Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce.

Published byLester Small Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce."— Presentation transcript:

1 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce

2 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 2 FINANCIAL SERVICES & THE INTERNET Internet commerce transactions can benefit companies and customers by providing cost efficiencies in policy origination, claims processing and business development. Auto insurance policies are being sold on-line in the UK by Eagle Star AOL, Yahoo! Financial and InsWeb are providing insurance information to customers and lead generation information to insurers in the US Citicorp chairman John Reed estimates that 80% of the costs associated with customer service can be eliminated with an effective technology strategy (Yahoo! News 4/15/98) On-line purchases provide a 4% higher profit margin than other sales mediums.

3 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 3 EXPERT PROJECTIONS Made Projected Actual 1997 E-Commerce 1991 $150B$8B 2002 E-Commerce 1997 $327B ? $500B ? $1500B ? Source: Forrester Research, Yankee Group, Cisco, 1997

4 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 4 INTERNET COMMERCE EXAMPLE Customer Alice in San Francisco Broker Bob in Chicago “Did Bob receive my information?” “Is anyone reading my information while it travels the Internet?” “How do I know for certain that Bob is the one who received my information?” “Did this information really come from Alice?” “Can I count on the Internet to deliver my important information on time?”

5 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 5 TRUST DEFINED SECURITY TRUST= RELIABILITY ACCOUNTABILITY

6 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 6 SECURITY “Is anyone reading my information while it travels the Internet?”

7 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 7 SECURITY Avoiding It Private Networks Virtual Private Networks Cryptography Symmetric Encryption Asymmetric Encryption There are a number of ways companies are addressing security concerns for electronic communications:

8 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 8 Scramble the contents of a message, making it unreadable Unscramble the contents of an encrypted message, making it readable again If the key used to scramble and unscramble is the same, it is a symmetric key INFORMATION += + = SYMMETRIC KEY ENCRYPTED INFORMATION SYMMETRIC KEYS ENCRYPTED INFORMATION SYMMETRIC KEY INFORMATION Symmetric encryption key is a computer code used to: SYMMETRIC ENCRYPTION

9 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 9 Asymmetric keys split the function of a symmetric key into two parts: INFORMATION +=+= PUBLIC KEY ENCRYPTED INFORMATION PRIVATE KEY INFORMATION Information encrypted with the private key can only be decrypted with the public key, and vice versa ASYMMETRIC KEYS ASYMMETRIC ENCRYPTION

10 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 10 SYMMETRIC & ASYMMETRIC COMPARED Symmetric Encryption  Relatively easy-to-use  Several security and administration issues... Need to share the symmetric encryption key with the recipient Must use an “out-of-band” method Anyone who acquires the session key can use it to: Decrypt the message you sent Asymmetric Encryption  Enhanced security and flexibility  Requires longer keys which greatly increases processing time

11 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 11 SYMMETRIC & ASYMMETRIC COMBINED Get advantages of both by using them together INFORMATION += SYMMETRIC KEY ENCRYPTED INFORMATION + BOB’S ASYMMETRIC PUBLIC KEY SYMMETRIC KEY = ENCRYPTED SYMMETRIC KEY ENCRYPTED INFORMATION INFORMATION + SYMMETRIC KEY = ENCRYPTED SYMMETRIC KEY =+ BOB’S ASYMMETRIC PRIVATE KEY SYMMETRIC KEY ALICEBOB

12 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 12 RELIABILITY “Can I count on the Internet to deliver my information on time?”

13 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 13 RELIABILITY No single entity “owns” the Internet, therefore no one completely controls its reliability. Companies are addressing the challenge of reliability with: Hardware - reliable mail servers, web servers, routers Software - reliable email packages, languages Connectivity - reliable Internet Service Providers (ISPs) Information - status confirmation

14 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 14 ACCOUNTABILITY “Did this information really come from Alice?”

15 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 15 ACCOUNTABILITY Companies who enable Internet Commerce must be accountable for : Integrity The information has not been altered in transit Identity The sender and recipient are who they claim to be Non-Repudiation Providing indisputable proof of a transaction after the fact Financial Guarantees Assuming liability for information exchanges

16 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 16 INTEGRITY A digital hash is a computed number that uniquely represent information  If the document changes in the slightest, so does the digital hash INFORMATION DIGITAL FINGERPRINT HASHING FUNCTION DIGITAL HASH =

17 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 17 INTEGRITY A digital hash ensures information was not altered in transit INFORMATION HASHING FUNCTION ALICE’S DIGITAL HASH INFORMATION HASHING FUNCTION BOB’S DIGITAL HASH ?=?= ALICE’S DIGITAL HASH Alice sends both the message and her hash of the message to Bob Bob does his own hash of the message and compares it to the hash Alice sent

18 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 18 IDENTITY Combine a digital hash with encryption to produce a digital signature which provides proof of authorship MESSAGE HASHING FUNCTION DIGITAL HASH + ALICE’S PRIVATE KEY = Alice DIGITAL SIGNATURE

19 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 19 IDENTITY Digital certificates bind an identity to a public encryption key + ALICE ALICE’S PUBLIC KEY CERTIFICATE AUTHORITY ALICE INFO  Email Address  Employer  Etc. ALICE’S DIGITAL CERTIFICATE

20 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 20 DIGITAL CERTIFICATE INDUSTRY UPDATE Recent survey* of 50 Fortune 1,000 firms, 72% plan to use digital certificates within 2 years Financial Services industry is leading the way of digital certificate use for intercompany electronic commerce Why use digital certificates? “Non-repudiation. We need to be sure that when someone appears to initiate a message, they’re the ones who really did it.” (Commercial Bank) * Forrester Research, Inc. 1997

21 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 21 NON-REPUDIATION Non-repudiation takes several forms Digital certificates to prove authorship Archive transaction records to prove information exchanged at a specific date and time Archived transaction content to prove exact details of an information exchange

22 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 22 FINANCIAL GUARANTEES Companies assuming liability for services and products that enable Internet commerce is an important step forward. VeriSign and IDMetrix insure digital certificates NetDox insures Internet messages AT&T guarantees network (Internet) access BBN Internet Service takes full responsibility for delivery of data packets from source to destination

23 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 23 SUMMARY Building trust through security, reliability, and accountability will enable businesses to harness the power of Internet Commerce.

24 Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 24 MORE INFORMATION Cryptography: RSA website - www.rsa.com Digital Certificates: Entrust - www.entrust.com GTE - www.gte.com IDMetrix - www.idmetrix.com VeriSign - vwww.verisign.com World Wide Web Security: World Wide Web Security FAQ - www.w3.org NetDox: www.netdox.com

Download ppt "Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce."

Similar presentations

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Similar presentations

Ads by Google