Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Commerce Security.

Published by지안 강 Modified over 6 years ago

Similar presentations

Presentation on theme: "E-Commerce Security."— Presentation transcript:

1 E-Commerce Security

2 E-Commerce Buying and selling, and marketing and servicing of products and services, and information via computer networks.

3 E-Commerce Models 1. Storefront model: b2c 2. Auction model: e-Bay
Shopping cart, on-line shopping mall 2. Auction model: e-Bay 3. Portal model: yahoo.com 4. Dynamic pricing: name-your-price, comparison-pricing, bartering(exchange items), 5. B2B & EDI (Electronic Data Interchange) 6. Etc.

4 M-Business E-Business enabled by wireless communication.
WI-FI: Wireless local area network (WLAN) based on the IEEE specifications. Hotspot: A person with a Wi-Fi device, such as a computer, cell telephone, or personal digital assistant (PDA) can connect to the Internet when in proximity of an Access Point. The region covered by one or several access points is called a hotspot.

5 Location Based Services
Location-Identification Technologies: Global Positioning System (GPS) Cell phone Angle of Arrival (AOA) Location Based Services: B2E (Employee) B2C

6 Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message secret and only known to the sender and receiver? Integrity: Have the contents of a message been modified during transmission? Nonrepudiation: Can the sender of a message deny that they actually sent the message?

7 Encryption (Cryptography)
Plain text: the original message in human-readable form. Ciphertext:the encrypted message Encryption algorithm: the mathematical formula used to encrypt the plain text. Key: the secret key used to encrypt and decrypt a message.

8 Encryption Example Digits: 0-9, Encryptor: Decryptor:
Replace each digit by Mod(Digit + Key, 10) Key’s value is from 0 to 9 If Key = 7, then: 0 -> 7, 1->8, 2->9, 3->0, 4->1, 5->2 Decryptor: Replace ach digit byMod(Digit + (10-Key), 10) If key=7, then 7->0, 8->1, 9->2, 0->3

9 Encryption Algorithms
Private key encryption Public key encryption Digital signature Digital certificate

10 Private Key (secret Key) Encryption
The same key is used by a sender (for encryption) and a receiver (for decryption) The key must be transmitted to the receiver. Example: DES (Data Encryption Standard) algorithm with 56-bit key

11 Public Key Encryption Uses two different keys: a public and a private key. Receiver’s public key must be delivered in advance. Sender uses receiver’s public key to encrypt the message and receiver uses private key to decrypt the message (Sender can be sure the receiver is the true receiver) Example: RSA (Rivest, Shamir, and Adelman) algorithm with 512-bit to 1024-bit key. Note: Although the two keys are mathematically related, deriving one from the other is “computationally infeasible”.

12 Digital Signature It is used for the authentication and nonrepudiation of senders by applying public key encryption in reverse. How digital signature works: Sender: Create message digest: Hash(original message) Digital signature: Encrypt(Message digest, Sender’s private key) Encrypted message: Encrypt(Original message, Receiver’s public key) Send the hash function, digital signature, and the encrypted message to receiver. Receiver: Use receiver’s private key to decrypt the encrypted message to reveal the original message. Use the sender’s public key to decrypt digital signature and reveal the message digest. Apply the hash function to the original message. If the hash value matches the message digest in the digital signature, the message is intact.

13 Ceritificate A certificate is a digital document issued by a trusted third-party certificate authority (CA). A certificate contains records such as a serial number, user’s name, owner’s public key, name of CA, etc. Example of CA: VeriSign, U.S. Postal Service.

14 Online Transaction Security Protocol
Secure Sockets Layer (SSL) Developed by Netscape SSL implements public key technology using the RSA algorithm and digital certificate to authenticate the server in a transaction and protect private information

15 Cookies Designed to hold information about a user.
Created by a web site and saved on the visitor’s machine. It contains: Web site that sets the cookie. One or more pieces of data. Expiration date for this cookie. Cookies directory: Browser sends cookie with the URL when you visit the site that issued the cookie.

Download ppt "E-Commerce Security."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
E-Commerce. Buying and selling, and marketing and servicing of products and services, and information via computer networks.

E-Commerce. Buying and selling, and marketing and servicing of products and services, and information via computer networks.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Telecommunication, Internet, and E-Commerce. Communication Channel Media Bandwidth: The speed at which information is transmitted over a communication.

Telecommunication, Internet, and E-Commerce. Communication Channel Media Bandwidth: The speed at which information is transmitted over a communication.
E-Commerce. Introduction to Internet A network of networks that connects computers across the world. It is growing rapidly: –Host computers –Users –Information.

E-Commerce. Introduction to Internet A network of networks that connects computers across the world. It is growing rapidly: –Host computers –Users –Information.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
E-Commerce. Internet It is a network that follows the TCP/IP protocol. –Transmission Control Protocol – handles communications between applications. A.

E-Commerce. Internet It is a network that follows the TCP/IP protocol. –Transmission Control Protocol – handles communications between applications. A.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Supporting Technologies III: Security 11/16 Lecture Notes.

Supporting Technologies III: Security 11/16 Lecture Notes.

Similar presentations

Ads by Google