1 / 14

Chapter 10: Electronic Commerce Security

Chapter 10: Electronic Commerce Security. Impact of Security on E-Commerce. In 2006 an estimated $913 million e-commerce sales lost because of security concerns. Another $1 billion lost because of shoppers refusing to shop online due to security concerns.

arva
Download Presentation

Chapter 10: Electronic Commerce Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 10:Electronic Commerce Security

  2. Impact of Security on E-Commerce • In 2006 an estimated $913 million e-commerce sales lost because of security concerns. • Another $1 billion lost because of shoppers refusing to shop online due to security concerns. • Nearly half of all online U.S. adults have concerns about online information security • It impacts all Online Commerce online commerce (online banking, online shopping and e-mail Gartner, Inc. - 2006 Electronic Commerce, Seventh Annual Edition

  3. Security for Client Computers • First-party cookies • Cookies placed on a client computer by a Web server site • Third-party cookies • Originates on a Web site other than the site being visited (e.g., DoubleClick) • Web bug • Tiny 1-pixel graphic that a third-party Web site places on another site’s Web page to track activity. (Also – Web Beacon, Transparent Gif) Electronic Commerce, Seventh Annual Edition

  4. A Web Bug Scenario Here a 3rd-party tracking site is tracking how much merchandise was purchased for a particular banner ad campaign. In this scenario the individual user remains anonymous, even though their buying habits are disclosed. Electronic Commerce, Seventh Annual Edition

  5. Electronic Commerce, Seventh Annual Edition

  6. ActiveX Controls • An ActiveX control is an object containing programs and properties that Web designers place on Web pages • ActiveX components can be constructed using different languages programs but the most common are C++ and Visual Basic • Intended for creating Website functionality but can be used to create malicious content . Electronic Commerce, Seventh Annual Edition

  7. Scripting Languages • JavaScript developed by Netscape to enable Web page designers to build active content • Intended for creating Website functionality but can also be used to create malicious content. Electronic Commerce, Seventh Annual Edition

  8. Digital Certificates • A Digital Certificate is signed code that Authenticates the Sender. • Issued by a Certification authority like Verisign or Thawte. Electronic Commerce, Seventh Annual Edition

  9. Electronic Commerce, Seventh Annual Edition

  10. Encryption Highlights • Symmetric Encryption encodes a message with two private keys. • Asymmetric Encryption uses a Public & Private Key. • Asymmetric Encryption is used in typical Web-based E-Commerce. (SSL & SET) • Pretty Good Privacy (PGP) is used to encrypt e-mail messages Electronic Commerce, Seventh Annual Edition

  11. Hash Functions • Used to ensure Message Integrity. • Used to encrypt a Digital Signature • Hash algorithms are one-way functions • There is no way to transform the hash value back to the original message Electronic Commerce, Seventh Annual Edition

  12. Hash Digest Electronic Commerce, Seventh Annual Edition

  13. Public Key Cryptography with Digital SignaturesSecure Socket Layers (SSL) Protocol is received in a Digital Certificate) encrypted by the Hash function)) is received in a Digital Certificate) Electronic Commerce, Seventh Annual Edition

  14. 5 Dimensions of E-Commerce & Network Security Electronic Commerce, Seventh Annual Edition

More Related