E-cert (Digital Certificate)

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Security Controls and Systems in E-Commerce

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Electronic Transaction Security (E-Commerce)

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Digital Payment Systems

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Financial Transactions on Internet Financial transactions require the cooperation of more than two parties. Transaction must be very low cost so that small.

© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Digital Signatures. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies are as good as original.

Supporting Technologies III: Security 11/16 Lecture Notes.

Copyright © 2002 Pearson Education, Inc. Slide 6-1.

BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure Electronic Transaction (SET)

Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Types of Electronic Infection

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Payment Systems Unit 34: E-commerce M2 - Compare two different payment systems used in e-commerce systems.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Digital Signatures, Message Digest and Authentication Week-9.

DIGITAL SIGNATURE.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.

1 of 4 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

“ PROFIT AT YOUR FINGERTIPS ”. What is Scrip? Definition: A list, paper money; a means Before printing, workers were not always paid in cash but in certificates.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Information Systems Design and Development Security Precautions Computing Science.

222 About RPost Leader in security since 2000 Endorsed by more than 20 major bar/law associations Used by U.S. Government Used by insurance carriers.

Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.

Key management issues in PGP

“Big Leap to Smarter City: Digital Signature Automation + Digital Certificate” 22 April 2016 (10: :00) Seminar and April 2016 (10:00 -

Public Key Infrastructure (PKI)

Unit 3 Section 6.4: Internet Security

Chapter 5 Electronic Commerce | Security

Uses Uses of cryptography Lab today on RSA

BY GAWARE S.R. DEPT.OF COMP.SCI

S/MIME T ANANDHAN.

Digital Signature.

Class 2 Digital Signature Certificate Noida

Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure

Digital Signatures and Forms

Chapter 5 Electronic Commerce | Security

Welcome To Money pad November 23, 2018 Sample footer.

Secure Electronic Transaction (SET) University of Windsor

E-cert (digital certificate)

Lecture 4 - Cryptography

CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

Automated Bulk Signing Solution

E-cert (Digital Certificate)

Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.

CDK: Chapter 7 TvS: Chapter 9

Electronic Payment Security Technologies

Presentation transcript:

E-cert (Digital Certificate) 电子证书 (電子證書)

On the Internet, nobody knows you’re a dog. Extracted from http://scienceblogs.com/effectmeasure/internet_dog.jpg

What is it? An electronic file Considered as “electronic passport” CA (Certificate Authority) Issuing body in Hong Kong Hong Kong Post (香港邮政) HK$50/year

Digital Certificate file Electronic file with extension “p12” xxxxxx.p12 Consist of Private key Public key Signature of the Certificate Authority

Functions Authentication Encryption Decryption Verify the identity of someone Encryption Convert ordinary data into unreadable code Decryption Convert encrypted message to plaintext (the original message)

Other functions Digital Signature Prove the identity of the sender The document has not been modified after it is signed Non-repudiation Sender cannot deny that he/she signed the document

E-banking two-factor authentication In addition to account name and password

Problems of account name and password Bad passwords Birthday Name of wife/husband/pets Word from dictionary Etc. User wrote it down and stick it on the monitor User tells others Re-use passwords in different sites (with week security)

From Hongkong Post White memory stick Memory stick + card reader With your e-cert inside (done by Hong Kong Post) Two programs inside Hongkong Post smart card (not included this time) With your e-cert inside Password envelope Digital signature is as good as a signature on a paper (legally binding)

From Hang Seng Bank Green Bank Card Copy your e-cert to this card later

Look up someone’s public key Personal e-Cert www.hongkongpost.gov.hk/pc A electronic file with extension “cer” xxxxxx.cer

Liability Keep your password and Hong Kong post card in a safe place. Report to Hong Kong post if you lose your e-cert. Revoke the e-cert

Barriers to cashless society Individuals Need more training and education Organizations Need more technical support Need more training and education for their staff Need the infrastructure

Digital signatures Arguments with payments (between banks and Clients) Better protection for client Better protection for Banks / financial companies Solution for Micropayment Small amount of payment

Application with digital signatures Many organizations received fake certificates from job applicants. Difficult and time consuming to verify certificates Universities will issue certificate (a file) with digital signature (of the universities) to 0

Other applications Banks Government Others Two factor authentications Tax return (Inland Revenue Department) Renew license Others http://www.hongkongpost.gov.hk/product/ecert/usage/index.html

Green Computing Reduce consumptions of resources More environmental friendly Examples Less papers Less heat Reduce travelling Teleconference

Reengineering Rethinking or radical redesign of business process

Renew of car license (1st version) Submit documents in one counter Verify the documents A long queue Paid the Amount in another counter Distribute the new license in another counter Another long queue

problems At least two or three hours waiting time Overcrowded Everyone stayed there for several hours Air pollutions (people are allowed to smoke in the old days) Noisy environment

Renew of car license (2st version) Everything is done in one counter Verify the document Key in data Accept payment Print the new license Benefits Waiting time reduced 5 to 30 minutes

Renew of car license (3rd version) Scan documents Fill in the form online Provide credit card numbers Digitally signed the application (with e-cert) Submit everything with Internet New license will be sent by registered mail

Renew of car license (future version) Scan documents Fill in the form online Provide credit card numbers Digitally signed the application (with e-cert) Submit everything with Internet Electronic License will be sent to the applicant With the digital signature of the government With QR code? Applicant can print a hard copy (if necessary)

E-cheque consumer accesses the merchant’s server and select goods consumer sends electronic checks to the merchants. E-cert is used to encrypted and digitally sign the e-cheque. merchants verify the consumer’s electronic signature. merchants forward the e-cheque to the clearing house. The clearing house works with banks and transfer money’s to merchants’ account.

What are the benefits? Discuss in groups and present your answers