N-GEN Communications Web-based Seminars ©NGCS

Seminar - An Overview of Communications Technologies


Home

 

Module 6 - Internet, Intranet, Extranet, e-Commerce and Web Services                                      Slide 42 of 70 _________________                                                                                  __________

                                                Key Security Schemes

                                            Encryption Technologies

                                            Digital Signatures

                                            Digital Certificates

                                            Security Protocols

_________________                                                                                  __________

The key security schemes used in e-Commerce systems are encryption, digital signatures, digital certificates and security protocols.

Encryption - The encryption technique is used for securing the transmitted information. Military intelligence has used message coding techniques for centuries. Early coding techniques used the numbers 1-26 to code messages. The current encryption techniques are more complex. Most common encryption techniques are: Public Key encryption, Private Key encryption and combined Public and Private Key encryption. The Public Key is known to all authorized users, but the Private Key is known only to its owner. In Public Key encryption, a sender's device will encrypt data with the receiver's Public Key. At the receiving end the data will be deciphered by using receiver's Private Key. In Private Key Encryption, one party prepares the encrypted message by using a secret key and sends it to the other party. The other party deciphers the message by using the sender's secret key. Encryption standards are developed by the National Institute of Standards and Technology.

Digital Signature - A sender uses the Private Key and the original message to create the document's digital signature. The encrypted message with the Private Key and the digital signatures are transmitted. The receiver extracts the digital signatures to validate the authentication of the message and uses Public Key to read the message.

Digital Certificates - Digital Certificates are issued by trusted certificate authorities for transactions on the Internet. A digital certificate is a binding of a user's identity to the user's Public Key. There are three classes of digital certificates: Class 1, Class 2 and Class 3. Class 1 digital certificates require verification of name, address and an e-mail address. Class 2 digital certificates require proof of physical location as well as Class 1 attributes. The company issuing the certificates will check with the credit databases, Class 3 digital certificates will require proof of who you are and if you are accountable. Class 3 certificates are used by Secure Electronic Transaction (SET) technology. Different classes of certificates are available from VeriSign and MediaLinx.

Security Protocols - Most commonly used security protocols on the Internet are Secure Socket Layer (SSL) and Secure Electronic Transaction (SET).