Transcript Digital Signature

Electronic Commerce
Yong Choi
School of Business
CSU, Bakersfield
Definition of EC
• Electronic commerce (EC) is an emerging concept
that describes the buying and selling of products,
services and information via and the Internet
and computer networks (EDI).
• E-Business?
History of EC
• 1970s: Electronic Funds Transfer (EFT)
– Used by the banking industry to exchange account information over
secured networks
• Late 1970s and early 1980s: Electronic Data Interchange (EDI)
for e-commerce within companies
– Used by businesses to transmit data from one business to another
• 1990s: the World Wide Web on the Internet provides easy-touse technology for information publishing and dissemination
– Cheaper to do business (economies of scale)
– Enable diverse business activities (economies of scope)
Why business is interested in EC?
• Not just save cost and increase productivity
– Paper check Vs. E-check
• Change the nature of competition
– Etrade.com / Amazon.com
• Create new businesses
– Citrix.com / Priceline.com
Ecommerce infrastructure
• Information superhighway infrastructure
– Internet, LAN, WAN, routers, etc.
– telecom, cable TV, wireless, etc.
• Messaging and information distribution
infrastructure
– HTML, XML, e-mail, HTTP, etc.
• Common business infrastructure
– Security, authentication, electronic payment,
directories, catalogs, etc.
E-COMMERCE BUSINESS MODELS
5-6
Some examples
•
•
•
•
•
•
B2B: GM and suppliers (SCM)
B2C: Amazon
C2B: Priceline
C2C: ebay
G2C: Paying tax, Vehicle registration
B2G: Lockheed (prodcuts/services to DoD)
E-Commerce Security
• Cryptography
– Encryption and decryption of information
• Secret Key (symmetric) Cryptography
• Public Key (asymmetric) Cryptography
• Digital Signature
8
Cryptography
• Any information (such as order) in cyberspace must
be delivered securely using cryptography technology.
• History of Cryptography
• Rewrite contents (encryption) so that they cannot be
read without key
– Encrypting function: Produces encrypted message
– Decrypting function: Extracts original message
• Method
– Secret key Cryptography
– Public key Cryptography
– Digital signature
Secret Key Cryptography
• Use a single key
– Key: a set of random numbers to encrypt/decrypt
information
• Known as symmetric encryption or private key
encryption
• The same key is used by sender and receiver
• Easy to use, suitable when only two distinctive
parties are involved
• Less secure (than public key cryptography), when
many parties are involved
10
Secret Key Cryptography
(symmetric)
Keysender (= Keyreceiver)
Original
Message
Sender
Scrambled
Message
Encryption
Internet
Keyreceiver
Scrambled
Message
Original
Message
Decryption Receiver
11
Public Key Cryptography
• Use a pair of key (public and private)
• Known as asymmetric encryption
• The public key
– Known to all authorized users
• The private key
– Known only to key’s owner
• Easy to use, more secure (than secret key
cryptography), suitable when many parties are
involved
• Requires sharing of both keys
12
Public Key Cryptography
Mechanism
Public Keyreceiver
Message
Original
Message
Sender
Scrambled
Message
Private Keyreceiver
Internet
Scrambled
Message
Original
Message
Receiver
13
Digital Signature
• Public key cryptography problem
– Receiver cannot ensure that a message is
actually coming from sender.
• Your subordinate can send a fake message
using your email system - which looks
originated from YOU! - to partner.
14
Digital Signature
• Goal
– Guarantee that message must have originated
with a certain entity (increase security)
• Idea
– Encrypt digital signature with private key
– Decrypt digital signature with public key
• Only owner of private key could have generated
original signature
15
Digital Signature
Private Keysender
Digital
Original
Signature Message
Sender
Scrambled
Message
Public Keysender
Internet
Scrambled
Message
Original
Message
Receiver
Developing a Web site
• Define the objective of the web site
–
–
–
–
–
Identify your target audience
Have a statement of purpose
Know your main objectives
Have a concise outline of the information your site will contain.
Determine the web site’s contents
• Design the web site
• Build the web site
• Test the web site
Planning Analysis of the Web
Site
• Objective
– Develop marketing corporate web site that provides relevant
company information and allows consumers to place orders
• Web site contents
–
–
–
–
–
Company description
List of products and prices
List of available job positions
Feedback, Order, and Search forms
Travel Discussion and Web DB Table
Design of the SMP website
Home Page
Employment
Products
Banner
Links
Contents
Travel
Service
Feedback
Search
Drink
Fruit
Gifts
Ordering
Gift
Gift
Baskets
Information
Packs
Packs
Order Form
Example of EC Website
BPA
Yong Choi
To publish the Web Site
• You are creating so called “disk-based website”,
which means your web site will not display all
the components and functions properly unless
you publish thru “web server.”