Presentation is loading. Please wait.

Presentation is loading. Please wait.

Slide 1 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. AFRINET2000 The Africa Internet Summit & Exhibition Abuja,

Published byCuthbert Booth Modified over 8 years ago

Similar presentations

Presentation on theme: "Slide 1 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. AFRINET2000 The Africa Internet Summit & Exhibition Abuja,"— Presentation transcript:

1 Slide 1 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. AFRINET2000 The Africa Internet Summit & Exhibition Abuja, Nigeria 18-22 September, 2000 Alexander NTOKO Project Manager, ITU Electronic Commerce ITU Telecommunication Development Bureau (BDT) Email: ntoko@itu.int Web: http://www.itu.int/ecdc E-Business Core Technologies and Secure Payment Solutions

2 Slide 2 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Technology Requirements  Authentication  Encryption  Data Integrity  Non-Repudiation  Access Control  Secure Online Payments

3 Slide 3 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Symmetric key encryption system Same key is used to both encrypt and decrypt data Examples of encryption systems: DES, 3DES, RC2, RC4, RC5 DES: Data Encryption Standard, US Gov 1977, developed at IBM

4 Slide 4 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Public key encryption system Each user has 2 keys: what one key encrypts, only the other key in the pair can decrypt. Public key can be sent in the open. Private key is never transmitted or shared. Recipient’s Public Key Recipient’s Private Key

5 Slide 5 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Sender Authentication Using Public Key Encryption “backwards” provides authentication of the sender Sender’s Public Key Sender’s Private Key

6 Slide 6 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Message Digest Hash Algorithm Digest - Used to determine if document has changed - Usually 128-bit or 160-bit “digests” - Infeasible to produce a document matching a digest - A one bit change in the document affects about half the bits in the digest

7 Slide 7 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Message Digest Common hash algorithms u MD2 (128-bit digest) u MD4 (128-bit digest) u MD5 (128-bit digest) u SHA-1 (160-bit digest)

8 Slide 8 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Digital Signature Signer’s Private Key Signed Document Encrypted Digest Hash Algorithm Digest

9 Slide 9 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Verifying the Digital Signature for Authentication and Integrity Hash Algorithm Digest ? ? Signer’s Public Key Integrity: One bit change in the content changes the digest

10 Slide 10 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. I T U X.509 Certificate Standard certificate virtually everyone uses Includes: serial number, name of individual or system ( X.500 name - e.g., CN=John Smith, OU=Sales, O=XYZ, C=US ), issuer ( X.500 name of CA ), validity period, public key, cryptographic algorithm used, CA digital signature, etc., plus flexible extensions in Version 3 Certificate is signed by the issuer to authenticate the binding between the subject name and the related public key

11 Slide 11 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. I T U X.509 Version 3 Version 3 standard extensions include subject and issuer attributes, certification policy information, key usage restrictions, e-mail address, DNS name, etc. Example of special extensions: account number, postal address, telephone number, photograph (image data), birthday to block users younger than specified age to access certain contents of a Web server, preferred language, etc.

12 Slide 12 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Certification Authority Issues Issuing certificates is easy Managing effectively and securely is difficult: CAs must maintain a Certification Revocation List (CRL), must not store private keys (risk of “identity theft”),... Trust depends on integrity and security of CA’s practices and procedures Users will have many certificates (e.g., one for Intranet, one for Extranet, one at home) Interoperability: need for standard

13 Slide 13 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Is Encryption Safe? Keys with 128 bits will probably remain unbreakable by brute force for the foreseeable future. If 1 billion keys were tried per chip and one billion chips were used, it will take 10 13 years. Longer than the age of the universe to break! For keys longer that 128-bits, we will encounter a limit where the energy consumed by the computation (using the minimum energy of a quantum mechanic operation for the energy of one step) will exceed the energy of the mass of the sun or even of the universe.

14 Slide 14 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. PAYMENTS Everything … must be accessed in money; for this enables men to always exchange their services, and so makes society possible. Aristotle (384-322 B.C.)

15 Slide 15 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. PAYMENT SOLUTIONS Card Based Payment Systems and Requirements (For B2C and B2B) Using PKI for Multi-Purpose and Multi- Platform Payments

16 Slide 16 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Card-Based Payment Scheme A payment scheme typically with a spending limit associated with a special-purpose account. Payments are normally in the form of an instalment-based repayment with a pre-set interest rate on the unpaid balance.

17 Slide 17 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Why Card-Based Payments in E-Business ? Have been in use since early 1960s More than 1000 million cards in use Accepted in more than 220 countries by more than 15 million merchants Almost $2000 billion in sales per year Currency-transparent and universal Preferred payment method in C-to-B EC

18 Slide 18 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Entities in Card-based Systems Issuing Bank (Issuer) - Issues credit, debit and purchasing cards to cardholders and guarantees payments for authorized transactions. Acquiring Bank (Acquirer) - Establishes contract with merchant and processes payment authorizations and payments. Payment Gateway - System operated by an acquiring bank to process merchant and cardholder payments. Payment Service Provider - Provides payment services to businesses and consumers. Card Holder - Uses a card issued by an issuing Bank to pay for goods and services. Merchant - Establishes contract with acquiring bank to accept card payments from cardholders.

19 Slide 19 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. PKI-Based Payment Solutions Attribute Certificates linked to Identity Certificates Authorisation Key to Access various Services Validation (OSCP) Services and Digital Receipts USB Certificate Tokens for End-user Authentication Multipurpose E-Payment (micro and high value) + =

20 Slide 20 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. PKI Based on the WISeKey PKI and Common Root and Certification Process Users will be issued an ITU-T X.509 Digital Certificate stored on a USB port device (a USB Key). Users identified by certificate and “attributes” stored in ITU-T X.500 Directory Attributes Certificates assigned by financial institutions allowing access to various types of payments based on attributes.

21 Slide 21 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. - Registration Authority Integrated into WISeKey PKI Registration at local level (WTC and CCI) u issue certificates at a local level. u supply user with a end-user access kit (USB Key device and software).

22 Slide 22 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. Certificate Attributes Attributes give access to different levels of service u Financial Area u Insurance Area u Industry Area Attributes assigned by Trusted Third Parties u Financial Institutions (Banks) u Inspection Organisations u Insurance Companies u Auditing Organisations u Trade Organisations u Intellectual Property

23 Slide 23 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. WISeCert has been created for organizations serving communities that want to implement a PKI and provides all components of the PKI system required in one package. The only components required to be provided by the organization are the computers and secure environment. Even these can be sourced and provided by WISeCert, thus providing a complete “turn-key” solution. WISeCert Applications: Secure Server Certificates enable companies to unleash the investment potential of their online channels by providing Web identity and strong security to customers, employees and partners communicating online.

Download ppt "Slide 1 EC-DC © 2000 - ITU Telecommunication Development Bureau (BDT). All Rights Reserved. AFRINET2000 The Africa Internet Summit & Exhibition Abuja,"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
© Copyright 1998-2001 International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CP3397 ECommerce.

CP3397 ECommerce.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
WISeWorld2000 WISeKey By Malcolm Hutchinson CEO & Cofounder WISekey.

WISeWorld2000 WISeKey By Malcolm Hutchinson CEO & Cofounder WISekey.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Similar presentations

Ads by Google