1 / 26

Shopping Carts and Security

Shopping Carts and Security. “Putting the COMMERCE into E-COMMERCE”. The Beginning. God created the Internet Bill Gates created the Internet Al Gore created the Internet The heck with it, in the beginning the Internet was designed to be a content provider. The Internet.

yori
Télécharger la présentation

Shopping Carts and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shopping Carts and Security “Putting the COMMERCE into E-COMMERCE”

  2. The Beginning • God created the Internet • Bill Gates created the Internet • Al Gore created the Internet • The heck with it, in the beginning the Internet was designed to be a content provider

  3. The Internet • It was full of information • It utilized “static” web pages • Knowledge was shared with viewers • No business was conducted “on-line”

  4. The Advent • Many companies have taken credit for the advent of business on the Internet • Intel • Dell • Cisco • Egghead • In 1997 Pres Clinton and VP Gore are quoted, “Electronic commerce could become a significant global economic element in the next century”

  5. The Race • The stage was set, and the race was on • The term Electronic Commerce (E-Commerce) was coined • Initial commerce was business to business, so the payment function was still handled the “old fashioned” way of invoicing and paying by the 10th of the following month.

  6. The Consumer • The conversion from B2B commerce to B2C (Business to Customer) was swift • Existing companies that utilized direct marketing efforts via telephone had in place: • Sales techniques (selling from a distance) • Lack of bricks and mortar (fixed costs) • System to handle payment (most important)

  7. The Proce$$ • What? Credit cards & EFT • Who? Banks doing EFT since 1970’s • Why? Because they are highly profitable • Financial institutions profit on both ends of the transaction – Great proce$$ for them

  8. The Enabler • This award goes to technology, or perhaps more specifically to the technological advances that allowed us to: • Communicate via a network • More fully automate the business process • Cut customer service costs • Empower the buyer

  9. The Model • For our purpose, we will use a pure retail, now called e-tail as our model • We will call it: • Wayneazon • WayneMart • Wayne Buy • Wayne’s World

  10. Wayne’s World US MARKET • Projections are $60B total sales this year • Over 87% are white • Over 80% have had some college • Over 62% shop from home • Over 61% will be male • Over 43% will be under the age of 20 • BUT…

  11. The Trust Factor • 100% have a comfortable trust factor in Electronic commerce • Trust in Brand • Trust in the EFT banking process • Trust in Wayne’s World • Trust in the Security of the site

  12. Cryptography • The science concentrating on the study of methods and techniques to provide security by mathematical manipulation of information • Symmetric (secret key) • Asymmetric (public key) • It is the secret decoder ring and James Bond all rolled into one

  13. Encryption / Decryption • OK, now we know it is an algorithm, meaning that it is mathematical in nature. • We also recognize that in order to have security that our data is encrypted by some form of a secret or public key • On the other end the decryption takes place in order that the data can be read and processed

  14. Example Symmetric key solution Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION Key: RE LA T I ONS RE LA T ION SR ELA TIONSREL Encrypted :KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY • Decryption of an encrypted message is equally straightforward. One writes the key repeatedly above the message: Encrypted :KS ME HZ BBL KS ME MPOG AJ XSE JCSFLZSY Key: RE LA T I ONS RE LA T ION SR ELA TIONSREL Plaintext: TO BE OR NOT TO BE THAT IS THE QUESTION

  15. Hard Code – Not Fun!! 'This is the My Functions file that I have including throughout this application 'it consists of six (6) different functions that are used to make this application ‘as secure as possible. The majority of these functions pertain to the encrypting of the data so that it can be passed with the URL from page to page safely. ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Dim CharSet 'variable that contains crytosystem characters 'Intialize variableCharSet CharSet = Array("A","B","C","D","E","F","G","H","I","J","K","L","M",_ "N","O","P","Q","R","S","T","U","V","W","X","Y","Z",_ " ","1","2","3","4","5","6","7","8","9","0") 'these are the characters of CharSet

  16. Hard Code p-2 Dim nCharSetSize 'variable that contains the number of characters in CharSet Dim strKey 'variable for key for Vigenere Cipher 'Intialize the variable strKey strKey = "I AM AN E COMMERCE EXPERT" 'key value for the Vigenere Cypher 'Intialize the variable nCharSetSize nCharSetSize = ubound(CharSet) + 1 'this is the character set that makes up the encryption this also designates a key 'for the Vignere Cypher that I used for encryption 'You can see that the character set is made up of the 26 upper case letters, 'ten numeric digits, and the space. So the array has 37 elements

  17. The Actual Encryption Function Encrypt(strMsg) 'the encryption function using Vigenere Cypher Dim strKeyChar Dim strMsgChar Dim nShiftPos 'Response.write "STRMSG: " & strMsg & "<BR>" for i = 1 to len(strMsg) strMsgChar = mid(strMsg, i, 1) strKeyChar = GetKeyChar(i) nShiftPos = FindPosition(strKeyChar) strFinal = strFinal & ShiftChar(strMsgChar, nShiftPos) 'Response.write "STRFINAL: " & strFinal & "<BR>" next Encrypt = strFinal End Function

  18. The Actual Decryption Function Decrypt(strMsg) 'the encryption function using Vigenere Cypher Dim strKeyChar Dim strMsgChar Dim nShiftPos for i = 1 to len(strMsg) strMsgChar = mid(strMsg, i, 1) strKeyChar = GetKeyChar(i) nShiftPos = FindPosition(strKeyChar) strFinal = strFinal & ShiftChar(strMsgChar, -nShiftPos) next Decrypt = strFinal End Function

  19. A Better Solution • https://www.verisign.com • http://www.sslplanet.com • http://www.betrusted.com/ • http://www.thawte.com/

  20. 2nd Issue of E-Commerce • Obtaining data • Maintaining data • Utilizing data • Recalling data • An enabler in all of this is a shopping cart

  21. Shopping Cart • https://www.ecartsoft.com/cgi-bin/home.cgi • http://store.vipcart.com • http://www.webgenie.com/Software/Shopcart/

  22. All on One site • http://e-businessexpress.com/index.shtml • http://www.cartserver.com/americart/features.html

  23. Concluding remarks • The technology exists in shrink wrap format • Do not recreate the wheel • Use existing technology as an enabler • Concentrate your efforts on the back room • Security has been an issue since the early 1970’s via EFT – It will continue to be an issue

  24. Contact information Wayne Pauli 605-256-5800 wayne.pauli@dsu.edu Dakota State University 820 North Washington Avenue Madison, SD 57042

  25. Q & A Time • Anyone • Really anyone? • Are you still alive?? • Tom, is this vtel working???

  26. Thanks for Listening

More Related