Chapter 18: Doing Business on the Internet Business Data Communications, 4e
2 Security: The Key to E-Commerce Communications Encryption Privacy Payment systems
3 SSL & TLS Secure Socket Layer Transport Layer Security Protocols that sit between the underlying transport protocol (TCP) and the application
4 Secure Socket Layer (SSL) Originated by Netscape TLS has been developed by a working group of the IETF, and is essentially SSLv3.1 Provides security at the “ socket ” level, just above the basic TCP/IP service Can provide security for a variety of Internet services, not just the WWW … / TCP Port:443
5 SSL Implementation Focused on the initialization/handshaking to set up a secure channel Client specifies encryption method and provides challenge text Server authenticates with public key certificate Client send master key, encrypted with server key Server returns an encrypted master key Digital signatures used in initialization are based on RSA; after initialization, single key encryption systems like DES can be used
6 SSL
7 Characteristics of On-Line Payment Systems Transaction types Mircopayments, large payments, … Means of settlement Cash, credit cards, … Operational characteristics On-line or off-line payments Privacy and security Audit trails, authentication, non-repudiation, … Who takes risks
8 SET -Secure Electronic Transactions SET is a payment protocol supporting the use of bank/credit cards for transactions Supported by MasterCard, Visa, and many companies selling goods and services online SET is an open industry standard, using RSA public-key and DES single-key encryption
9 SET Participants & Interactions
10 SET Architecture
11 Ideal Components of Electronic Cash Independent of physical location Security Privacy Off-line payment No need for third-party vendor Transferability to other users Divisibility “ Making change ”
12 E-Cash Created by David Chaum in Amsterdam in 1990 Maintains the anonymity of cash transactions Users maintain an account with a participating financial institution, and also have a “ wallet ” on their computer ’ s hard drive Digital coins, or tokens, are stored in the wallet
13 Electronic Commerce Infrastructure Intrabusiness Intranet based Supports internal transactions and transfers Business-to-Business (BTB or B2B) Extranet based Business-to-Consumer (BTC or B2C) Internet based
14 Importance of BTB Commerce
15 Firewalls Used to provide security for computers inside of a given network All traffic to/from network passes through firewall Only authorized traffic is allowed through Firewall itself is a secure system Firewall performs authentication on users Firewall may encrypt transmissions
16 DMZ- DeMilitarized Zone
17 Free Trade Zones (FTZ) Area where communication and transactions occur between trusted parties Isolated from both the external environment and the enterprise ’ s internet network Supported by firewalls on both ends Inside the FTZ, all communications can be in clear mode without any encryption Necessary because logical boundaries between BTB and IB are becoming fuzzy.
18
19