Data Mgmt Lab_Part_74 - 220 Chapter 21 2. Explain how SSL...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
220 Chapter 21 2. Explain how SSL ensures that the communication of the credit card number is secure. What is the role of a certiFcation authority in this case? 3. Assume that you would like Mary to be able to verify that all your email mes- sages are really sent from you. How can you authenticate your messages without encrypting the actual text? 4. Assume that your customers can also negotiate the price of certain paintings and assume that Mary wants to negotiate the price of your painting of the Madison Terrace. You would like the text of this communication to be private between you and Mary. Explain the advantages and disadvantages of di±erent methods of encrypting your communication with Mary. Answer 21.3 The answer to each question is given below. 1. In order to determine whether the user who is purchasing the painting is really Mary, we need some level of veriFcation when Mary Frst registers with the system. On the lowest level, we can simply ask the user to conFrm things like Mary’s ad- dress or social security number. To increase the level of security, we could also ask the user to verify Mary’s credit card number. Since these numbers are deemed difficult to obtain, most merchant websites consider this sufficient evidence for proof of identity. ²or an even higher level of security, we can take external steps to verify Mary’s information such as calling her up with the phone number provided, sending a let- ter to Mary’s mailing address, or sending her an e-mail with instructions to reply back. In each instance, we attempt to validate the information the user provided so that the element of uncertainty in the provided information is decreased. 2. SSL Encryption is a form of public-key encryption where a third party certiFcation authority acts to validate public keys between two clients. In a general public-key encryption system, data is sent to a user encrypted with a publicly known key for
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

Data Mgmt Lab_Part_74 - 220 Chapter 21 2. Explain how SSL...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online