Diplomski rad iz predmeta elektronsko poslovanje, tema je bezbednost elektronskog poslovanja i tehnike zastite
,
, 2013. ,
: : . : : : : , 2013.
1. 42. web- 53. 64. 95. 106. 127. 177.1. 188. 209. - 2110. ( OSI
)2210.1. 2310.2. DHCP 2311. 3012. 32
1.
, e-Business, , , web . , . , (e-commerce). , World Wide Web-a,
.
, . . , . . , . , , . , .
(e-commerce) . . commerce , , . , : , , , , , , , . , , .2. web
-
web , . , , Web . Web .
Web :
Web- , Web
Web
Web , , .
Web
.
3.
(e-business) (e-banking) (e-commerce). .
, (m-kommerce) . . . on-line ( ), , , , . on-line : , , .
. -commerce B2B, B2C (business-to-business,
business-to-customer) i B2E (business-to-ethernet). , () (B2B i B2C
ecommerce ).
B2B , . , . B2B : EDI (electronic data interchange) , B2B
e-commerce ( ) (eMarkets).
(e-marketplaces) on-line , , . B2C ().
( B2C 5 ) :
(VTC) on-line .
() , , .
n-line , . .
B2B i B2C , ( , , , , .) , CRM (customer relationship menagment)
call . (e-commerce CRM - eCCRM) , , ( ). web , 70 % call .
. . TCP/IP . :
( - ),
( ) ( ).
. : () . . , , . , .
. . .
. (VPN virtuel private network) SSL (security socket layer)
.
(, ) "" . (. ) , , .
- ( ) , "" "". , . , .
( ) (81) 19 - " ".
- () . - - , , . . ERP (Enterprise Resource lanning).
4.
- . "online" . - , . . , , . , . , . . - . - "dotcom" 2000.
2001. . - . , . , , , . - .
, , , , . .
. . , ( ).
5.
() .
( simlab.fon.bg.ac.rs )
. , , . , . , , , , .
. ( ). - ( ).
( ) . ? . . , (IP ). ( 5 20%). , 2003. 2,8%.
, -, , . , . , . : , .
. , , .
6.
, . : , , . / .
. , . , hash .
TCP/IP , :
(PKI public key infrastructure),
.
PKI , . PKI - , , . , . PKI (CA certification authority) .
. . .
. PKSC# 1 (public key criptograpfic standards). , : . ( MD5
SHA-1), (. RSA) . . RSA , . RSA , . 1977. . , , RSA . , , 1973. , ,
1997.
RSA . RSA . . RSA
.
: .
.
.
.
. .
d, n e, , , .
. E . PKCS#1 (Public Key Cryptographic Standard), 1.024 bita.
PKCS#1 RSA . : , , ,
, , , .
, , . . . hash , .
PKI , ( web , e-mail, FTP, , , VPN).
( megatrend-online.com ) . PIN- (personal identification
number), . .
. . , , . .
, . hash . hash , ( ).
web . , ., , . : , , CA .
SSL (secure socet layer) , web Netscape Communications. SSL : .
: 40- 128- . TLS je SSL 3.1 WTLS WAP .
SSH (Secure Shell) , . SSH : , TCP/IP ( ).
(VPN) , . . VPN , . ISP .
, hash .
. . ( , , , ) .
7.
. :
, . , .
. " " , .
. , , .
(. ) . .
. ("insiders") . . .
, .
, . , .
7.1.
. .
(Computer Security Institute) , 70% . , 5 , 66 $66.708.000,00 54
$53.996.000,00.
, .
:
e-mail (attachment) , patch-evi , screen saver-a , back-up (LAN)
.
: , , , , , , .
: , default , , , , firewall-ovima, PKI , , back-up , , , ,
.8.
, : (competitive intelligence), , , . ( ) ( ) .
(), .. (, , , , , , .).
, ( ) , ( ).
, intelligence, . .
() ( ) (), () .
. . ( , , .). .
. , , 1996. . (), 1995- 700 ( 1994- 400 ).
() . ( Public Administration Review, 1995..), (), 25 100 .9.
-
. , , .
, , - . - , , , , . - , .
10. ( )
, , . , IPSec VPN , ., .
, . - , . , : / .
, , , .
10.1.
, , ( ) :
DHCP Attack
STP Attack
ARP Cache Poisoning
CAM Table Flooding
VLAN Hopping
, , , , . , .10.2. DHCP
DHCP (engl. Dynamic Host Configuration Protocol) IP . IP , , , ,
DNS . , DHCP , . IP .
DHCP ( simlab.fon.bg.ac.rs )
DHCP . (. Denial of Service DOS), (. Man in the Middle).
, IP , DHCP , Man in the Middle Attack.
DHCP DHCP IP DHCP . IP , 254 IP . , . , , 3 3 IP .
, DHCP , MAC DHCP IP MAC , . IP DHCP , . , , - . :
http://packetstormsecurity.org/DoS/DHCP Gobbler.tag.gz.
: Yersinia DHCPH Flooder. DHCP Windows Server 2003 Standard
Edition, 2/3 Cisco Catalyst 2960 3550. DHCPH Flooder , IP , DHCP
DHCP (discover, offer, request, ack), Yersinia 200 IP 3 , DHCP
(discover, offer).
DHCP , .
DHCP . DHCP - . DHCP DHCP IP ( DoS DHCP (), DHCP ). IP DHCP .
DHCP . DNS (. Default Gateway). , PC DNS VLAN- . , : , FTP, HTTP,
POP3 . web , DNS- web , TCP 443 TCP 80 7:55 8:05 , , .
DHCP DoS , , . , , DHCP .
DHCP ( znanje.org )
DHCP , DHCP , , Client Hardware Address. DHCP DoS MAC Spoofing
MAC , Client Hardware Address MAC Source MAC Ethernet . () DHCP
Request bradcast- IP DHCP . , , DHCP H Flooder.
Wireshark MAC DHCP MAC . Yersinia MAC Spoofing-: DHCP DoS Port
Security, . , , , 2 Port Security. Cisco , .
Port Security ( znanje.org )
, , 2 MAC ( MAC MAC , IP IP , IP 2 MAC ) . , MAC DHCP Request (
). MAC :3550(config-if-range)#switchport port-security violation
?
protect Security violation protect mode
restrict Security violation restrict mode
shutdown Security violation shutdown mode
Shutdown , ( ) .
DHCP DoS Port Security . Client Hardware Address DHCP Request ,
MAC Spoofing Ethernet , Source MAC MAC . DHCP , DHCP Client
Hardware Address DHCP Request MAC IP . Yersinia, MAC -. MAC CHA
DHCP Source MAC Ethernet .
DHCP Windows Serveru 2003 Standard Edition. DHCP Client Hardware
Address DHCP Source MAC .
DHCP , Cisco Systems DHCP Snooping. : deep DHCP packet
inspection trusted untrusted . DHCP MAC Client Hardware Address MAC
Ethernet . MAC , DHCP DHCP DoS .
DHCP DHCP Man in the Middle Attack, , ( , ) Port Security, DHCP
MAC . DHCP DoS , DHCP , DHCP DHCP .
DHCP , DHCP Snooping : trusted untrusted. , untrusted ( DHCP
Snooping-). DHCP DHCP Offer DHCP Ack ( unicast DHCP ) DHCP Snooping
DHCP untrusted . DHCP trusted trusted , DHCP .
trunk . , , . : Port Security DHCP Snooping DHCP Denial of
Services DHCP Man in the Middle Attack. DHCP Port Security,
Yersinia DHCP Client Hardware Address DHCP . . .11.
, . . , . . . , , , .
, .
:
- ,
- ,
- .
, . . . . : , , - .
, () . . .
, . , . ( ).
. IT, IB (CISI BISO). , , -. - , , .
12.
, " ", -. 14, 2011 Zorayda Ruth Adam, "E-commerce and
e-Bussines", 2003 . , " ", , , 2007
, " e", , 2006
.. , " ", , 2002
., " ", , , 2002
. , . , :
" ", , , 2005.
, " " ., " ", Jet info online # 6, 2002
., .: , ISBN 97-86-7038-054-7, COBISS.SR-ID 191422220, ,
2012
.. " ", 1998, http://www.infosec.ru . , . , ,
http://kievsecurity.org.ua .., , -. 7, 2008 . , , , 2013
D. K. Hsiao, D.S. Kerr, S.E. Madnik, Computer security, Academic
Press, New York, San Francisko, 1979
e -trgovina.rs emportal.rs/zines/ekonomist simlab.fon.bg.ac.rs
megatrend-online.com znanje.org "E-commerce and e-Bussines",
Zorayda Ruth Adam, maj 2003
" ",
.. " "
, " "
2
