Multimedia Communication and Information Logistics for AFTER-SALES AND PRODUCT LIFE- CYCLE SUPPORT Click to edit Master title style www.remtec.fi.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure and Applications

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Web services security I

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Digital Signature Technologies & Applications Ed Jensen Fall 2013.

Chapter 13 Digital Signature

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.

Chapter 31 Network Security

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Secure Electronic Transaction (SET)

Multimedia Communication and Information Logistics for AFTER-SALES AND PRODUCT LIFE- CYCLE SUPPORT Click to edit Master title style

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Chapter 21 Distributed System Security Copyright © 2008.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

Cryptography: Digital Signatures Message Digests Authentication

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

DIGITAL SIGNATURE.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 ICT and E-Business Strategies For Development Geneva, October.

Copyright © 2003 Jorgen Thelin / Cape Clear Software 1 A Web Services Security Framework Jorgen Thelin Chief Scientist Cape Clear Software Inc.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

XML Signature Choi, Yoon-jung. Outline Introduction Introduction Structure Structure Structure - Example Structure - Example Creation Creation.

Digital Signatures and Digital Certificates Monil Adhikari.

Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Copyright 2004 MayneStay Consulting Group Ltd. - All Rights Reserved Jan-041 Security using Encryption Security Features Message Origin Authentication.

Lifecycle Metadata for Digital Objects October 9, 2002 Transfer / Authenticity Metadata.

April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

Computer Communication & Networks

S/MIME T ANANDHAN.

Digital Signatures and Forms

Pooja programmer,cse department

Electronic Payment Security Technologies

Instructor Materials Chapter 5: Ensuring Integrity

Presentation transcript:

Multimedia Communication and Information Logistics for AFTER-SALES AND PRODUCT LIFE- CYCLE SUPPORT Click to edit Master title style

© Copyright Remtec Systems, Ltd., All rights reserved. XML and Digital Signatures A Key to Reliable eBusiness Jörgen Westerling Remtec Systems Ltd.

© Copyright Remtec Systems, Ltd., All rights reserved CONTENTS eBusiness scenarios Why do we need signatures? Types of security services What is a digital signature? The XML Signature WG Application integration Digital signature issues

© Copyright Remtec Systems, Ltd., All rights reserved eBUSINESS SCENARIOS Official communication with public institutions  application forms, identity documents, tax declarations, etc. Contractual relations in open networks  eBuying, eSelling, financial transactions, etc. Identifying or authorising purposes  validate the identity of a correspondent, etc.

© Copyright Remtec Systems, Ltd., All rights reserved WHY DO WE NEED SIGNATURES? Signatures are authentic Signatures are unforgeable Signatures are not reusable Signed documents are unalterable Signatures can not be repudiated

© Copyright Remtec Systems, Ltd., All rights reserved TYPES OF SECURITY SERVICES Authentication  Identification  Real-world equivalent: passport Confidentiality  Privacy  Real-world equivalent: sealed envelope Non-repudiaton  Signatures  Real-world equivalent: personal signature

© Copyright Remtec Systems, Ltd., All rights reserved WHAT IS A DIGITAL SIGNATURE? A digital signature  confirms the identity of a message sender  confirms the authenticity of the message  confirms the integrity of the message  is verifiable  cannot be retracted

© Copyright Remtec Systems, Ltd., All rights reserved HOW DIGITAL SIGNATURES WORK Message Buy 100 stock A6HR40 HT84K8 Message Digest One-way Hash Function f(msg) irw983jkaf9 Digital Signature Message Buy 100 stock Encrypted Message Sender’s Private Key

© Copyright Remtec Systems, Ltd., All rights reserved HOW DIGITAL SIGNATURES WORK irw983jkaf9 Digital Signature Message Buy 100 stock Encrypted Message A6HR40 HT84K8 Message Digest One-way Hash Function f(msg) A6HR40 HT84K8 Message Digest Sender’s Public Key

© Copyright Remtec Systems, Ltd., All rights reserved XML AND DIGITAL SIGNATURES  More and more of eBusiness transactions in our networks are XML-based.  There is a real need for leveraging digital signature technology in these transactions.  XML offers a established framework for transmitting signed content and generic tools for the processing and verification of signatures.

© Copyright Remtec Systems, Ltd., All rights reserved THE XML SIGNATURE WG XML Signature Requirements public WD  August 20, 1999 The mission of the WG  develop a XML syntax used for digital signatures  develop procedures for computing and verifying digital signatures Signatures will provide  data integrity, authentication and/or non-repudiation

© Copyright Remtec Systems, Ltd., All rights reserved THE XML SIGNATURE WG Signature requirements  XML-signatures apply to any resource addressable by a locator  XML-signatures must be able to apply to a part or totality of an XML document  An XML document of a certain type must still be recognizable as its original type when signed  Must permit the use of arbitrary encryption alogrithms

© Copyright Remtec Systems, Ltd., All rights reserved THE XML SIGNATURE WG XML-Signature Scenarios document  describes different uses of XML-based digital signatures  enveloped-, unenveloped content etc. A proposal to the XML Signature WG  Richard D. Brown, GlobeSet, Inc.  base for future work

© Copyright Remtec Systems, Ltd., All rights reserved APPLICATION INTEGRATION  For example a browser plug-in to add digital signatures to XML messages  Application services to verify digital signatures  XML provides the framework

© Copyright Remtec Systems, Ltd., All rights reserved APPLICATION INTEGRATION XML Form XML Form Add Server Signature Commit Transaction Commit Transaction Data (XML) Decoding Sign Message Sign Message Add Client Signature Verify Server Signature Posted HTML Form XML Message (signed by server) XML Message (signed by both server and client) ServerBrowser

© Copyright Remtec Systems, Ltd., All rights reserved DIGITAL SIGNATURE ISSUES Time Stamping  a signature having been found once to be valid, shall continue to be so, for the same data, months or years later Key Length & Encryption Technology  a breakthrough in encryption technology may “reveal” all signatures made with that technology Legal issues globally and locally applied  different rules in different parts of the world

© Copyright Remtec Systems, Ltd., All rights reserved PUBLIC KEY INFRASTRUCTURE Certification Authority User Directory Services

© Copyright Remtec Systems, Ltd., All rights reserved CONCLUSION Businesses have to gain confidence in the security and confidentiality of eBusiness transaction. This will lead to real eBusiness growth.  Transaction security  Transaction confidentiality