Download
chapter 10 electronic commerce security n.
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 10: Electronic Commerce Security PowerPoint Presentation
Download Presentation
Chapter 10: Electronic Commerce Security

Chapter 10: Electronic Commerce Security

160 Views Download Presentation
Download Presentation

Chapter 10: Electronic Commerce Security

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Chapter 10:Electronic Commerce Security

  2. Impact of Security on E-Commerce • In 2006 an estimated $913 million e-commerce sales lost because of security concerns. • Another $1 billion lost because of shoppers refusing to shop online due to security concerns. • Nearly half of all online U.S. adults have concerns about online information security • It impacts all Online Commerce online commerce (online banking, online shopping and e-mail Gartner, Inc. - 2006 Electronic Commerce, Seventh Annual Edition

  3. Security for Client Computers • First-party cookies • Cookies placed on a client computer by a Web server site • Third-party cookies • Originates on a Web site other than the site being visited (e.g., DoubleClick) • Web bug • Tiny 1-pixel graphic that a third-party Web site places on another site’s Web page to track activity. (Also – Web Beacon, Transparent Gif) Electronic Commerce, Seventh Annual Edition

  4. A Web Bug Scenario Here a 3rd-party tracking site is tracking how much merchandise was purchased for a particular banner ad campaign. In this scenario the individual user remains anonymous, even though their buying habits are disclosed. Electronic Commerce, Seventh Annual Edition

  5. Electronic Commerce, Seventh Annual Edition

  6. ActiveX Controls • An ActiveX control is an object containing programs and properties that Web designers place on Web pages • ActiveX components can be constructed using different languages programs but the most common are C++ and Visual Basic • Intended for creating Website functionality but can be used to create malicious content . Electronic Commerce, Seventh Annual Edition

  7. Scripting Languages • JavaScript developed by Netscape to enable Web page designers to build active content • Intended for creating Website functionality but can also be used to create malicious content. Electronic Commerce, Seventh Annual Edition

  8. Digital Certificates • A Digital Certificate is signed code that Authenticates the Sender. • Issued by a Certification authority like Verisign or Thawte. Electronic Commerce, Seventh Annual Edition

  9. Electronic Commerce, Seventh Annual Edition

  10. Encryption Highlights • Symmetric Encryption encodes a message with two private keys. • Asymmetric Encryption uses a Public & Private Key. • Asymmetric Encryption is used in typical Web-based E-Commerce. (SSL & SET) • Pretty Good Privacy (PGP) is used to encrypt e-mail messages Electronic Commerce, Seventh Annual Edition

  11. Hash Functions • Used to ensure Message Integrity. • Used to encrypt a Digital Signature • Hash algorithms are one-way functions • There is no way to transform the hash value back to the original message Electronic Commerce, Seventh Annual Edition

  12. Hash Digest Electronic Commerce, Seventh Annual Edition

  13. Public Key Cryptography with Digital SignaturesSecure Socket Layers (SSL) Protocol is received in a Digital Certificate) encrypted by the Hash function)) is received in a Digital Certificate) Electronic Commerce, Seventh Annual Edition

  14. 5 Dimensions of E-Commerce & Network Security Electronic Commerce, Seventh Annual Edition