0
1.7kviews
Discuss different approaches to developing secure e-commerce systems.
1 Answer
0
5views

Various approaches of developing secure e-commerce systems include:

  1. Digital Certificates
  2. Digital certificates consists of keys made up of large numbers that are uniquely used to identify individuals.
  3. Two main types of encryption can be achieved using digital certificates:

    1. Secret key encryption: This type of encryption involves parties having an identical (shared) key that is known only to them. Only this key can be used to encrypt and decrypt messages. The secret key has to be passed from one party to other before use.
    2. Public key encryption: In this type of encryption, both parties use related but different key to encode and decode messages. The two keys are related by a numerical code, so only the pair of keys can be used in combination to encrypt and decrypt information.
  4. Digital signatures

  5. It is method of identifying individuals or companies using public key encryption.
  6. It can be used to create commercial systems by using public key encryption to achieve authentication.
  7. The purchaser’s digital signature is encrypted before sending a message using their private key and, on receipt, the public key of the purchaser is used to decrypt the digital signature.

  8. Public-key infrastructure (PKI) and certificate authorities (CAs)

  9. In order for digital signatures and public key encryption to be effective it is necessary to be sure that the public key intended for decryption of a document actually belongs to the person you believe in sending the document.
  10. The developing solution to this problem is the issuance by a trusted third party (TTP) of a message containing owner identification information and a copy of a public key of that person.
  11. The TTP’s are usually referred to as ‘Certificate Authorities’ and that message is called as ‘Certificate’.
  12. Certificate information could include:

    a) User Identification data.

    b) Issuing authority identification and digital signature.

    c) User’s public key

    d) Expiry date of this certificate.

    e) Class of certificate

    f) Digital Identification code of this certificate.

  13. Virtual Private Networks

  14. In simple words, Virtual Private Networks (VPN) is a private network created using the public network infrastructure of the Internet.
  15. The technique by which VPN operates is sometimes referred to as ‘tunnelling’.
  16. It involves encryption to both packet headers and content using a secure form of Internet protocol known as IPSec.
  17. VPNs allow employees to securely access their company's intranet while traveling outside the office.
  18. VPN technology is also used by individual Internet users to secure their wireless transactions, to circumvent geo restrictions and censorship, and to connect to proxy servers for the purpose of protecting personal identity and location.
Please log in to add an answer.