Chapter 18: Doing Business on the Internet Business Data Communications, 4e.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

CP3397 ECommerce.
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Chapter 8 Web Security.
Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.
장홍예 Telecommunication Engineer Lab E-COMMERCE: TECHNICAL AND MARKET APPROACH.
Traditional and Electronic Payment Methods Chapter 3.
1 Web Developer Foundations: Using XHTML Chapter 12 Key Concepts.
Supporting Technologies III: Security 11/16 Lecture Notes.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
Chapter 10 E- Payment.
Internet Security for Small & Medium Business Week 6
E-Commerce. 2 What is E-commerce?  Electronic commerce (e-commerce) –A business transaction that occurs over a computer network. –Sometimes called e-business.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Traditional and Electronic Payment Methods Chapter 3.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Chapter 4 Getting Paid. Objectives Understand electronic payment systems Know why you need a merchant account Know how to get a merchant account Explain.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter Seven E-Business Risks. E-Business Model Evolution EDI EDI Web pages Web pages The online environment The online environment Distributed e-business.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall Dr. Faisal Kakar
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
ELC 200 DAY 26. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 Agenda Quiz 4 (last) will be April 30 Chap 13, 14, & 15 Assignment 8 on next.
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.
CIS-325: Data Communications1 CIS-325 Data Communications Dr. L. G. Williams, Instructor.
CHAPTER-4 THE DIGITAL FIRM: E-COMMERCE AND E- BUSINESS.
Unit-6 Introduction to E-Commerce Prepared By:-Prof H.M.Patel.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Web Development & Design Foundations with XHTML Chapter 12 Key Concepts.
Copyright © Terry Felke-Morris Web Development & Design Foundations with HTML5 8 th Edition CHAPTER 12 KEY CONCEPTS 1 Copyright.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
Secure Electronic Transaction
BY GAWARE S.R. DEPT.OF COMP.SCI
Network Security 4/21/2019 Raj Rajarajan.
Electronic Payment Security Technologies
Presentation transcript:

Chapter 18: Doing Business on the Internet Business Data Communications, 4e

2 Security: The Key to E-Commerce Communications Encryption Privacy Payment systems

3 SSL & TLS Secure Socket Layer Transport Layer Security Protocols that sit between the underlying transport protocol (TCP) and the application

4 Secure Socket Layer (SSL) Originated by Netscape TLS has been developed by a working group of the IETF, and is essentially SSLv3.1 Provides security at the “ socket ” level, just above the basic TCP/IP service Can provide security for a variety of Internet services, not just the WWW … / TCP Port:443

5 SSL Implementation Focused on the initialization/handshaking to set up a secure channel Client specifies encryption method and provides challenge text Server authenticates with public key certificate Client send master key, encrypted with server key Server returns an encrypted master key Digital signatures used in initialization are based on RSA; after initialization, single key encryption systems like DES can be used

6 SSL

7 Characteristics of On-Line Payment Systems Transaction types Mircopayments, large payments, … Means of settlement Cash, credit cards, … Operational characteristics On-line or off-line payments Privacy and security Audit trails, authentication, non-repudiation, … Who takes risks

8 SET -Secure Electronic Transactions SET is a payment protocol supporting the use of bank/credit cards for transactions Supported by MasterCard, Visa, and many companies selling goods and services online SET is an open industry standard, using RSA public-key and DES single-key encryption

9 SET Participants & Interactions

10 SET Architecture

11 Ideal Components of Electronic Cash Independent of physical location Security Privacy Off-line payment No need for third-party vendor Transferability to other users Divisibility “ Making change ”

12 E-Cash Created by David Chaum in Amsterdam in 1990 Maintains the anonymity of cash transactions Users maintain an account with a participating financial institution, and also have a “ wallet ” on their computer ’ s hard drive Digital coins, or tokens, are stored in the wallet

13 Electronic Commerce Infrastructure Intrabusiness Intranet based Supports internal transactions and transfers Business-to-Business (BTB or B2B) Extranet based Business-to-Consumer (BTC or B2C) Internet based

14 Importance of BTB Commerce

15 Firewalls Used to provide security for computers inside of a given network All traffic to/from network passes through firewall Only authorized traffic is allowed through Firewall itself is a secure system Firewall performs authentication on users Firewall may encrypt transmissions

16 DMZ- DeMilitarized Zone

17 Free Trade Zones (FTZ) Area where communication and transactions occur between trusted parties Isolated from both the external environment and the enterprise ’ s internet network Supported by firewalls on both ends Inside the FTZ, all communications can be in clear mode without any encryption Necessary because logical boundaries between BTB and IB are becoming fuzzy.

18

19