1 / 25

Chapter 3

Chapter 3 THE INTERNET, INTRANETS, AND ELECTRONIC COMMERCE The Internet electronic highway, consisting of various standards and protocols The Internet has no central command and control structure. TCP (Transmission Control Protocol)

benjamin
Download Presentation

Chapter 3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 3 • THE INTERNET, INTRANETS, AND ELECTRONIC COMMERCE

  2. The Internet • electronic highway, consisting of various standards and protocols • The Internet has no central command and control structure.

  3. TCP (Transmission Control Protocol) • a protocol for dividing electronic messages into "packets" of information and then reassembling these packets at the receiving end

  4. Internet Protocol (IP) Addresses • specific location of a computer on the Internet--a unique identifier (e.g., 408.78.230.2) • domain name is an alias that can be used in place of the IP number (www.ibm.com) • Domain names and their corresponding IP addresses are kept in the domain name servers (DNSs).

  5. Intranets • in-house networks that use Internet-type protocols. • recently Cisco has announced joint ventures with TCI and others to bring intranet-type technology to homes

  6. Intranet Security • Firewalls limit access to information on company servers from the rest of the world. • Proxy servers filter all outgoing requests for information. Ethical and moral issues emerge from proxy server filters.

  7. Client-Server Technology • A server is program that constantly runs and exchanges information with users who request it. • Clients are programs that access and exchange information with servers. • Examples include mail servers, file servers (File Transfer Protocol--FTP sites), web servers.

  8. World Wide Web • A web server is a server that allows a user (client) to access documents and run computer that reside on remote computers.

  9. Electronic Payment Systems • electronic bill payment systems: payment instructions sent to a bank • credit card systems: credit card information supplied to secure commerce server

  10. Electronic Payment Systems • Secure Electronic Transaction (SET) systems: special type of credit card payment system established by Visa and MasterCard • Secure Sockets Layer (SSL) is another industry-wide protocol for enhancing security and integrity of transactions on the internet.

  11. Security for Electronic Transactions • Encryption involves using a password or digital key to scramble a readable (plaintext) message into an unreadable (ciphertext) message.

  12. Types of Encryption Systems • Secret Key • Public Key • Hybrid

  13. Secret key Encryption • the same key is used for both encrypting and decrypting a message

  14. Public Key Encryption • two keys are used in association with each encrypted message, one key to encrypt the message and another key to decrypt it

  15. Hybrid Systems and Digital Envelopes • A random key generated by sender encrypts message. • Using the recipient’s public key, the random key is encrypted, and both the encrypted message and the random key is sent to the recipient in a digital envelope. • The recipient then uses his/her private key to decrypt the random key and then decrypt the message.

  16. Digital Signatures • What is a digital signature? • There are significant implications for accountants. For example, Impact on how transactions will be authorized Impact on how authenticity of transactions will be verified by auditors

  17. Cryptanalysis • various techniques for analyzing encrypted messages for purposes of decoding them without legitimate access to the keys

  18. factoring attack • the private key can be deduced by factoring the public key into to prime numbers

  19. key attacks • most attacks against public key systems are likely to be made at the key management level

  20. Digital Certificates • digital documents that attest to the fact that a particular public key belongs to a particular individual or organization • Digital certificates are issued by some certifying authority (CA). • Examples of Digital Certificates Fidelity NetBenefits Discover Dean Witter

  21. Certification • The CA creates a digital certificate by digitally signing a document that includes the name of the person being certified, that person s public key, the name of the CA, the expiration date of the key being certified, and the expiration date of the certificate.

  22. Certificate Revocation Lists (CRLs) • a list of public keys that have been revoked before their expiration dates. • Certificate Chains: certificates can be linked together in chains. • Certificate Signing Units: protect private keys.

  23. Virtual Cash Systems • Digital Cash: a bank digitally signs an electronic bank note • Blinded Digital Cash: a bank to issues digital cash so that it is unable to link the payer to the payee.

  24. Virtual Cash in Electronic Cards • Smart cards are hand-held electronic cards that are used for payments.

  25. The End

More Related