The Internet, Intranets, and Electronic Commerce - PowerPoint PPT Presentation

1 / 58
About This Presentation
Title:

The Internet, Intranets, and Electronic Commerce

Description:

The Internet, Intranets, and Electronic Commerce Chapter 3 Overview Electronic networks are groups of computers that are connected together electronically. – PowerPoint PPT presentation

Number of Views:394
Avg rating:3.0/5.0
Slides: 59
Provided by: Olga77
Category:

less

Transcript and Presenter's Notes

Title: The Internet, Intranets, and Electronic Commerce


1
The Internet, Intranets, and Electronic
Commerce
  • Chapter 3

2
Overview
  • Electronic networks are groups of computers that
    are connected together electronically.
  • They make it possible for companies to
    conveniently assemble transaction data and
    distribute information across multiple physical
    locations.

3
Overview
  • Networks are sometimes classified according to
    the distance they span.
  • Local area networks (LANs) are networks that span
    a single site, such as a building or a group of
    buildings that are in close proximity to one
    another.
  • Metropolitan area networks (MANs) span a single
    city or metropolitan area.

4
Overview
  • Wide area networks (WANs) are networks of
    computers that span at least two metropolitan
    areas.

5
Learning Objectives
  • Explain the history of the Internet and how it
    works.
  • Describe intranets and explain how they are made
    secure.

6
Learning Objectives
  • Explain client-server technology and how it
    applies to electronic financial transactions.
  • Describe various approaches to securing
    electronic financial transactions.

7
Learning Objective 1
  • Explain the history of the Internet and how it
    works.

8
The Internet
  • What is the Internet?
  • It is an electronic highway, consisting of
    various standards and protocols, that allows
    computers to communicate with each other.
  • During the 1960s the U.S. government was in
    search of a means of maintaining military
    communications in the event of a nuclear war.

9
The Internet
  • The RAND Corporation came up with two
    suggestions
  • The network should have no central
    command-and-control center.
  • The network should be able to operate in tatters
    from the very beginning.

10
The Internet
  • The earliest practical version of the Internet
    was created in the early 1970s by the Pentagons
    Advanced Research Projects Agency (ARPA).
  • It was called ARPANET.
  • Other networks such as Bitnet, MILnet, and NSFnet
    sprang up.

11
The Internet
  • They adopted a common set of communications
    protocols called TCP/IP (Transmission Control
    Protocol/Internet Protocol).
  • Transmission Control Protocol (TCP) is a protocol
    for dividing electronic messages into packets
    of information and then reassembling these
    packets at the end.

12
The Internet
  • Internet Protocol (IP) is an addressing protocol
    that assigns a unique address to each computer on
    the Internet.
  • Every computer or user on the Internet needs an
    IP address to communicate with other computers.
  • What is a fixed IP address?

13
The Internet
  • It is an IP address that is permanently assigned
    to an individual, client, or server.
  • What is a dynamic IP address?
  • It is an IP address that is temporarily assigned
    to a user while he or she is accessing the
    Internet.
  • What is a domain name?

14
The Internet
  • It is an alias that can be used in place of the
    IP address.
  • What are domain name servers?
  • They are electronic phone books that associate
    domain names with IP addresses.

15
Learning Objective 2
  • Describe intranets and explain how they are
    made secure.

16
Intranets
  • What is an intranet?
  • It is a self-contained, in-house internet.
  • The entire intranet may be completely invisible
    or unavailable to outsiders.
  • The intranet may be available to outsiders only
    after they are properly authenticated.
  • Extranets exist when the intranets of two or more
    companies are linked together.

17
Intranet Security Issues
  • What is a firewall?
  • It is a combination of hardware and software that
    limits access to information on the companys
    servers from the rest of the world.
  • Firewalls can also filter packets based on their
    content or destination.

18
Intranet Security Issues
The Internet
Corporate Intranet
Network Computers
Firewall
19
Intranet Security Issues
  • What is a spoof?
  • It is a type of hacker attack in which the
    attacker assumes a false identify such as a
    false IP address.
  • What are additional layers of defense?
  • encryption
  • access limits through password control

20
Intranet Security Issues
  • What is an encryption?
  • An encryption uses a password or digital key to
    scramble a readable message into an unreadable
    message.
  • What are proxy servers?
  • They serve as filters for all outgoing requests
    for information.
  • They are used on the inside of the firewall.

21
Learning Objective 3
  • Explain client-server technology and how it
    applies to electronic financial transactions.

22
Commerce on the Internet
  • The Internet can be used to transmit almost any
    kind of information between two points.
  • What is a server?
  • It is a robot-type program that constantly runs
    on some computers and exchanges information with
    clients.

23
Commerce on the Internet
  • What is a client?
  • It is a program that accesses and exchanges
    information with a server.
  • A great many of the business transactions that
    occur on the Internet take place in
    client-server environments.
  • Why?

24
Commerce on the Internet
  • Being robots, servers dont get paid by the hour
    and dont require fringe benefits.
  • Servers can deal with hundreds of users (clients)
    at one time.
  • Servers can be accessed at any time of day,
    anywhere in the world, with no per-minute
    communication charges.

25
Types of Servers
  • There are many kinds of servers on the Internet
  • mail servers
  • file servers
  • Web servers
  • commerce servers

26
Types of Servers
  • What are mail servers?
  • They act as electronic mailboxes that hold
    incoming electronic mail until the users client
    program requests it.
  • Electronic mail (e-mail) messages are normally
    addressed according to the following form
  • username_at_domain_name

27
Types of Servers
Mail Server
Receivers Mail Client
Senders Mail Client
Message Receiver
Message Sender
Receivers Mail Server
Senders Mail Server
The Internet
28
Types of Servers
  • What are file servers?
  • They allow authorized clients to retrieve files
    from libraries of files that exist on remote
    computers.
  • The most common protocol for file serves is
    called FTP.
  • A file server that uses this protocol is called
    an FTP server.

29
Types of Servers
  • What is a Web server?
  • It is a server that allows a user (client) to
    access documents and run computer programs that
    reside on remote computers.
  • All Web clients automatically read and interpret
    HTML (hypertext markup language).

30
Types of Servers
World Wide Web Document on Server in Chicago
Hyperlink
World Wide Web Document on Server in San Diego
World Wide Web Document on Server in Tokyo
Hyperlinked Documents
31
Types of Servers
  • What are Commerce servers?
  • They are specialized types of Web servers with
    various commerce-related features.
  • What are some of these features?
  • support for the secure electronic transaction
    (SET) protocol
  • support for specialized types of client and
    server authentication

32
Types of Servers
  • support for interfacing with external programs
  • enhanced security features
  • on-line credit card or bank verification

33
Types of Servers
Encrypted Communication Link
Bank
Order/Payment Information
Commerce Server
Consumers Client
Verify Payment
Internet
Product Information and Order Verification
34
Types of Servers
Commerce Server
Corporate Accounting System
Order File
Shipping
Goods Shipped to Customer
35
Electronic Payment Systems
  • The Internet has created demand for specialized
    types of payment systems.
  • What are some of these systems?
  • traditional electronic bill payment systems
  • traditional credit card systems
  • secure electronic transaction (SET) systems
  • virtual cash systems

36
Learning Objective 4
  • Describe various approaches to securing
    electronic financial transactions.

37
Security for Electronic Transaction
  • Encryption technology is essential for electronic
    commerce.
  • What are three types of encryption systems?
  • Secret-key encryption
  • Public-key encryption
  • Digital envelopes

38
Security for Electronic Transaction
  • What is a secret-key encryption?
  • It is an encryption method in which the same key
    is used for both encryption and decrypting a
    message.

39
Security for Electronic Transaction
  • What is a public-key encryption?
  • It is an encryption method that uses two keys in
    association with each encrypted message, one key
    to encrypt the message and another key to decrypt
    it.

40
Security for Electronic Transaction
  • What is a digital envelope?
  • It is an encryption method in which the message
    is encrypted with a secret key, and the secret
    key is encrypted with the recipients public key.
  • This method is sometimes referred to as
    double-key encryption.

41
Double-Key Encryption
Recipients Public Key
Random Message Key
Encrypted Message Key
Public-Key Encryption
Private-Key Encryption
Message
Ciphertext
42
Double-Key Encryption
Recipients Private Key
Encrypted Message Key
Message Key
Public-Key Decryption
Private-Key Decryption
Ciphertext
Message
43
Digital Signatures
  • A digital signature occurs when someone encrypts
    a message with his or her own private key.
  • Anyone can then use that persons public key to
    verify that it was in fact encrypted by that
    person.

44
Digital Signatures
  • What is a hashing function?
  • A hashing function takes a long variable-length
    string of characters and converts it into a short
    fixed-length string.
  • There are many standard hashing functions
    available.

45
Digital Signature Creation
Senders Private Key
Hashing Algorithm
Digital Signature
Public-Key Decryption
Hash of Message
Message
46
Verification of Digital Signature
Hashing Algorithm
Hash of Message
Verify Signature
Message
Digital Signature
Public-Key Decryption
Senders Public Key
47
Digital Time-Stamping
  • In order to ensure the validity of electronic
    documents over time, there needs to be some way
    to attach trusted dates to them.
  • What is a digital time-stamping service (DTS)?
  • It is an organization that adds digital
    time-stamps to documents.

48
Digital Time-Stamp Procedure
Attach date and time, then digital signature
Message
Digital Time Stamp Service
Date and Time
Digital Signature
Message
49
Verification of Digital Time-Stamp
Verify Match
Message
Hash Message and Date and Time
Hashed Message and Date and Time
Date and Time
Digital Signature
Decrypt DTSs Signature with DTSs Public Key
Decrypted Digital Signature
50
Security Issues for Public-Key Encryption Systems
  • What is cryptanalysis attack?
  • It involves various techniques for analyzing
    encrypted messages for purposes of decoding them
    without legitimate access to the keys.
  • The simplest possible attack on a message is the
    guessed plaintext attack.

51
Security Issues for Public-Key Encryption Systems
  • The whole security of public-key encryption
    depends on the assumption that an attacker cannot
    factor the product of two large prime numbers
    (factoring attack).
  • The best way to prevent cryptanalysis and
    factoring attacks is to use very long keys.

52
Security Issues for Public-Key Encryption Systems
  • In practice, public-key encryption systems are
    most likely to be attacked at the key-management
    level.
  • A well-designed control system must place
    considerable emphasis on protecting private keys.
  • What are some ways of protecting private keys?

53
Security Issues for Public-Key Encryption Systems
  • creating and distributing keys
  • digital certificates
  • certificate revocation list (CRLS)
  • certificate chains
  • certificate-signing units
  • key expirations

54
Electronic Commerce and Encryption Technology
  • What is digital cash?
  • It is money created when a bank attaches its
    digital signature to a note promising to pay the
    bearer some amount of money.
  • What is blinding?
  • It is a technique in which a bank issues digital
    cash in such a way the it is unable to link the
    payer to the payee.

55
Electronic Commerce and Encryption Technology
  • What is a blinded digital signature?
  • It is a digital signature and related digital
    cash that have been issued with blinding.

56
Computer Software and Computer Card Systems
  • What is an electronic wallet?
  • It is a computer program that keeps track of the
    various keys and items of information associated
    with digital money.
  • What are smart cards?
  • They are hand-held electronic cards that are used
    for payments.

57
Computer Software and Computer Card Systems
  • What are the four types of smart cards?
  • Memory cards
  • Shared-key cards
  • Signature-transporting cards
  • Signature-creating cards

58
End of Chapter 3
Write a Comment
User Comments (0)
About PowerShow.com