Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
CP3397 ECommerce.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Cryptography and Network Security
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Chapter 8 Web Security.
Security Jonathan Calazan December 12, 2005.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Electronic Payment Systems University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot March 2010 March 2010 ITSS 4201 Internet.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce.
Supporting Technologies III: Security 11/16 Lecture Notes.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Secure Electronic Transaction (SET)
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
Security+ All-In-One Edition Chapter 14 – and Instant Messaging Brian E. Brzezicki.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Cryptography, Authentication and Digital Signatures
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Lecture 8 e-money. Today Secure Electronic Transaction (SET) CyberCash On line payment system using e-money ECash NetCash MilliCent CyberCoin.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Electronic Banking & Security Electronic Banking & Security.
1 Original Message Scrambled Message Public Key receiver Internet Scrambled+Signed Message Original Message Private Key receiver The Process of Sending.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Computer Communication & Networks
Secure Electronic Transaction (SET) University of Windsor
Electronic Payment Security Technologies
Presentation transcript:

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding

Securing electronic transactions We will address here the following electronic transactions categories: 1. Purchases carried out online 2. Bank transactions and money transfer 3. Transactions handled via 4. Wireless transactions

Securing electronic transactions 1. Securing the purchases: The merchants, banks, PSPs, CAs and many others are responsible of arranging a secure environment to handle e-commerce transactions. The following figure shows how Public Key Infrastructure (PKI) can be used by the company A which wants to send a purchase order to the company B. The company B will respond by sending a purchase order confirmation to A. The following figure shows how PKI solves the needs of authentication, confidentiality, integrity and nonrepudiation.

Securing electronic transactions

2. Securing Bank transactions and money transfer: E-banks today offer their users virtually all the facilities provided by conventional banks. A customer can check his balance, transfer money between accounts, set up automatic payments, etc.

Securing electronic transactions 3. Securing transactions handled via systems didn’t originally include support for security. In many cases we want to keep messages content secret, for example when handling e-commerce orders via s where the customer sends his credit card number to the merchant. sometimes we are more interested in authenticating messages, like when submitting bids by .

Securing the The most famous encryption scheme today is the Pretty Good Privacy (PGP). PGP appeared in 1991 and became the de-facto standard. PGP is available free and commercially, and it is also available as a plug-in for many user agents (like Ms’s Exchange and outlook).

Securing the , PGP PGP design contains a group of operations to security. It uses symmetric key encryption, asymmetric key encryption and digital signature. In addition, PGP provides data compression. Depending on the version, PGP software uses MD5 or SHA for calculating the message digest, uses 3DES, CAST or IDEA for symmetric key encryption and uses RSA for asymmetric key encryption.

Securing the , PGP PGP scheme of encryption

Securing the , PGP As it is shown in the previous figure, the message m is hashed and then the resulted message digest is encrypted using the sender’s private key d A, this is a normal digital signature. The digital signature with the message itself will be encrypted using the symmetric key K sym. And the symmetric key itself will be encrypted using the public key of the receiver e B, and this collection of things represents the secured message that will be sent.

Securing electronic transactions 4. Wireless transactions: wireless transactions are a growing field in ecommerce. A lot of technologies were developed to provide security for wireless communications, but in general the wireless communications still not that secure. WTLS is a protocol that works under the WAP protocol. WTLS uses cryptography and digital certificates to establish a secure transmission session between a WAP server and a cell phone. Wireless Equivalent Privacy (WEP) is a protocol that provides encryption and authentication of wireless transmission to and from a WLAN.

What’s next? Next, we will talk about security protocols used to achieve security in Ecommerce.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.