







Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Students of Communication, study E-Commerce as an auxiliary subject. these are the key points discussed in these Lecture Slides of E-Commerce : Encryption, Distribution Businesses, Symmetric Key, Public Key, Signature, Rights Management, Time Stamping, Secure Containers, Digital Documents, Special Purpose
Typology: Slides
1 / 13
This page cannot be seen from the preview
Don't miss anything!








TPSs and Content-Distribution Businesses
-^
Encryption^ –
Symmetric Key
Public Key
-^
Signature
-^
PKI
-^
Rights Management
-^
Time stamping
-^
Secure Containers
-^
TPS is a means, not an end. Cannot answer legal,social, or economic questions about ownership of orrights over digital documents.
-^
No TPS is perfect.
-^
Continued improvement in TPS requires ongoingR&D, including “circumvention.”
-^
TPS easier to design for special purpose devices andsystems (
e.g.,
cable television) than for the Internet.
-^
TPS should serve customers’ needs,
e.g.,
assured
provenance, as well as rightsholders’ needs.
ContentDistributor EncryptedContent
PlayerApp.
PlayerApp. PayingCustomer
PayingCustomer
PlayerApp.
Thief (no k)
k^
k
Customer U and content-server use basicsecurity protocol,
e.g.,
SSL, to create “session
key” K
U^
and transfer payment from U to server.
Server sends k` = E(k, K
U
) to U.
U’s browser computes k = D (k`, K
downloads encrypted content, decrypts itusing k, and displays it.
Why can’t U print, save, or otherwise redirectdisplayed content?
-^
Why can’t a hacker steal k while it’s in use?
-^
Interaction of browser with other local-network software, e.g., back-up system?
Alice^ Admin
A
j
A
i
Bob
Admin
B
k
B
l
Eve
Alice
Unwatched Terminals
-^
Administrative Staff Changes
-^
Misconfigurations
-^
OS Bugs
-^
Bad Random-Number Generators Not sophisticated break-ins!
SSL In Online Retailing
-^
Most Internet retail sites use SSL to secure online payments.
-^
Online merchants purchase digital certificates from CAs (
e.g
., Verisign)
to authenticate itself to the browser software.
-^
SSL is NOT an electronic payment protocol. It is used to safelytransmit sensitive financial information (
e.g
., credit card number ,
personal address, etc.)
-^
It means online merchants using SSL (
e.g
., Amazon.com) do not
process the credit cards in real-time. A traditional mailorder/telephone order (MOTO) protocol is used after for paymentprocessing later,
-^
SSL provides security in authentication and communication. It doesnot address other security issues: it is up to the individual to trust aname linked to a certificate, and in its ability to protect and notmisuse its database.