3rd Edition

Protocols for Secure Electronic Commerce

By Mostafa Hashem Sherif Copyright 2016
    495 Pages 27 Color & 192 B/W Illustrations
    by CRC Press

    496 Pages 27 Color & 192 B/W Illustrations
    by CRC Press

    495 Pages 27 Color & 192 B/W Illustrations
    by CRC Press

    Protocols for Secure Electronic Commerce, Third Edition presents a compendium of protocols for securing electronic commerce, or e-commerce, in consumer- and business-to-business applications. Attending to a variety of electronic payment systems currently in use around the globe, this edition:

    • Updates all chapters to reflect the latest technical advances and developments in areas such as mobile commerce
    • Adds a new chapter on Bitcoin and other cryptocurrencies that did not exist at the time of the previous edition's publication
    • Increases the coverage of PayPal in accordance with PayPal’s amplified role for consumers and businesses
    • Expands the discussion of bank cards, dedicating a full chapter to magnetic stripe cards and a full chapter to chip-and-PIN technology

    Protocols for Secure Electronic Commerce, Third Edition offers a state-of-the-art overview of best practices for the security of e-commerce, complete with end-of-chapter review questions and an extensive bibliography of specialized references. A Solutions Manual and PowerPoint slides are available with qualifying course adoption.

    Overview of Electronic Commerce
    Electronic Commerce and Mobile Commerce
    Effects of the Internet and Mobile Networks
    Network Access
    Barcodes
    Smart Cards
    Parties in Electronic Commerce
    Security
    Summary
    Questions

    Money and Payment Systems
    Mechanisms of Classical Money
    Payment Instruments
    Types of Dematerialized Monies
    Purses, Holders, and Wallets
    Transactional Properties of Dematerialized Currencies
    Overall Comparison of the Means of Payment
    Practice of Dematerialized Money
    Clearance and Settlement in Payment Systems
    Drivers of Innovation in Banking and Payment Systems
    Summary
    Questions

    Algorithms and Architectures for Security
    Security of Open Financial Networks
    OSI Model for Cryptographic Security
    Security Services at the Link Layer
    Security Services at the Network Layer
    Security Services at the Application Layer
    Message Confidentiality
    Data Integrity
    Identification of the Participants
    Biometric Identification
    Authentication of the Participants
    Access Control
    Denial of Service
    Nonrepudiation
    Secure Management of Cryptographic Keys
    Exchange of Secret Keys: Kerberos
    Public Key Kerberos
    Exchange of Public Keys
    Certificate Management
    Authentication
    Security Cracks
    Summary
    Appendix: Principles of Symmetric Encryption
    Appendix: Principles of Public Key Encryption
    Appendix: Principles of the Digital Signature Algorithm and the Elliptic Curve Digital Signature Algorithm
    Questions

    Business-to-Business Commerce
    Drivers for Business-to-Business Electronic Commerce
    Four Stages of Systems Integration
    Overview of Business-to-Business Commerce
    Short History of Business-to-Business Electronic Commerce
    Examples of Business-to-Business Electronic Commerce
    Evolution of Business-to-Business Electronic Commerce
    Implementation of Business-to-Business Electronic Commerce
    X12 and EDIFACT
    EDI Messaging
    Security of EDI
    Integration of XML and Traditional EDI
    New Architectures for Business-to-Business Electronic Commerce
    Electronic Business (Using) Extensible Markup Language
    Web Services
    Relation of EDI with Electronic Funds Transfer
    Summary
    Questions

    Transport Layer Security and Secure Sockets Layer
    Architecture of SSL/TLS
    SSL/TLS Security Services
    SSL/TLS Subprotocols
    Performance of SSL/TLS
    Implementation Pitfalls
    Summary
    Questions

    Wireless Transport Layer Security
    Architecture
    From TLS to WTLS
    Operational Constraints
    WAP and TLS Extensions
    WAP Browsers
    Summary
    Questions

    The SET Protocol
    SET Architecture
    Security Services of SET
    Certification
    Purchasing Transaction
    Optional Procedures
    Efforts to Promote SETs
    SET versus TLS/SSL
    Summary
    Questions

    Payments with Magnetic Stripe Cards
    Point-of-Sale Transactions
    Communication Standards for Card Transactions
    Security of Point-of-Sale Transactions
    Internet Transactions
    3D Secure
    Migration to EMV
    Summary
    Questions

    Secure Payments with Integrated Circuit Cards
    Description of Integrated Circuit Cards
    Integration of Smart Cards with Computer Systems
    Standards for Integrated Circuit Cards
    Multiapplication Smart Cards
    Security of Smart Cards
    Payment Applications of Integrated Circuit Cards
    EMV® Card
    General Consideration on the Security of Smart Cards
    Summary
    Questions

    Mobile Payments
    Reference Model for Mobile Commerce
    Secure Element in Mobile Phones
    Barcodes
    Bluetooth
    Near-Field Communication
    Text Messages
    Bank-Centric Offers
    Mobile Operator–Centric Offers
    Third-Party Service Offers
    Collaborative Offers
    Payments from Mobile Terminals
    Summary
    Questions

    Micropayments
    Characteristics of Micropayment Systems
    Standardization Efforts
    Electronic Purses
    Online Micropayments
    Research Projects
    Market Response to Micropayment Systems
    Summary
    Questions

    PayPal
    Evolution of PayPal
    Personal Accounts
    Business Accounts
    Summary
    Questions

    Digital Money
    Privacy with Cash and Digital Money
    DigiCash (eCash)
    Anonymity and Untraceability in DigiCash
    Evaluation of DigiCash
    Questions

    Bitcoin and Cryptocurrencies
    Background
    Bitcoin Protocol
    Operation
    Risk Evaluation
    Summary and Conclusions
    Appendix: The Crypto Anarchist Manifesto
    Appendix: Bitcoin as a Social Phenomenon
    Appendix: Other Significant Cryptocurrencies
    Appendix: Service Offers Based on Bitcoin
    Questions

    Dematerialized Checks
    Processing of Paper Checks
    Dematerialized Processing of Checks
    Virtual Checks
    Summary
    Questions

    Electronic Commerce in Society
    Harmonization of Communication Interfaces
    Governance of Electronic Money
    Protection of Intellectual Property
    Electronic Surveillance and Privacy
    Content Filtering and Censorship
    Taxation of Electronic Commerce
    Trust Promotion
    Archives Dematerialization
    Summary
    Questions

    References

    Websites

    Biography

    Mostafa Hashem Sherif is a principal member of the technical staff at AT&T in Middletown, New Jersey, USA. He received a BSc in electronics and communications and an MSc in electrical engineering from Cairo University, Egypt, in 1972 and 1975, respectively, and a PhD in engineering from the University of California, Los Angeles, USA, in 1980. In 1996, he earned a master of science in management of technology from Stevens Institute of Technology, Hoboken, New Jersey, USA. Widely published, Dr. Sherif is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and a member of the steering committee of the Kaleidoscope series of conferences organized by the International Telecommunication Union (ITU). He was a member of the steering committee of the IEEE Symposium on Computers and Communication from 1995 to 2006, a member of the evaluation committee for the State of New Jersey Commission on Science and Technology from 2000 to 2002, and a participant in activities on innovation and technology management sponsored by the National Science Foundation in 1987, 1989, 1996, 1998, 1999, 2000, and 2002.

    "The new edition of this unique book on secure communications, which are critically important for e-commerce, is very timely and fills a big void in the literature. It is well structured and well written. It provides a comprehensive and thorough treatment of the field. It is a valuable reference book for practitioners, as well as a solid textbook for students and teachers."
    —Mehmet Ulema, Manhattan College, New York, New York, USA