2nd Edition

Protocols for Secure Electronic Commerce

By Mostafa Hashem Sherif Copyright 2003
    634 Pages 193 B/W Illustrations
    by CRC Press

    The continued growth of e-commerce mandates the emergence of new technical standards and methods that will securely integrate online activities with pre-existing infrastructures, laws and processes. Protocols for Secure Electronic Commerce, Second Edition addresses the security portion of this challenge. It is a full compendium of the protocols for securing online commerce and payments, serving as an invaluable resource for students and professionals in the fields of computer science and engineering, IT security, and financial and banking technology.

    The initial sections provide a broad overview of electronic commerce, money, payment systems, and business-to-business commerce, followed by an examination of well-known protocols (SSL, TLS, WTLS, and SET). The book also explores encryption algorithms and methods, EDI, micropayment, and multiple aspects of digital money.

    Like its predecessor, this edition is a general analysis that provides many references to more technical resources. It delivers extensive revisions of previous chapters, along with new chapters on electronic commerce in society, new e-commerce systems, and the security of integrated circuit cards.

    Overview of Electronic Commerce
    What Is Electronic Commerce?
    Categories of Electronic Commerce
    The Influence of the Internet
    Infrastructure for Electronic Commerce
    Network Access
    Consequences of E-commerce
    Money and Payment Systems
    The Mechanisms of Classical Money
    Instruments of Payment
    Types of Dematerialized Monies
    Purses and Holders
    Transactional Properties of Dematerialized Currencies
    Overall Comparison of the Means of Payment
    The Practice of Dematerialized Money
    Banking Clearance and Settlement
    Algorithms and Architectures for Security
    Security of Commercial Transactions
    Security of Open Financial Networks
    Security Objectives
    OSI Model for Cryptographic Security
    Security Services at the Link Layer
    Security Services at the Network Layer
    Security Services at the Application Layer
    Message Confidentiality
    Data Integrity
    Identification of the Participants
    Authentication of the Participants
    Access Control
    Denial of Service
    Nonrepudiation
    Secure Management of Cryptographic Keys
    Exchange of Secret Keys: Kerberos
    Public Key Kerberos
    Exchange of Public Keys
    ISAKMP (Internet Security Association and Key Management Protocol)
    SKIP (Simple Key Management for Internet Protocols)
    Key Exchange Algorithm
    Certificate Management
    Encryption Cracks
    Appendix I: Principles of Symmetric Encryption
    Appendix II: Principles of Public Key Encryption
    Appendix III: Principles of the Digital Signature Algorithm
    (DSA)
    Appendix IV: Comparative Data
    Business-to-Business Commerce
    Overview of Business-to-Business Commerce
    Examples of Business-to-Business Electronic Commerce
    Business-to-Business Electronic Commerce Platforms
    Obstacles Facing Business-to-Business Electronic Commerce
    Business-to-Business Electronic Commerce Systems
    Structured Alphanumeric Data
    Structured Documents or Forms
    EDI Messaging
    Security of EDI
    Relation of EDI with Electronic Funds Transfer
    Electronic Billing
    EDI Integration with Business Processes
    Standardization of the Exchanges of Business-to-Business
    Electronic Commerce
    SSL (Secure Sockets Layer)
    General Presentation of the SSL Protocol
    SSL Subprotocols
    Example of SSL Processing
    Performance Acceleration
    Implementations
    Appendix 5.1: Structures of the Handshake Messages
    TLS (Transport Layer Security) and WTLS (Wireless Transport
    Layer Security)
    From SSL to TLS
    WTLS
    The SET Protocol
    SET Architecture
    Security Services of SET
    Certification
    Purchasing Transaction
    Optional Procedures in SET
    SET Implementations
    Evaluation
    Composite Solutions
    C-SET and Cyber-COMM
    Hybrid SSL/SET Architecture
    3-D Secure
    Payments with CD-ROM
    Micropayments and Face-to-Face Commerce
    Characteristics of Micropayment Systems
    Potential Applications
    ChipperĀ®
    GeldKarte
    Mondex
    Proton
    Harmonization of Electronic Purses
    Remote Micropayments
    Security with out Encryption: First Virtual
    NetBill
    KLELine
    Millicent
    PayWord
    MicroMint
    eCoin
    Comparison of the Different First-Generation Remote Micropayment Systems
    Second-Generation Systems
    Digital Money
    Building Blocks
    DigiCash (Ecash)
    NetCash
    Dematerialized Checks
    Classical Processing of Paper Checks
    Dematerialized Processing of Paper-Based Checks
    NetCheque
    Bank Internet Payment System (BIPS)
    eCheck
    Comparison of Virtual Checks with Bankcards
    Security of Integrated Circuit Cards
    Overview
    Description of Integrated Circuit Cards
    Standards for Integrated Circuit Cards
    Security of Microprocessor Cards
    Multiapplication Smart Cards
    Integration of Smart Cards with Computer Systems
    Limits on Security
    Systems of Electronic Commerce
    SEMPER
    CAFE
    JEPI
    PICS and P3P
    Analysis of User Behavior
    Fidelity Cards
    Quality of Service Considerations
    Electronic Commerce in Society
    Communication Infrastructure
    Harmonization and Standardization
    Issuance of Electronic Money
    Protection of Intellectual Property
    Electronic Surveillance and Privacy
    Filtering and Censorship
    Taxation of Electronic Commerce
    Fraud Prevention
    Archives Dematerialization
    Web Sites
    General
    Standards
    Encryption
    KERBEROS
    Certification
    Biometrics
    EDIFACT
    XML
    Integration XML/EDIFACT
    SSL/TLS/WTLS
    SET
    Purses
    Micropayments
    Smart (Microprocessor) Cards
    Electronic and Virtual Checks
    SEMPER
    Labeling Organizations
    Organizations

    Biography

    Mostafa Hashem Sherif