Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers."— Presentation transcript:

1 Electronic Commerce

2 On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers view the catalog and: select the merchandise that they want to buy select a form of payment (usually credit card) Send this information to the company via the Internet (How?) Finally, the company receives the order and ships the merchandise;

3 E-commerce scope & benefits E-commerce is not limited to on-line ordering, but it encompasses a variety of activities including: Online banking Business-to-business transactions Bill paying E-commerce benefits: Automated order management Low costs (rent, sale people salaries,…) Quick response

4 E-commerce explosion Between 1993 and 2000 e-commerce grew from an insignificant novelty to mainstream business; Now, many large and small businesses provide for buying on the Internet. Retail e-commerce sales (billions of dollars)

5 Security and e-commerce E-commerce became feasible only when secure mechanism were in place that guaranteed the authenticity and privacy of a message; When a browser sends a message containing confidential information (credit card number), it: Encrypts the message, or If the form does not require secure transfer, it notifies the client that the message is sent in clear  it is up to the user to decide whether to proceed or not;

6 Certificates Certificates are used to disseminate the public key of a person or an organization. Certificates are statements encrypted (signed) by trusted parties which contain information, like public key: Ex: certificate=encrypt(priv T,{Columbia, public key of Columbia}) Certificates are stored by well known organizations When a browser needs to obtain or verify a public key it retrieves the company certificate from one of the organizations mentioned above.

7 SSL The most widely-used protocol devised for secure communication is SSL (Secure Socket Layer) built on top of TCP/IP. Allows to verify the authenticity and ensure the privacy of a message; When a message is sent by an enterprise E, the receiver needs to know that it is authentic: the message is encrypted with the private key of E; The public key of E is verified by obtaining a certificate

8 SSL (cont.) When a message is sent by a customer to E, it needs to remain confidential It is encrypted with the public key of E  only E has the correspondent private key, so only it can read the message Note that a browser needs to know only few public keys: the public keys of the trusted organizations that sign certificates; However, based on them a far wider web of trust is created.

9 Digital Money Digital cash---the electronic equivalent of cash Like cash, digital cash is not-traceable to the client that used it to make a purchase; Cash is a special kind of printed paper, that banks recognize to held a certain value Like cash, digital cash is (usually) a statement, containing a certain amount, digitally signed (encrypted) by a bank.

10 How Digital Money Should Work A person X, transfers electronically a certain amount from their bank account into a digital wallet; When making a purchase, X: specifies the digital wallet as the source of payment, and gives the vendor an authorization to deduct the amount of purchase from the digital wallet; Finally, the vendor goes with the authorization and the digital money to the bank and requests a transfer of funds.

11 Digital Cash is Expensive In order to pay with digital cash, the bank and the vendor have to: perform many computations required to encrypt/decrypt messages Communicate with each other;  digital cash becomes expensive to use, especially if the price to be paid is small Ex: if you make a purchase of 5c, and the cost of processing your transaction is 10c, your business is not profitable. Conclusion: digital cash is still not used

12 Another problem If we have a private company that would like the following: Make some services available within the company such as Telnet, FTP, HTTP between the company's hosts. Disallow outside users from gaining access to the company's internal hosts via Telnet, FTP, etc. Allow users from the Internet to visit the company's WWW home pages. Allow the exchange of e-mail with others on the Internet.

13 And another solution It is impossible to restrict traffic, using the security mechanisms discussed so far. What we need is a “gatekeeper” that can distinguish what services to allow and which to block. The general term for this is a firewall.

14 Firewalls A firewall is a dedicated computer placed between the Internet and the company’s computers.

15 Firewalls (cont.) The firewall acts as a packet filter: It contains special software that examines the packets and selectively blocks or allows access. Example: Drop any TCP/IP packets coming from the Internet to port 23 (Telnet) of any internal host. Firewalls also filter packets going from the company to the Internet, to prevent Trojan horse attacks

Download ppt "Electronic Commerce. On-line ordering---an e-commerce application On-line ordering assumes that: A company publishes its catalog on the Internet; Customers."

Similar presentations

CP3397 ECommerce.

CP3397 ECommerce.
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.

Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
Cryptography and Network Security

Cryptography and Network Security
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Principles of Information Systems, Sixth Edition Electronic Commerce Chapter 8.

Principles of Information Systems, Sixth Edition Electronic Commerce Chapter 8.
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.

Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Principles of Information Systems, Sixth Edition 1 Electronic Commerce Chapter 8.

Principles of Information Systems, Sixth Edition 1 Electronic Commerce Chapter 8.
Electronic Commerce Yong Choi School of Business CSU, Bakersfield.

Electronic Commerce Yong Choi School of Business CSU, Bakersfield.
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.

1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.
Chapter 8 Web Security.

Chapter 8 Web Security.
Financial Transactions on Internet Financial transactions require the cooperation of more than two parties. Transaction must be very low cost so that small.

Financial Transactions on Internet Financial transactions require the cooperation of more than two parties. Transaction must be very low cost so that small.
장홍예 Telecommunication Engineer Lab 2001.9.19 1 E-COMMERCE: TECHNICAL AND MARKET APPROACH.

장홍예 Telecommunication Engineer Lab E-COMMERCE: TECHNICAL AND MARKET APPROACH.
Payment Systems for Electronic Commerce

Payment Systems for Electronic Commerce
Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.

Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.
Traditional and Electronic Payment Methods Chapter 3.

Traditional and Electronic Payment Methods Chapter 3.
Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.

Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.
Supporting Technologies III: Security 11/16 Lecture Notes.

Supporting Technologies III: Security 11/16 Lecture Notes.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

Similar presentations

Ads by Google