CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS

Size: px
Start display at page:

Download "CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS"

Transcription

1 70 CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 4.1 INTRODUCTION In this research work, a new enhanced SGC-PKC has been proposed for improving the electronic commerce and Internet security. This is important in e-commerce security because authentication is necessary for verifying the identity of users which is crucial when an organization uses the Internet for its business. Strong authentication mechanisms ensure that persons involved in the transactions are the entities they claim to be. In e-commerce applications, encryption and decryption algorithms are used to secure communications and ensure the privacy of data sent from one customer to merchant vice versa. In this thesis, the proposed extended SGC-PKC algorithm has been used to provide non-repudiation through self signatures which proves that a specific user has performed certain operations at a given time. The extended SGC-PKC algorithm proposed in this work provides a secure and non-breakable environment for deploying e-commerce and also provides a reliable environment for building virtually any type of electronic transactions, from corporate intranets to Internet-based e-commerce applications.

2 71 Based on protocol developed in chapter 3 we will study the enhancements achieved by deploying ESGC-PKC to traditional explicit certificate based application. Traditional public key cryptographic systems use either hierarchical certification or web of trust based certification method to authorize the public key and identity of the certificate holder. SGC can be deployed in both these applications. This chapter explains the deployment of the proposed extended SGC-PKC algorithm in three non-commercial applications namely e-tender systems, online beneficiary system and financial management system. Security analysis has been carried out for each application with respect to authentication, confidentiality and integrity. 4.2 DEPLOYMENT OF ESGC-PKC IN AN E-TENDER SYSTEM Introduction Tendering is a method by which councils acquire goods and services and includes the core activities like the advertising of the requirements for goods or services, preparation of tender documents, registration of suppliers to receive tender documents, pre-qualification of suppliers for a particular tender, delivery of tender documents between the council and bidders, opening of responses to the tender, evaluation of responses to the tender and awarding of the contract. E-tendering is the method of carrying out the tendering process using electronic means such as, Internet and specialist e-tendering software applications. An e-tendering system facilitates the complete tendering process from the advertisement of the requirements through the placing of the contract. This includes the exchange of all relevant documents in electronic format. In order to realize better cost savings and to increase efficiency, replacing the manual paper-based tender procedures by electronic - facilitated

3 72 system has become an essential element in process re-engineering. With a highly automated e-tendering system, tendering works such as tender specification, advertising, tender aggregation as well as the evaluation and placing of the contract can be prepared at ease ESGC-PKC in e-tender By deploying the extended SGC-PKC in the e-tender system, the access control mechanism and also the security audit trails increase the security accountability. In this scenario, all bidders are able to generate their own keys for every tender publishing and they can separately register for a particular tender. In e-tendering, bidding information is to be collected by the system from every supplier for the opening process. Opening of bid is handled by use of a technique called e-chat, where in the bidding price of every bidder in the current tender is shown to others. The bidder opens his tender proposed document with the use of his keys, which is already generated by the bidder itself. By comparing the prices of all bidders, the administrator chooses the level 1 (lowest quoted) bidder at the same time. In the e-tendering application developed in this work, the user key generation module provides the public and private key for the bidder with the use of identity, partial key and secret value (obtained from the bidder). The bidders have been provided with a facility to view the list of tenders and make bidding on the tenders in which (tender) they are interested. The bidder can bid a tender by providing their bidding ID, tender reference number, tender amount quoted by the particular bidder, the tender document. Moreover, another bidder can also bid the same tender by providing their details by using a different web browser which wills multicast it to different bidding companies.

4 Online Meeting for e-tender The final stage of this e-tender system is the online meeting. After the bid documents have been submitted by the bidders, the documents are kept confidential and are maintained in a secured directory, to ensure that no one opens the documents before the due date. Only on the specified date, the documents can be opened as mentioned as bid opening date and time in the tender details. On the day of opening, the bidder has to login and visit the organization s site during the tender opening time period in order to view the opening of the bid documents. This application has been developed to enable the bidders to view the opening of the documents i.e. the server s state, from a remote machine while opening the bid documents. For this purpose, MulticastSockets are used in order to transmit the packets from the server to the bidder s remote system. The multicast datagram socket class has been used in the work for sending and receiving Internet Protocol (IP) multicast packets. Multicast is used here for communication in order to communicate only with a selected set of connected members. MulticastSocket is a User Datagram Packet (UDP), with additional capabilities for implementing joining "groups" of other multicast hosts on the Internet. A multicast group is specified by a class D IP address and by a standard UDP port number. One would join a multicast group by first creating a MulticastSocket with the desired port and then by invoking the joingroup (InetAddress groupaddr) method. When one sends a message to a multicast group, all subscribing recipients to that host and port receive the message. The sender socket needn't be a member of the multicast group to send messages to it. When a socket

5 74 subscribes to a multicast group/port, it receives datagram sent by other hosts to the group/port, as do all other members of the group. On successful decryption of the tender document for each and every bidder on the online chat, it is viewable by all the bidders for a tender. A certificate is created at this time based on the organization s formats and requirements provided during the registration process. This generated certificate will be used for signing the bidder document to ensure the authentication and confidentiality. Every bidder will join the chat and open his document. The corresponding bidder s price will be displayed in the online chat. At last, the lowest price bidder will be chosen as the bid winner which can be viewed by every bidder. Effect on turnaround time depends on number of bidders for existing e-commerce and extended SGC-PKC based e-commerce. The processing delay at the server was kept constant and data sizes for different bidders of 100KB, 200KB, 500KB and 1MB were used. This was done for different scenarios of product discovery from 1 to10 bidders, and the results are shown in Figure 4.1. Figure 4.1 Effect of turnaround time for different bidders

6 Security Analysis In an e-tender, where the consumer and the merchant communicate indirectly via software entities and the Internet, trust must be somehow established between the two parties. In order to achieve trust, the following security functions must be performed Authentication: Each party need to authenticate its counterpart, i.e. to make sure that the counterpart is the one he claimed to be. Integrity: Each party needs to make sure that the received messages are not altered or fabricated by other than their counterpart. Confidentiality: Each party wants to keep the content of their communication secret. Message authentication: Each party wants to make sure that the received messages do really come from his counterpart. In order to achieve these, digital certificates have been generated and used in this research work. The generation of digital certificates for a bidder s happens using a sequence of steps. Once the bidder fills the form and submits it, the data submitted by the bidder is encrypted using the extended SGC-PKC algorithm proposed in this work. The implemented new proposed SGC algorithm has been implemented using the Java Cryptographic Extension (JCE) feature. The encrypted values are sent to the merchant site as byte values. On the merchant site, the byte values are converted back into BigIntegers and are decrypted using their private keys.

7 76 On successful decryption, a directory will be created for that bidder by the name of the unique Tax payer s Identification Number (TIN). In that directory, a unique digital certificate will be created for that bidder organization unit by the name of that TIN. The certificate is created based on the organization details provided during the registration process. This generated certificate is used for signing the bidder document to ensure the authentication, integrity and confidentiality. 4.3 ESGC-PKC FOR ONLINE BENEFICIARIES FUND TRANSFER Introduction The second application considered in this research work is the Online Beneficiaries Fund Transfer, where the newly proposed SGC-PKC algorithm has been deployed and tested. This deployment of extended SGC- PKC algorithm in the online beneficiaries funds transfer applications eliminates the potential threats and vulnerabilities that can occur on this online system Security Model The security model for the online beneficiaries fund transfer application is based on the extended SGC-PKC without pairings. This integration of online transactions and non-pairing based extended SGC-PKC, in the online beneficiary fund transfer system provides an enormous potential in the real time environment. Implementation of this model has been carried out using Java security class methods since they provide methods for generating public key certificates. However, the built-in methods of Java have been extended in this

8 77 research work in order to implement the newly proposed extended SGC-PKC algorithm. The certificate can be used to verify that a public key belongs to an individual. Canonical encoding rules (CER) have been used in this work which is a restricted variant of Basic Encoding Rules for producing unequivocal transfer syntax for data structures. A Personal Information Exchange (PFX) file has been used in this implementation file which contains public and private key information used to securely sign, encrypt or authenticate something. This file is typically used as a means of creating certificates to authenticate Websites, applications or encrypted file systems. The Figure 4.2 shows the extended self-generated-certificate developed in this work. Figure 4.2 Certificate of ESGC

9 Online Beneficiaries Fund Transfer The extended SGC-PKC without pairings proposed in this work can fit in any application, where the user wants to do transactions with multiple users in secure manner i.e., it will be adopted in one-to-many communications. In this application, the users need to register themselves before they perform any transactions. Whenever the user registers all his/her details, the user must accept the terms and conditions so that when they submit it to the key generation module, a certificate will be generated. The online beneficiary fund transfer security model proposed in this work has been implemented as aforesaid online chatting, where every account has its own public key certificate to communicate with the server. So, the customer can communicate with other customers (who are all beneficiaries) via the server and also the customer can do one-to-many transactions by selecting a particular beneficiary who is in the created list. In the current online transaction processing systems, an online fund transfer using a beneficiary happens with one side authentication only where the customer has the beneficiary s account number for transaction. The customer submits the money transfer order to the bank then the bank validates the request and transfers the money to the beneficiary s account. The communication between the customer and the bank is performed using SSL (https), where the customer s request is encrypted and sent to the bank server. In the server, the request is decrypted using the private key of the customer and it is processed. After the successful processing of the request, the amount will be transferred to the beneficiary s account from the customer s account. In this research work, the proposed extended SGC-PKC has been integrated with the beneficiary application for improving the security measures in the online account-to-account fund transfer. The following

10 79 features are provided for registering in our online banking account-to-account fund transfer application. Therefore, the customers are requested to register by providing the information requested in the registration form. Based on the customer s details (information), individual certificates are generated by this application for each and every customer. After registration, the customer can login with use of created username, password and the provided pin number. After login, the customer can view their details and in addition they can perform other operations like checking the balance amount, withdrawing and depositing. In the same page, the customer can include a list of other customers in the beneficiaries list and the customer can have an authenticated transaction with these beneficiaries Beneficiary Module The beneficiary list is created by the customer by providing beneficiary details for their registration. Now, the beneficiary (another customer) is sent with a message with the options Accept and Reject for the confirmation of the list based on their willingness to be a beneficiary. After the beneficiaries are included in the customer list, the facility for transfer of amount to multiple beneficairies will be established by this application. This system contains all the beneficiary names to the particular customer and also shows the balance amount of him/her and ask for transferring amount. Once the transaction is over, the balance amount will be shown to the customer. Figure 4.3 shows the effect on turnaround time depends on number of beneficiaries for existing online beneficiaries fund transfer and extended SGC-PKC based online beneficiaries fund transfer.

11 80 Figure 4.3 Effect of turnaround time for different beneficiaries Security Analysis This non-pairing extended SGC-PKC supported online beneficiary fund transfer has been designed in such a way that it provides the security services like authentication of beneficiaries. This type of security solutions for online payment transactions prevents payments from being manipulated by non-beneficiaries. While making a payment, the extended SGC-based security services prompts the customers to verify the data provided upon entering a beneficiary to whom the customer have not made a funds transfer before using a high profile password. Authentication is not required however for all new beneficiaries. The beneficiaries who are already approved do not require re-verification. It enables the customers to confirm new beneficiaries easily. The online account-to-account fund transfer is based on reliable customers as beneficiaries and hence it ensures integrity. The encryption and decryption are happened by the user generated keys, thus there will be surety on the data transaction between the beneficiaries.

12 FINANCIAL MESSAGING SYSTEM USING ESGC-PKC Introduction Financial Messaging is used word-wide in different countries on various forms for financial message transactions. Financial Messaging System finds maximum utilization is Electronic Fund Transfer Systems. The primary goal of any Electronic Fund Transfer Systems is to enable the circulation of money in its economy. Fund Transfers can happen between inter or intra banks where it is necessary to carry out these transactions securely and efficiently. It is recognised worldwide that an efficient and secure payment system is an enabler of economic activity. It provides the features essential for effecting payments and transmission of monetary policy. Payment systems have encountered many challenges in the past and are constantly adapting. The four broad tenets of any financial messaging system are Safety, Security, Soundness and Efficiency, which are necessary to reduce risk. A security system for financial system must address the issues relating to confidence, with specific reference to the users of these systems. In such systems, soundness will be aimed at ensuring that the systems are built on strong edifices and that they stand the test of time. Efficiency represents the measures aimed at efficiencies in terms of costs so as to provide optimal and cost effective solutions. Most of the current finance systems are built using PKI for securing its transaction. Even though PKI is widely adopted and well known security infrastructure, it has some serious draw back (Ellison and Schneier 2007) Financial Messaging System Application In this thesis, financial messaging system is the third application which has been considered for testing proposes extended SGC-PKC. This

13 82 SGC-PKC can fit in any application, where the user wants to do transactions with multiple users in secure manner i.e., it will adapt to one-to-many communications. In this application, the users must register themselves before performing any transactions. Whenever the user registers all his/her details are given to the system and the user must accept the terms and conditions provided by the system. When the user completes the registration procedure, the system generates a digital certificate to the user Communication Figure 4.4 shows the architecture of Financial Messaging System. Bank A is directly connected to Central Server, the banks C and D are members of the Common Gateway and their branches are connected to Common gateway which in turn is connected to Central Server. In the architecture shown in Figure 4.4 and the message flow for intra and interbank scenarios are explained in subsequent sections. Figure 4.4 FMS architecture

14 Intra-bank Messages The intra-bank message flow has been specially handled by the Bank internal server or using common gateway Inter-bank Messages In general, the Inter-bank Bank messages flow first to parent Gateway, then to Server, and finally to Destination Gateway towards the destination Branch. However, under common gateway, if the message is meant for another bank which is a member of common Gateway, the parent Gateway and destination gateways would be under same server and because of this FMS treats as intra-bank message from and to a member bank under common gateway would be treated as intra and this would be transparent to the users. In view of the Figure 4.4, the messages flow between Bank C to Bank D though inter-bank in nature would be handled as an intra-bank. The Current FMS system uses the traditional PKI system for all communication messages which requires the trusted third party to verify the certificate, which can be replaced with SCG certificates. Figures 4.5 and 4.6 shows the implementation of messages are sending and receiving securely by the extended SGC-PKC based algorithm from user to server. The message has been encrypted with the public key of the certificate created for that user. The encrypted message along with the file attached is sent to the server by means of the Financial Messaging System, which takes care of the encrypted messages which is being sent from client to the server. The message and document are decrypted at the server side by means of the private key from the certificate generated for that user. The main operation carried out by this system is fund transfer.

15 84 Figure 4.5 Sending messages Figure 4.6 Receiving messages

16 85 Figure 4.7 shows the effect on turnaround time depends on number of banks for existing financial messaging system and extended SGC-PKC based financial messaging system. Figure 4.7 Effect of turnaround time for different banks Security Analysis Authentication Authentication is performed easily by verifying the use of destination bank certificate. All the banks that are having the relevant keys are generated by the key generation module which is used for verification. The ESGC binds the bank identity and the public key together. The authentication is greatly achieved because the verification is done only by the sender s public key and its identity. It ensures that the origin of a request message or response message for creating the destination list is correctly identified, with an assurance that the identity is not false.

17 86 Integrity With respect to the newly proposed SGC, if there are any changes in the bank details then the public key, private key and the certificate are made by the respective bank only by creating a new certificate. The transaction is held without loss of data because all the cipher contents are generated by use of the relevant keys. Thus, the keys are generated based on the information given by the bank and also it is purely generated by the bank only. Moreover, the keys for extraction are known only to the banks. Thus, it ensures that only authorized banks are able to access/view the transmitted information. Confidentiality Confidentiality ensures that the transmitted information is accessible only for reading by authorized banks. The encryption and decryption are purely done by the keys involved in the certificate which is generated by the customer itself. So, there is no point on non-privacy on the information which is transmitted on beneficiary based account-to-account fund transfer. This is accomplished by enforcing access control policies. 4.5 RESULTS AND DISCUSSION Table 4.1 shows the comparison of the time consumption of various public key algorithms and key management schemes for three e-commerce applications. It shows that for all three e-commerce applications the ESGC- PKC is consume very low number of seconds compared with the existing algorithms based e-commerce applications.

18 87 Table 4.1 Time consumption of various PKC for secure transactions (in seconds) Applications/ Algorithms E-Tender Online Beneficiary Fund Transfer (in milliseconds) Financial Messaging RSA ELGAMAL ECC SGC-PKC ESGC-PKC Time comparison between the existing non-commercial e-commerce application and SGC based e-commerce applications is shown in Figure 4.8. For the newly proposed SGC based e-commerce applications, the time consumption is very low with the existing cryptosystem based e-commerce applications. The main part of computation is purely depending on the number of secure transactions. Figure 4.8 ESGC transaction performances

19 88 Table 4.2 shows a comparison of the newly proposed SGC-integrated e-commerce system security before and after. The comparison is based on effectiveness of blocking security attacks related to the system. It is focused that the newly proposed SGC algorithm is handled all the attacks. Table 4.2 A comparison of ESGC-integrated e-commerce before and after Security Services Security Attacks Before ESGC After ESGC Authentication Certificate Replacement No Completed IP spoofing Partial Completed Malicious Partial Completed Message Replacement No Completed DoS No Completed Access Control Buffer Overflow Partial Completed DoS No Completed Integrity Message Replacement No Completed Certificate Replacement No Completed Compromised Key Attack No Completed Confidentiality Brute-Force Partial Completed Dictionary Partial Completed Figure 4.9 shows the efficiency comparison between the existing e-commerce applications and the extended SGC-based e-commerce applications algorithms regarding various security services such as confidentiality, authentication, access control and integrity. The efficiency comparison is purely based on the results of the security attacks on various security services as mentioned in the Table 4.2. It is found from the

20 89 comparison only the newly proposed SGC based application is able to employ all the security services. Figure 4.9 Efficiency of security services on deployed e-commerce 4.6 SUMMARY The proposed ESGC-PKC has been deployed in an e-tender system that maintains several bidders. The bidders are bidding for a particular tender, the level 1 bidder is chosen by use of e-chat in the presence of all other bidders in the meeting and the various security analysis will provided. By integrating the ESGC-PKC with FMS based fund transfer, one bank can transact with multiple banks in secure manner. It is proved that the major security services like authentication, integrity and confidentiality are achieved. Non-pairing ESGC-PKC has been deployed on online beneficiary based account-to-account fund transfer and therefore one customer can transact with multiple customers in secure manner. It is proved that the major security services like authentication, integrity and confidentiality is also achieved. Finally, Financial Messaging System has been implemented as the third application. By deploying the proposed extended SGC-PKC in all these applications, the security of these e-commerce systems has been enhanced.

Securing your Online Data Transfer with SSL

Securing your Online Data Transfer with SSL Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does

More information

Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173 Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10. Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web

More information

Security Policy Revision Date: 23 April 2009

Security Policy Revision Date: 23 April 2009 Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure

More information

SSL Overview for Resellers

SSL Overview for Resellers Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

CS 356 Lecture 28 Internet Authentication. Spring 2013

CS 356 Lecture 28 Internet Authentication. Spring 2013 CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Learning Objectives. attacks. 2. Describe the common security practices of businesses of

Learning Objectives. attacks. 2. Describe the common security practices of businesses of E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.

More information

ELECTRONIC COMMERCE WORKED EXAMPLES

ELECTRONIC COMMERCE WORKED EXAMPLES MODULE 13 ELECTRONIC COMMERCE WORKED EXAMPLES 13.1 Explain B2B e-commerce using an example of a book distributor who stocks a large number of books, which he distributes via a large network of book sellers.

More information

Chapter 10. Cloud Security Mechanisms

Chapter 10. Cloud Security Mechanisms Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based

More information

WIRELESS PUBLIC KEY INFRASTRUCTURE FOR MOBILE PHONES

WIRELESS PUBLIC KEY INFRASTRUCTURE FOR MOBILE PHONES WIRELESS PUBLIC KEY INFRASTRUCTURE FOR MOBILE PHONES Balachandra Muniyal 1 Krishna Prakash 2 Shashank Sharma 3 1 Dept. of Information and Communication Technology, Manipal Institute of Technology, Manipal

More information

Authentication Application

Authentication Application Authentication Application KERBEROS In an open distributed environment servers to be able to restrict access to authorized users to be able to authenticate requests for service a workstation cannot be

More information

Websense Content Gateway HTTPS Configuration

Websense Content Gateway HTTPS Configuration Websense Content Gateway HTTPS Configuration web security data security email security Support Webinars 2010 Websense, Inc. All rights reserved. Webinar Presenter Title: Sr. Tech Support Specialist Cisco

More information

Information Security Basic Concepts

Information Security Basic Concepts Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Controller of Certification Authorities of Mauritius

Controller of Certification Authorities of Mauritius Contents Pg. Introduction 2 Public key Infrastructure Basics 2 What is Public Key Infrastructure (PKI)? 2 What are Digital Signatures? 3 Salient features of the Electronic Transactions Act 2000 (as amended)

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

More information

WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT

WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT Namzak Labs White Paper, 2002-02 Version 1 September 30, 2002 Overview As deployment of computer applications over the Internet becomes more prevalent, companies

More information

Cryptography and Network Security Sixth Edition by William Stallings

Cryptography and Network Security Sixth Edition by William Stallings Cryptography and Network Security Sixth Edition by William Stallings Chapter 1 Overview The combination of space, time, and strength that must be considered as the basic elements of this theory of defense

More information

PKI COMPONENTS AND RELATED STANDARDS.

PKI COMPONENTS AND RELATED STANDARDS. PKI COMPONENTS AND RELATED STANDARDS. COMESA/POTRAZ Zimbabwe 4-6 May 2016. Dr. Izzeldin Kamil Amin Associate Professor. Faculty of Mathematical Sciences University of Khartoum. izzeldin@outlook.com PKI

More information

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn Web Payment Security A discussion of methods providing secure communication on the Internet Group Members: Peter Heighton Zhao Huang Shahid Kahn 1. Introduction Within this report the methods taken to

More information

Understanding digital certificates

Understanding digital certificates Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk

More information

ISM/ISC Middleware Module

ISM/ISC Middleware Module ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Network Security Protocols

Network Security Protocols Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination

More information

SECURITY IN ELECTRONIC COMMERCE - SOLUTION MULTIPLE-CHOICE QUESTIONS

SECURITY IN ELECTRONIC COMMERCE - SOLUTION MULTIPLE-CHOICE QUESTIONS MULTIPLE-CHOICE QUESTIONS Each question has only one correct answer, which ought to be clearly pointed out with an 'X'. Each question incorrectly answered will be evaluated as minus one third of the mark

More information

Secure Use of the New NHS Network (N3): Good Practice Guidelines

Secure Use of the New NHS Network (N3): Good Practice Guidelines Programme NPFIT Document Record ID Key Sub-Prog / Project Information Governance NPFIT-FNT-TO-IG-GPG-0003.01 Prog. Director Mark Ferrar Status Approved Owner Tim Davis Version 1.0 Author Phil Benn Version

More information

Chapter 37. Secure Networks

Chapter 37. Secure Networks Chapter 37 Network Security (Access Control, Encryption, Firewalls) Secure Networks Secure network is not an absolute term Need to define security policy for organization Network security policy cannot

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions February 2005 All rights reserved. Page i Entrust is a registered trademark of Entrust,

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

What security and assurance standards does Trustis use for TMDCS certificate services?

What security and assurance standards does Trustis use for TMDCS certificate services? Frequently Asked Questions What is a Digital Certificate? What is a Root Certificate? How do Digital Certificates Work? Who needs a Digital Certificate? How do I get a Digital Certificate Can I use my

More information

cipher: the algorithm or function used for encryption and decryption

cipher: the algorithm or function used for encryption and decryption ! "# $ %& %'()! *,+ & -.! % %- / 0-1 2+ 34 576!! 8 9! ": ;

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Framework of e-commerce

Framework of e-commerce Framework of e-commerce Alka Arora Lecturer, Department of CSE/IT, Amritsar College of Engg.& Tech,Amritsar.143 001, Punjab, India, E-mail :alka_411 @rediffmail.com. Abstract This paper provides a detailed

More information

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Security: Focus of Control. Authentication

Security: Focus of Control. Authentication Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized

More information

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s

More information

Single Sign-On Secure Authentication Password Mechanism

Single Sign-On Secure Authentication Password Mechanism Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,

More information

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

CS 356 Lecture 27 Internet Security Protocols. Spring 2013 CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2

More information

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

PowerChute TM Network Shutdown Security Features & Deployment

PowerChute TM Network Shutdown Security Features & Deployment PowerChute TM Network Shutdown Security Features & Deployment By David Grehan, Sarah Jane Hannon ABSTRACT PowerChute TM Network Shutdown (PowerChute) software works in conjunction with the UPS Network

More information

CoSign for 21CFR Part 11 Compliance

CoSign for 21CFR Part 11 Compliance CoSign for 21CFR Part 11 Compliance 2 Electronic Signatures at Company XYZ Company XYZ operates in a regulated environment and is subject to compliance with numerous US government regulations governed

More information

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security

More information

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002 INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before

More information

qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb

qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb The e-cheque System nmqwertyuiopasdfghjklzxcvbnmqwer System Specification tyuiopasdfghjklzxcvbnmqwertyuiopas

More information

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status 10 Secure Electronic Transactions: Overview, Capabilities, and Current Status Gordon Agnew A&F Consulting, and University of Waterloo, Ontario, Canada 10.1 Introduction Until recently, there were two primary

More information

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

More information

Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere

Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere White Paper 7KH#&KDOOHQJH Virtual Private Networks (VPNs) provides a powerful means of protecting the privacy and integrity

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

DKIM Enabled Two Factor Authenticated Secure Mail Client

DKIM Enabled Two Factor Authenticated Secure Mail Client DKIM Enabled Two Factor Authenticated Secure Mail Client Saritha P, Nitty Sarah Alex M.Tech Student[Software Engineering], New Horizon College of Engineering, Bangalore, India Sr. Asst Prof, Department

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

More information

CA Performance Center

CA Performance Center CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35. Name: 1 CSE331: Introduction to Networks and Security Final Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35 Total /135 Do not begin the exam until you are told to do so. You

More information

PRIVACY, SECURITY AND THE VOLLY SERVICE

PRIVACY, SECURITY AND THE VOLLY SERVICE PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers

More information

Security Goals Services

Security Goals Services 1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

Transport Layer Security Protocols

Transport Layer Security Protocols SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known

More information

Enabling SSL and Client Certificates on the SAP J2EE Engine

Enabling SSL and Client Certificates on the SAP J2EE Engine Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs SAP AG 1 Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine

More information

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 Background In the last ten years Arkansas has enacted several laws to facilitate electronic transactions

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

What is the point of encryption if you don t know who for?

What is the point of encryption if you don t know who for? 1 What is the point of encryption if you don t know who for? Dr. Colin Walter Head of Cryptography - Comodo Inc. Chairman of Peripherals Working Group Trusted Computing Group. Co-chair - Cryptographic

More information

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES contents UNDERSTANDING SSL CERTIFICATES...1 What Is SSL and What Are SSL Certificates?...1 Features of SSL...1 Encryption...1

More information

Securing an IP SAN. Application Brief

Securing an IP SAN. Application Brief Securing an IP SAN Application Brief All trademark names are the property of their respective companies. This publication contains opinions of StoneFly, Inc., which are subject to change from time to time.

More information

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.

More information

Ericsson Group Certificate Value Statement - 2013

Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

Extended SSL Certificates

Extended SSL Certificates Introduction Widespread usage of internet has led to the growth of awareness amongst users, who now associate green address bar with security. Though people are able to recognize the green bar, there is

More information

Snow Agent System Pilot Deployment version

Snow Agent System Pilot Deployment version Pilot Deployment version Security policy Revision: 1.0 Authors: Per Atle Bakkevoll, Johan Gustav Bellika, Lars, Taridzo Chomutare Page 1 of 8 Date of issue 03.07.2009 Revision history: Issue Details Who

More information

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 141 PURPOSE (CT-IM-112; 07-30-2010) (Office of Origin: IRM/OPS/ITI/SI/IIB) The purpose of this FAM chapter is to enable the Department to

More information

AS DNB banka. DNB Link specification (B2B functional description)

AS DNB banka. DNB Link specification (B2B functional description) AS DNB banka DNB Link specification (B2B functional description) DNB_Link_FS_EN_1_EXTSYS_1_L_2013 Table of contents 1. PURPOSE OF THE SYSTEM... 4 2. BUSINESS PROCESSES... 4 2.1. Payment for goods and services...

More information

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected

More information

Evaluate the Usability of Security Audits in Electronic Commerce

Evaluate the Usability of Security Audits in Electronic Commerce Evaluate the Usability of Security Audits in Electronic Commerce K.A.D.C.P Kahandawaarachchi, M.C Adipola, D.Y.S Mahagederawatte and P Hewamallikage 3 rd Year Information Systems Undergraduates Sri Lanka

More information

Secure cloud access system using JAR ABSTRACT:

Secure cloud access system using JAR ABSTRACT: Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that

More information