Lesson 9
Ecommerce Security Conclusion
In this module you have been introduced to the basic security mechanism needed in e-commerce. This includes encryption and decryption
techniques, means to provide authentication, certification message integrity, and data security.
The techniques and technologies involved with e-commerce security are often arcane and require the expertise of a specialist. Business
personnel responsible for applying e-commerce for their companies, however, should at least have a basic grasp of the methods and techniques
and, in particular, be sensitive to the needs of security when designing e-commerce business processes. In the next module, we will examine the basic technologies used in e-commerce.
Now that you have completed this module, you should be able to:
- Identify symmetric, asymmetric, and one-way encryption schemes
- Itemize the benefits provided by security implementations such as hashing, message digests, and digital signatures
- Understand the certificate-related infrastructure
- Identify the need for secure electronic transactions
- Identify encryption schemes such symmetric, asymmetric, and one way
- Describe the methods for authentication and identification
- Explain the use of certificates
Key terms and concepts
- Algorithm: a process or set of rules to be followed in calculations or other problem-solving operations, especially by a computer.
- Asymmetric key algorithm: Asymmetric key algorithms, are used to solve two problems that symmetric key algorithms cannot: key distribution and nonrepudiation. The first helps solve privacy problems, and the latter helps solve authenticity problems.
- Asymmetric encryption:
- Authentication
- Certificate authority (CA):In cryptography, a certificate authority (CA) is an entity that issues digital certificates, where the digital certificate certifies the ownership of a public key by the named subject of the certificate.
- Cryptography
- Certificate
- Ciphertext
- Cryptanalysis
- Data Encryption Standard (DES):The Data Encryption Standard (DES) is an outdated symmetric-key method of data
- Digital envelope
- Hash algorithm
- Hashing
- MD5
- Message digest:A message digest is a cryptographic hash function containing a string of digits created by a one-way hashing formula.
- One-way encryption
- Plaintext
- Public-key encryption
- RSA
- Hash Algorithm (SHA):In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest rendered as a hexadecimal number, 40 digits long.
- Symmetric encryption
- firewall: A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules.
- encryption
- key
- bit
- compression: In signal processing, data compression, source coding, or bit-rate reduction is the process of encoding information using fewer bits than the original representation.
In the next module you will learn about e-commerce solutions.
Digital Signature Authentication - Quiz
Click the Quiz link below to review what you've learned about Web-based security using various methods of encryption.
Digital Signature Authentication - Quiz