Hi.. please help me .. Produce a research report about Ecommerce and security. T

Question

Hi.. please help me ..

Produce a research report about Ecommerce and security. The report should be well written and organized, and should provide a thorough summarization of the selected network management research area. Include relevant concepts, theories and practices of network management. The report should include critical discussion of the comparative analysis of any of the identified organizations and critical use of relevant concepts, theories, frameworks and examples in discussions and analysis to support and illustrate what is being argued. |

Explanation / Answer

Security and Privacy in Electronic Commerce

Cryptography has been around for centuries; as long as there has been communication, there has been the need for privacy and safe, secure methods of transmission. Although many types of difficult problems can be classified as cryptography problems, what we are mostly concerned with today is the ability to keep transmissions private through the use of data encryption techniques. This has become an even greater issue due to the changing nature of communications since the information revolution. More and more people rely on electronic communications for the transmission of sensitive or personal data; e-mail, e-commerce, FTP, and HTML are all examples of technology that have already filtered into the social consciousness as primary ways for disseminating and gathering information and for exchanging goods and services. While this technological shift has made communication faster, easier, and better in many ways, it has also brought along with it a whole host of difficult problems and social policy issues

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

There are two main forms of cryptography: secret-key (or symmetric) and public-key (or asymmetric).

Secret-key cryptography

Secret-key cryptography is the more traditional form, and has been used for all kinds of communications throughout the ages. In this method, one "key" is used to both encrypt and decrypt the data. A key can be anything from a secret-decoder ring found in a cereal box to a highly complex mathematical algorithm; keys really only differ in the ease with which they can be broken by third parties. In secret-key cryptography, the sender and receiver must have the same key in order for the transmission to work correctly.

Public-key cryptography

The key management problem inherent to secret-key cryptography needed to be addressed in order for large-scale, secure use of data encryption techniques. In 1976, Whitfield Diffie, a cryptographer and privacy advocate, and Martin Hellman, an electrical engineer, working together discovered the concept of public-key encryption. Instead of having one key shared among both users of an encrypted transmission, each user has his or her own public/private key pair. A user makes the public key open and available to anyone (by publishing it on-line or registering it with a public key server), and keeps the private key hidden away where (hopefully) no one can get at it. The private key is mathematically derived from the public key, and thus the two are linked together. In order to send someone a message, the sender encrypts the transmission with the receiver's public key. This can then only be decrypted by the receiver's private key. Thus, anyone can encrypt a message with someone else's public key, but only that person would ever be able to read it.

Digital signatures

Public-key also provides a mechanism for authenticating messages that secret-key techniques do not: digital signatures. The sender of a message completes a calculation (performed by a hash function) involving the actual file structure to be transmitted, and his or her private key, and the result of this (the digital signature itself) is appended to the end of the transmission. The receiver can then perform a calculation involving the received message and the sender's public key, and if everything is valid, the sender's identity will have been verified. A benefit of this signature method is that it not only verifies the sender's identity; it also verifies that the original contents of the transmission have not been altered in anyway. Because the signature is derived from both the key and the data itself, changing the data later on will cause the receiver's verification to fail. This provides authentication that is even better than a signature on a paper document: a signature can be forged, or the contents of the document could somehow be secretly altered, but with public-key authentication, this cannot be done

Pretty Good Privacy (PGP) was developed by Phil Zimmerman in 1991, as a response to a controversial measure in Senate Bill 266 that would have required all encryption techniques to include a back door for law enforcement. PGP is software that combined several high-quality, existing public-key encryption algorithms and protocols into one package for secure, reliable electronic mail and file transfer. PGP provides not only encryption of data, but digital signatures, data compression, and smooth compatibility with e-mail systems

PGP is pretty popular now, especially in the email system, because of its advantages:

The security of ECommerce transactions depends both on the network protocols and the payment framework used to perform the transaction.

Models such as SET, CAF

Related Questions

Navigate

• Browse (All)
• Browse H
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.