Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, Java Version, Third Edition.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

CP3397 ECommerce.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Secure Socket Layer.
Computer Science 101 Data Encryption And Computer Networks.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Electronic Transaction Security (E-Commerce)
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Chapter 5 Cryptography Protecting principals communication in systems.
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.
Cryptographic Technologies
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
BUSINESS DRIVEN TECHNOLOGY
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CSCI 6962: Server-side Design and Programming
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Supporting Technologies III: Security 11/16 Lecture Notes.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
ITIS 1210 Introduction to Web-Based Information Systems Chapter 43 Shopping on the Internet.
Invitation to Computer Science 5th Edition
Linux Networking and Security Chapter 8 Making Data Secure.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
E-commerce Vocabulary Terms. E-commerce Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the Internet.
E-commerce Vocabulary Terms By: Laura Kinchen. Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Chapter 20 Symmetric Encryption and Message Confidentiality.
WEB security From COOKIES to Packet Sniffers – What Is This Stuff Anyway and Why Should I Care.
Types of Electronic Infection
30.1 Chapter 30 Cryptography Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Storing Organizational Information - Databases
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Database Design – Lecture 18 Client/Server, Data Warehouse and E-Commerce Database Design.
Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 13.3: Databases Invitation to Computer Science, Java Version, Second Edition.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Copyright © Terry Felke-Morris Web Development & Design Foundations with HTML5 8 th Edition CHAPTER 12 KEY CONCEPTS 1 Copyright.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Chapter 8 E-Commerce Technologies Introduction to Business Information Systems by Mark Huber, Craig Piercy, Patrick McKeown, and James Norrie.
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
12 E-Commerce Overview.
PART VII Security.
Presentation transcript:

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, Java Version, Third Edition

Invitation to Computer Science, Java Version, Third Edition 2 Objectives In this chapter, you will learn about E-commerce Databases Information security

Invitation to Computer Science, Java Version, Third Edition 3 Introduction E-commerce: Financial transactions conducted by electronic means Early days (early- and mid-1990s) of online commerce  A customer fills out an order via the Web and submits it  The online order is printed out by the business, and then processed like a traditional purchase

Invitation to Computer Science, Java Version, Third Edition 4 Introduction (continued) E-business  Every part of a financial transaction is handled electronically, including Order processing Credit verification Transaction completion Debit issuing Shipping alerts Inventory reduction

Invitation to Computer Science, Java Version, Third Edition 5 E-commerce Opening an online store requires at least as much planning as building another physical store location

Invitation to Computer Science, Java Version, Third Edition 6 The Vision Thing In planning for opening an online store, a company must identify  Its objectives  Risks involved  Costs involved The company should go ahead with its plans only if it is determined that its overall bottom line will improve by going online

Invitation to Computer Science, Java Version, Third Edition 7 Decisions, Decisions Personnel  In-house development or outsourcing Hardware  Web server machine  Additional computers

Invitation to Computer Science, Java Version, Third Edition 8 Decisions, Decisions (continued) Software programs to  Process customer orders  Interact with accounting, shipping, and inventory control software  Manage and store customer information

Invitation to Computer Science, Java Version, Third Edition 9 Anatomy of a Transaction Goals for an online business  Draw potential customers to your site  Keep them there  Set up optimum conditions for them to complete a purchase A typical online transaction can be divided into nine steps

Invitation to Computer Science, Java Version, Third Edition 10 Figure 13.1 A Typical Online Transaction in Nine Steps

Invitation to Computer Science, Java Version, Third Edition 11 Step 1: Getting There How can you get customers to your Web site?  Conventional advertising  Obvious domain name  Search engine  Portal

Invitation to Computer Science, Java Version, Third Edition 12 Step 2: Do I Know You? Provide Web site personalization by  Asking the user to register and then log in during each visit  Using cookies Provide incentives and benefits for return customers

Invitation to Computer Science, Java Version, Third Edition 13 Step 3: Committing to an Online Purchase Must provide security for transmission of sensitive information  Encryption: Encoding data to be transmitted into a scrambled form using a scheme agreed upon between the sender and the receiver  Authentication: Verifying the identify of the receiver of your message

Invitation to Computer Science, Java Version, Third Edition 14 Step 3: Committing to an Online Purchase (continued) SSL (secure sockets layer)  A series of protocols that allow a client and a Web server to Agree on encryption methods Exchange security keys Authenticate the identity of each party

Invitation to Computer Science, Java Version, Third Edition 15 Steps 4 and 5: Payment Processing Most common payment option: Credit card Option 1  Step 4: Online order form communicates with the accounting system  Step 5: Accounting system verifies the customer’s credit and processes the transaction on the fly

Invitation to Computer Science, Java Version, Third Edition 16 Steps 4 and 5: Payment Processing (continued) Option 2  Step 4: Collect information on the customer’s order  Step 5: Evaluate the customer’s credit and complete the transaction offline

Invitation to Computer Science, Java Version, Third Edition 17 Steps 6-9: Order Fulfillment Step 6: Order entry system alerts inventory system to reduce the items in stock Step 7: Order entry system contacts shipping system to arrange for shipping Steps 8 and 9: Shipping system works with the shipping company to pick up and deliver the purchase to the customer

Invitation to Computer Science, Java Version, Third Edition 18 Designing Your Web Site Web site taxonomy  How information will be classified and organized on the Web site CRM (customer relationship management)  Goals Improve your customer satisfaction Build customer relationships Bring people back to your Web site time and time again

Invitation to Computer Science, Java Version, Third Edition 19 Designing Your Web Site (continued) Some important Web site components  Site map  Navigation bar  Shopping carts  Order checkout forms  Shipping options  confirmations  Privacy policy

Invitation to Computer Science, Java Version, Third Edition 20 Designing Your Web Site (continued) Web pages should be designed to be displayed on different machines, operating systems, and browsers Text-only options should be offered for users with slow connections, the visually impaired, and the hearing-impaired

Invitation to Computer Science, Java Version, Third Edition 21 Behind the Scenes Businesses have many collaborative systems  Developed by different vendors with different protocols Middleware: Software that allows existing programs to communicate seamlessly  Translates between incompatible data representations, file formats, and network protocols Disaster recovery strategy: Deals with backup, sever failure, intrusions xx

Invitation to Computer Science, Java Version, Third Edition 22 Databases An electronic database  Stores data items  Data items can be extracted  Data items can be sorted  Data items can be manipulated to reveal new information

Invitation to Computer Science, Java Version, Third Edition 23 Data Organization Byte  A group of eight bits  Can store the binary representation of a single character or a small integer number  A single unit of addressable memory Field  A group of bytes used to represent a string of characters

Invitation to Computer Science, Java Version, Third Edition 24 Data Organization (continued) Record  A collection of related fields Data file  Related records are kept in a data file Database  Related files make up a database

Invitation to Computer Science, Java Version, Third Edition 25 Figure 13.3 Data Organization Hierarchy

Invitation to Computer Science, Java Version, Third Edition 26 Figure 13.4 Records and Fields in a Single File

Invitation to Computer Science, Java Version, Third Edition 27 Figure 13.5 One Record in the Rugs-For-You Employees File

Invitation to Computer Science, Java Version, Third Edition 28 Database Management Systems Database management system (DBMS)  Manages the files in a database Relational database model  Conceptual model of a file as a two-dimensional table

Invitation to Computer Science, Java Version, Third Edition 29 Database Management Systems (continued) In a relational database  A table represents information about an entity  A row contains data about one instance of an entity  A row is called a tuple  Each category of information is called an attribute

Invitation to Computer Science, Java Version, Third Edition 30 Figure 13.6 Employees Table for Rugs-For-You

Invitation to Computer Science, Java Version, Third Edition 31 Figure 13.7 InsurancePolicies Table for Rugs-For-You

Invitation to Computer Science, Java Version, Third Edition 32 Database Management Systems (continued) Specialized query languages  Enable the user or another application program to query the database  Example: SQL (Structured Query Language) Relationships among different entities in a database  Established through the correspondence between primary keys and foreign keys

Invitation to Computer Science, Java Version, Third Edition 33 Figure 13.8 Three Entities in the Rugs-For-You Database

Invitation to Computer Science, Java Version, Third Edition 34 Other Considerations Performance issues  Large files are maintained on disk  Organizing record storage on disk can minimize time needed to access a particular record  Creating additional records to be stored with the file can significantly reduce access time

Invitation to Computer Science, Java Version, Third Edition 35 Other Considerations (continued) Distributed databases  Allow physical data to reside at separate and independent locations that are networked Massive, integrated government databases raise legal, political, social, and ethical issues

Invitation to Computer Science, Java Version, Third Edition 36 Information Security Information security  Data protection, whether on disk or transmitted across a network  Authentication: Prevents access by hackers  Encryption: Makes data meaningless if hackers do get it

Invitation to Computer Science, Java Version, Third Edition 37 Encryption Overview Cryptography  The science of “secret writing” Plaintext  A message that is not encoded Ciphertext  An encrypted message

Invitation to Computer Science, Java Version, Third Edition 38 Encryption Overview (continued) Process of encryption and decryption  Plaintext is encrypted before it is sent  Ciphertext is decrypted back to plaintext when it is received A symmetric encryption algorithm  Requires a secret key known to both the sender and receiver Sender encrypts the plaintext using the key Receiver decrypts the message using the key

Invitation to Computer Science, Java Version, Third Edition 39 Encryption Overview (continued) Asymmetric encryption algorithm  Also called public key encryption algorithm  The key for encryption and the key for decryption are different Person A makes an encryption key public Anyone can encrypt a message using the public key and send it to A Only A has the decryption key and can decrypt the message

Invitation to Computer Science, Java Version, Third Edition 40 Simple Encryption Algorithms: Caesar Cipher Caesar cipher  Also called a shift cipher  Each character in the message is shifted to another character some fixed distance farther along in the alphabet  Stream cipher: Encodes one character at a time  Substitution cipher: A single letter of plaintext generates a single letter of ciphertext

Invitation to Computer Science, Java Version, Third Edition 41 Block Cipher A group or block of plaintext letters gets encoded into a block of ciphertext, but not by substituting one at a time for each character Each plaintext character in the block contributes to more than one ciphertext character

Invitation to Computer Science, Java Version, Third Edition 42 Block Cipher (continued) One ciphertext character is created as a result of more than one plaintext letter Diffusion (scattering) of the plaintext within the ciphertext

Invitation to Computer Science, Java Version, Third Edition 43 DES Stands for Data Encryption Standard Designed to protect electronic information A block cipher Blocks: 64 bits long Key: 64-bit binary key (only 56 bits are used)

Invitation to Computer Science, Java Version, Third Edition 44 DES (continued) Every substitution, reduction, expansion, and permutation is determined by a well-known set of tables The same algorithm serves as the decryption algorithm

Invitation to Computer Science, Java Version, Third Edition 45 Figure The DES Encryption Algorithm

Invitation to Computer Science, Java Version, Third Edition 46 DES (continued) Triple DES  Improves the security of DES  Requires two 56-bit keys  Runs the DES algorithm three times AES (Advanced Encryption Standard)  Uses successive rounds of computations that mix up the data and the key  Key length: 128, 192, or 256 bits

Invitation to Computer Science, Java Version, Third Edition 47 Public-Key Systems RSA  Most common public key encryption algorithm  Based on results from number theory  If n is a large number, it is extremely difficult to find the prime factors for n  RSA is often used in the initial stage of communication between client and server

Invitation to Computer Science, Java Version, Third Edition 48 Figure An SSL Session

Invitation to Computer Science, Java Version, Third Edition 49 Summary E-business: Every part of a financial transaction is handled electronically Opening an online store requires a significant amount of planning Database: Allows data items to be stored, extracted, sorted, and manipulated Relational database model: Conceptual model of a file as a two-dimensional table

Invitation to Computer Science, Java Version, Third Edition 50 Summary (continued) Main parts of information security: Encryption and authentication Types of encryption algorithms  Symmetric encryption algorithms  Asymmetric encryption algorithms (or public key encryption algorithms) Encryption algorithms: Caesar cipher, block cipher, DES, Triple DES, AES, RSA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.