Largest element less than or equal to the difference

This preview shows page 12 - 16 out of 19 pages.

largest element less than or equal to the difference , until the difference is 0. w = {2, 7 , 11 , 21, 42, 89, 180, 354 } 0 1 1 0 0 0 0 1 a 01100001 ASCII recipient b = {295, 592, 301, 14, 28, 353, 120, 236} authentication of the sender? Use private key Public Key Cryptography Using Digital Signatures and Hash Digests Sender applies a mathematical algorithm ( hash function ) to a message and then encrypts the message and hash result with recipient’s public key Sender then encrypts the message and hash result with sender’s private key —creating digital signature—for authenticity, nonrepudiation Recipient first uses sender’s public key to authenticate message and then the recipient’s private key to decrypt the hash result and message 48
Image of page 12
Public Key Cryptography with Digital Signatures 49 Digital Envelopes Address weaknesses of: – Public key cryptography Computationally slow, decreased transmission speed, increased processing time – Symmetric key cryptography Insecure transmission lines • Uses symmetric key cryptography to encrypt document • Uses public key cryptography to encrypt and send symmetric key 50 “key within a key” a digital envelope Creating a Digital Envelope 51 2. Securing Channels of Communication Secure Sockets Layer (SSL) / Transport Layer Security (TLS) – Establishes secure, negotiated client–server session 52
Image of page 13
2. Securing Channels of Communication Virtual Private Network (VPN) – Allows remote users to securely access internal network via the Internet Wireless (Wi-Fi) networks – Wired Equivalent Privacy (WEP): weak and easy for hackers to crack Wi-Fi Protected Access: WPA / WPA2 / WPA3 53 3. Protecting Networks • Firewall – Hardware or software that uses security policy to filter packets Packet filters (looks at the source, destination, port and packet type) Application gateways – Next-generation firewalls Proxy servers (proxies) – Software servers that handle all communications from or sent to the Internet Intrusion detection systems Intrusion prevention systems 54 Firewalls and Proxy Servers 55 4. Protecting Servers and Clients Operating system security enhancements – Upgrades, patches WannaCry and NotPetya Case: Windows XP patches Anti-virus software – Easiest and least expensive way to prevent threats to system integrity – Requires daily updates 56
Image of page 14
Outline The E-Commerce Security Environment Security Threats in the E-Commerce Environment Technology Solutions Management Policies, Business Procedures, and Public Laws E-Commerce Payment Systems 57 Management Policies, Business Procedures, and Public Laws Worldwide, companies spend more than $86 billion on security hardware, software, services Managing risk includes: – Technology – Effective management policies – Public laws and active enforcement 58 Developing an E-Commerce Security Plan 59 A Security Plan: Management Policies 1. Risk assessment – Inventory the information and knowledge assets of the e- commerce site and company – Customer information? proprietary designs? business activities? secret processes? price schedules? executive compensation? payroll?
Image of page 15
Image of page 16

You've reached the end of your free preview.

Want to read all 19 pages?

  • Fall '19
  • Cryptography, Public-key cryptography, Pretty Good Privacy, GNU Privacy Guard

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture