SEMPER: A Security Framework for the Global Electronic Marketplca Jian Zheng Nov. 30, 1998.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

M.B.A. II SEMESTER Course No. 208 Paper No. – XVI E-Business Dr.N.C.Dhande Unit II e-business frameworks e-selling process, e-buying, e-procurement, e-payments:

Chapter 1. Type in URL to browse a web page A search engine is a software program you can use to find web sites, web pages and files stored on the internet.

Electronic commerce EDI (8 decade) – base of EC – “Netscape” – propose SSL (Secure Sockets Layer) 1995 – “Amazon.com” “eBay.com” 1998 – DSL (Digital.

The GSMA July 2014 Restricted - Confidential Information

Lesson 1. Course Outline E-Commerce and its types, Internet and WWW Basics, Internet standards and protocols, IP addressing, Data communication on internet,

E-commerce Chapter 9 pp E-Commerce Buyer 1. Search & Identification 3. Purchasing 2. Selection & Negotiation 4. Product & Service Delivery 5.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.

1 Towards Decentralized and Secure Electronic Marketplace Yingying Chen, Naftaly Minsky, Constantin Serban, and Wenxuan Zhang Dept of Computer Science.

10.1 © 2007 by Prentice Hall 10 Chapter E-Commerce: Digital Markets, Digital Goods.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

B2B e-commerce standards for document exchange In350: week 13: Nov. 19,2001 Judith A. Molka-Danielsen.

Electronic Commerce Systems

Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.

Chapter 9 e-Commerce Systems.

E-commerce Business Models— Introduction

ELECTRONIC COMMERCE. CONTEXT: Definition of E-Commerce. History of E-Commerce. Advantages and Disadvantages of E-Commerce. Types of E-Commerce. E-Commerce.

E-commerce E-commerce, or electronic commerce, refers to systems that support electronically executed business transactions. In this section: E-commerce.

E-Commerce E-Marketing By: Sadiq Ahmed Shariff S ail.com E-Business.

SMALL BUSINESS MANAGEMENT Chapter 9 Small Business and Electronic Commerce.

What is Commerce? “Seller” “Buyer” Transaction Basic Computer Concepts

E-Commerce Michael Andrianus – Vincentius

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

1 The Internet and E-Business (II) BUS Abdou Illia, Fall 2012 (November 29, 2012)

BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

E-Commerce. What is E-Commerce Industry Canada version Commercial activity conducted over networks linking electronic devices (usually computers.) Simple.

Electronic Payment Systems

Automatic Generation of B2C E-Commerce Payment Process By Jinglei Mei Thursday, November 09, 2000.

E-C OMMERCE S ECURITY Presented by SAGAR CHAKRABORTY.

Information Systems Today, 2/C/e ©2008 Pearson Education Canada Lecture Outline eCommerce Highlights of Electronic Business 2-1.

The need for further standards and technical developments Brian Moore ITU-T Study Group 13 Chairman Lucent Technologies.

1 An Introduction to Electronic Commerce Electronic commerce: conducting business activities (e.g., distribution, buying, selling, marketing, and servicing.

Source: Peter Eeles, Kelli Houston, and Wojtek Kozaczynsky, Building J2EE Applicationa with the Rational Unified Process, Addison Wesley, 2003 Prepared.

Development of ODR in China

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Systems Analysis And Design © Systems Analysis And Design © V. Rajaraman MODULE 13 ELECTRONIC COMMERCE Learning Units 13.1 What is E-Commerce? 13.2 Electronic.

Electronic Commerce & Marketing. What is E-Commerce? Business communications and transactions over networks and through computers, specifically –The buying.

Types of E-Commerce.  Definition of Commerce Definition of Commerce  What is a network What is a network  What is E-commerce What is E-commerce  Types.

OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.

E-Commerce Taruna Diyapradana PBM. What is E-Commerce? E-Commerce is the trading in products and/or services conducted via computer networks.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

7/19: Internet & eCommerce How companies use the Internet –Collaboration (internal & external) –Communication (internal & external): , etc. –Gather.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,

E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,

ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST

CHAPTER 17 INTERNATIONAL MARKETING IN E-COMMERCE.

OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.

E-COMMERCE: DIGITAL MARKETS, DIGITAL GOODS Part-I.

Exploring E-Commerce Mohammed Arif Mazumder Sr. Lecturer Daffodil International University.

The face of eCommerce The popular image of eCommerce is that of a splashy web page, full of products and advertisements. In fact, that web page is the.

Application Fields of the Austrian Citizen Card in e-Commerce Diploma thesis of Christoph Baumann Institute for Applied Information Processing and Communications.

Networking E-commerce. E-commerce ► A general term used to describe the buying and selling of products or services over the Internet. ► This covers a.

E-Commerce & M-Commerce. Introduction Electronic commerce, commonly known as e- commerce, It is a type of industry where buying and selling of product.

E-Commerce Systems Chapter 8 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Prentice Hall © PowerPoint Slides to accompany The Legal Environment of Business and Online Commerce 4E, by Henry R. Cheeseman Chapter 12 Internet.

The Contractual Regime of PayPal and Electronic Payments Irene Kull ETAg funding, project 9301.

Paypal PayPal is an e-commerce business allowing payments and money transfers to be made through the Internet. With a PayPal account, you can send and.

E-Commerce: Digital Markets, Digital Goods

What is Commerce According to Dictionary.com

Presentation transcript:

SEMPER: A Security Framework for the Global Electronic Marketplca Jian Zheng Nov. 30, 1998

Context Introduction The Security Marketplace Model of Electronic Commerce SEMPER Architecture The Field Trial Reference

Context Introduction

Introduction The Emerging Electronic Commerce –by 2000, over 25B will conducted via Internet Such an electronic marketplace requires security and establishing sufficient trust Current Achievements: –payment, cryptography, intellectual property rights protection –however, they did not integrate the different solution in a consistent way

Introduction(cont’d) SEMPER(Security Electronic Marketplace for Europe) –proposes an open security framework that should provide an integrated, complete and global electronic marketplace –backed by the European Commission –technically led by IBM Zurich Research Lab

Context The Security Marketplace

The Security Marketplace Requirements –The traditional business “terms” and “requirements” should be appropriately translated into electronic terms –trust should be restored on such an insecure media (Internet) –the recovery of transaction and the resolution of dispute must be guaranteed

The Security Marketplace(cont’d) Fundamental Issues –the systems must address the complete set of issues raised by E-commerce –users must be able to trust their system –these systems should be fully interoperable –E-commerce needs to be backed by a legal framework which is transparent and predictable for users –there is a network for registration, certification and key distribution

The Security Marketplace(cont’d) Current Status –three waves on the Internet business web sites for promoting and marketing digital libraries and online catalogs possible to authenticate, user can browse, place the order and pay for them; secure payment with credit card based on SSL and SET –however, no generally accepted model and architecture for building E-commerce

The Security Marketplace(cont’d) SEMPER Objectives –addresses the complete problem of E-commerce over insecure networks –based on a business model consisting of “tranfers” and “fair exchanges” –goal: develop an open and comprehensive security framework for building the secure marketplace

Context Model of Electronic Commerce

Model for E-commerce Model –two-party E-commerce: describes business scenarios in terms of sequences of “transfers” and “exchanges” of data with decisions based on the success of these actions –similar to the dialogues of interactive EDI

Model for E-commerce(cont’d)

Basic Concepts –“transfer”: One party sends a package of business items to one or more business parties. The sending party specifies the security requirements. –“exchange”: A simultaneous exchange of packages of business items among two parties.

Model for E-commerce(cont’d) Basic Concepts(cont’d) –“business items”: credentials statements money

Model for E-commerce(cont’d)

Context SEMPER Architecture

SEMPER Architecture Structured in layers the highest layer deals with commercial issues only the lowest layer deals with low-level security primitives and other supporting services

SEMPER Architecture(cont’d)

Commerce Service –directly implements protocols of business scenarios –implements the flow of control –includes some more general use services –can also securely download new services

SEMPER Architecture(cont’d) Exchange Service –handle and package business items –transfer and fair exchange of packages –each type of items is managed by a separate manager which provides the unified services based on integrating existing implementations payment manager

SEMPER Architecture(cont’d)

Supporting Service –provides user preference management, persistent object storage, communication, crypto services, access control, etc.

SEMPER Architecture(cont’d) Multi-party security –buyers, service providers, banks, CA authorities, notary public Trust hierarchy –browser/server –Signed business application –Commerce layer –System kernel

SEMPER Offers Security Services for Today and Tomorrow Basic Services –Authentication –Signed offer –Signed order –Payment –Signed delivery Advanced Services –Fair exchange –Security document handling certified mail contract signing credentials –New payment instructments –Anonymity –Resolution of dispute

Context the Field Trial

The Field Trial EUROCOM –offer multimedia courseware in the area of telecommunications –implements online purchases of multimedia courses

The Field Trial(cont’d) FOGRA –distribute information to their members on a subscription basis and sell consultancy to non- members –use SEMPER for online purchase and processing of subscription s well as sales of consultancy

The Field Trial(cont’d) OTTO VERSAND –one of the largest mail-order retailer world wide –online order of goods –online order of tickets and other credentials

Context Reference

Reference SEMPER Home Page – SEMPER public reports – Security Research Droup at IBM Zurich Research Lab – y/

Reference(cont’d) Field Trials –Actimedia (F) - satellite pictures on ATM networ –Acri (F) - CD-ROMs on the Internet –Gecap / Bowne (F) - software localisation –Viajes Eroski / Enyca (E) - travel