Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 8 Building the Transaction Database

Published byCorey Stevens Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 8 Building the Transaction Database"— Presentation transcript:

1 Chapter 8 Building the Transaction Database
Objective: Database Tables used for Transaction. Registering Users. Gracefully Handling Form Errors. Using the Secure Sockets Layer.

2 Transaction Database Tables
User Table – Used o store user Information Cart Table – Used to store customer shopping cart. Order Table – Holds information of all the products that that have been ordered in addition to information about the status of an order.

3 User Table schema User_id User_name User_pwd User_email User_street
User_city User_zip User_state User_cctype User_ccexpires User_ccname

4 Registering Users Before customer can add items to their shopping cart, they must first register. Instead of entering address and payment information every time a new item is bought, the customer can enter this information once. It enables customers to retain a shopping cart over many visits to your Web site.

5 Gracefully Handling Form Errors
The Error Form displays an error message and asks the user to return to the previous page to correct the mistake. When the user clicks the return button all the original data that the user entered into the HTML form is passed back to the form. Bcoz the information is passed back to the form, there is no need to start filling out the form again.

6 Secure Socket layer During Registration the user enter the credit card information in the form. This information is transmitted across the internet in plain text, which is dangerous. The information in internet passes through various intermediate connections.

7 An individual with impure intensions could teal the information while it is on its way to destination. To protect the customer’s credit card information, you must use the Secure Socket Layer(SSL). SSL is a technology originally developed by Netscape that enables you o transfer information securely across the internet.

8 It provides solution to three distinct security problems:
Encryption Authentication Data Integrity Information that flows between Web Server & Web Browser is encrypted by encoding the information with a publicly known encryption algorithm and a secret session encryption key.

9 The number of bits in the session key determines the strength of the encryption.
Two standard key sizes are 40 bit & 128 bit key. 40 bit key is hacked but 128 is considered unbreakable with current technology. SSL is also used to authenticate a Web server.

10 To enable SSL on your Web server, server certificate should be installed.
This server certificate prevents other web site from pretending to be your web site. Server certificate contains information about your Web site, your organization & the issuer of the certificate. Finally SSL protects the integrity of the data as it is transmitted across the internet by including MCA (Message Authentication code) with the data as it is transmitted.

11 Enabling SSL on your Web Server
SSL is used with IIS and not PWS. Enabling SSL is time consuming & Expensive. Ex VeriSign charges $349 for 40 bit SSL key & $895 for 128 bit key.

12 To enable SSL with IIS Server the following are the three steps:
Generate a certificate Request File and an Encryption Key pair file using MS Key Manager. Apply for a Server Certificate from a certificate authority by providing your Certificate Request File. Install your server certificate by using MS Key Manager.

13 Generating the Certificate Request File
Use MS Key Manager to create Certificate Request File also called Certificate Signing Request (CSR). To access MS Key manage, Launch Internet Service manager, select key, Create New key. This creates wizard that will guide you through the task of creating the CRF

14 Following Information is supplied to create CRF
Request File Key name Password Key size Organization Organizational Unit Common Name Country/Region State/Provision Locality Your Name Address Phone Number

15 Applying for a Server certificate
The CRF should be sent to a certificating authority to get your server certificate. The three popular authorities are: VeriSign Inc. Thawte Counselting GTE CyberTrust Solutions

16 To apply for VeriSign server certificate go to http://www. verisign
To apply for VeriSign server certificate go to and choose Secure Server ID. Provide VerSign with identifying information about your organization then submit the you CRF through an online form. After your information is verified, an is sent to you instructing o download the new Server certificate.

17 Installing Server Certificate
Last step is to install server certificate, that is received from the certifying authority. To install the server certificate launch the Internet Service Manager and select MS Key manager. Next Choose Key, install Key certificate. Open the new certificate file file from the hardware and supply the same password as used in CRF. Next specify the IP address and port to use SSL.

18 The Server certificate lasts for a period of time.
The exact expiry date is given in the right frame of MS Key manager. Can be renewed before expiry.

19 Using SSL in ASP Page After installing your Server Certificate, you can request any page from he web site securely. O request a page using SSL, the address must begin with protocol rather than To force user to use SSL, you can use Internet Service Manager to configure a directory to require SSL.

20 To do this, launch the Internet Service Manager and open the property sheet for one of the directories within your website. Next click Edit button under Secure Communications & choose Require Secure Channel When access this resource. SSL should be enabled during registration in online store.

Download ppt "Chapter 8 Building the Transaction Database"

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Webinar Today: eCommerce Solutions Shopping Carts Online Bill Payment Event Registration And more! Problems? Please

Webinar Today: eCommerce Solutions Shopping Carts Online Bill Payment Event Registration And more! Problems? Please
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.
Digital Certificate Installation & User Guide For Class - 2 Certificates.

Digital Certificate Installation & User Guide For Class - 2 Certificates.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 

CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
Session 11: Security with ASP.NET

Session 11: Security with ASP.NET
Human-Computer Interface Course 5. ISPs and Internet connection.

Human-Computer Interface Course 5. ISPs and Internet connection.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
JavaScript, Fourth Edition

JavaScript, Fourth Edition
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Copyright 2000 eMation SECURITY - Controlling Data Access with

Copyright 2000 eMation SECURITY - Controlling Data Access with

Similar presentations

Ads by Google