Kunci Publik (IKP) - Now the foundation of secure e-commerce.
Standard. - Certification Authority
- Verisign
- Indosign (recently launced)
46Studying Hackers
- Who are they?
- What are their motives?
- How do they get in?
- What do they do after they got in?
47Other Security Issues
- USA export restriction for strong cryptography
- Cyberlaw
- Legal to use cryptography?
- Digital signature law?
- Privacy issues
- Intellectual Proverty Rights
- National Critical Infrastructure Protection
48ID-CERT
- Indonesias first computer emergency response
coordination - Volunteers
- Need more support
- http//www.cert.or.id
- Budi_at_cert.or.id