1 / 47

Electronic Commerce

Chapter 3. Electronic Commerce. Explain the history of the Internet and how it works. Learning Objective 1. Electronic Networks. Electronic networks are groups of computers that are connected together electronically. Local area networks (LANs) are networks that span a single site.

davidhaynes
Download Presentation

Electronic Commerce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 3 Electronic Commerce

  2. Explain the history of the Internet and how it works. Learning Objective 1

  3. Electronic Networks Electronic networks are groups of computers that are connected together electronically. Local area networks (LANs) are networks that span a single site. Metropolitan area networks (MANs) span a single city or metropolitan area.

  4. Electronic Networks Wide area networks (WANs) are networks of computers that span at least two metropolitan areas.

  5. The Internet The Internet is an electronic highway that allows computers to communicate with each other. The earliest practical version of the Internet was created in the early 1970s by the Pentagon’s Advanced Research Projects Agency (ARPA). It was called ARPANET.

  6. The Internet Other networks: Bitnet MILnet NSFnet They adopted a common set of communications protocols called TCP/IP (Transmission Control Protocol/Internet Protocol).

  7. The Internet Transmission Control Protocol (TCP) divides electronic messages into “packets” of information and then reassembles these packets at the end. Internet Protocol (IP) assigns a unique address to each computer on the Internet.

  8. The Internet Fixed IP address Dynamic IP address Domain name Domain name servers

  9. Describe intranets and explain how they are made secure. Learning Objective 2

  10. Intranets What is an intranet? It is a self-contained, in-house internet. Extranets exist when the intranets of two or more companies are linked together.

  11. The Internet Corporate Intranet Network computers Firewall Intranet Security Issues

  12. Intranet Security Issues Firewalls can be defeated. An attacker can assume a false identify such as a false IP address. What are additional layers of defense? Access limits through password control Encryption Proxy servers

  13. Explain client-server technology and how it applies to electronic financial transactions. Learning Objective 3

  14. Commerce on the Internet What is a server? It is a robot-type program that constantly runs on some computers and exchanges information with clients.

  15. Commerce on the Internet What is a client? It is a program that accesses and exchanges information with a server. A great many of the business transactions that occur on the Internet take place in client-server environments. Why?

  16. Commerce on the Internet Being robots, servers don’t get paid by the hour and don’t require fringe benefits. Servers can deal with hundreds of users (clients) at one time. Servers can be accessed at any time of day, anywhere in the world, with no per-minute communication charges.

  17. Types of Servers There are many kinds of servers on the Internet: Mail servers File servers Web servers Commerce servers

  18. Sender’s mail client Receiver’s mail client Message sender Message receiver Sender’s mail server Receiver’s mail server The Internet Types of Servers Mail Server

  19. Types of Servers What are file servers? They allow authorized clients to retrieve files from libraries of files that exist on remote computers. The most common protocol for file serves is called FTP. A file server that uses this protocol is called an FTP server.

  20. Types of Servers What is a Web server? It is a server that allows a user (client) to access documents and run computer programs that reside on remote computers. All Web clients automatically read and interpret HTML (hypertext markup language).

  21. World Wide Web document on server in Chicago Hyperlink World Wide Web document on server in San Diego World Wide Web document on server in Tokyo Types of Servers Hyperlinked Documents

  22. Support for the secure electronic transaction (SET) protocol 1 Types of Servers What are commerce servers? They are specialized types of Web servers with various commerce-related features.

  23. Support for specialized types of client and server authentication 2 Support for interfacing with “external” programs 3 4 Enhanced security features Online credit card or bank verification 5 Types of Servers

  24. Types of Servers Bank Encrypted communication link Verify payment Order/payment information Consumer’s client Commerce server Internet Product information and order verification

  25. Types of Servers Commerce server Corporate accounting system Shipping Order file Goods shipped to customer

  26. Electronic Payment Systems Traditional electronic bill payment systems Traditional credit card systems Secure electronic transaction (SET) systems Virtual cash systems

  27. Describe various approaches to securing electronic financial transactions. Learning Objective 4

  28. Security for Electronic Transaction Secret-key encryption Public-key encryption Digital envelopes

  29. Secret key Message Encryption Decryption Message Secret-Key Encryption

  30. Recipient’s public key Recipient’s private key Message Encryption Ciphertext Decryption Message Public-Key Encryption

  31. Digital Envelope What is a digital envelope? It is an encryption method in which the message is encrypted with a secret key, and the secret key is encrypted with the recipient’s public key. This method is sometimes referred to as double-key encryption.

  32. Recipient’s public key Random message key Encrypted message key Public-key encryption Message Private-key encryption Ciphertext Double-Key Encryption

  33. Double-Key Encryption Recipient’s private key Message key Encrypted message key Public-key decryption Ciphertext Private-key decryption Message

  34. Digital Signatures A digital signature occurs when someone encrypts a message with his or her own private key. What is a hashing function? A hashing function takes a long variable-length string of characters and converts it into a short fixed-length string.

  35. Sender’s private key Hashing algorithm Hash of message Public-key decryption Digital signature Message Digital Signature Creation

  36. Message Hashing algorithm Hash of message Verify signature Digital signature Public-key decryption Sender’s public key Verification of Digital Signature

  37. Digital Time-Stamping What is a digital time-stamping service (DTS)? It is an organization that adds digital time-stamps to documents.

  38. Attach date and time, then digital signature Digital time stamp service Message Date and time Digital signature Message Digital Time-Stamp Procedure

  39. Hash message and date and time Hashed message and date and time Message Verify match Date and time Digital signature Decrypt DTS’s signature with DTS’s public key Decrypted digital signature Verification of Digital Time-Stamp

  40. Security Issues for Public-Key Encryption Systems What is cryptanalysis attack? It involves various techniques for analyzing encrypted messages for purposes of decoding them without legitimate access to the keys. The simplest possible attack on a message is the guessed plaintext attack.

  41. Security Issues for Public-Key Encryption Systems The whole security of public-key encryption depends on the assumption that an attacker cannot factor the product of two large prime numbers (factoring attack). The best way to prevent cryptanalysis and factoring attacks is to use very long keys.

  42. Security Issues for Public-Key Encryption Systems What are some ways of protecting private keys? Creating and distributing keys Digital certificates Certificate revocation list (CRLS) Certificate chains Certificate-signing units Key expirations

  43. Electronic Commerce and Encryption Technology What is digital cash? It is money created when a bank attaches its digital signature to a note promising to pay the bearer some amount of money.

  44. Electronic Commerce and Encryption Technology What is blinding? It is a technique in which a bank issues digital cash in such a way the it is unable to link the payer to the payee. What is a blinded digital signature? It is a digital signature and related digital cash that have been issued with blinding.

  45. Computer Software andComputer Card Systems What is an electronic wallet? It is a computer program that keeps track of the various keys and items of information associated with digital money. What are smart cards? They are hand-held electronic cards that are used for payments.

  46. Computer Software andComputer Card Systems What are the four types of smart cards? Memory cards Shared-key cards Signature-transporting cards Signature-creating cards

  47. End of Chapter 3

More Related