Chapter%2018:%20Doing%20Business%20on%20the%20Internet

1
Chapter 18Doing Business on the Internet

• Business Data Communications, 4e

2
Security The Key to E-Commerce

• Communications
• Encryption
• Privacy
• payment systems

3
SSL TLS

• Secure Socket Layer
• Transport Layer Security
• Protocols that sit between the underlying
  transport protocol (TCP) and the application

4
Secure Socket Layer (SSL)

• Originated by Netscape
• TLS has been developed by a working group of the
  IETF, and is essentially SSLv3.1
• Provides security at the socket level, just
  above the basic TCP/IP service
• Can provide security for a variety of Internet
  services, not just the WWW

5
SSL Implementation

• Focused on the initialization/handshaking to set
  up a secure channel
• Client specifies encryption method and provides
  challenge text
• Server authenticates with public key certificate
• Client send master key, encrypted with server key
• Server returns an encrypted master key
• Digital signatures used in initialization are
  based on RSA after initialization, single key
  encryption systems like DES can be used

6
Characteristics of On-Line Payment Systems

• Transaction types
• Means of settlement
• Operational characteristics
• Privacy and security
• Who takes risks

7
Secure Electronic Transactions

• SET is a payment protocol supporting the use of
  bank/credit cards for transactions
• Supported by MasterCard, Visa, and many companies
  selling goods and services online
• SET is an open industry standard, using RSA
  public-key and DES single-key encryption

8
SET Participants Interactions
9
Ideal Components of Electronic Cash

• Independent of physical location
• Security
• Privacy
• Off-line payment
• No need for third-party vendor
• Transferability to other users
• Divisibility
• Making change

10
E-Cash

• Created by David Chaum in Amsterdam in 1990
• Maintains the anonymity of cash transactions
• Users maintain an account with a participating
  financial institution, and also have a wallet
  on their computers hard drive
• Digital coins, or tokens, are stored in the wallet

11
Electronic Commerce Infrastructure

• Intrabusiness
• Intranet based
• Supports internal transactions and transfers
• Business-to-Business (BTB or B2B)
• Extranet based
• Business-to-Consumer (BTC or B2C)
• Internet based

12
Importance of BTB Commerce
13
Firewalls

• Used to provide security for computers inside of
  a given network
• All traffic to/from network passes through
  firewall
• Only authorized traffic is allowed through
• Firewall itself is a secure system
• Firewall performs authentication on users
• Firewall may encrypt transmissions

14
Free Trade Zones (FTZ)

• Area where communication and transactions occur
  between trusted parties
• Isolated from both the external environment and
  the enterprises internet network
• Supported by firewalls on both ends
• Inside the FTZ, all communications can be in
  clear mode without any encryption
• Necessary because logical boundaries between BTB
  and IB are becoming fuzzy.