36

each credit card that he or she plans to use.

 The requirement may cause some management concerns for that
user with more than one credit card.
 Microsoft unveiled Merchant Server, a SET complaint internet
commerce product designed for business to consumer business to
business web sales.
 RSA data security has introduced a developer kit that compiles with
SET. The kit helps developers build SET capable application without
building from scratch and in supported by vendors.
 SET does not use full text encryption because it would require too
much processing time.
 Master card allied with GTE to develop n initiative for electronic
certification services also under the SET standard.
 SET goals are not expected until 1998 or beyond there are several
reason for this.
 Time is required to build consensus among a critical mass of
users for credit card usage, as well as to build a consensus among
a critical mass of usage for business-to-business web commerce.
 It may take several years for technical specifications and
implementations to be installed, tested, and debugged.
 It may take several years to address how web commerce should
be integrated into internal workflow processes for businesses, for
instance, handling internal transfer payments between business
units of a company, handling payments individuals and
businesses.
 Two to three years are needed to build confidence among
participants that secure electronic commerce transactions can, in
fact, be made via the Internet.
Certificates for authentication:
 A digital certificate is a food proof was of identifying both
consumers, and merchants.
 The digital certificate acts like a network version of a driver’s
license- it is not credit, bat used in conjunction with any number of
credit mechanisms, it verifies the users identity.
 Digital certificates, which are issued by certificates authorities
such as VeriSign and cyber trust, include the holder’s name, the
name of the certificates authority a public key for cryptographic
use and a time limit for the use of the certificates.
 The certificates typically include a class, which indicates to what
 37

degree it has been verified.

 For example, VeriSign digital certificates come in three classes.
 Nortel also offers digital certificates as part of its ensues Internet
security software.
 Both Hewlett – Packard Company and IBM have announced their
intentions to use Entrust with their electronic commerce and
security products.
 One of the issues affecting the industry, however, is
interoperability. The document certification practice statement
issued by VeriSign proposes interoperability approaches, but the
outcome was unknown at press time.
Security on web servers and enterprise networks:
 There are two general techniques are available;
 Host security consideration
 Enterprise network security
 Host based security capabilities; these are means by which each
and every computer on the system in mode (more) impregnable.
 Security watchdog system which guard the set of internal
interconnected systems, communication between the internal
worlds must be funneled through, this system.
 These watchdog systems that deal with security within an
organizations own enterprise networks are called firewalls.
 A firewall allows a business to specify the level of access that will
be afforded to networks users.
In general, both methods are required.
 An internet site can set up an anonymous FTP site that allows any
outside user to access files at the site (anonymous FTP is very
useful to companies that wish to place documentation in the public
domain; it also can be used to allow users to download software).
 This could be as a start alone system which is updated only by off-
line means (eg., load a diskette),or by a physically separate post
(eg, console port); or, it could be a system outside the firewall (but
still residing on the overall organization’s networks) called a
bastion.
 The firewall comes into play if the FTP system located on the
organization’s networks, for case of updating.
 38

Host security considerations:

 Host security is a discipline that goes back to the 1960‟s main
frame was perhaps endowed with more rigorous security
capabilities than their successors. Naturally ,security comes at a
price including the following
 The Financial resource spent in acquiring the constituent element
such as packet filters proxy server log hosts, vulnerability
detection tools, smart cards, and so on.
 The staff time spent configuring these tools identifying and
correcting security holes and training the users about the new
tools.
Venues to host infraction:
 In a standalone host environment, host access can be restricted
to logging in at the console through the serial port card or over a
restricted dialup line in a network environment a web server, for
example access is typically available from a variety of sources.
 Individual accessing information on the organization host(Web/HTTP)
 Individual accessing the organization host transparently(e.g., NFS,NIS)
 Individual interrogating the organization host(e.g., via ping,
finger, dig, nslookup )
 Individual running programs on the organization host(rsh , x)
 Individual taking and leaving things (mail,UUCP,FTP,rcp)
 Individual understanding networks logins(rlogin,Telnet)
 The majority of communication utilities in host were designed in
the 1970 and 1980 without a high regard for security at a time the
goal way easy network access.
 Anyone with administrative powers can reconfigure a host‟s IP
address and create specific accounts in order to masquerade as
another host and user on the network.
Host Based security tools include the following:
 Monitoring and logging tools
 Filtering Tools
 Vulnerability detection tools

Web security concerns include the following

 Server side security which involves protecting hosts running
the WWWservers themselves
 Client side security which relates to security issues involved in
 39

requesting WWW service.

 Confidentiality which aims at guaranteeing the privacy of
information transmitted across the network between clients and
servers.
Some basic precautions for the server are the follows
 The http demon server should be executable only by root and
is to be typically invoked only at execution time.
 All files and directories in the server directory structure should be
owned byroot.
 Do not allow user to install scripts in this directory
 Remove all ability for remote logins such as rlogin or telnet
 Remove all nonessential compiler and programming tools that
might beused by attackers to create or run programs on the server.
Enterprise Network Security:
 A firewall (also called a secure Internet Gateway ) supports
communication based security to screen out undesired
communication which can cause havoc on the host
 Host based security is a critical element of overall computer
security although it does not scale easily, nonetheless it must be
employed.
 Ideally an administrator uses all available tools including host
security and communication gateway security.
 It is like having two lacks on a door both methods should be used
for increased assurance .the firewall deployment in the enterprise
network must support the following capabilities ,
 All traffic between the inside and outside must transmit through
the firewall.
 Only authorized traffic based on the security policy is allowed
transit the firewall itself must be immune to penetration.
 Firewalls act as a single focus for the security policy of the
organization and support advanced authentication techniques such
as smart card and one time password.
 Firewall is typically configured to filter traffic based on one of
two design policies.
 Permit unless specifically denied this is weaker because it is
impossible to be aware of all the numbers network utilities you
may need to protect against specifically this approach does not
protect against new internet utilities.
 40

 Deny unless specifically permitted this is stranger because the

administrator can start off with a blank permit list and add only
those function that are explicitly required.
 There are some variation in firewall architecture which modulated
both the security level as the cost and complexity of the hardware.
 There are two categories of firewall

 IP and or TC/UDP datagram(packet)filters(including screening

routers)which parse/filter traffic based on some combination of IP
host and Network address ,IP protocol ,Port number, and possibly
other values.
 Application layer protocol gateways (also known as proxy servers)
which are intermediately hosts that accept incoming request for
communication services and make the appropriate calls on the
client behalf.
Electronic Payment and Electronic payment schemes:
 E-Cash is a form of an electronic payment system where a certain
amount of money is stored on a client’s device and made
Accessible for online transaction.
 Stored-value card – A card with a certain amount of money that
can be used to perform the transaction in the issuer store.
Internet Monetary payment and security Requirement:
 For consumer and merchant to be able to trust one another
,Prevent transmitted payment information from being tampered
with and complete transaction with any valid party ,the following
issues need to be addressed:
 Confidentiality of payment information
 Integrity of payment information transmitted via public networks
 Verification that an accountholder is using a legitimate account
 Verification that a merchant can accept that particular account
 Interoperability across software and network provider.
Confidentiality of payment information:
 Payment information must be secure as it travels across the
internet , without security payment information could be picked up
by hackers as the router communication line or host level possibly
resulting in the production of counterfeit card or fraudulent
 41

transaction.
 There are two encryption methods used symmetric cryptography
and asymmetric cryptography.
 Symmetric cryptography or more commonly called secret key
cryptography, use the same key to encrypt and decrypt a message.
 A commonly used secret key algorithm is the Data Encryption
Standard (DES) Fig 4.1 Asymmetric cryptography, or public key
cryptography, use two distinct keys: a public key and a private
key.
 This allows multiple senders to receiver who uses the private key
to decrypt it .The assurance of security are dependent on the
receiver protecting the private key Fig.42.
 For merchants to use secret key cryptography , they would each
have to administer individuals secret key to all their customer
and provide these Keys through some secure channel .This
channel complex from an administrative perspective.
 This process, the customer generate a random number used to
encrypt payment information using DES. The DES encrypted
payment information and the encrypted DES key are then
transmitted to the merchant.
 To decrypt the payment information the merchant first decrypt the
DES key then use the DES key to decrypt the payment
information .
payment information Integrity :
 Payment information sent from consumer to merchants includes
order information, personal data and payment instruction .The
information is modified, the transaction may no longer be
accurate.
 To eliminate this possible source of error or fraud, an, arithmetic
algorithm called hashing. The hash algorithm generates a value
that is unique to the payment information to be transferred.
 A helpful way to view a hash algorithm is as a one way public
cipher ,in that
It has no secret key
Given a message digest there is no way to reproduce the original
information.
It is impossible to hash other data with the same value.
 To ensure the integrity the message digest is transmitted with the
payment information .The receiver would then validate the
 42

message digest by recalculating it once payment information is

received.
 If the message digest does not calculate the same value sent the
payment information is assumed to be corrupted and is therefore
discarded.

 To rectify the situation the message digest is encrypt using a

private key of the sender (customer).This encryption of a message
digest is called a digital signature.
 43

 A digital signature is created by using public key cryptography ,it

is possible to identify the sender of the payment information .The
encryption is done by using the private key of a public /private key
pair this means only the owner of that private key can encrypt the
message digest.
 Note that the roles of the public/private key pair in the digital
signature process are the reverse of that used in ensuring
information confidentiality.
 A digital signature however, does not authorize a particular
customer to use the monetary account information located in the
payment.
Account holder and merchant authentication:
 Similar to the way card accounts are stolen and used today, it is
possible for a person to use a stolen account and try to initiate an
electronic commerce transaction.
 A way to secure this link is by use of a trusted third party who
could validate the public key and account of the customer this
third party could be one of many organization, depending upon the
type of account used.
 For example if a credit card account were used the third party
could be one of the major credit card companies; if a checking
account were used, the third party could be the federal
clearinghouse or some other financial institution.
 Merchants would then decrypt the public key of the customer and,
by definition of public key cryptography, validate the public key
 44

and account of the customer. For the preceding to transpire

,however, the following is assumed
The public key(s) of the third party (ies)is widely distributed
The public key(s) of the third party(ies) is highly trusted on face value
The third party (ies) issue public keys and accounts after receiving
some proof of an individual’s identity.

Interoperability:
 For electronic commerce to take place, c u s t o m e r
must be able tocommunicate with any merchant.
 Interoperability is then achieved by using a particular set of
publiclyannounced algorithm and process in support of electronic
commerce.
4.2 Payment and purchase order process:
Overview:
 For an electronic payment to occur over the internet the
following transaction/process must occur.
Account holder registration
Merchant registration
Account holder (customer) ordering
Payment authorization
Account holder registration:
 Account holder must register with a third party (TP)that
corresponds to a particular account type before they can transact
with any merchant.
 In order to register, the account holder must have a copy of the
TP‟s public key of the public/private key set.
 45

 To register the account holder will most likely be required to fill

out a from requesting information such as name, address, account
number, and other identifying personal information when the form

is completed the account holder software will do the following.

Fig4.5(152)

1.Create and attach the account holder‟s public key to the form
2.Generate a message digest from the information
3.Encrypt the information and message digest using a secret key
4.Transmit all times to the TP
 When the TP receives the account holder‟s request, it does the
following
 46

Fig 4.6
1. Decrypts the secret key
2. Decrypts the information, message digest, and account holder’s public
key.
3. Computes and compares message digest
 The certified documentation is then encrypted using a secret key
which is in turn encrypted with the account holder’s public key.
 The certified documentation is then verified by the account holder
by using the public key of the TP, thus checking the digital
signature. The account holder’s software for future use in
electronic commerce transaction.
Merchant registration:
 Merchant must register with TPs that correspond to particular
Account type that they wish to honor before transacting business with
customer who shares the same account types.
 For example if a merchant wishes to accept visa and MasterCard
,that merchant may have to register with two TPs or find a TP that
represent both
.
 The merchant registration is similar to the account holder’s
registration process.
Account Holder(customer)ordering:
 To send a message to a merchant the customer (account holder)
must have a copy of the merchant’s public key and a copy of the
 47

TPs public key that corresponds to the account type to be used.

 The order form is completed ,that customer software does the
following

Fig4.7

Encrypts account information with the TP‟s public key.

Attaches encrypted account information to the order form
Creates a message digest of the order form and digitally signs it
with the customer’s private key.
Encrypts the following with the secret key order form, digital
signature, and customer’s.
Encrypts secret key with the merchant’s public key from the merchant
CD.
Transmits the secret key encrypted message and encrypted secret
key to the merchant
 When the merchants software receives the order , it does the following
 48

Fig(4.8)
Payment authorization:
 The processing of an order, the merchant will need a authorize
(clear) the transaction with the TP responsible for that particular
account.
 The authorization assures the merchant that the necessary funds or
credit limit is available to cover the cost of the order.
 The merchant has no access to the customer account information
since it was encrypted using the TP‟s public key thus it is required
that this information be sent to the TP so that the merchant can
receive payment authorization from the TP and that the proper
customer account is debited for the transaction.
TP the following information using encryption and digital signature
process previously described:

 Merchant‟s CD
 Specific order information such as amount to be authorized order,
number, date.
 Customers ID
 Customers account information
 After verifying the merchant, customer, and account
information the TP would then analyze the amount to be
authorized.
 49

On-Line Electronic cash:

Overview:
 E-cash works in the following way: a consumer opens an
account with an appropriate bank.
 The consumer shows the bank some form of identification so that
the bank knows who the consumer is.
 The e-cash is then stored on a PCs hard drive or possibly a
PCMCIA card for later use.
 This transaction could all be done using public key
cryptography and digital signatures as discussed easily.
Problem with simple electronic cash:
 A problem with the e-cash example just discussed is that double
spending cannot be attacked or prevent since all cash would look
the same.
 The bank sees e-cash from a merchant with a certain serial number
,it can trace back to the consumer who spent it and possibly
deduce purchasing habits
 This frustrates the nature of privacy associated with real cash.
Creating electronic cash anonymity:
 To allow anonymity the bank and the customer must collectively
create the e-cash and associate serial number, whereby the bank
can digitally sign and thus verify the e-cash, but not recognize it as
coming from a particular consumer.
 To get e-cash the consumer chooses a random number to be used
as the serial number for the e-cash.
Preventing double spending:
 While the preceding process protects the anonymity of the
consumer and can identify when money has been double spent, it
still does not prevent consumer, or merchant for that matter, from
double spending.
 To create a process to identify double spender but one that keep
the anonymity of lawful individuals requires the use of
tamperproof software and complex cryptography algorithms.
 The software prevents double spending by encrypting an
individual’s identity by using a random secret key generated for
each piece of e-cash.
 50

Fig.4.9
E-cash Interoperability:
 Consumer must be able to transact with any merchant or bank
.Hence process and security standard must exit for all hardware
and software used in e-cash transaction.
 Interoperability can only be achieved by adherence to algorithm
and process in support e- cash-initiate commerce
Electronic payment scheme:
The leading commercial electronic payment schemes that have been
proposed in the past few years and the companies using them.
Netscape. Netscape secure courier electronic payment scheme which
has been selected by intuit for secure payment between users of its
quicken home banking program and bank use SEPP.
Microsoft: Microsoft STT is similar to SEEP/SET in that it provides
digital signature and user authentication for securing electronic
payments. STT is an embellished version of Netscape’s SSL security
tool and is compatible with SSL version 2.0.
Check free: check free corporation provides online payment
processing service to major clients
 51
To major clients, including CompuServe, Genie, Cellular one, Delphi
Internet service corporation and Sky-Tel. check free has also announced
intension to support all security methods that achieve prominence in the
marketplace. e.g., SET.
Cyber Cash: Cyber Cash combines features from checks and Cyber Cash
is a digital cash software system which is used like a money order
guaranteeing payment to the merchant before the goods shifting. Cyber
Cash wants micropayment capabilities of 5 to 20 cents per transaction.

Fig 162
VeriSign: VeriSign is offering its digital signature technology for
authenticating as a component separated from encryption which allows for
export of stronger authentication. IBM is building support for digital ID
into its web browser and internet connection secure server for AIX and
OS/2.
DigiCash: DigiCash is a software company whose products allow users to
purchase goods over the internet without using accredit card. The threat of
privacy loss (where expenses can be easily traced ) gave rice to the idea of
anonymous e-cash ,an electronic store of cash replacement funds which can
be loaded into a smart card for electronic purchase.
First virtual holding: It’s targeting individuals and small business that
want to buy and sell on the internet but cannot afford an extensive on-line
infrastructure. A first virtual e-mail account and first virtual hosting system
to track and record the transfer of information ,products , and payment for
accounting and billing purpose ,consumer and merchant can buy and sell
goods on the internet without sensitive information such as credit card
number moving across the network. All sensitive information is delivered
by telephone.
 52

Fig 165
Commerce Net: In 1993 a group of silicon valley entrepreneurs envisioned
the internet as a whole new model of commerce one defined around global
access a large number of buyers and seller many to many interaction and a
significantly accelerated pace of procurement and development they called
this model Spontaneous commerce.
Netcash :Netcash is the internet answer to traveler’s check. To use Netcash
user must enter their checking account or credit card numbers into an on
screen form and e-mail it to the Netcash.
Other approach: This section lists a few other approaches that have
appeared in the recent past.
Mondex is based on smart card technology initially backed by the united
kingdom’s West minster and midland Banks. The electronic purse is a
handled smart card it remembers previous transaction and use RSA
cryptography.
Openmarket handles credit card transaction via web servers but it was
planningto provide support for debit cards checking account and corporate
purchase order.
Global online use on-line challenge/response. It is based on a third party
originating agreements therefore the seller has a higher cost to enter the
market.
 53

Fig4.13(167)
Wallet and such: Even in the absence of standards(e.g., SET) vendors
have been developing system to handle sales over the internet and
companies willing to accept that the products are not interoperable can
support business before standard become widely deployed.

Unit - IV