CS155b: E-Commerce Lecture 2: Jan. 11, 2001 Course Overview.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
CS155b: E-Commerce Lecture 6: Jan. 25, 2001 Security and Privacy, Continued.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
E-Commerce: Doing Business on the Internet CPSC 155b, Spring 2003 T, Th: 1-2:15 pm (The Co-Evolution of Technology.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CS155a: E-Commerce Lecture 11: October 11, 2001 The VeriSign Story and an Introduction to B2B.
CPSC156a: The Internet Co-Evolution of Technology and Society Lecture 2: September 9, 2003 Internet Basics Acknowledgments: S. Bradner and R. Wang.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CS155a: E-Commerce Lecture 2: Sept. 11, 2001 Course Overview.
CS155a: E-Commerce Lecture 6: Sept. 25, 2001 Technical-Protection Services for Online Content Distribution.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Building E-Commerce and E-Learning Models Hassanin M. Al-Barhamtoshy
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
COMPUTER APPLICATIONS TO BUSINESS ||
Electronic Payment Systems. Transaction reconciliation –Cash or check.
E-commerce E-commerce is defined "as the process of buying, selling, or exchanging products, services, or information via computer networks, including.
Computer Science Public Key Management Lecture 5.
Introduction to Public Key Cryptography
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
CS155b: E-Commerce Lecture 7: Jan. 30, 2001 A Computer Scientist’s View of Copyright Law.
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Supporting Technologies III: Security 11/16 Lecture Notes.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Secure Electronic Transaction (SET)
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
E-Commerce Course Overview. Telephone Network Connection-based Admission control Intelligence is “in the network” Traffic carried by relatively few, “well-known”,
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Network Security David Lazăr.
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
ICOM 5018 Network Security and Cryptography Description This course introduces and provides practical experience in network security issues and cryptographic.
Using Public Key Cryptography Key management and public key infrastructures.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
E-Commerce Systems Chapter 8 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
INCS 741: Cryptography Overview and Basic Concepts.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Copyright © Terry Felke-Morris Web Development & Design Foundations with HTML5 8 th Edition CHAPTER 12 KEY CONCEPTS 1 Copyright.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
Key management issues in PGP
E-Commerce: Doing Business on the Internet
Presentation transcript:

CS155b: E-Commerce Lecture 2: Jan. 11, 2001 Course Overview

Telephone Network Connection-based Admission control Intelligence is “in the network” Traffic carried by relatively few, “well-known”, communications companies Internet Packet-based Best effort Intelligence is “at the endpoints” Traffic carried by many routers, operated by a changing set of “unknown” parties

Business Question: How to price Internet Service? Technical and Business Question(s): How to provide different QoS levels and how to charge for them? Technical, Business, and “Policy” Question: Does “intelligence at the endpoints” make sense for a mass-market public infrastructure?

Shift to Internet Causes Changes in existing businesses (e.g., telepresense) New ways to do old kinds of business (e.g., WWW-based retail) New kinds of businesses (e.g., Internet “infrastructure” providers)

As an infrastructure for communication, business, and almost all forms of human interaction, the Internet is new, rapidly changing, and inherently less manageable and controllable that older infrastructures. Leads to problems with: Privacy Authenticity Accountability

Security Technologies Encryption –Symmetric Key –Public Key Signature PKI Rights Management Time stamping Secure Containers

References D. Stinson, Cryptography: Theory and Practice, CRC Press, Boca Ration, 1995 G. Simmons (ed.), Contemporary Cryptology: The Science of Information Integrity, IEEE Press, NY, A, Menezes et al., Handbook of Applied Cryptography, CRC Press, Boca Ration, IACR Publications: J. Cryptology, Crypto Proceedings, Eurocrypt Proceedings org

Symmetric Key Crypto D(E(x, k), k) = x (decryption, encryption, plaintext, key) Alice and Bob choose k AB Alice: y <-- E(x, k AB ) (ciphertext) Alice --> Bob: y Bob: x <-- D(y, k AB ) (Eve does not know k AB )

Well Studied and Commercially Available –DES –IDEA –FEAL-n –RC5 –AES Users must deal with –Government (especially export) –Key management

Public Key Crypto D(E(x, PK u ), SK u ) = x (user’s Secret Key, user’s public key) Bob generates SK bob, PK bob Bob publishes PK bob Alice: Lookup PK bob y <-- E (x, PK bob ) Alice -->Bob: y Bob: x <-- D(y, SK bob ) (Eve does not know SK bob )

Digital Signatures... Trickier than the paper “analogue” Doc 1 -JF Doc 2 -JF Doc n -JF

3-part Scheme Key Generation Procedure cc PK jf SK jf directory JF’s machine...

Signature Procedure DocSK jf SIG

Verification Procedure DocPK jf SIG Accept / Reject

Examples RSA El Gamal DSA McEliece

P( ) {...} SP SP = signature(P, SK bob )

Bob-soft: PK bob Sue-soft: PK sue. Bob-softPK bob Alice: Verify (P, PK bob, SP)

New Potential Problem Is PK bob the “Right Key”? What does “Right” mean?

Traditional Meaning Bob-soft  PK bob Accurate? Traditional Solution Alice’s Computer PK CA

Bootstrapping Trust (Bob-soft, PK bob )SK CA Signature Algorithm CERT bob Name 1, PK 1, CERT 1 Name 2, PK 2, CERT 2...

Technical Question: Is this the right PK? Business Question: Can you make money selling public-key certificates? Political Question: Crypto export Legal Question: Do we have a right to use encryption? To some form of “electronic privacy”?

Changes in the Technology and the Economics of Publishing Computers and Digital Documents WWW-based Publication Internet Distribution

Technical Question: Is copying, modification, and redistribution of copyrighted material now uncontrollable? Business Question: Is it possible to make money distributing copyrighted material (e.g., popular music) over the Internet?

Technical and Business Questions To what extent do encryption, digital signature, and other well understood security technologies make Internet content distribution manageable and profitable? –What other technology is needed? –What is the role of “circumvention” in effective development and deployment of relevant technology?

Technical, Business, and Legal Questions Is current copyright law technically feasible to implement and deploy on the Internet? (“copy-centric,” “fair use is a defense, not a right”) To what extent is copyright compliance monitorable? To what extent should it be monitored?

Global Network vs. Local Expectations Intellectual Property Law Censorship Banking Law

WWW Searching Technical Question: How to do it? (short answer: Linear Algebra) Business Question: How to make a business out of it? What is the role of advertising? Legal and Ethical Question: What conclusions should be drawn about people (by, e.g., gov’t, employers, insurance companies…) based on what they search for and what they find?

WWW-Based, B2C Retail Business Question: What to sell? Business Question: How to capture and use customer information? –Massive scale –Variable Quality –Numerous Formats and Intermediaries

Business, Legal, and Ethical Question: Who owns transaction data? To whom can it legally be sold? What can legally done with it? Technical and Business Question:Is there an inherent tradeoff between personalization/efficiency and privacy? (the “cookie” question)

WWW-Based, C2C Retail Economics and CS challenge: Auction Design Technical Challenge: C2C payment systems, e.g., “Electronic Cash”?

WWW-Based, B2B “exchanges” Economics and CS Challenge: Market Design Technical, Business, and Legal Question: Do “industry-sponsored” electronic market places promote monopoly and monopsony?

Reading Assignment for Jan. 16, 2001 Appendix C of The Digital Dilemma ( “Rethinking the Design of the Internet: The end-to-end arguments vs. the brave new world” (Clark & Blumenthal) ( Optional: Some of the other articles on

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.