The continued growth of e-commerce mandates the emergence of new technical standards and methods that will securely integrate online activities with pre-existing infrastructures, laws and processes. Protocols for Secure Electronic Commerce, Second Edition addresses the security portion of this challenge. It is a full compendium of the protocols for securing online commerce and payments, serving as an invaluable resource for students and professionals in the fields of computer science and engineering, IT security, and financial and banking technology.
The initial sections provide a broad overview of electronic commerce, money, payment systems, and business-to-business commerce, followed by an examination of well-known protocols (SSL, TLS, WTLS, and SET). The book also explores encryption algorithms and methods, EDI, micropayment, and multiple aspects of digital money.
Like its predecessor, this edition is a general analysis that provides many references to more technical resources. It delivers extensive revisions of previous chapters, along with new chapters on electronic commerce in society, new e-commerce systems, and the security of integrated circuit cards.
What Is Electronic Commerce?
Categories of Electronic Commerce
The Influence of the Internet
Infrastructure for Electronic Commerce
Network Access
Consequences of E-commerce
Money and Payment Systems
The Mechanisms of Classical Money
Instruments of Payment
Types of Dematerialized Monies
Purses and Holders
Transactional Properties of Dematerialized Currencies
Overall Comparison of the Means of Payment
The Practice of Dematerialized Money
Banking Clearance and Settlement
Algorithms and Architectures for Security
Security of Commercial Transactions
Security of Open Financial Networks
Security Objectives
OSI Model for Cryptographic Security
Security Services at the Link Layer
Security Services at the Network Layer
Security Services at the Application Layer
Message Confidentiality
Data Integrity
Identification of the Participants
Authentication of the Participants
Access Control
Denial of Service
Nonrepudiation
Secure Management of Cryptographic Keys
Exchange of Secret Keys: Kerberos
Public Key Kerberos
Exchange of Public Keys
ISAKMP (Internet Security Association and Key Management Protocol)
SKIP (Simple Key Management for Internet Protocols)
Key Exchange Algorithm
Certificate Management
Encryption Cracks
Appendix I: Principles of Symmetric Encryption
Appendix II: Principles of Public Key Encryption
Appendix III: Principles of the Digital Signature Algorithm
(DSA)
Appendix IV: Comparative Data
Business-to-Business Commerce
Overview of Business-to-Business Commerce
Examples of Business-to-Business Electronic Commerce
Business-to-Business Electronic Commerce Platforms
Obstacles Facing Business-to-Business Electronic Commerce
Business-to-Business Electronic Commerce Systems
Structured Alphanumeric Data
Structured Documents or Forms
EDI Messaging
Security of EDI
Relation of EDI with Electronic Funds Transfer
Electronic Billing
EDI Integration with Business Processes
Standardization of the Exchanges of Business-to-Business
Electronic Commerce
SSL (Secure Sockets Layer)
General Presentation of the SSL Protocol
SSL Subprotocols
Example of SSL Processing
Performance Acceleration
Implementations
Appendix 5.1: Structures of the Handshake Messages
TLS (Transport Layer Security) and WTLS (Wireless Transport
Layer Security)
From SSL to TLS
WTLS
The SET Protocol
SET Architecture
Security Services of SET
Certification
Purchasing Transaction
Optional Procedures in SET
SET Implementations
Evaluation
Composite Solutions
C-SET and Cyber-COMM
Hybrid SSL/SET Architecture
3-D Secure
Payments with CD-ROM
Micropayments and Face-to-Face Commerce
Characteristics of Micropayment Systems
Potential Applications
ChipperĀ®
GeldKarte
Mondex
Proton
Harmonization of Electronic Purses
Remote Micropayments
Security with out Encryption: First Virtual
NetBill
KLELine
Millicent
PayWord
MicroMint
eCoin
Comparison of the Different First-Generation Remote Micropayment Systems
Second-Generation Systems
Digital Money
Building Blocks
DigiCash (Ecash)
NetCash
Dematerialized Checks
Classical Processing of Paper Checks
Dematerialized Processing of Paper-Based Checks
NetCheque
Bank Internet Payment System (BIPS)
eCheck
Comparison of Virtual Checks with Bankcards
Security of Integrated Circuit Cards
Overview
Description of Integrated Circuit Cards
Standards for Integrated Circuit Cards
Security of Microprocessor Cards
Multiapplication Smart Cards
Integration of Smart Cards with Computer Systems
Limits on Security
Systems of Electronic Commerce
SEMPER
CAFE
JEPI
PICS and P3P
Analysis of User Behavior
Fidelity Cards
Quality of Service Considerations
Electronic Commerce in Society
Communication Infrastructure
Harmonization and Standardization
Issuance of Electronic Money
Protection of Intellectual Property
Electronic Surveillance and Privacy
Filtering and Censorship
Taxation of Electronic Commerce
Fraud Prevention
Archives Dematerialization
Web Sites
General
Standards
Encryption
KERBEROS
Certification
Biometrics
EDIFACT
XML
Integration XML/EDIFACT
SSL/TLS/WTLS
SET
Purses
Micropayments
Smart (Microprocessor) Cards
Electronic and Virtual Checks
SEMPER
Labeling Organizations
Organizations
Biography
Mostafa Hashem Sherif