e Commerce

Published on June 2016 | Categories: Types, Presentations | Downloads: 53 | Comments: 0 | Views: 287
of 51
Download PDF   Embed   Report

E-commerce explained

Comments

Content


Issues of Security and Privacy in Electronic Commerce
Introduction
Since the invention of the World Wide Web (WWW) in 1989, Internet-based
electronic commerce has been transformed from a mere idea into reality.
Consumers brose throu!h catalo!ues, searchin! for best offers, order !oods,
and "ay them electronically. Information services can be subscribed online, and
many nes"a"ers and scientific #ournals are even readable via the Internet.
$ost financial institutions have some sort of online "resence, alloin! their
customers to access and mana!e their accounts, ma%e financial transactions,
trade stoc%s, and so forth. &lectronic mails are e'chan!ed ithin and beteen
enter"rises, and often already re"lace fa' co"ies. Soon there is ar!uably no
enter"rise left that has no Internet "resence, if only for advertisement reasons.
In early 1998 more than ( million eb servers ere connected to the Internet,
and more than )** million host com"uters. +nd even if actual Internet business
is still mar!inal, the e'"ectations are hi!h. -or instance, +nderson consultin!
"redicts Internet business to !ro from .1* billion in 1998 to ./** billion in
(**(.
0hus, doin! some electronic business on the Internet is already an easy tas%.
+s is cheatin! and snoo"in!. Several reasons contribute to this insecurity, 0he
Internet does not offer much security "er-se. &avesdro""in! and actin! under
false identity is sim"le. Stealin! data is undetectable in most cases. 1o"ular 1C
o"eratin! systems offer little or no security a!ainst virus or other malicious
softare, hich means that users cannot even trust the information dis"layed
on their on screens. +t the same time, user aareness for security ris%s is
threatenin!ly lo.
+ re"ort from 2oldman, Sachs 3 Conotes that hile commercial "ro"erties
such as 4ahoo5 and e6ay receive a lot of attention from investors, business to
business &Commerce is on the ver!e of e'"onential !roth. 0he re"ort "redicts
that &Commerce ill be orth 7S81./ trillion by (**9. :oever, accordin! to a
survey by ;et &ffect Systems, hile 99 "ercent of online consumers use the
Internet to sho", #ust 1* "ercent say they "refer to buy thin!s online. <9
"ercent of consumers cited security and "rivacy concerns.
0herefore, if the security and "rivacy "roblems are addressed e-sho""ers
ill be converted into e-buyers, and the &Commerce ill be "ushed a bi! ste"
forard.
Non-technical Issues
1. Security Awareness
$ost o"inion surveys list =insecurity of financial transactions= and =loss of
"rivacy= amon! the ma#or im"ediments to electronic commerce, but in fact
most users have only a!ue ideas about the threats and ris%s, and a very limited
understandin! of the technical and le!al o"tions for minimi>in! their ris%. +s a
result all %inds of mis"erce"tions e'ist.
-or instance, the cardholder?s ris% in sendin! his or her credit card number
over the Internet is ty"ically overestimated. +t least as of this ritin!
"ayments over the Internet are treated li%e mail-order@tele"hone-order
transactions, hich means that the cardholder is not liable at all. +ll ris% is
ith the merchant.
An the other hand, the ris%s in sendin! sensitive data in an electronic mail
are ty"ically underestimated. 1robably most users of email %no the mere
facts, neither confidentiality nor inte!rity nor availability is !uaranteed. 6ut
nevertheless many users do not hesitate to send all %ind of very "ersonal and
sensitive data to their friends or collea!ues, un"rotected.
7nfortunately, develo"ers of electronic commerce solutions are often as
security unaare and i!norant as their "ros"ective users. -or instance, still
many develo"ers demand that security must be "rovided by =loer layers= in a
=trans"arent= ay. 6ut, for instance, Secure Soc%et Bayer (SSB) in an =o"aCue
soc%et inte!ration= does not ma%e any sense in most case. Security has to be an
inte!ral "art of the architecture, desi!n, and im"lementation.
2. Crypto Regulations
Several countries re!ulate the de"loyment of stron! encry"tion technolo!y
by la. -or instance, -rance controls the domestic use of encry"tion
technolo!y, in order to maintain the ca"ability to eavesdro" on the
communication of criminals. 0he 7S+ "rohibits the e'"ort of stron! encry"tion
"roducts for the mass mar%et, for the same reasons as it controls the e'"ort of
munitions.
Such re!ulations do not discriminate beteen D!oodE and DbadE
a""lications, and limit the security of honest citi>ens and com"anies to at least
the same e'tent as they limit the security of terrorists and or!ani>ed crime.
0herefore several !overnments, in "articular the 7S administration, are illin!
to rela' their cry"to re!ulations, "rovided access to the encry"ted information
ould still be "ossible on demand. 0he idea is to introduce ne D0rusted 0hird
1artiesE here secret %eys must either be escroed in advance, or can be
recovered afterards.
+ll these "ro"osals are still heavily contested, for various technical and
"olitical reasons, 0he 0rusted 0hird 1arties ould be Dsin!le "oints of failureE
for everybodyFs, i.e., ne and e'tremely attractive tar!ets for attac%s. It is
Cuestionable hether any re!ulation of encry"tion technolo!y can be effective
in fi!htin! or!ani>ed crime, tools for stron! encry"tion are "ublicly available,
and ste!ano!ra"hic techniCues can "erfectly conceal the fact that
cry"to!ra"hic techniCues are a""lied.
$any ty"es of commercial transactions reCuire stron! confidentiality, hich
cannot be satisfied in some countries, or across some borders. -or instance,
consider to lar!e com"anies that "re"are a mer!er. Clearly their ne!otiations
reCuire to" confidentiality. &ven the fact that they are "re"arin! the mer!er,
i.e., that they acre communicatin! intensively, ill be e'tremely sensitive. 0his
reCuires actually services for anonymous communication. ;evertheless usin!
the a""ro"riate cry"to!ra"hic tools ould be ille!al in many countries.
1olitical re!ulations are not sub#ect to scientific research. 6ut e clearly see
the need for an international a!reement on a more liberal and consistent
re!ulation of cry"to!ra"hy. &lectronic commerce demands stron!
confidentiality, hich can be im"lemented only by stron! encry"tion schemes.
3. Legal Issues
Surveyin! the o"en le!al "roblems in electronic commerce is beyond the
sco"e of this article. 0he to most im"ortant security-related "roblems are the
folloin!,
• Biability, 0he financial ris% of a user in a s"ecific transaction de"ends on
his or her liability. In "rinci"le, if a user bears no liability, there is no ris%.
0he main issue here is fairness, 0he liability of a user should corres"ond
to the security of his or her technical eCui"ment. -or instance, if it is
technically trivial to for!e the di!ital si!nature of a user then this "arty
should not be held liable for his or her si!natures, in !eneral.
• :armoni>ation, 0he national las that re!ulate electronic commerce over
the Internet (li%e evidential value of di!ital si!natures, consumer
"rotection, co"yri!ht "rotection) are not harmoni>ed, and are "artially
contradictory. Ane side result is that there is no mutual reco!nition
beteen national 1GIs, even here com"arable las e'ist.
Technical Components of eCommerce Security
0here are four com"onents involved in &Commerce Security, client
softare, server softare, the server o"eratin! system, and the netor%
trans"ort. &ach com"onent has its on set of issues and challen!es associated
ith securin! them,
• Client softare is becomin! increasin!ly more security-focused, hoever
sin!le-user des%to" o"eratin! systems historically have had no security
features im"lemented. &Commerce softare that relies on the security
of the des%to" o"eratin! system is easily com"romised ithout the
enforcement of strict "hysical controls.
• Server softare is constantly under test and attac% by the user
community. +lthou!h there have been cases of insecurities, a system
administrator %ee"in! u" ith the latest "atches and vendor information
can "rovide a hi!h de!ree of confidence in the security of the server
itself.
• A"eratin! systems used for hostin! &Commerce servers are securable,
but rarely shi""ed from the vendor in a default confi!uration that are
secure. &Commerce servers must "rotect the database of customer
information accumulatin! on the server as ell as "rovide security hile
the server is handlin! a transaction. If it is easier for a thief to
com"romise the server to obtain credit card numbers, hy bother
sniffin! the netor% for individual credit card numbersH
• Session trans"ort beteen the client and server uses netor% "rotocols
that may have little or no built-in security. In addition, netor%in!
"rotocols such as 0C1@I1 ere not desi!ned to have confidentiality or
authentication ca"abilities.
Why No Unified Standard Method

0he methods and models of securin! &Commerce transactions are as diverse
as the transactions themselves. &Commerce transactions are "erformed ith
varyin! levels of security, from sendin! reCuests in the clear, to encry"ted
"assord "rotection, to usin! di!ital certificates.
So hy not sim"lify thin!s by im"lementin! one standard method for
securin! &Commerce transactionsH 0he "roblem ith creatin! one standard
solution is that there are different and sometimes conflictin! !oals in securin!
a transaction. 0he ob#ectives of the merchant may not be the same as those of
the user or ban%. 0he merchant, for e'am"le, reCuires a valid transaction,
liability covera!e, and "ayment for !oods and services. 0he user ould li%e to
"urchase a "roduct, "rotect "rivacy (name, address, and "ayment
information), and "ay for only the "roducts they have a!reed to "urchase. 0he
institutions "rovidin! "ayment ould li%e to detect and "revent fraud. $any
security solutions address one or more of these security !oalsIbut here one
solution may focus on "rovidin! "rivacy, another may focus only on transaction
validation.
In addition to the differences in security !oals, vendors and !overnments
introduce com"lications into selectin! security standards for &Commerce.
Jendors disa!ree on im"lementations and try to "ush their on "roducts into
standards. ;ational !overnments try to limit and control use of encry"tion to
secure &Commerce transactions. Ane of the benefits of &Commerce is that it
allos a small com"any to distribute and sell "roducts !lobally. 6ut national
las and re!ulations can dilute the standards to the loest common
denominator.
Issues of Security and Privacy in Electronic Commerce
Part II ---- State-of-the-art Report
Peiian !I
"l9aKcs.vir!inia.edu
Crypto"raphy # Pretty $ood Privacy %P$P&
1. The need for cryptography in electronic communications
Cry"to!ra"hy has been around for centuriesL as lon! as there has been
communication, there has been the need for "rivacy and safe, secure methods
of transmission. +lthou!h many ty"es of difficult "roblems can be classified as
cry"to!ra"hy "roblems, hat e are mostly concerned ith today is the ability
to %ee" transmissions "rivate throu!h the use of data encry"tion techniCues.
0his has become an even !reater issue due to the chan!in! nature of
communications since the information revolution. $ore and more "eo"le rely
on electronic communications for the transmission of sensitive or "ersonal
dataL e-mail, e-commerce, -01, and :0$B are all e'am"les of technolo!y that
have already filtered into the social consciousness as "rimary ays for
disseminatin! and !atherin! information and for e'chan!in! !oods and services.
While this technolo!ical shift has made communication faster, easier, and
better in many ays, it has also brou!ht alon! ith it a hole host of difficult
"roblems and social "olicy issues.
0he main "roblem that comes ith electronic communications is the ease
ith hich transmissions can be eavesdro""ed or im"ersonated. 1a"er
communications obviously have security "roblems as ell, documents can be
stolen, steamed o"en, have for!ed si!natures or chan!ed contents. :oever, if
someone is tryin! to catch a s"ecific transmission (or ty"e of communication),
it is much easier hen dealin! ith an electronic medium. It is a trivial matter
for "eo"le to set u" "ro!rams that systematically scan e-mail for %eyords, or
that sniff "ac%ets in a 0elnet session for "assords, hereas randomly steamin!
o"en mass Cuantities of "a"er mail loo%in! for a certain document is clearly
infeasible. +lso, since there can be (and often are) multi"le co"ies of any !iven
electronic transmission, it is difficult to %no if someone has stolen a co"y or
someho altered the ori!inal.
Secondly, there is an access control "roblem. $any electronic transmissions
are made in a broadcast manner, as seen ith cable or satellite television and
ireless "hones. 1eo"le can install devices to interce"t these transmissions,
and senders usually have no ay to either monitor or sto" this. In order to
"revent unanted "eo"le from ma%in! free use of their services, senders must
encry"t their out!oin! transmissions. 0o their "ayin! customers, they can !ive
s"ecial devices to decry"t the information.
-inally, there is the "roblem of authentication, electronic communications
are im"ersonal, and can be easily for!ed by im"ersonatin! I1 addresses,
chan!in! =sender fields= in e-mail, =clonin!= cellular "hone numbers, and so
forth. In order for "eo"le to ant to - and, indeed, be able to - use electronic
communication in the comin! years, it is essential that these "roblems be
resolved. Mi!ht no, advances in cry"to!ra"hy are the best ay to address
these issues. 8ata encry"tion not only "rovides "rivacy and access control by
renderin! communications ille!ible to unauthori>ed "artiesL it can "rovide
effective authentication as ell throu!h the use of di!ital si!natures and
timestam"s.
2. The primary forms of cryptography
0here are to main forms of cry"to!ra"hy, secret-%ey (or symmetric) and
"ublic-%ey (or asymmetric).
Secret-'ey crypto"raphy
Secret-%ey cry"to!ra"hy is the more traditional form, and has been used for
all %inds of communications throu!hout the a!es. In this method, one =%ey= is
used to both encry"t and decry"t the data. + %ey can be anythin! from a
secret-decoder rin! found in a cereal bo' to a hi!hly com"le' mathematical
al!orithmL %eys really only differ in the ease ith hich they can be bro%en by
third "arties. In secret-%ey cry"to!ra"hy, the sender and receiver must have
the same %ey in order for the transmission to or% correctly.
Secret-%ey cry"to!ra"hy suffers from to overhelmin! "roblems. -irst,
any to "eo"le that ant to communicate ith each other must first a!ree on
the %ey to use. 0his ma%es it more difficult to send information to "eo"le that
you do not already %no, and lar!e-scale communication becomes much more
difficult. 0he second, more fundamental, "roblem is that of =%ey mana!ement=,
hich is the system for transmission and stora!e of %eys. In order to a!ree on a
%ey, there must first be some sort of communication that occurs, and this
communication itself can be eavesdro""ed. If some third "arty catches the %ey
that is bein! used, then all further communications beteen the to "arties
are no lon!er secure and "rivate. +lso, the third "arty could easily im"ersonate
communications because it is believed that no one else %nos the %ey. 0his
"roblem is e'acerbated by the fact that the initial "arties mi!ht have no ay
of %noin! that the %ey as stolen. 0his %ey mana!ement issue causes a
=re"udiation "roblem=, later on, either of the "arties could re"udiate messa!es
that had been sent ith secret-%ey encry"tion, claimin! that the %ey had been
stolen and that the messa!es ere com"romised or fa%ed. 0hus, there is
alays an inherent lac% of security and trust in a "urely secret-%ey
environment.
Pu(lic-'ey crypto"raphy
0he %ey mana!ement "roblem inherent to secret-%ey cry"to!ra"hy needed
to be addressed in order for lar!e-scale, secure use of data encry"tion
techniCues. In 19<N, Whitfield 8iffie, a cry"to!ra"her and "rivacy advocate,
and $artin :ellman, an electrical en!ineer, or%in! to!ether discovered the
conce"t of "ublic-%ey encry"tion. Instead of havin! one %ey shared amon! both
users of an encry"ted transmission, each user has his or her on "ublic@"rivate
%ey "air. + user ma%es the "ublic %ey o"en and available to anyone (by
"ublishin! it on-line or re!isterin! it ith a "ublic %ey server), and %ee"s the
"rivate %ey hidden aay here (ho"efully) no one can !et at it. 0he "rivate
%ey is mathematically derived from the "ublic %ey, and thus the to are lin%ed
to!ether. In order to send someone a messa!e, the sender encry"ts the
transmission ith the receiver?s "ublic %ey. 0his can then only be decry"ted by
the receiver?s "rivate %ey. 0hus, anyone can encry"t a messa!e ith someone
else?s "ublic %ey, but only that "erson ould ever be able to read it.
0his method solves the "roblems of secret-%ey cry"to!ra"hy. 6ecause the
only %ey information that needs to be shared is made "ublic, there is no orry
about some third "arty interce"tin! and "ossessin! the %ey. 0his ma%es the
users of the encry"tion surer that their transmissions are secure and "rivate. It
also solves the re"udiation "roblem, because there is no third "arty that could
ever be blamed - each individual is res"onsible for safe!uardin! his or her on
"rivate %ey.
0he inherent ea%ness of the "ublic-%ey method is that the to %eys are
lin%ed to!ether mathematically. If a third "arty fi!ures out the e'act ay that
an individual?s "rivate %ey is derived from his or her "ublic %ey, the hole
security of the system ill be lost. 0he only ay around this liability (so far)
has been to ma%e the derivation so incredibly com"le' that a brute force
attem"t to crac% it ould ta%e a "rohibitively lon! amount of time. +s 1hil
Oimmerman, author of the 1retty 2ood 1olicy (121) "ublic-%ey encry"tion
"ac%a!e says of his softare, =if they Pthe ;S+Q are #ust havin! to use methods
that are not too much shorter than hat e %no in "ublished academic
literature, then it could be from no until the ne't ice a!e before they can
brea% it.= It is easy to see that the Cuality of the method used to create %eys is
essential to the success of any "ublic-%ey system.
)i"ital si"natures
1ublic-%ey also "rovides a mechanism for authenticatin! messa!es that
secret-%ey techniCues do not, di!ital si!natures. 0he sender of a messa!e
com"letes a calculation ("erformed by a hash function) involvin! the actual file
structure to be transmitted, and his or her "rivate %ey, and the result of this
(the di!ital si!nature itself) is a""ended to the end of the transmission. 0he
receiver can then "erform a calculation involvin! the received messa!e and the
sender?s "ublic %ey, and if everythin! is valid, the sender?s identity ill have
been verified. + benefit of this si!nature method is that it not only verifies the
sender?s identityL it also verifies that the ori!inal contents of the transmission
have not been altered in anyay. 6ecause the si!nature is derived from both
the %ey and the data itself, chan!in! the data later on ill cause the receiver?s
verification to fail. 0his "rovides authentication that is even better than a
si!nature on a "a"er document, a si!nature can be for!ed, or the contents of
the document could someho be secretly altered, but ith "ublic-%ey
authentication, this cannot be done.
Comparison of crypto"raphy methods
Clearly, "ublic-%ey systems have the advanta!e in terms of security and
"rivacy, due to a %ey mana!ement strate!y that is inherently more secure.
0hey are also more convenient because there is no e'tra ste" necessary to
decide on a common %ey, and the sender does not have to communicate ith
the receiver "rior to the actual transmission. 0his is an advanta!e hen "eo"le
ho do not actually %no each other ant to communicate, and hen an
individual ants to disseminate information on a lar!e scale. -urthermore,
"ublic-%ey systems "rovide an e'tra layer of authentication, via the di!ital
si!natures, that is missin! in secret-%ey systemsL this "ro"erty of non-
re"udiation is essential, es"ecially hen dealin! ith transmissions of a critical
nature.
0he "rimary disadvanta!e of "ublic-%ey systems is the fact that they are
sloer, due to the e'tra ste"s involved in the encry"tion@decry"tion "rocess.
Ane ay around this is to use a =di!ital envelo"e=, hich is a combination of
the best features of "ublic- and secret-%ey systems. + messa!e is encry"ted
ith secret-%ey cry"to!ra"hy, and the encry"ted messa!e and the secret %ey
itself are transmitted via "ublic-%ey cry"to!ra"hy to the receiver. 0his allos
the actual messa!es to be sent usin! the s"eed of secret-%ey cry"to!ra"hy, but
usin! the "ublic-%ey method to "revent the secret-%ey from bein! interce"ted.
0he to "arties could then continue to use their secret %ey for as lon! as they
deemed a""ro"riate, because they have already "aid the one-time overhead
cost of sendin! the secret %ey.
6ecause of the different natures of these to cry"to!ra"hy schemes, there
is no one method that is alays best for every !iven situation. Secret-%ey
cry"to!ra"hy can be best ta%en advanta!e of hen there is already a closed,
secure environment (such as a ell-"rotected B+;) or sin!le-user environment
(such as a user encry"tin! files on a non-netor%ed 1C). 1ublic-%ey
cry"to!ra"hy is usually "referable hen there is an o"en, unsecured, multi-
user environment (such as the Internet), and there is no safe, reliable ay to
transmit "rivate %ey information.
3. hat is !retty "ood !ri#acy $!"!% and hy is it popular
1retty 2ood 1rivacy (121) as develo"ed by 1hil Oimmerman in 1991, as a
res"onse to a controversial measure in Senate 6ill (NN that ould have reCuired
all encry"tion techniCues to include a bac% door for la enforcement. 121 is
softare that combined several hi!h-Cuality, e'istin! "ublic-%ey encry"tion
al!orithms and "rotocols into one "ac%a!e for secure, reliable electronic mail
and file transfer. 121 "rovides not only encry"tion of data, but di!ital
si!natures, data com"ression, and smooth com"atibility ith e-mail systems. It
is able to run on multi"le "latforms, and it is freely available for donload in
the 7S. 8ue to the usa!e of MS+, I8&+, 8iffie-:ellman, )8&S, and C+S0
al!orithms, 121 falls under the e'"ort restrictions of the I0+M, and may not be
le!ally e'"orted.
-or sendin! di!ital si!natures, 121 uses an efficient al!orithm that
!enerates a hash code from the user?s name and other information about the
data to be transmitted. 0his hash code is then encry"ted ith the sender?s
"rivate %ey. 0he receiver uses the sender?s "ublic %ey to decry"t the hash code.
If it matches the hash code sent as the di!ital si!nature for the messa!e, then
the receiver is sure that the messa!e has arrived securely from the stated
sender.
121 is "retty "o"ular no, es"ecially in the email system, because of its
advanta!es,
• 0he softare is available - for "ersonal use - for free orldide, in
versions that run on a variety of "latforms, includin! 8AS, Windos,
7ni', and $acintosh.
• 121 is based on al!orithms that have survived e'tensive "ublic revie
and are considered e'tremely secure (such as MS+, I8&+, $8/, and
8iffie-:ellman).
• 121 has a ide ran!e of a""licability. It can be used by cor"orations that
ant to enforce a standardi>ed scheme for encry"tin! files and
messa!es, by individuals ho ish to communicate securely over the
Internet and other netor%s, by "olitical !rou"s actively resistin! the
!overnment in totalitarian countries, and so on.
• It as not develo"ed by, nor is it controlled by, any !overnmental or
standards or!ani>ation. -or the many "eo"le ith an instinctive distrust
of =the establishment= or 6i! 6rother, this ma%es 121 attractive.
&. hat is !"!'s limitation
0he main ea%ness in a "ublic system is this, :o do I %no that the "ublic
%ey really belon!s to my corres"ondentH
0he most trivial case is the one here the corres"ondents have had an
o""ortunity to meet, and they?ve handed over a co"y of their %eys on flo""y
dis%. 0hey can each be sure that the %eys belon! to the other "erson.
Abviously, if it is "ossible to do this then it is surely a !ood method of %noin!
that a %ey may be trusted, hoever, it is not alays "ractical - otherise hy
use 1ublic GeyH What if the corres"ondents never metH 0his is here %ey
si!natures come in.
If you have "ersonally verified that a !iven %ey belon!s to a !iven "erson,
then it is common "ractice to si!n that %ey. 0he si!nature is made ith your
"rivate %ey - so only you can ma%e the si!nature - your si!nature may be
verified by anybody, com"arin! the si!nature ith your "ublic %ey.
;o su""ose +lice and 6ob have a mutual friend, 8avid. 8avid has si!ned
both +lice?s %ey and 6ob?s %ey, and both +lice and 6ob have a verified co"y of
8avid?s %ey.
When 6ob e'amines +lice?s %ey he observes that her %ey as si!ned by 8avid,
6ob trusts that 8avid is reliable hen it comes to si!nin! other "eo"le?s %eys.
0herefore 6ob can be fairly certain that the %ey belon!s to +lice.
0he thin! ith 121 in "articular is that 4A7 decide ho is trustorthy hen
it comes to %ey si!nin!. -or instance, it could be that 8avid si!ns any old %ey
ithout really verifyin! the %ey (as described above) - or it could be that
8avid?s "rivate %ey doesn?t belon! to 8avid at all. In these cases you?d mar%
8avid?s %ey as bein! =untrustorthy= and his si!nature ould carry no ei!ht.
In this ay, by verifyin! and si!nin! %eys herever "ossible a =eb of trust=
may be built u". With trusted %eys vouchin! for ne %eys. Af course, the ea%
"oint is no that "erson ho si!ns a %ey ithout #ustification - this is hy 121
is confi!urable to allo the user to say ho much they trust a %ey?s oner to
si!n other %eys, ho many valid si!natures are reCuired for a valid %ey, etc.
Protocols for Securin" ECommerce Transaction
0he security of &Commerce transactions de"ends both on the netor%
"rotocols and the "ayment frameor% used to "erform the transaction.
Network Transport Security
$odels such as S&0, C+-R, 8i!iCash, -irst Jirtual, and $illicent "rovide a
secure "ayment method. :oever, the transaction still de"ends on the "rivacy
and authentication of the data stream. 6asic 0C1@I1 netor%in! "rotocols do
not include encry"tion and stron! authentication. :i!her level "rotocols such
as :001, -01, and 0elnet do little to "rovide advanced security measures
beyond userid and "assord authentication. +ll information sent usin! these
"rotocols is unencry"ted, so the data stream lac%s confidentiality.
0raditional netor%in! "rotocols and a""lications are unable to enforce
stron! security measures for "erformin! &Commerce transactions securely. 0his
lac% of security led to the desi!n and im"lementation of many ne security
"rotocols that strive to reach different security !oals. 0here are some secure
trans"ort "rotocols that "rovide confidentiality and authentication beteen
systems and a""lications by usin! encry"tion. 0he folloin! section describes
some of the more "o"ular secure trans"ort "rotocols.
• *irtual Private Net+or'in" %*PN&
0he InternetFs lac% of security may leave you leery. What can you do if you
#ust ant to !ive com"any insiders and a fe select business "artners and
customers easy and relatively secure remote access to com"any data via the
InternetH 4ou can set u" a virtual "rivate netor%.
Jirtual 1rivate ;etor%in! technolo!y "rovides the medium to use the "ublic
Internet bac%bone as an a""ro"riate channel for "rivate data communication.
With encry"tion and enca"sulation technolo!y, a J1; essentially carves out a
"rivate "assa!eay throu!h the Internet. J1;s ill allo remote offices,
com"any road arriors, and even business "artners or customers to use the
Internet, rather than "ricey "rivate lines, to reach com"any netor%s. So the
com"anies can save a lot of money.
4ou can also use J1;s to lin% remote B+;s to!ether or !ive travelin! staffers,
or%-at-home em"loyees, and business "artners a sim"le ay to reach "ast
com"any firealls and ta" into com"any resources. Jirtual "rivate netor%s
are fle'ible. 0hey are "oint-to-multi"oint connections, rather than "oint-to-
"oint lin%s. 0hey can be set u" or closed don at the netor% administrator?s
ill, ma%in! them ideal for short-term "ro#ects.
J1; has many advanta!es, It is much chea"er for connectin! W+;s than 8**
numbers or dedicated 01 lines. It "rovides encry"tion and authentication
services for a fairly !ood measure of "rivacy. $aintenance of the W+;-to-W+;
connection is left to Internet Service 1roviders. It is hi!hly fle'ible, and can be
set u" and ta%en don very easily.
Jirtual "rivate netor%s may be ne, but the tunnelin! technolo!y they?re
based on is ell established. 0unnelin! is a ay to transfer data beteen to
similar netor%s over an intermediate netor%. +lso called =enca"sulationE,
tunnelin! encloses one ty"e of data "ac%et into the "ac%et of another "rotocol,
in this case 0C1@I1. J1; tunnelin! adds another dimension to the tunnelin!
"rocedure--before enca"sulation ta%es "lace, the "ac%ets are encry"ted so the
data is unreadable to outsiders. 0he enca"sulated "ac%ets travel throu!h the
Internet until they reach their destination, then the "ac%ets are se"arated and
returned to their ori!inal format. +uthentication technolo!y is em"loyed to
ma%e sure the client has authori>ation to contact the server.
htt",@@.masnet.net@internet@issues@v"n.html
• IPSec %Ipv,&
1Sec is a frameor% of o"en standards develo"ed by the Internet
&n!ineerin! 0as% -orce (I&0-). I1Sec "rovides security for transmission of
sensitive information over un"rotected netor%s such as the Internet. I1Sec
acts at the netor% layer, "rotectin! and
authenticatin! I1 "ac%ets beteen "artici"atin! I1Sec devices (="eers=), such as
Cisco routers.
I1Sec "rovides the folloin! netor% security services. 0hese services are
o"tional. In !eneral, local security "olicy ill dictate the use of one or more of
these services,
8ata Confidentiality---0he I1Sec sender can encry"t "ac%ets before
transmittin! them across a netor%.
8ata Inte!rity---0he I1Sec receiver can authenticate "ac%ets sent by the
I1Sec sender to ensure that the data has not been altered durin! transmission.
8ata Ari!in +uthentication---0he I1Sec receiver can authenticate the source
of the I1Sec "ac%ets sent. 0his service is de"endent u"on the data inte!rity
service.
+nti-Me"lay---0he I1Sec receiver can detect and re#ect re"layed "ac%ets.
With I1Sec, data can be transmitted across a "ublic netor% ithout fear of
observation, modification, or s"oofin!. 0his enables a""lications such as Jirtual
1rivate
;etor%s (J1;s), includin! intranets, e'tranets, and remote user access.
I1Sec security services are "rovided at the netor% layer, so you do not have
to confi!ure individual or%stations, 1Cs, or a""lications. 0his benefit can
"rovide a !reat cost savin!. Instead of "rovidin! the security services you do
not need to de"loy and coordinate security on a "er-a""lication, "er-com"uter
basis, you can sim"ly chan!e the netor% infrastructure to "rovide the needed
security services.
6ecause I1Sec is standards-based, Cisco devices ill be able to intero"erate
ith other I1Sec-com"liant netor%in! devices to "rovide the I1Sec security
services. I1Sec-com"liant devices could include both Cisco devices and non-
Cisco devices such as 1Cs, servers, and other com"utin! systems.
Cisco and its "artners, includin! $icrosoft, are "lannin! to offer I1Sec
across a ide ran!e of "latforms, includin! Cisco IAS softare, the Cisco 1IS
-ireall, Windos 9/, and Windos ;0. Cisco is or%in! closely ith the I&0-
to ensure that I1Sec is Cuic%ly standardi>ed.
+ mobile user ill be able to establish a secure connection bac% to his
office. -or e'am"le, the user can establish an I1Sec =tunnel= ith a cor"orate
fireall---reCuestin! authentication services---in order to !ain access to the
cor"orate netor%L all of the traffic beteen the user and the fireall ill
then be authenticated. 0he user can then establish an additional I1Sec
tunnel---reCuestin! data "rivacy services---ith an internal router or end
system.
I1Sec "rovides su""ort for the Internet Gey &'chan!e (IG&) "rotocol and for
di!ital certificates. IG& "rovides ne!otiation services and %ey derivation
services for I1Sec. 8i!ital certificates allo devices to be automatically
authenticated to each other ithout the manual %ey e'chan!es reCuired by
Cisco &ncry"tion 0echnolo!y. 0his su""ort ma%es I1Sec "referable in many cases
for use ith medium-si>ed, lar!e-si>ed, and !roin! netor%s, here secure
connections beteen many devices is reCuired.
In sim"le terms, I1Sec "rovides secure tunnels beteen to "eers, such as
to routers. 4ou define hich "ac%ets are considered sensitive and should be
sent throu!h these secure tunnels, and you define the "arameters hich should
be used to "rotect these sensitive "ac%ets, by s"ecifyin! characteristics of
these tunnels. 0hen, hen the I1Sec "eer sees such a sensitive "ac%et, it sets
u" the a""ro"riate secure tunnel and sends the "ac%et throu!h the tunnel to
the remote "eer.
$ore accurately, these tunnels are sets of security associations that are
established beteen to I1Sec "eers. 0he security associations define hich
"rotocols and al!orithms should be a""lied to sensitive "ac%ets, and also
s"ecify the %eyin! material to be used by the to "eers. Security associations
are unidirectional and are established "er security "rotocol (+: or &S1).
With I1Sec you define hat traffic should be "rotected beteen to I1Sec
"eers by confi!urin! access lists and a""lyin! these access lists to interfaces by
ay of cry"to ma" sets. 0herefore, traffic may be selected based on source
and destination address, and o"tionally Bayer 9 "rotocol, and "ort. (Similar to
C&0, the access lists used for I1Sec are used only to determine hich traffic
should be "rotected by I1Sec, not hich traffic should be bloc%ed or "ermitted
throu!h the interface. Se"arate access lists define bloc%in! and "ermittin! at
the interface.
+ cry"to ma" set can contain multi"le entries, each ith a different access list.
0he cry"to ma" entries are searched in order---the router attem"ts to match
the
"ac%et to the access list s"ecified in that entry.
When a "ac%et matches a "ermit entry in a "articular access list, and the
corres"ondin! cry"to ma" entry is ta!!ed as cisco, then C&0 is tri!!ered, and
connections
are established if necessary.
If the cry"to ma" entry is ta!!ed as i"sec-isa%m", I1Sec is tri!!ered. If no
security association e'ists that I1Sec can use to "rotect this traffic to the "eer,
I1Sec uses IG& to ne!otiate ith the remote "eer to set u" the necessary I1Sec
security associations on behalf of the data flo. 0he ne!otiation uses
information s"ecified in the cry"to ma" entry as ell as the data flo
information from the s"ecific access list entry. (0he behavior is different for
dynamic cry"to ma" entries. Mefer to the section =Creatin! 8ynamic Cry"to
$a"s (MeCuires IG&).=)
If the cry"to ma" entry is ta!!ed as i"sec-manual, I1Sec is tri!!ered. If no
security association e'ists that I1Sec can use to "rotect this traffic to the "eer,
the traffic is dro""ed. (In this case, the security associations are installed via
the confi!uration, ithout the intervention of IG&. If the security associations
did not e'ist, I1Sec did not have all of the necessary "ieces confi!ured.)
Similar to C&0, the router ill discard "ac%ets if no connection or security
association e'ists.
Ance established, the set of security associations (outbound, to the "eer) is
then a""lied to the tri!!erin! "ac%et as ell as to subseCuent a""licable
"ac%ets as those "ac%ets e'it the router. =+""licable= "ac%ets are "ac%ets that
match the same access list criteria that the ori!inal "ac%et matched. -or
e'am"le, all a""licable "ac%ets could be encry"ted before bein! forarded to
the remote "eer. 0he corres"ondin! inbound security associations are used
hen "rocessin! the incomin! traffic from that "eer.
If IG& is used to establish the security associations, the security associations
ill have lifetimes so that they ill "eriodically e'"ire and reCuire
rene!otiation. (0his "rovides an additional level of security.)
$ulti"le I1Sec tunnels can e'ist beteen to "eers to secure different data
streams, and each tunnel uses a se"arate set of security associations. -or
e'am"le, some data streams mi!ht be #ust authenticated hile other data
streams are both encry"ted and authenticated.
+ccess lists associated ith I1Sec cry"to ma" entries also re"resent hich
traffic the router reCuires to be "rotected by I1Sec. Inbound traffic is also
"rocessed a!ainst the cry"to ma" entries---if a "ac%et matches a "ermit entry
in a "articular access list associated ith an I1Sec cry"to ma" entry, that
"ac%et is dro""ed because it as not sent as an I1Sec-"rotected "ac%et.
htt",@@.cisco.com@univercd@cc@td@doc@"roduct@softare@ios11)ed@11)t@
11)tT)@i"sec.htmU'tocid(/99*
• Secure Soc'et !ayer %SS!&
SSB is the Secure Soc%ets Bayer "rotocol. Jersion (.* ori!inated by ;etsca"e
8evelo"ment Cor"oration, and version ).* as desi!ned ith "ublic revie and
in"ut from industry. SSB (Secure Soc%ets Bayer) is a communication system that
ensures "rivacy hen communicatin! ith other SSB-enabled "roducts.
0echnically s"ea%in!, SSB is a "rotocol that runs above 0C1@I1 and belo :001
or other to"-level "rotocols. It is symmetric encry"tion nested ithin "ublic-
%ey encry"tion, authenticated throu!h the use of certificates. +n SSB
connection can only occur beteen an SSB-enabled client and an SSB-enabled
server. In fact, hen a server is runnin! in SSB mode, it can only communicate
throu!h SSB.
htt",@@develo"er.netsca"e.com@docs@manuals@"ro'y@adminu'@encry"t.htm
&ssentially, SSB is symmetric encry"tion nested ithin "ublic-%ey encry"tion,
authenticated throu!h the use of certificates. +n SSB connection can occur only
beteen an SSB-enabled client and an SSB-enabled server. In fact, hen a
server is runnin! in SSB mode, it can communicate only throu!h SSB.
0C1@I1 is 0ransmission Control 1rotocol@ Internet 1rotocol, the basic
lan!ua!e of the Internet, and :001 is :y"erte't 0ransfer 1rotocol, the basic
lan!ua!e of the !ra"hical World Wide Web, a subset of the Internet.
0echnically s"ea%in!, SSB is a "rotocol that runs above 0C1@I1 and belo
:001, ;;01, or other to"-level "rotocols, as shon in the fi!ure belo.
(ow SSL relates to TC!)I! and application protocols.

+n SSB connection is initiated by a netor% broser hen it as%s a server to
send a document throu!h :001S, B8+1S, S;&WS, or other secure "rotocol.
:ere are the !eneral ste"s of SSB-encry"ted communication,

1.0he client sends a reCuest to connect to the secure server.

(.0he server sends its "resi!ned certificate to the client. 0his, and the
first ste", are collectively %non as the handsha%e.

).0he client chec%s hether the certificate as issued by a C+ it trusts. If
so, it "roceeds to the ne't ste". Atherise, the client can cancel the
connection or "roceed. ;etsca"e ;avi!ator and ;etsca"e Communicator
dis"lay a arnin! messa!e sayin! the certificate isn?t trusted and then as%s the
user if they ant to "roceed or not.

9.0he client com"ares the information in the certificate ith the
information it #ust received concernin! the site, its domain name and its "ublic
%ey. If the information matches, the client acce"ts the site as authenticated.

/.0he client tells the server hat ci"hers, or ty"es of encry"tion %eys, it
can communicate ith.

N.0he server chooses the stron!est common ci"her and informs the client.

<.7sin! that ci"her, the client !enerates a session %ey (a symmetric
encry"tion %ey used only for this transaction) and encry"ts it usin! the server?s
"ublic %ey.

8.0he client encry"ts the session %ey usin! the server?s "ublic %ey, then it
sends the encry"ted session %ey to the server.

9.0he server receives the encry"ted session %ey and decry"ts it usin! its
"rivate %ey.

1*.0he client and the server use the session %ey to encry"t and decry"t the
data they send to each other.
$ost commercial Web servers and brosers, as ell as many free Web
servers, su""ort SSB. An the donside, SSB suffers from the !overnment
encry"tion limitations that ham"er the use of cry"to!ra"hy in secure
&Commerce.
• Private Communications Technolo"y
SSB, created by ;etsca"e, "rovides users ith authentication of the server
they are attachin! to, encry"tion of the data sent and received, and inte!rity
of the data bein! sent and received. 1C0, created by $icrosoft, "rovides
"rotection a!ainst eavesdro""in! on a netor% or alterin! a netor% "ac%et.
0he 1rivate Communications 0echnolo!y (1C0) "rotocol furnishes the
folloin! elements of transmission security for client@server relationshi"s over
the Internet,
1rovides symmetric session-encry"tion %eys beteen servers and clients.
+ccommodates authentication of server to client via Certificate of
+uthority (C+) trusted "ublic %eysL o"tionally, it also authenticates client to
server.
Jerifies messa!e inte!rity ith hash function messa!e di!ests, as
e'"lained earlier for the S&0 "rotocol.
1C0 assumes the e'istence of a netor% trans"ort layer (most commonly
0C1@I1), but not a "articular a""lication "rotocol. 0hus 1C0 can be
im"lemented to coe'ist eCually ith :001, -01, and so on.
0he 1C0 "rotocol is similar in record format to ;etsca"e?s Secure Soc%ets
Bayer (SSB) scheme of securin! transmission beteen a Web server and a Web
client. In addition, hoever (as "ointed out by the Actober 199/ $icrosoft
discussion draft), 1C0 offers some advanta!es.
-irst, 1C0 "ermits stron!er authentication because it se"arates the
authentication and encry"tion functions. In SSB these to functions are bound,
ma%in! SSB sub#ect to the current 9*-bit encry"tion %ey limit that the 7.S.
!overnment "laces on e'"ort. 0he "ublic@"rivate %ey "airs used to
authenticate messa!es are s"ecified to be different from the encry"tion %eys.
Indeed, as e sa ith S&0, there is no built-in reCuirement to encry"t a
messa!e at all (but authentication can still ta%e "lace).
Secondly, 1C0 has a more streamlined handsha%e "hase than SSB, resultin! in
faster server authentication.
+lthou!h 1C0 can be used to conduct electronic commerce, it as not
s"ecifically desi!ned for this "ur"ose as S&0 as. 0herefore, ith 1C0, the
merchant obtains the customer?s credit card number. With S&0 the consumer is
"rotected by a hi!her de!ree of anonymity, 0he merchant need only have the
ban%?s voucher that the consumer has enou!h money to "ay for the !oods.
htt",@@."bs.mc".com@eboo%s@1/N(<[email protected]
r0ransmissionSecurity0he1C01rotocol
• S--TTP
S-:001 as desi!ned by &. Mescorla and +. Schiffman of &I0 to secure :001
connections. S-:001 "rovides a ide variety of mechanisms to "rovide for
confidentiality, authentication, and inte!rity. Se"aration of "olicy from
mechanism as an e'"licit !oal. 0he system is not tied to any "articular
cry"to!ra"hic system, %ey infrastructure, or cry"to!ra"hic format. 0he Internet
draft is fairly clear in its "resentation of the "rotocol, althou!h im"lementation
details are s%etchy.
S-:001 is a su"erset of :001, hich allos messa!es to be enca"sulated in
various ays. &nca"sulations can include encry"tion, si!nin!, or $+C based
authentication. 0his enca"sulation can be recursive, and a messa!e can have
several security transformations a""lied to it. S-:001 also includes header
definitions to "rovide %ey transfer, certificate transfer, and similar
administrative functions. S-:001 a""ears to be e'tremely fle'ible in hat it
ill allo the "ro!rammer to do. S-:001 also offers the "otential for
substantial user involvement in, and oversi!ht of, the authentication 3
encry"tion activities.
S-:001 does not rely on a "articular %ey certification scheme. It includes
su""ort for MS+, in-band, out-of-band and %erberos %ey e'chan!e. Gey
certifications can be "rovided in a messa!e, or obtained elsehere. Bi%e SSB,
client "ublic %eys are not reCuired.
+ Secure :001 messa!e is a reCuest or status line, folloed by other headers
(hich must be M-C-8(( com"liant), and some content. 0he content can be ra
data, a Secure :001 messa!e, or an :001 messa!e. 0he reCuest line is defined
as
Secure V Secure-:[email protected] to hich the res"onse must be,
Secure-:[email protected] (** AG
0hese lines are defined to "reclude an attac%er from seein! the success or
failure of a !iven reCuest. Secure :001 ta%es a !enerally "aranoid attitude to
all information, lea%in! as little as "ossible.
0hreats to S-:001 are similar to those a!ainst SSB. :oever, the more
!eneral nature of S-:001 ma%es it difficult to assess e'actly hat is "ossible. In
the case of a hac%er, or loo%er, the attac% on a C+ may be more difficult, due
to the e'istence of multi"le C+s. + %ey could theoretically be verified by
several C+s, ma%in! an attac% infeasible.
0he default o"erational mode of S-:001 is substantially more resistant to
attac% than that of SSB. It resists clear te't cry"tanalysis, $an In 0he $iddle,
and re"lay attac%s. It is more robust than SSB, because o"tion rene!otiation
and retries are "ermitted.
In addition, the cost of clear te't cry"tanalysis of 8&S is substantially hi!her
than that of MC9-9*. (Mecall that 8&S is the default ci"her for S-:001, and MC9-
9* is the default ci"her for SSB.) 0o brea% an MC9-9* %ey in about month costs
about .1(/. 0o brea% a 8&S %ey in one month costs about .1*,*** (e'tra"olated
from Wiener, 1999)
+ /N-bit 8&S %ey costs one million dollars to brea% in < hours. (Wiener, 1999)
0his cost scales u" and don in a linear fashion. (I.&., a 1@( million dollar
machine ill ta%e 19 hours). + month has <(* hours ((9 hours ' )* days), hich
is 1*( "eriods of < hours. 0he cost of brea%in! 8&S in rou!hly one month is thus
about .1* ***, as o""osed to .1(/ for 9* bit MC9.
:oever, S-:001 has its ea%nesses.
0he use of in band %ey e'chan!e is "otentially very "roblematicL the authors
don?t s"end enou!h time ensurin! %eys are transferred "ro"erly. +n im"ro"er
transfer ould be a scheme that sends Gey 6 as &a(6). 0hat is to say, %ey 6
hich re"laces %ey + can not be sent usin! %ey + to encry"t it. If an attac%er
has bro%en %ey +, then he ill have %ey 6, and the chan!e of %ey is a aste of
time (ith res"ect to that attac%er.) &'actly this mista%e as made often by
the Wa"anese in World War 0o. (Gahn) &'"ectin! "ro!rammers to learn from
these mista%es of others (es"ecially /*-year-old mista%es) is a "oor bet.
S-:001, in bein! fle'ible, may offer a "ro!rammer enou!h ro"e to han!
himself. +dmittedly, it does not offer very many bro%en o"tions, but it doesn?t
seem to have anythin! li%e SSB?s =&ncry"t everythin! and don?t seat it=
attitude. + "ro!rammer, es"ecially one not familiar ith issues of security and
cry"to!ra"hy, could thin% =7sin! S-:001 ill "rotect me= and totally fail to
"rovide any cry"to!ra"hic "rotections for his information. 0he li%elihood of this
ha""enin! may be o"en to Cuestion, but the "roblem is orth considerin!.
htt",@@.home"ort.or!@Xadam@shtt".html
S:001 ta%es a different a""roach from SSB. It or%s by e'tendin! the :001
"rotocol (the a""lication layer) rather than a loer layer. ConseCuently,
hereas
SSB can be used for all netor% services, S:001 is a Web-s"ecific "rotocol.
:oever, this has other benefits. +s a su"erset of :001, S:001 is bac%ard
and forard com"atible ith :001 and S:001 brosers and servers. In order to
use SSB, you must have an SSB-enabled broser and server. +dditionally, S:001
is a much more fle'ible "rotocol. 0he server can desi!nate "referred
encry"tion schemes,
htt",@@."bs.mc".com@eboo%s@1/</(1*8<[email protected]:001
S-:001 does not reCuire client-side "ublic %ey certificates (or "ublic%eys),
su""ortin! a symmetric session %ey o"eration mode. 0his is si!nificant because
it means that secure, s"ontaneous transactions can occur ithout reCuirin!
individual users to have an established "ublic %ey. While S-:001 ill be able to
ta%e advanta!e of a ubiCuitous certification infrastructure, its de"loyment does
not reCuire it. S-:001 does not "resume any "articular trust "olicies re!ardin!
certificationL the reference im"lementation?s user interface and administration
tools su""ort both hierarchical and direct-trust certification models.
S-:001 su""orts end-to-end secure transactions, in contrast ith current
usa!e of the e'istin! :001 authori>ation "rotocol hich reCuires the client to
attem"t access and be denied before the security mechanism is em"loyed.
Clients may be ="rimed= to initiate a secure transaction (ty"ically usin!
information su""lied in an :0$B anchor)L this is used to su""ort encry"tion of
fill-out forms, for e'am"le. 7sin! S-:001, no sensitive data need ever be sent
over the netor% in the clear.
S-:001 "rovides full fle'ibility of cry"to!ra"hic al!orithms, modes and
"arameters. A"tion ne!otiation is used to allo clients and servers to a!ree on
transaction modes (should the the reCuest be si!nedH encry"tedH bothH hat
about the re"lyH)L cry"to!ra"hic al!orithms (MS+ vs. 8S+ for si!nin!, 8&S vs.
MC9 for encry"tin!, etc.)L and certificate selection ("lease si!n ith your
=$astercard certificate=).
htt",@@.cs.unc.edu@Courses@c@"ublic@hanes@shtt".t't
• Transport !ayer Security %T!S&
0BS, more commonly %non as SSB, is a "o"ular mechanism for enhancin!
0C1 communications ith "rivacy and authentication. 0BS is in ide use ith
the :001 "rotocol, and is also bein! used for addin! security to many other
common "rotocols that run over 0C1.
0BS is a "rotocol under develo"ment by the Internet &n!ineerin! 0as% -orce
(I&0-). 0BS starts ith ;etsca"eFs SSB v).* and adds features from $icrosoft
1C0 v(.* to ma%e a standard security "rotocol. 0BS, sometimes called the
Secure 0rans"ort Bayer 1rotocol (S0B1), is still in draft form ith the latest
revision dated ;ovember 1998. 0he current draft documents describe ho to
use 0BS ith :001, -01, 0elnet and 0erminal &ditors.
Ari!inally, ;etsca"e submitted SSB v).* as the 0BS standard. 0BS v1.* ill be
very similar to SSB v).*, but because of the fe differences they are not
intero"erable. 0BS ill include the ability to !o bac% to SSB v).*. 0he !oal of
0BS is to "rovide confidential and reliable communication over e'istin!
"rotocols, such as 0C1@I1. 0BS is a""lication inde"endent and "rovides a
frameor% to add 1GI and bul% encry"tion methods as needed. +t this time,
0BS is only a "rotocol on "a"er and is still !oin! throu!h revisions.
Payment Security
Secure "ayment "rotocols are not necessarily tied to any of the
aforementioned trans"ort mechanisms, or even tied to a s"ecific netor%
architecture. 0hese "ayment schemes e'ist in various de!rees of
im"lementation. 0his section describes some of the better %non "rotocols.
• .irst *irtual
-irst Jirtual as one of the first Internet "ayment systems to be available to
the "ublic, becomin! fully o"erational in Actober of 1999. + main !oal of this
com"any as to create an Internet "ayment system that as easy to use.
;either buyers nor sellers are reCuired to install ne softare, (thou!h
automated sale "rocessin! softare is available). If you have access to Internet
email, you can sell or buy over the Internet usin! the -irst Jirtual System.
0he -irst Jirtual "ayment system is uniCue in that it does not use encry"tion.
+ fundamental "hiloso"hy of their "ayment system is that certain information
should not travel over the Internet because it is an o"en netor%. 0his includes
credit card numbers. Instead of usin! credit card numbers, transactions are
done usin! a -irst Jirtual1I; hich references the buyer?s -irst Jirtual account.
0hese 1I; numbers can be sent over the Internet because even if they are
interce"ted, they cannot be used to char!e "urchases to the buyer?s account. +
"erson?s account is never char!ed ithout email verification from them
acce"tin! the char!e.
0heir "ayment system is based on e'istin! Internet "rotocols, ith the
bac%bone of the system desi!ned around Internet email and the $I$&
($ulti"ur"ose Internet $ail &'tensions) standard. -irst Jirtual uses email to
communicate ith a buyer to confirm char!es a!ainst their account. Sellers use
either email, 0elnet, or automated "ro!rams that ma%e use of -irst Jirtual?s
Sim"le $I$& &'chan!e 1rotocol (S$S1) to verify accounts and initiate "ayment
transactions.
0he folloin! ste"s occur durin! a sale hen usin! the -irst Jirtual "ayment
system,
1. $erchant reCuests buyer?s -irst Jirtual 1I; (usually throu!h a form on a
WWW "a!e).
(. $erchant can then chec% hether the Jirtual 1I; actually belon!s to a
real -irst Jirtual account that is in !ood standin!. $erchants can verify
accounts by usin! the folloin! "ro!rams, -in!er, 0elnet, email, or the
-JT+1I utility.
). 0he merchant then initiates a "ayment transaction throu!h -irst Jirtual.
0his "ayment transaction is initiated by sendin! the folloin!
information either by email, 0elnet, or a S$S1 enabled "ro!ram to -irst
JirtualL
• 6uyer?s -irst Jirtual 1I;
• $erchant?s -irst Jirtual 1I;
• 0he amount and currency of the sale
• + descri"tion of the item for sale
9. -irst Jirtual !enerates an email reCuest to the buyer to confirm the sale.
0his email reCuest contains the folloin! sale information,
• 0he merchant?s full name
• 0he amount of the sale
• + descri"tion of the item bou!ht
/. 6uyer confirms sale by sendin! a 4&S res"onse to bac% to -irst Jirtual
• + buyer can also res"ond ;A, to state that they are unsatisfied
ith the item and are unillin! to "ay, or -M+78, to state that
they never made the "urchase and someone must have stolen
their Jirtual 1I;.
• If a buyer does not res"ond in a reasonable time, their account is
sus"ended.
N. -irst Jirtual sends a transaction result messa!e to the merchant,
indicatin! hether the buyer acce"ted the char!es.
<. +fter a aitin! "eriod, (91 days after buyer?s credit card has been
char!ed), the amount of the sale minus transaction fees is directly
de"osited into the merchant?s account.
• ;ote - 0he 91 days aitin! "eriod is in "lace to "rotect -irst
Jirtual from buyers ho dis"ute the char!e on their credit card
and have the credit card com"any char!ebac% -irst Jirtual for all
or "art of the sale.
• $erchant assumes all ris%5
0he -irst Jirtual "ayment system has several advanta!es and disadvanta!es
over other "ayment systems used on the Internet.
/dvanta"es,
• ;either buyer nor seller needs to install any softare in order to use the
system.
• 6uyers are virtually 1** Y "rotected from fraud. ;o char!es are
"rocessed a!ainst their account ithout their confirmation.
• 1urchases are essentially anonymous. 0he merchant is never !iven the
buyer?s name from -irst Jirtual.
• It is e'tremely easy to become a merchant, or seller, under -irst Jirtual.
-irst Jirtual does not screen merchants, nor do they reCuire merchants
to have a s"ecial business account established ith a ban%. +ll a "erson
needs to sell merchandise, services, data, etc. over the Internet is an
ordinary chec%in! account.
• -irst Jirtual has very lo "rocessin! fees com"ared to other Internet
"ayment schemes or even strai!ht credit card "rocessin!.
)isadvanta"es,
• $erchant assumes all ris%5
• &'tremely lon! aitin! "eriod beteen hen a sale is made and hen
"ayment is de"osited in the merchant?s account.
-irst Jirtual as the first electronic "ayment system on the Internet. 0he
model used by -irst Jirtual is as follos, When a buyer ma%es a "urchase
reCuest, the vendor forards the reCuest to -irst Jirtual. -irst Jirtual verifies
the "urchase ith the buyer via e-mail and then "ays only if the buyer
a""roves the transaction. +fter the buyer a!rees to the transaction, -irst
Jirtual ill verify the buyerFs ability to "ay via traditional financial netor%s,
and then notifies the vendor of a successful transaction. If the buyer refuses to
"ay too often or does not res"ond to verification reCuests, -irst Jirtual
sus"ends the buyerFs account to "rotect a!ainst fraud. 0his system can or%
ell for intellectual !oods, here there is no "hysical loss if the buyer refuses
to "ay.
• )i"iCash %e-cash&
8i!iCash (e-cash) uses the minted coin model. 0he e-cash to%ens are di!itally
si!ned entities created by either the buyer or the ban%. In an effort to sto"
fraud, these coins must be routed throu!h the ban% to verify that they are not
co"ies. 0he creation of e-cash to%ens ta%es "lace in such a ay that the value
of the to%en is visible, but the buyerFs serial number is not. 0his "rocess
"rohibits the ban% from trac%in! the buyerFs "urchase. 6asically, the buyer
!ives the seller an e-cash to%en orth the amount of the "roduct. 0he seller
chec%s ith the ban% to see that the e-cash is valid. 0he ban% verifies that the
e-cash is valid and that it is indeed orth the amount s"ecified. 0hen the
transaction is e'ecuted.
• Cy(ercash
Cybercash reCuires the installation of =allet= softare on the buyerFs
des%to". When the buyer ma%es a reCuest, the seller res"onds causin! the
=allet= "ro!ram to run on behalf of the seller. 0he buyer chooses a "ayment
method. 0he seller then sends the "roduct information and "ayment reCuest to
Cybercash. Cybercash chec%s ith e'istin! financial netor%s to verify that
"ayment is "ossible and notifies the seller. 0here are some drabac%s to this
system. 0he =allet= "ro!ram is tied to a "articular des%to", so a user must
alays use the same machine to ma%e "urchases. 1hysical controls and security
of the des%to" are vital. 0his system also ti!htly cou"les the "ayment
information and the "roduct information, introducin! some "rivacy concerns.
0he seller, hoever, does not see the buyerFs "ayment details in the model.
• Millicent
$illicent, desi!ned by 8&C, is a "ayment scheme for handlin! very small
transactions (because of the lo overhead costs). &ach seller "roduces a scri"
used to "urchase "roducts and ma%es it available to scri" bro%ers. When a
buyer ants to "urchase a "roduct, they use the sellerFs scri" to "ay for the
"roduct. If the scri" the buyer sends is orth more than the "roduct, the seller
issues a ne scri" orth the difference to the buyer. + "otential buyer can buy
scri" for a merchant from a scri" bro%er at any time, hoever, the scri" bro%er
may reCuire a minimum "urchase.
• 0pen Mar'et
A"en $ar%et "rovides "ayment throu!h a 8i!ital Arder (8A)@8i!ital Mecei"t
(8M) "air that is cry"to!ra"hically si!ned. 0he buyer ma%es a "urchase reCuest,
and the seller sends a 8A bac% to the buyer. 0he client softare forards the
8A reCuest to a Commerce Service 1rovider (CS1) that verifies the reCuest via
the traditional financial netor%s. 0he CS1 res"onds ith a 8M, hich the
client softare forards to the seller. 0his method "rotects buyers from havin!
to disclose their "ayment methods to the merchant. A"en $ar%et must rely on
a secure trans"ort method (such as SSB) to "rotect the "rivacy of the 8A@8M
hile it is in transit.
• SET
S&0 is a model desi!ned by $asterCard and JIS+. Ather credit card
com"anies (such as +merican &'"ress) have also a!reed to the standards and
"rotocols included in S&0. S&0 reCuires a "ublic %ey infrastructure (1GI) to be
fully functional. Whether S&0 truly uses the traditional financial netor%s or is
a re"lacement for them has yet to be determined. 6asically, the buyer ma%es a
"urchase reCuest, and the seller chec%s ith the "ayment !ateay to see if the
buyer can cover the e'"ense.
In this model, the buyerFs "ayment details remain "rotected from the
merchant, and the merchant does not have to %ee" a database of credit card
numbers to satisfy buyer reCuests. 0his system can loer some of the ris%s for
both the buyer and seller. 0he "ayment !ateay trac%s "roducts "urchased by
buyers, an ability that already e'ists in current credit card use.
• Smart cards
0here are a number of smart card "ro#ects that mirror other "ayment
schemes, such as 8i!iCash, $ode' ($asterCard), and JIS+ Cash. Smart card
"ayment schemes are very "o"ular in &uro"e. 0hese schemes tend to "rotect
the "rivacy of the buyer, hile s"eedin! u" the verification "ortion of the
transaction. &ach smart card has a stored monetary value, and as a buyer
"urchases "roducts, the value on the card is reduced. With smart cards, the
money is lin%ed to the card (not the user), so if a smart card is lost the cash
value still on the card is lost as ell. 0he bi!!est detractor of usin! smart cards
is the need to use s"ecial hardare such as smart card readers. Ane com"any
has attem"ted to overcome that by releasin! a 7niversal Serial 6us (7S6) smart
card that "lu!s ri!ht into a 7S6 "ort ithout reCuirin! any additional hardare.
What Is !ac'in"
Without a !lobal 1GI in "lace, authentication and non-re"udiation of both
the buyer and the seller ill remain a challen!e in &Commerce. $any of the
secure "ayment "rotocols also reCuire a 1GI to function. Currently, com"anies
such as Jerisi!n offer services such as trusted user and business certificates.
:oever, certification authority and di!ital certificate services are s"ecific to
the or!ani>ation that "erforms the certification and are not necessarily
intero"erable.
Without a 1GI standard, security "rotocols cannot verify customer and
merchant identities to the de!ree needed to allo secure &Commerce. 6ut 1GI
solutions are more than a technical challen!e, they are also a hi!h level
"olitical stru!!le.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close