Lesson 9

The techniques and technologies involved with e-commerce security are often arcane and require the expertise of a specialist. Business personnel responsible for applying e-commerce for their companies, however, should at least have a basic grasp of the methods and techniques and, in particular, be sensitive to the needs of security when designing e-commerce business processes. In the next module, we will examine the basic technologies used in e-commerce.

Now that you have completed this module, you should be able to:

- Identify symmetric, asymmetric, and one-way encryption schemes
- Itemize the benefits provided by security implementations such as hashing, message digests, and digital signatures
- Understand the certificate-related infrastructure
- Identify the need for secure electronic transactions
- Identify encryption schemes such symmetric, asymmetric, and one way
- Describe the methods for authentication and identification
- Explain the use of certificates

*Algorithm:*a process or set of rules to be followed in calculations or other problem-solving operations, especially by a computer.*Asymmetric key algorithm:*Asymmetric key algorithms, are used to solve two problems that symmetric key algorithms cannot: key distribution and nonrepudiation. The first helps solve privacy problems, and the latter helps solve authenticity problems.*Asymmetric encryption:**Authentication**Certificate authority (CA):*In cryptography, a certificate authority (CA) is an entity that issues digital certificates, where the digital certificate certifies the ownership of a public key by the named subject of the certificate.*Cryptography**Certificate**Ciphertext**Cryptanalysis**Data Encryption Standard (DES):*The Data Encryption Standard (DES) is an outdated symmetric-key method of data*Digital envelope**Hash algorithm**Hashing**MD5**Message digest:*A message digest is a cryptographic hash function containing a string of digits created by a one-way hashing formula.*One-way encryption**Plaintext**Public-key encryption**RSA**Hash Algorithm (SHA):*In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest rendered as a hexadecimal number, 40 digits long.*Symmetric encryption**firewall:*A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules.*encryption**key**bit**compression:*In signal processing, data compression, source coding, or bit-rate reduction is the process of encoding information using fewer bits than the original representation.