Presentation is loading. Please wait.

Presentation is loading. Please wait.

Supporting Technologies III: Security 11/16 Lecture Notes.

Published bySpencer Anthony Modified over 8 years ago

Similar presentations

Presentation on theme: "Supporting Technologies III: Security 11/16 Lecture Notes."— Presentation transcript:

1 Supporting Technologies III: Security 11/16 Lecture Notes

2 Outline Internet Security –encryption, digital signatures, digital certificates –SSL, SET –Firewalls –Virtual Private Networks Electronic Payment Systems –protocols –electronic card systems (credit cards, elec. Wallet) –ecash, echeck

3 Internet Security Major barrier to e-commerce Requirements for secure e-commerce: –Authenticity : Is the sender of the message who they claim to be? –Privacy : Are the contents of a message secret? –Integrity : Have the contents of a message been modified during transmission? –Nonrepudiation : Can the sender of a message deny that they actually sent the message?

4 Cryptography 4 parts: –Plaintext - original message (readable form). –Ciphertext - encrypted plaintext message (unreadable form). –Encryption Algorithm - mathematical formula used to compute a ciphertext from a plaintext (and decrypt a ciphertext to recover the plaintext). –Key - secret key used to encrypt and decrypt a message.

5 A (very) simple Symmetric Key Encryption example EncryptionDecryption PlaintextCiphertext Original Plaintext (Key) Plaintext: ecommerce Encryption Algorithm: substitute each letter with a letter that is Key many after it in the alphabet. Wrap around. Key: 3 (ex: a  d ) Ciphertext: hfrpphufh Decryption: substitute each letter with a letter that is Key many before it in the alphabet.

6 For encryption, a mathematical formula which involves the key is used. (usually) Usually the algorithm is known. The security of the system is dependent on the key. Generally, the longer the key, the harder to break the message by trying all the possibilities: “Brute Force Attack” ex: binary key of 4 bits long 2 4 =16 possibilities ex: 56 bits long 2 56  72 quadrillion possibilities : will take some time to crack it Life of the key is an important criterion to determine length of a key (credit card number vs. credit history of an individual).

7 Public Key Encryption Uses two different keys instead of one. Private Key: known by owner only Public Key: known publicly (published) A message encrypted using the Private Key can only be decrypted using the Public Key, and vice versa. RSA is a well known Public Key algorithm. EncryptionDecryption PlaintextCiphertext Original Plaintext Public Key of recipient Private Key or recipient

8 Digital Signatures Used for ensuring that a message is actually coming from the person you think sent it. Based on public key encryption. Sender creates a phrase and encrypts it with his/her private key. The phrase is attached to the message and the combined message is encrypted with the recipient’s public key. Recipient decrypts the message using its private key, then decrypts the signature with the sender’s public key.

9 Digital Signatures Message Text Signature Message Text Signature Ciphered Text senderreceiver encryptiondecryption (public key of recipient) (private key of recipient) (private key of sender) (public key of sender)

10 Digital Certificates Used to assure authenticity of the sender. Issued by third parties: certificate authorities (CA). Individuals and companies apply by sending CA their public key and identifying info. CA verifies this info and creates a certificate containing public key and identifying info and encrypts this using its private key. When someone wants to send the applicant a message, they request the certificate, decrypt it and obtain the public key. Certificates to authenticate web sites, software companies, etc. CA companies include VeriSign.

11 Secure Socket Layer (SSL) Protocol to handle encryption between web browsers and web servers (transparently). Operates at TCP/IP layer. Client contacts the server. ex: https://www.wellsfargo.com They agree on a protocol suite (the algorithm). All communications are encrypted.

12 message Encrypted message Encrypted message decrypt Alice’s private key Message digest Digital signature message + + Alice’s certificate encrypt Symmetric key Bob’s certificate encrypt Bob’s public key Digital envelop Digital envelop Digital envelop Symmetric key Encrypted message decrypt Symmetric key Digital signature decrypt message + + Alice’s certificate Bob’s private key encrypt Alice’s public key Message digest Message digest compare

13 SSL Protocol 1. At Alice’s site, the message to be sent is hashed to a previous fixed length for message digest. 2. The message digest is encrypted with Alice’s private key and the output is a digital signature. 3. The digital signature and Alice’s certificate are attached to the original message. Alice generates a secret key using the symmetric (DES) algorithm and uses that key to encrypt this bundle. 4. Alice encrypts the symmetric key with Bob’s public key which resides in Bob’s certificate (received in advance). The result is a digital envelop. 5. The encrypted message and the digital envelop are transmitted to Bob’s computer over the Internet.

14 SSL Protocol (cont’d) 6. The digital envelop is decrypted with Bob’s private key. 7. Using the restored secret key, Bob decrypts the message, obtaining the original message, digital signature, and Alice’s certificate. 8. To confirm the integrity, Bob decrypts the digital signature by Alice’s public key (that resides in Alice’s certificate), obtaining the message digest. 9. Bob hashes the delivered message to generate a message digest. 10. The message digest obtained by steps 8 and 9 are compared to confirm that they are correctly received. This step confirms the integrity.

15 Payment on the Internet Electronic Credit Cards Electronic Fund Transfer and Debit Cards Stored-Value Cards and E-Cash Electronic Check Systems Unified Systems

16 Electronic Credit Cards Players: Cardholder: consumer who uses credit cards. Merchant: offers goods/services, accepts credit cards. Card Issuer: financial institution (bank) that establishes accounts for cardholders and issues credit cards. Acquirer: financial institution (bank) that establishes accounts for merchants and acquires the vouchers of authorized sales slips. Card Brand: bank card associations (Visa, MasterCard) that provide networks to connect the involved financial institutions.

17 Conventional Credit Card Procedure cardholdermerchant Issuer Bank Cardholder account Issuer Bank merchant account 1. Issue plastic credit card 2. Show credit card 3. Authorization Card Brand 6. Amount Transfer 5. Payment request “capture” 4. Sells sales slip and pays a fee

18 Secure Electronic Transaction (SET) Protocol Designed to fully automate the credit card procedure and carry it out on the Internet. Four entities: Cardholder: keeps a certificate in electronic wallet Merchant : keeps a certificate in electronic wallet Certificate Authority (CA): issues certificates Payment Gateway: connects networks of banks to the Internet (other entities are beyond the scope of SET)

19 SET protocol E-merchant Customer with digital wallet Certificate authority Credit card brand and Banks Payment Gateway .25

20 Electronic Fund Transfer and Debit Cards on the Internet customer merchant bank Automated clearinghouse VAN Conventional Electronic Fund Transfer:

21 INTERNET Electronic Fund Transfer on the Internet customer merchant bank Automated clearinghouse VAN Payment Gateway Cyber Bank Payment Gateway

22 Stored Value Cards and E-Cash Avoids high fees for small payments (micropayments) provides anonymity, convenience eliminates multiple currency problem smart card: introduced in 1970s (non- Internet). Ex: phone, transportation, copies. Now has IC chips. Can recharge card. Use through your PC. Ex: Mondex, VisaCash.

23 Electronic Check Systems Similar security mechanism as in SET, but different use of procedures.(similar to electronic fund transfer). For B2B transactions: –High security required –needs to be integrated to accounting system –a trusted third party must keep copy of records ex: SafeCheck. For more info www.echeck.org

24 Unified Payment Systems Online e-check merging with Electronic fund transfer and electronic credit cards. Ex: Security First Network Bank (www.sfnb.com), Bank of America, VisaCash (stored-value money card), ePay (EFT), electronic bill payment, MasterCard.

Download ppt "Supporting Technologies III: Security 11/16 Lecture Notes."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.

1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.
Cryptographic Technologies

Cryptographic Technologies
Chapter 8 Web Security.

Chapter 8 Web Security.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.

Similar presentations

Ads by Google