Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


e-Commerce Security

No description

Dave Wood

on 8 April 2011

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of e-Commerce Security

Strong password Encryption e-Commerce Security SSL HTTPS Allows client/server applications to communicate
across a network in a way designed to
prevent eavesdropping and tampering. A browser requests a secure page

The web server sends its public key and its certificate.

The browser checks that:
the certificate was issued by a trusted party
the certificate is still valid and
the certificate is related to the site contacted.

The browser then
creates a symmetric encryption key and
sends it to the server using the public key

The web server
decrypts the symmetric encryption key using its private key and
sends back the requested data encrypted with the symmetric key.

The browser
decrypts the data and html document using the symmetric key and
displays the information. What makes a 1. Implement a firewall
2. Develop a corporate security policy
3. Install anti-virus software
4. Keep operating systems up to date
5. Don't run unnecessary network services
6. Conduct a vulnerability test
7. Keep informed about network security
Prevention of Hacking Not in a dictionary
More than eight characters
Contains a number
Contains 'special' characters Fingerprint Scanner
Secure Token
Methods Authentication Hypertext Transfer Protocol Secure A combination of the Hypertext Transfer Protocol with the SSL protocol to provide encrypted communication and secure identification of a network web server. RSA
Certificate RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. Rivest
Adleman RSA Certificate = SSL Certificate
Only in the context of secure websites Secure Sockets Layer Establish the legal identity of the website owner

Establish that the applicant is the domain name owner (or has exclusive control over the domain name)

Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer. Extended Validation SLL Identity Theft Is it is a big problem? What might happen?

How does someone steal your identity?

What can you do to prevent it?
Firewalls What does a firewall do?

It checks the data coming into a computer system via the Internet against a set of rules or criteria, and only lets permitted material through.

It also helps to prevent unauthorised access to computer networks.
They work either by:
allowing ALL traffic unless it does not meet certain criteria, or
allowing NO traffic unless it meets certain criteria.

Basic criteria could be:
Nature of the data
Source of the data Before a certificate is issued the C.A. must:
Full transcript