Security tools of e-commerce

-

Security tools of e-commerce


The security tools of e-commerce are as follows:-


1) Digital certificates: An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be and to provide the receiver with the means to encode a reply.


 2) Encryption: Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as ciphertext.


3) Firewall: Firewalls can be either hardware or software but the ideal firewall configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.


4) Digital signature: A digital certificate, an electronic document that contains the digital signature of the certificate-issuing authority, binds together a public key with an identity and can be used to verify a public key belongs to a particular person or entity.


5) Biometric scanner: In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. There are several types of biometric identification schemes: face: the analysis of facial characteristics


6) Password: A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource, which should be kept secret from those not allowed access. The use of passwords is known to be ancient.

  

                                     OR,

E-Commerce Security Tools

Security is an essential part of any transaction that takes place over the internet. Customers will lose his/her faith in e-business if their security is compromised. The various E-Commerce Security Tools are as follows:

1. Firewalls - Software and Hardware.

2. Public Key infrastructure.

3. Encryption software.

4. Digital certificates.

5. Digital Signatures.

6. Biometrics - retinal scan, fingerprints, voice, etc.

7. Locks and bars - network operations centers.


1. Firewalls - Software and Hardware

Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. Firewalls can be either hardware or software but the ideal firewall configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.


2. Public Key Infrastructure

A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking, and confidential email.


3. Encryption Software

Encryption is a generic term that refers to the act of encoding data, in this context so that those data can be securely transmitted via the Internet. Encryption software is software that can encrypt and decrypt data, often in the form of files on a hard drive or packets sent over a network. Software encryption is a fundamental part of modern computer communications and file protection. The purpose of encryption is to prevent third parties from recovering any of the original data, or even any information about the data, from the encrypted data.


4. Digital certificates

Digital Certificates are a means by which consumers and businesses can utilize the security applications of Public Key Infrastructure (PKI). PKI comprises the technology to enable secure e-commerce and Internet-based communication.


5. Digital Signatures

Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind the signatory to the message.

Similarly, a digital signature is a technique that binds a person/entity to digital data. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgeable. There are several different encryption techniques to guarantee this level of security.


6. Biometrics

Biometrics generally refers to the study of measurable biological characteristics. In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked.

There are several types of biometric identification schemes:

• face: the analysis of facial characteristics

• fingerprint: the analysis of an individual's unique fingerprints

• hand geometry: the analysis of the shape of the hand and the length of the fingers 

• retina: the analysis of the capillary vessels located at the back of the eye

• iris: the analysis of the colored ring that surrounds the eye's pupil

 • signature: the analysis of the way a person signs his name.

vein: the analysis of the pattern of veins in the back of the hand and the wrist


7. Network operations centers

A network operations center (NOC) is a place from which administrators supervise, monitor, and maintain a telecommunications network. Large enterprises with large networks as well as large network service providers typically have a network operations center, a room containing visualizations of the network or networks that are being monitored, workstations at which the detailed status of the network can be seen, and the necessary software to manage the networks. The network operations center is the focal point for network troubleshooting, software distribution and updating, router and domain name management, performance monitoring, and coordination with affiliated networks.


Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Suppose that a data warehouse consists of the four dimensions; date, spectator, location, and game, and the two measures, count and charge, where charge is the fee that a spectator pays when watching a game on a given date. Spectators may be students, adults, or seniors, with each category having its own charge rate. a) Draw a star schema diagram for the data b) Starting with the base cuboid [date; spectator; location; game], what specific OLAP operations should perform in order to list the total charge paid by student spectators at GM Place in 2004?

-
Image
  b) The specific OLAP operations to be performed are: 1. Roll-up on date from date id to year. 2. Roll-up on spectator from spectator id to status. 3. Roll-up on location from location id to location name. 4. Roll-up on the game from game id to all. 5. Dice with status= “students”, location name= “GM Place”, and year=2004
Read more

Discuss classification or taxonomy of virtualization at different levels.

-
Image
Taxonomy of virtualization Virtualization is mainly used to emulate the execution environment, storage, and networks. The execution environment is classified into two: – Process-level – implemented on top of an existing operating system.  – System-level – implemented directly on hardware and does not or minimum requirement of the existing operating system. OR,  Virtualization covers a wide range of emulation techniques that are applied to different areas of computing. A classification of these techniques helps us better understand their characteristics and use  V irtualization is mainly used to emulate  ● Execution Environments: To provide support for the execution of the programs eg. OS, and Application.  ○ Process Level: Implemented on top of an existing OS that has full control of the hardware  ○ System Level: Implemented directly on Hardware and do not require support from existing OS.  ● Storage: Storage virtualization is a system administration practice that allo
Read more