1 / 14

Chapter 18: Doing Business on the Internet

Chapter 18: Doing Business on the Internet. Business Data Communications, 4e. Security: The Key to E-Commerce. Communications Encryption Privacy payment systems. SSL & TLS. Secure Socket Layer Transport Layer Security

rio
Download Presentation

Chapter 18: Doing Business on the Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 18:Doing Business on the Internet Business Data Communications, 4e

  2. Security: The Key to E-Commerce • Communications • Encryption • Privacy • payment systems Business Data Communications, 4e

  3. SSL & TLS • Secure Socket Layer • Transport Layer Security • Protocols that sit between the underlying transport protocol (TCP) and the application Business Data Communications, 4e

  4. Secure Socket Layer (SSL) • Originated by Netscape • TLS has been developed by a working group of the IETF, and is essentially SSLv3.1 • Provides security at the “socket” level, just above the basic TCP/IP service • Can provide security for a variety of Internet services, not just the WWW Business Data Communications, 4e

  5. SSL Implementation • Focused on the initialization/handshaking to set up a secure channel • Client specifies encryption method and provides challenge text • Server authenticates with public key certificate • Client send master key, encrypted with server key • Server returns an encrypted master key • Digital signatures used in initialization are based on RSA; after initialization, single key encryption systems like DES can be used Business Data Communications, 4e

  6. Characteristics of On-Line Payment Systems • Transaction types • Means of settlement • Operational characteristics • Privacy and security • Who takes risks Business Data Communications, 4e

  7. Secure Electronic Transactions • SET is a payment protocol supporting the use of bank/credit cards for transactions • Supported by MasterCard, Visa, and many companies selling goods and services online • SET is an open industry standard, using RSA public-key and DES single-key encryption Business Data Communications, 4e

  8. SET Participants & Interactions Business Data Communications, 4e

  9. Ideal Components of Electronic Cash • Independent of physical location • Security • Privacy • Off-line payment • No need for third-party vendor • Transferability to other users • Divisibility • “Making change” Business Data Communications, 4e

  10. E-Cash • Created by David Chaum in Amsterdam in 1990 • Maintains the anonymity of cash transactions • Users maintain an account with a participating financial institution, and also have a “wallet” on their computer’s hard drive • Digital coins, or tokens, are stored in the wallet Business Data Communications, 4e

  11. Electronic Commerce Infrastructure • Intrabusiness • Intranet based • Supports internal transactions and transfers • Business-to-Business (BTB or B2B) • Extranet based • Business-to-Consumer (BTC or B2C) • Internet based Business Data Communications, 4e

  12. Importance of BTB Commerce Business Data Communications, 4e

  13. Firewalls • Used to provide security for computers inside of a given network • All traffic to/from network passes through firewall • Only authorized traffic is allowed through • Firewall itself is a secure system • Firewall performs authentication on users • Firewall may encrypt transmissions Business Data Communications, 4e

  14. Free Trade Zones (FTZ) • Area where communication and transactions occur between trusted parties • Isolated from both the external environment and the enterprise’s internet network • Supported by firewalls on both ends • Inside the FTZ, all communications can be in clear mode without any encryption • Necessary because logical boundaries between BTB and IB are becoming fuzzy. Business Data Communications, 4e

More Related