Many efforts are being undertaken to make e-commerce a safe and reliable means of transaction. These measures have encountered many pitfalls and weak points. Moreover, they are difficult to comprehend and assure the consumer the extent of the security applications. This not only discourages to join e-commerce, but also hampers the further growth of the e-commerce sector.

To discuss the major polices and procedures e-commerce security that affects business to consumers at large. Based on these findings propose viable solutions and alternatives to address the needs of Internet shoppers.

Electronic commerce is buying and selling of goods and services across the Internet. An e-commerce site can be as simple as a catalog page with a phone number or it can range all the way to a real-time credit card processing site where customers can purchase downloadable goods and receive them on the spot. Electronic commerce merchants can range from the small business with a few items for sale all the way to a large on-line retailer such as Amazon.com.

Commercial activities over the Internet have been growing in an exponential manner over the last few years. Despite this rapid growth the security of monetary transaction over the wide-open Internet has been a major point of uneasiness for many to join this new modality of buying and selling.

This research study is undertaken firstly to determine the different types of e-commerce security policies, applications and technologies currently in use, and secondly, to point out the possible weaknesses and drawbacks of the existing security measures. This research paper will specifically point out the benefits of encryption methods and techniques to secure Internet e-commerce.

In order to fulfill this goal pertaining to security measures will be discussed first. This will be followed by detailed description of the technology behind the security measures. The weak points of these technologies will be pointed out and attempts’ will be made to propose solutions to make it safer.

It is clear that electronic commerce will revolutionize businesses, and customers will be offered new and exciting services. As e-commerce businesses are growing, more secure technologies are being developed and improved every day.

The purpose of this research is to show how current Internet security polices and technologies fail to meet the needs of end users.

E- commerce business has four different consists of components to build business to consumer. The major components are product catalog (where the online customers select what they want to order), a shopping cart (where product selections are collected), transaction security (credit authorization and other payment schemes), and order processing (shipping, taxes, inventory, etc). All of these elements combined give the store a personality and the end users a true shopping experience.

From customer’s perspective, whether browsing or buying from online catalog is the most important part of e-commerce. It's similar to the printed mail-order catalog with respect to the basics: products, pictures, and prices. However, a web catalog can be a fully interactive shopping experience, including video, sound and a lot more. Making a web catalog into a multimedia extravaganza is not easy (read: expense). Collecting and incorporating images, sounds, and other trimmings for hundreds (or thousands) of catalog products are both a major organizational effort and a complex job for the e-commerce storefront developer.

Often, the right software can help make this job easier. For example, iCat's Electronic Commerce Suite is good at incorporating multimedia. Most of the software products also can organize the catalog into groups of products (departments, sections). This is combined with a search utility to make products easy to locate. Oracle's Internet Commerce Server and Microsoft's Site Server Commerce Edition have powerful indexing capabilities. IBM's Net.Commerce goes one step further with the Product Advisor that helps customers develop a profile of what they want and shows them how to find it.

Many e-commerce products also come with catalog page templates that can be used repeatedly and easily, so the work does not have to be duplicated many times. Not incidentally, connecting to or importing data such as prices and product descriptions can be a major headache.

As processing orders, a customer shop online store, catalog selections are usually put into a "shopping cart." Cart selections are then stored in a database so the customer can review what has been selected before check out. Again, this is not much different from ordering in a regular store, but there can be some wrinkles.

There can be many details involved with shipping and taxes, there is software that supports third-party shipping modules (e.g. Amazon from Amazon Corporation) and tax calculation packages. There are many other kinds of calculations associated with orders; discounts, coupons, volume break, to name a few. Most e-commerce software can do some of these calculations. One should check the needs against the list of supported calculations, or at least be able to easily add customized calculations. There are also many possible connections to accounting systems. Some software products such as INEX's Dynamic NT come with complete accounting and inventory software. More commonly, programs provide connections to legacy data and accounting systems. As one might expect, companies like IBM and Oracle are particularly careful to honor their older systems.

When it comes to payment, one needs to establish a sense of security without creating the feeling of Fort Knox. Customers must be able to select a mode of payment and the software must verify their ability to pay. This can involve credit cards, electronic cash, or purchase orders. Specialized software such as CyberCash, CommercePOINT eTill, and Microsoft Wallet can verify the purchaser and purchase. E-commerce software packages should also work with Secure Electronic Transfer (SET) or Secure Socket Layer (SSL) technologies for encryption of data transmissions. The more of these are supported by an e-commerce package, the more secure the system can be.

Good business relationships are built on trust over time. More and more Web sites are addressing users’ concern about privacy by disclosing their policies in open statements and requesting customer’s consent before collecting or sharing personal information. In the end, however, the customer is the single most powerful protector of his/her privacy online. It’s customer’s voice and your choice that will make the difference. There are plenty of polices and rules safeguarding your privacy online.

Without a thorough privacy security policy, it’s not possible to spend money in a responsible and cost-effective manner. Developing a privacy security policy that includes defining the sensitivity of information, the exposure of the organization if that information was leaked or modified, and the risks to security and the likelihood of those risks becoming reality. A policy may contain many elements including purchasing guidelines, and statements of availability and privacy.

Privacy polices articulate the manner in which a company collects, uses, protects data, and the choices they offer consumers to exercise rights when their personal information is used. On the basis of this policy, consumers can determine whether and to what extent they wish to make information available to companies.

World Wide Web is an exciting new marketplace for a consumer that offers easy access for consumers, not only to a vast array of goods and services, but also to rich sources of information that enable them to make better informed purchasing decisions. It also offers the convenience of shopping from the office or home. This wealth of information serves as a source of vast amounts of personal information about consumers. Commercial web sites collect personal information explicitly through a variety of means, including registration pages, user surveys, and online contests, application forms, and order forms.

The online consumer market is growing exponentially. In early 1997, 51 million adults were already online in the U. S. and Canada, and 73% reported that they had shopped for product information on the World Wide Web (WWW).

The study also revealed the importance of the Internet for shopping, defined as checking out and comparing the price and features of products on the Web, regardless of making an online purchase. According to the study, 55 million people, or 60 percent of the Internet population, have shopped or used the Web to shop that increase 15 percent since last summer. The increase is in line with the growth of the Internet population overall.

Books (12.6 million shoppers), computers (12.4 million shoppers), clothing (11.6 million shoppers) and CDs and videos (11.4 million shoppers) top the list of items shopped for online, but they are all distant seconds to cars and car parts, with 18.2 million shoppers online as of April 1999.

"The Web is changing consumers' shopping habits both at home and in the workplace," said CommerceNet's Loel McPhee.

"Companies have made it easier to get product information and make purchases via the Web, and people are responding. To take full advantage of the Internet as a commercial vehicle going forward, companies must continue to shift their strategies to meet the needs of these new customers."

While these figures suggest that the online marketplace is growing rapidly, there are also indications that consumers are wary of participating in it. Surveys have shown that increasing numbers of consumers are concerned about how their personal information is used in the electronic marketplace. This research indicates that consumers have less confidence in how online service providers and merchants handle personal information than they have in how traditionally offline institutions, such as hospitals and banks handle such information. In fact, a substantial number of online consumers would rather forego information or products available through the Web than provide a Web site personal information without knowing what the site’s information practices are. According to the results of a March 1998 Business Week Survey, consumers not currently using the Internet ranked concerns about the privacy of their personal information and communications as the top reason they have stayed off the Internet. Consumers care deeply about the privacy and security of their personal information in the online environment and are looking for greater protections.

With a minimum effort consumers need to know the identity of the collector of their personal information, the intended uses of the information, and the means by which they may limit the disclosure. Companies collecting and using data are responsible for raising consumer awareness. Consumers should be given the opportunity to exercise choice with respect to whether and how their personal information is used, either by businesses with whom they have direct contact or by third parties. Consumers should be provided with simple, visible, available and affordable mechanisms through technological means to exercise this option.

Consumers should have the opportunity for reasonable, appropriate access to information about them that a company holds, and be able to correct or amend that information when necessary. The extent of access may vary from industry to industry. Providing access to consumer information can be costly to companies.

Company’s privacy policy should be made known to consumers. Notification should be written in language that is clear and easily understood, should be displayed prominently, and should be made available before consumers are asked to relinquish information to the company.

Companies should teach consumers to ask for relevant knowledge about why information is being collected, what the information will be used for, how it will be protected, and the consequences of providing or withholding information and any recourse they may have. Consumer education enables consumers to make informed decisions about how they allow their personal data to be used as they participate in the information economy. Individual companies or trade associations may carry out consumer education.

Companies creating, maintaining, using or dissemination records of identifiable personal information should take reasonable measures to assure its reliability for its intended use and should take reasonable precautions to protect it from loss, misuse, or destruction. Companies should also strive to assure that the level of protection extended by third parties to whom they transfer personal information is at a level comparable to its own.

The major role of network security policy is to ensure that each of the four fundamental components that make up computer security, Authentication, Access Control, Integrity and Confidentiality are adequately addressed.

Firewall-1 and gateways provide two major authentication methods:

1. User Authentication
2. Client Authentication

FireWall-1 and gateways include transparent User Authentication providing access privileges on a per user basis for FTP, Telnet, HTTP, and Relogin connections, regardless of the user's IP address. If a local user is temporarily away from the office and logging in from a different host, the security administrator may define a rule that allows that user to work on the local network without extending access to all users on the same host.

Client Authentication enables an administrator to grant access privileges to a specific user at a specific IP address. In contrast to User Authentication, Client Authentication provides a mechanism for authenticating users of any application, standard or custom. Client authentication is not transparent, in that the user must first connect with the firewall-1 or VPN-1 gateway to be authenticated. It does not, however, require any additional software or modifications on either the client or server. Client Authentication is done via a Telnet or a Web browser where the user accesses the firewall, and is then authenticated before being granted access to network resources. All authentication schemes (e.g. SecurID token cards, RADIUS-based solutions, and static passwords) are supported.

Internet technology provides a cost effective, global communications infrastructure that enables worldwide access for employees, customers, vendors, suppliers and key business partners. While this is a critical requirement to collaborative information sharing, it also exposes an organization's network to new risks and threats. How can an organization keep its resources and information protected from unauthorized network access, from both inside and outside the organization? Access control, a fundamental building block in any security policy, addresses this issue.

Access control protects an organization from security threats by specifying and enforcing what can go into and out of an organization's network. A key element of access control is an awareness of all-underlying services and applications. First generation packet filters have no awareness of applications, nor can they support UDP or dynamic protocols. Second generation application proxies (also referred to as Proxy Firewalls) require a tremendous amount of CPU overhead, and are unable to provide timely support for new services introduced on the Internet, such as multimedia services.

Firewall-1 and gateways provide comprehensive access control for more than 150 pre-defined applications, services and protocols as well as the flexibility to specify and define custom services. In addition to understanding the full state and context of all communications, Firewall-1 and gateways include the ability to define security rules using a time parameter. This provides exceptionally granular access control allowing users to access the network at very specific times and/or days. For example, an organization may decide to limit Web traffic (HTTP) to the Internet during working hours, permitting access only during lunchtime, after normal working hours and on weekends. Another example is to deny access to critical servers while system backups are being performed.

Implementing access control parameters is simple and straightforward with a well-defined graphical user interfacing, such as that provided by Firewall-1 and VPN-1 gateway products. Once a policy is defined, Firewall-1 and VPN-1 gateways provide the ability to determine which enforcement points it should be distributed to across the network.

FireWall-1 and VPN-1 gateways are capable of providing multiple level user access. This allows the assignment of different access rights to security administrators. Upon authentication, each administrator inherits the access rights assigned by the organization’s security manager and indicated within the security policy.

Supported access levels are defined as follows:

• Read/Write: access to all functionality of FireWall-1/VPN-1 management tools
• User Edit: the ability to modify user information only; access to all other functionality is read-only
• Read Only: read-only access to the Policy Editor
• Monitor Only: read-only access limited to the Log Viewer and the System Status tools

Protection against common attacks

There are several common types of attacks that hackers employ to gain access or damage a company’s network. These attacks are easily defeated by FireWall-1 and VPN-1 Gateways.

• IP Spoofing - A technique where an attacker attempts to gain

• Denial of Service Attack - There are many types of denial of service

Connection Accounting - Detailed log information is captured on every connection. This information includes user, service, time of connection, destination, duration of connection, action taken, and much more. Log information can be output to reporting and analysis tools available from multiple OPSEC Alliance partners. All log information is transferred using Check Point’s Log Export API (LEA).

Active Connections - With Firewall-1 and VPN-1 gateways, the security manager can use the Log Viewer in Active Connection mode to view in real time all connections currently active through the gateway. Active connections can be killed or terminated by the security manager using the Block Intruder feature. The live connections are stored and handled in the same way as ordinary log records, but are kept in a special file that is continuously updated as connections start and end.

Multiple Alerting Capabilities - Firewall-1 and VPN-1 gateways provide integration of multiple alerting options, including email notification and SNMP traps for integration with SNMP-based network management systems such as HP OpenView, SunNet Manager, Tivioli Enterprise Management or IBM's NetView 6000. A user defined alerting mechanism is also available to integrate with paging, trouble-ticketing and help desk systems providing a great deal of flexibility in how security alerts are integrated into current management systems.

Typical questions that need to be answered when developing a network security policy are

What resources are we trying to protect?

Which people do we need to protect the resources from?

How likely are the threats?

How important is the resource?

What measures can be implemented to protect the resource?

How cost effectively and in what time frame can these be implemented?

Who authorizes users?

The network security policy identifies the threats that need to be protected against and defines the level of protection required. The security policy will itself contain several different polices, for example a Network Service Access Policy and System Specific Policies and will be based on a security strategy.

The network security is designed to address the problems identified with host security. The network security model concentrates on controlling network access to hosts and services rather than on securing the hosts themselves. Network security approaches include building firewalls to protect trusted networks from untrusted networks, utilizing strong authentication techniques, and using encryption to protect the confidentiality and integrity of data as it passes across the network.

Network Service Access Policy is a higher-level issues specific policy which defines what services that will be allowed or explicitly denied from the restricted network. While focusing on the restriction and use of Internet work services, the network service access policy should also include all other outside network access such as dial in and SLIP/PPP connections. This is important because restrictions on one network service access can lead users to try others. For example, if restricting access to the Internet via a gateway prevents Web browsing users are likely to create dial-up PPP connections in order to obtain this service.

For a firewall to be successful, the network service access policy should be drafted before the firewall is implemented. The policy must be realistic and sound. A realistic policy is one that provides a balance between protecting the network from known risks while still providing users reasonable access to network resources. If a firewall system denies or restricts services, it usually requires the strength of the network service access policy to prevent the firewall’s access controls from being modified or circumvented on an ad hoc basis. Only a sound, management backed policy can provide this defense against internal resistance. Here are the typical network service access policies that a firewall implements:

Allow no access to a site from the Internet, but allow access from the site to the Internet; or in contrast,

Allow some access from the Internet, but only to selected systems such as information servers and e-mail servers.

Despite recent events highlighting the futility of its policy, the White House insists on regulating encryption technology. This policy is ineffective, harms U.S. encryption makers, and damages the economy. As they debate encryption reform, legislators should consider a better, proven approach. The ideal policy would eliminate encryption controls and embrace the free market.

Encryption programs scramble information into unreadable text, ensuring the privacy of electronic data and communications. But while business transactions can be encrypted, so can communications between criminals. Consequently, law enforcers fear that encryption will empower a new crime wave. Responding to this fear, the White House policy attempts to limit the spread of strong encryption by using three tools: export controls, "key recovery" requirements, and industry exemptions.

Encryption strength is measured in bits: the more bits, the harder the encryption is to break. The U. S. government generally prohibits firms from exporting programs stronger than 56-bits. In December 1998, the Clinton Administration extended these regulations overseas by orchestrating the Wassenaar Agreement. Thirty-two countries caved to U.S. pressure and agreed in principle to bar the export of encryption stronger than 64-bits.

Encrypted data is unscrambled using an electronic "key." U.S. firms wishing to export stronger products must incorporate "key recovery" features. These features create spare keys law enforcers can use to decrypt suspect communications. The Administration wants to store these keys in central databases police can access with court authorization. This scheme is strongly opposed by companies wishing to use strong encryption when communicating with foreign affiliates.

In response to this opposition, the White House has issued exemptions. The financial services industry is permitted to use the strongest available encryption to communicate with overseas subsidiaries. The health and insurance industries are also exempt. These exemptions take dollars away from encryption reform lobbyists but do not make current policy sensible. According to Vice President Gore, the regulations "will protect our national security and safety, and advance our economic interests, and safeguard our basic rights and values." But Administration policy actually hinders these goals.

Export restrictions do not deter criminals. Because most countries have no encryption regulations, criminals can buy strong encryption from foreign firms. Today, anyone can download unrecoverable, 128-bit encryption from companies in several countries including Germany and South Korea. The 56-bit encryption favored by the U.S. government is weak, obsolete, and regularly broken by hackers.

Recently, RSA set up an Australian affiliate to avoid U.S. regulations. Companies such as Sun Microsystems have already partnered with foreign encryption producers.

The ideal policy would empower American business by eliminating encryption regulations and relying on a free market. Anyone seeking guaranteed privacy could buy unbreakable encryption software. Companies could communicate with their affiliates without fear of having their ideas and plans pilfered by competitors at home and abroad. High-tech firms could compete in the global encryption market. Above all consumers could conduct online transactions with confidence.

Even if criminal communications increased under such a plan, law enforcement wouldn’t be powerless. Just as they can demand phone records, they can subpoena email and records of electronic transactions. More significantly, law enforcement could respond to threats with technological innovations of their own. In France for example, the government abolished to strict encryption controls in January 1999. Recognizing such regulations harmed the French economy government replaced them with more funding for police efforts to counter the encryption threat.

The Firewall policy is a lower level policy that describes how the firewall will actually go about restricting the access and filtering the services as defined in the network service access policy. The firewall design policy is specific to the firewall. It defines rules used to implement the network service access policy. This policy must be designed in relation to, and with full awareness of issues such as firewall capabilities, limitations and the threats and vulnerabilities associated with TCP/IP. Firewalls generally implement one of two basic design policies:

Deny any service unless it is expressly permitted.

A firewall that implements the first policy allows all services to pass the site by default, with the exception of those services that the network service access policy has identified as disallowed. A firewall that implements the second policy denies all services by default, but then passes those services that have been identified as allowed. This second policy follows the classic access model used in all areas of information security. The first policy is less desirable, since it offers more avenues for getting around the firewall. For example, users could access new services currently not denied by the policy (or even addressed by the policy). Then they could run denied services at non-standard TCP/UDP ports that are not specifically denied by the policy. Certain service, such as X Windows, FTP, Archie, and RPC are difficult to filter. For this reason, they may be better accommodated by a firewall that implements the first policy. Also, the second policy is stronger and safer, but it is more restrictive for users.

Certain firewalls can implement either design policy but one particular design, the dual homed gateway, is inherently a "deny all" firewall. Systems, which require services that should not be passed through the firewall could be located on screened subnets, separate from other site systems. In other words, depending on security and flexibility requirements, certain types of firewalls are more appropriate than others, making it extremely important that policy is considered before implementing a firewall. Failure to do so could result in the firewall failing to meet expectations.

A system specific policy is often implemented through the use of access controls. For example, it may be a policy decision that only two individuals in an organization are authorized to run a particular program. Access controls are used by the system to implement (or enforce) this policy.

As offices and organizations have connected to the Net to provide service for consumers, many have begun eyeing the Internet infrastructure as an inexpensive vehicle for wide area and remote connections. To use the Internet for these purposes, however, companies have to protect their information with encryption. Encryption is simply the process of using a formula, called an encryption algorithm, to translate plain text into an incomprehensible cipher text and then back to plain text again. Essential to encryption is a numeric value called the key that becomes part of the encryption algorithm, setting the encryption process in motion.

Many different types of encryption algorithms are available, but in this paper only the most widely used for e-commerce security, such as Cryptography - Public and Private keys cryptography, DES, RSA, S/MIME, SET, SSL, and Digital Signature will be discussed.

As the field of cryptography has advanced, the dividing lines for what is and what is not cryptography have become blurred. Cryptography today might be summed up as the study of techniques and applications that depend on the existence of difficult problems. Cryptography allows people to carry over the confidence found in the physical world to the electronic world, thus allowing people to do business electronically without worries of deceit and deception.

Every day hundreds of thousands of people interact electronically, whether it is through e-commerce, e-mail or cellular phones. Cryptography makes secure websites and electronic safe transmissions possible. For a website to be secure all of the data transmitted between the computers where the data is kept and where it is received must be encrypted. This allows people to do online banking, online trading, and make online purchases with their credit cards, without worrying that any of their account information is being compromised. Cryptography is very important to the continued growth of the Internet and electronic commerce.

E-commerce is increasing at a very rapid rate. By the turn of the century, commercial transactions on the Internet are expected to be total hundreds of billions of dollars a year. This level of activity could not be supported without cryptographic security. It has been said that one is safer using a credit card over the Internet than within a store or restaurant. It requires much more work to seize credit card numbers over computer networks than it does to simply walk by a table in a restaurant and lay hold of a credit card receipt. These levels of security, though not yet widely used, give the means to strengthen the foundation with which e-commerce can grow.

Building a secure cryptographic system is easy to do badly, and very difficult to do well. Unfortunately, most people can't tell the difference. Differentiating the good from the bad, a good compression algorithm will work better than a bad one; a bad compression program will look worse in feature-comparison charts. Cryptography is different. Just because an encryption program works doesn't mean it is secure. There are two types of cryptosystems:

1. public key cryptography
2. secret key cryptography

In traditional cryptography, the sender and receiver of a message know and use the same secret key: the sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. This method is known as secret-key or symmetric cryptography. The main challenge is getting the sender and receiver to agree on the secret key without anyone else finding out. If they are in separate physical locations, they must trust a courier, a phone system, or some other transmission medium to prevent the disclosure of the secret key. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all messages encrypted or authenticated using that key. The generation, transmission and storage of keys is called key management; all cryptosystems must deal with key management issues. Because all keys in a secret-key cryptosystem must remain secret, secret-key cryptography often has difficulty providing secure key management, especially in open systems with a large number of users.

In order to solve the key management problem, Whitfield Diffie and Martin Hellman introduced the concept of public-key cryptography in 1976. Public-key cryptosystems have two primary uses, encryption and digital signatures. In their system, each person gets a pair of keys, one called the public key and the other called the private key. The public key is published, while the private key is kept secret. The need for the sender and receiver to share secret information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared. In this system, it is no longer necessary to trust the security of some means of communications. The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory). Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Furthermore, public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures) and other various techniques.

In a public-key cryptosystem, the private key is always linked mathematically to the public key. Therefore, it is always possible to attack a public-key system by deriving the private key from the public key. Typically, the defense against this is to make the problem of deriving the private key from the public key as difficult as possible. For instance, some public-key cryptosystem are designed such that deriving the private key from the public key requires the attacker to factor a large number, it this case it is computationally infeasible to perform the derivation. This is the idea behind the RSA public-key cryptosystem.

Encryption

When Hanna wishes to send a secret message to Kassa, she looks up Kassa's public key in a directory, uses it to encrypt the message and sends it off. Kassa then uses his private key to decrypt the message and read it. No one listening in can decrypt the message. Anyone can send an encrypted message to Kassa, but only Kassa can read it (because only Kassa knows his private key).

Secret-key cryptography is sometimes referred to as symmetric cryptography. Symmetric key cryptography is a 56-bit key

(01101011100110011101010100111000111000100100100010010101001). It is the more traditional form of cryptography, in which a single key can be used to encrypt and decrypt a message. Secret-key cryptography not only deals with encryption, but it also deals with authentication. One such technique is called message authentication codes, MACs. The main problem with secret-key cryptosystems is getting the sender and receiver to agree on the secret key without anyone else finding out. This requires a method by which the two parties can communicate without fear of spying. However, the advantage of secret-key cryptography is that it is generally faster than public-key cryptography.

The most popular secret key cryptosystem in use today is DES (data encryption standard). IBM developed DES in the middle 1970´s and it has been a Federal Standard ever since 1976.

DES is the first standard cipher the business world had. It is twenty years old and still widely used. But it is aging and getting much less secure. A knowledgeable attacker who can afford plenty of expensive computer equipment can now break DES fairly easily. DES started in 1973 and the US National Bureau of Standards asked for proposals for a standard cipher. In 1975 IBM developed DES and 1981 the American National Standards Institute approved DES as a standard for business use. Banks made much use of it, and it jumped the Pacific and was also written into banking standards for Australia (Australian Standard 2805.5.3). DES was quietly built into all kinds of software applications and hard wired into much encryption equipment (ATMs). As software, it protects computer networks and a variant of DES called CRYPT (3) is still used to protect the password file in UNIX systems. Because it was a standard, any system using DES could talk to any system using it. The key length is 56 bits. No one has published a system for cracking DES, except the brute force method of trying all keys until one works. In order to crack a key, you have to check per second 5 trillion keys.

RSA is a public-key cryptosystem that offers both encryption and digital signatures (authentication). Ron Rivest, Adi Shamir, and Leonard Adleman developed RSA in 1977; RSA stands for the first letter in each of its inventors' last names. RSA is so useful as a secure electronic envelope for small messages and as a way of signing messages, that it is part of a lot of hardware and software. RSA’s customers include Apple Computer, Novell, Lotus, and AT & T. RSA works as follows: take two large primes, p and q, and compute their product n = pq; n is called the modulus. Choose a number, e, less than n and relatively prime to (p-1)(q-1), which means e and (p-1)(q-1) have no common factors except 1. Find another number d such that (ed - 1) is divisible by (p-1)(q-1). The values e and d are called the public and private exponents, respectively. The public key is the pair (n, e); the private key is (n, d). The factors p and q may be kept with the private key, or destroyed.

It is currently difficult to obtain the private key d from the public key (n, e). However if one could factor n into p and q, then one could obtain the private key d. Thus the security of RSA is based on the assumption that factoring is difficult. The discovery of an easy method of factoring would "break" RSA.

Here is how RSA can be used for encryption and digital:

RSA Encryption

Suppose Hanna wants to send a message m to Kassa. Hanna creates the ciphertext c by exponentiating: c = m^e mod n, where e and n are Kassa's public key. She sends c to Kassa. To decrypt, Kassa also exponentiates: m = c^d mod n; the relationship between e and d ensures that Kassa correctly recovers m. Since only Kassa knows d, only Kassa can decrypt this message.

RSA Digital Signature

Suppose Hanna wants to send a message m to Kassa in such a way that Kassa is assured the message is both authentic, has not been tampered with, and from Hanna. Hanna creates a digital signature s by exponentiating: s = m^d mod n, where d and n are Hanna’s private key. She sends m and s to Kassa. To verify the signature, Kassa exponentiates and checks that the message m is recovered: m = s^e mod n, where e and n are Hanna's public key.

Thus encryption and authentication take place without any sharing of private keys: each person uses only another's public key or their own private key. Anyone can send an encrypted message or verify a signed message, but only someone in possession of the correct private key can decrypt or sign a message.

Visa and MasterCard have jointly developed the SET protocol as a method for secure, cost effective bankcard transaction over open networks. SET includes protocols for purchasing goods and services electronically, requesting authorization of payment, and requesting "credentials" (i.e. certificates) binding public keys to identities, among other services. Once SET is fully adopted, the necessary confidence in secure electronic transactions will be in place, allowing merchants and customers to partake in electronic commerce. SET supports Data Encryption Standard (DES) for bulk data encryption and Rivest-Sharmir-Adelman (RSA) for signatures and public-key encryption of data encryption keys and bankcard numbers.

Sender authentication can be any process through which one proves and verifies certain information. Sometimes one may want to verify the origin of a document, the identity of the sender, the time and date a document was sent and /or signed, the identity of a computer or user, and so on. A digital signature is cryptography means of verification the origin of a document, the identity of the sender. The digital signature of a document is a piece of information based on both the document and the signer’s private key. It is typically created through the use of a hash function and a private signing function (encrypting with the signer’s private key), but there are other methods. Written signatures are also vulnerable to forgery because it is possible to reproduce a signature on other documents as well as to alter documents after they have been signed. Digital signatures and hand written signatures both rely on the fact that it is very hard to find two people with the same signature. People use public-key cryptography to compute digital signatures by associating something unique with each person. When public-key cryptography is used to encrypt a message, the sender encrypts the message with the public key of the intended recipient. When public-key cryptography is used to calculate a digital signature, the sender encrypts the "digital fingerprint" of the document with his or her own private key. Anyone with access to the public key of the signer may verify the signature. Suppose Hanna wants to send a signed document or message to Kassa. The first step is generally to apply a hash function to the message, creating what is called a message digest that is usually considerably shorter than the original message. In fact, the job of the hash function is to take a message of arbitrary length and shrink it down to a fixed length. To create a digital signature, one usually signs (encrypts) the message digest as opposed to the message itself. This saves a considerable amount of time, though it does create a slight insecurity. Hanna sends Kassa the encrypted message digest and the message, which she may or may not encrypt. In order for Kassa to authenticate the signature he must apply the same hash function as Hanna to the message she sent him, decrypt the encrypted message digest using Hanna’s public key and compare the two. If the two are the same he has successfully authenticated the signature. If the two don’t match there are a few possible explanations. Either someone is trying to impersonate Hanna, the message itself has been altered since Hanna signed it or an error occurred during transmission.

S/MIME is a protocol that adds digital signatures and encryption to Internet MIME messages described in RFC. MIME is the official proposed standard format for extended Internet electronic mail. Internet e-mail messages consist of two parts, the header and the body. The header forms a collection of field/value pairs structured to provide information essential for the transmission of the message. The body is normally unstructured unless the e-mail message is structured. The MIME formats permits e-mail to include enhanced text, graphics, audio, and more in a standardized manner via MIME-compliant mail systems. However, MIME itself does not provide any security services. The purpose of S/MIME is to provide security at the application level for communications between hosts on a public network. Other protocols such as IPsec and others, maintain the security of low-level network communications. However, none of these protocols handle situations where data needs to be securely stored, transmitted, and forwarded. Where SSL secures a connection between a client and a server over an insecure network, S/MIME is used to secure messages between users, applications, and computers.

S/MIME is applicable to any situation in which data must be securely transferred, stored, forwarded, and authenticated. The following are just a few of the real world practical applications of S/MIME:

• Electronic Data Interchange

S/MIME is used as a basis for EDI, the Internet standard for EDI over the Internet. These applications include digital signatures on contracts and secure data interchange over the Internet.

• Financial Messaging

Organizations can use S/MIME to store and transfer bank statements and financial forms between computers. Other uses include transfer of stock trades, communication of brokerage statements and mortgage payment services.

• Content Delivery

S/MIME can be used to implement electronic bill presentment and payment online. Customers using applications based on S/MIME can securely receive and pay their bills without any stamps. Other applications include online software sales and subscription services.

The SSL is a handshake protocol and was developed by Netscape Communications Corporation to provide security and privacy over the Internet. The protocol is application independent, allowing protocol like hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Telnet to be layered on top of it transparently. The SSL protocol is able to negotiate encryption keys as well as authenticate the server before data is exchanged by the higher-level application. The SSL protocol maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes. The SSL Handshake protocol consists of two phases: Server authentication and an optional client authentication. In the first phase, the server, in response to a client’s request, sends its certificate and its cipher preferences. The client then generates a master key, which it encrypts with the server’s public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key. In the optional second phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client’s digital signature on the challenge, as well as its public-key certificate.

1. Restriction by IP address, subnet, or domain

Restriction by IP address is secure against casual nosiness but not against a determined hacker. There are several ways around IP address restrictions. IP address restriction can be made much safer by running your server behind a firewall machine that is capable of detecting and rejecting attempts at "spoofing" IP addresses. Such detection works best for intercepting packets from the outside world that claim to be from trusted machines on your Intranet network.

When IP addresses that are assigned to each server, client, and network device and can be spoofed. So if you want to give certain users access over the Internet to sensitive internal files and data, you'll want to make sure to authenticate the actual user. Authentication simply describes the numerous methods that positively identify a user. Passwords are the most common method of authentication used today, but users are notorious for making poor password choices that can be guessed by an experienced hacker.

In addition to passwords, which are often called "something you know," many organizations are turning to solutions that also require "something you have," such as tokens and smart cards. Tokens are small, credit card- or calculator-size devices that the remote user carries around.

Many of these products use a challenge-response scheme. When the user attempts to connect, an authentication server on the network issues a challenge, which the user keys into the token device. The device displays the appropriate response, which the remote user then sends to the server. Many of these tokens also require the user to type in a PIN. Tokens range from $35 to $65 each, depending on volume. Less expensive software versions of tokens are available.

The market leader in token technology is Security Dynamics, with its SecurID line of token products and ACE/Server. Several firewall products, including those from CheckPoint, Raptor, and Trusted Information Systems support SecurID products. You simply configure the firewall products to forward authentication for certain services to the designated third-party server, or use any included authentication service.

Smart cards used for authentication are similar to tokens, except they require a smart card reader to process the challenge. Though these devices have shrunk in size over the past few years, they're still additional devices that the user has to carry and can find cumbersome. They are also generally more expensive than tokens, ranging in price from $40 to $250 per user. Gemplus and SCM Microsystems are two manufacturers of smart card readers. PC Card devices are also available but more expensive.

Software is complex. As the size of a piece of software grows it becomes increasingly difficult to test all. Complex code will probably have unknown loopholes that an attacker can exploit. These loopholes may be convoluted, but that will not prevent an attacker from trying to exploit them.

Some systems, particularly commerce systems, rely on tamper-resistant hardware for security: smart cards, electronic wallets, dongles, etc. These systems may assume public terminals never fall into the wrong hands, or that those "wrong hands" lack the expertise and equipment to attack the hardware. While hardware security is an important component in many secure systems, t is hard to trust systems whose security rests solely on assumptions about tamper resistance. One rarely sees tamper resistance techniques that work and the tools for defeating tamper resistance are getting better all the time. When the designer systems that use tamper resistance, are designed complementary security mechanisms just in case the tamper resistance fails.

The "timing attack" made a big press splash in 1995: RSA private keys could be recovered by measuring the relative times cryptographic operations took. The attack has been successfully implemented against smart cards and other security tokens and against electronic commerce servers across the Internet. Counterpane Systems and others have generalized these methods to include attacks on a system by measuring power consumption, radiation emissions, and other "side channels," and have implemented them against a variety of public-key and symmetric algorithms in "secure" tokens. Related research has looked at fault analysis: deliberately introducing faults into cryptographic processors in order to determine the secret keys. The effects of this limitation or attack can be devastating.

Network security is designed to address the problems identified with host security. The network accesses to hosts and services rather than on securing the hosts themselves. Network security approaches include building firewalls to protect trusted networks from untrusted networks, utilizing strong authentication techniques, and using encryption to protect the confidentiality and integrity of data as it passes across the network.

A firewall is a network device that allows only certain authorized operations or programs to be run between internal networks and the Internet. A firewall configuration can be very simple or extremely complex depending on the particular requirements of the enterprise. Many enterprises today are connecting their private, internal networks to the Internet to provide access to external resources on the Internet. Although this is an important capability and it is one that should be well planned to avoid possible security risks by exposing the internal network to users outside the enterprise.

Security is worthless if somebody can steal your password. Focusing on strong encryption, while ignoring the importance of passwords, is like building a steal-lined vault but taping the combination on the outside door. Since cracking encryption of any sort, even the relatively weak data encryption standard (DES) algorithm is likely to consume more time; passwords will always remain the weak link in any encryption method. The more secret and hidden the password, the more likely it will only block access to legitimate users.

A password is only good if it’s chosen carefully. Too often users choose obvious passwords like middle names, their birthday, their office phone number, or the name of favorite pets. These passwords can be guessed at and WWW servers, unlike Unix login program to break in by brute force. You also should be alert to the possibility of remote users sharing their user names and passwords. It is more secure to use a combination of IP address restriction and password than to use either of them alone.

Many systems break because they rely on user-generated passwords. Left to themselves, people don't choose strong passwords. If they're forced to use strong passwords, they can't remember them. If the password becomes a key, it's usually much easier--and faster--to guess the password than it is to brute-force the key; one of the weakness to fail the security system can be this way. Some user interfaces make the problem even worse: limiting the passwords to eight characters, converting everything to lower case, etc. Even pass phrases can be weak: searching through 40-character phrases is often much easier than searching through 64-bit random keys.

Even when a system is secure if used properly, its users can subvert its security by accident--especially if the system isn't designed very well. The classic example of this is the user who gives his password to his co-workers so they can fix some problem when he's out of the office. Users may not report missing smart cards for a few days, in case they are just misplaced. They may not carefully check the name on a digital certificate. They may reuse their secure passwords on other, insecure systems. They may not change their software's default weak security settings. Good system design can't fix all these social problems, but it can help avoid many of them.

A cryptographic system can only be as strong as the encryption algorithms, digital signature algorithms, one-way hash functions, and message authentication codes it relies on. Break any of them, and you've broken the system. And just as it's possible to build a weak structure using strong materials, it's possible to build a weak cryptographic system using strong algorithms and protocols.

Often find systems that "void the warranty" of their cryptography by not using it properly: failing to check the size of values, reusing random parameters that should never be reused, and so on. Encryption algorithms don't necessarily provide data integrity. Key exchange protocols don't necessarily ensure that both parties receive the same key. A recent research project found out that some--not all--systems using related cryptographic keys could be broken, even though each individual key was secure. Security is a lot more than plugging in an algorithm and expecting the system to work. Even good engineers, well-known companies, and lots of effort are no guarantee of robust implementation; the U.S. digital cellular encryption algorithm illustrated that.

Random-number generators are another place where cryptographic systems often break. Good random-number generators are hard to design, because their security often depends on the particulars of the hardware and software. Many products examined use bad ones. The cryptography may be strong, but if the random-number generator produces weak keys, the system is much easier to break. Other product uses secure random-number generators, but they don't use enough randomness to make the cryptography secure.

Specific random-number generator may be secure for one purpose but insecure for another; generalizing security analyses is dangerous. On the other hand, at interactions between individually secure cryptographic protocols, and given a secure protocol, show was how to build another secure protocol that will break the first if both are used with the same keys on the same device.

Sometimes, products even get the cryptography wrong. Some rely on proprietary encryption algorithms. Invariably, these are very weak. Keeping the algorithm secret isn't much of an impediment to analysis; it only takes a couple of days to reverse-engineer the cryptographic algorithm from executable code. S/MIME 2 electronic-mail standard took a relatively strong design and implemented it with a weak cryptographic algorithm. The system for DVD encryption took a weak algorithm and made it weaker.

Many other cryptographic weaknesses can be like implementations that repeat "unique" random values, digital signature algorithms that don't properly verify parameters, hash functions altered to defeat the very properties they're being used for. Also cryptographic protocols used in ways that were not intended by the protocols' designers, and protocols "optimized" in seemingly trivial ways completely break their security.

Many systems fail because of mistakes in implementation. Some systems don't ensure that plain text is destroyed after it's encrypted. Other systems use temporary files to protect against data loss during a system crash, or virtual memory to increase the available memory; these features can accidentally leave plain text lying around on the hard drive. In extreme cases, the operating system can leave the keys on the hard drive. One product may use a special window for password input. The password remained in the window's memory even after it was closed. It didn't matter how good that product's cryptography was; it was broken by the user interface.

Other systems fall to more subtle problems. Sometimes the same data is encrypted with two different keys, one strong and one weak. Other systems use master keys and then one-time session keys. It may break systems using partial information about the different keys. Also systems that use inadequate protection mechanisms for the master keys mistakenly are relying on the security of the session keys. It's vital to secure all possible ways to learn a key, not just the most obvious ones.

E-commerce systems often make implementation trade-off to enhance usability. One of the subtle vulnerabilities here, when designers don't think through the security implications of their trade-off. Doing account reconciliation only once per day might be easier, but what kind of damage can an attacker do in a few hours? Can audit mechanisms be flooded to hide the identity of an attacker? Some systems record compromised keys on "hot lists"; attacks against these hot lists can be very fruitful. Other systems can be broken through replay attacks: reusing old messages or parts of old messages, to fool various parties.

Systems that allow old keys to be recovered in an emergency provide another area to attack. Good cryptographic systems are designed so that the keys exist for as short a period of time as possible; key recovery often negates any security benefit by forcing keys to exist long after they are useful. Furthermore, key recovery databases become sources of vulnerability in themselves, and have to be designed and implemented securely. Flaws in the key recovery database can allow criminals to commit fraud and then frame legitimate users.

Many of interesting limitations are against the underlying trust model of the system: who or what in the system is trusted, in what way, and to what extent. Simple systems, like hard-drive encryption programs or telephone privacy products, have simple trust models. Complex systems, like electronic-commerce systems or multi-user e-mail security programs, have complex (and subtle) trust models. An e-mail program might use uncrackable cryptography for the messages, but unless the keys are certified by a trusted source (and unless that certification can be verified), the system is still vulnerable. Some commerce systems can be broken by a merchant and a customer colluding, or by two different customers colluding. Other systems make implicit assumptions about security infrastructures, but don't bother to check that those assumptions are actually true. If the trust model isn't documented, then an engineer can unknowingly change it in product development, and compromise security.

Many software systems make poor trust assumptions about the computers they run on; they assume the desktop is secure. Trojan horse software that sniffs passwords, reads plain text, or otherwise circumvents security measures can often break these programs. Systems working across computer networks have to worry about security flaws resulting from the network protocols. Computers that are attached to the Internet can also be vulnerable. Again, the cryptography may be irrelevant if it can be circumvented through network insecurity. And no software is secure against reverse engineering.

Often, a system will be designed with one trust model in mind, and implemented with another. Decisions made in the design process might be completely ignored when it comes time to sell it to customers. A system that is secure when the operators are trusted and the computers are completely under the control of the company using the system may not be secure when the operators are temps hired at just over minimum wage and the computers are untrusted. Good trust models work even if some of the trust assumptions turn out to be wrong.

Strong systems are designed to keep small security breaks from becoming big ones. Recovering the key to one file should not allow the attacker to read every file on the hard drive. A hacker who reverse-engineers a smart card should only learn the secrets in that smart cards, not information that will help him break other smart cards in the system. In a multi-user system, knowing one person's secrets shouldn't compromise everyone else's.

Many systems have a "default to insecure mode." If the security feature doesn't work, most people just turn it off and finish their business. If the on-line credit card verification system is down, merchants will default to the less-secure paper system. Similarly, it is sometimes possible to mount a "version rollback attack" against a system after it has been revised to fix a security problem: the need for backwards compatibility allows an attacker to force the protocol into an older, insecure, version.

Other systems have no ability to recover from disaster. If the security breaks, there's no way to fix it. For electronic commerce systems, which could have millions of users, this can be particularly damaging. Such systems should plan to respond to attacks, and to upgrade security without having to shut the system down. Good system design considers what will happen when an attack occurs, and works out ways to contain the damage and recover from the attack.

Algorithms make good sound bites: they can be explained in a few words and they're easy to compare with one another. "128-bit keys mean good security." "Triple-DES means good security." "40-bit keys mean weak security." "2048-bit RSA is better than 1024-bit RSA."

But reality isn't that simple. Longer keys don't always mean more security. Compare the cryptographic algorithm to the lock on your front door. Most door locks have four metal pins, each of which can be in one of ten positions. A key sets the pins in a particular configuration. If the key aligns them all correctly, then the lock opens. So there are only 10,000 possible keys, and a burglar willing to try all 10,000 be guaranteed to break into your house. But an improved lock with ten pins, making 10 billion possible keys, probably won't make your house more secure. Burglars don't try every possible key (a brute-force attack); most aren't even clever enough to pick the lock (a cryptographic attack against the algorithm). They smash windows, kick in doors, disguise themselves as policemen, or rob keyholders at gunpoint. Better locks don't help against these attacks.

Strong cryptography is very powerful when it is done right, but it is not a panacea. Focusing on the cryptographic algorithms while ignoring other aspects of security is like defending your house not by building a fence around it, but by putting an immense stake into the ground and hoping that the adversary runs right into it. Smart attackers will just go around the algorithms.

On e-commerce a great deal of significant business has been done. It is convenient for consumers to do business online. It is clear that e-commerce will revolutionize as we can see and consumers will be offered new and exciting services and businesses will be run more efficiently. Net commerce is inevitable, new technologies to make the Internet more secure at being developed and improved every day.

There are many risks associated with e-commerce from hacking and viruses to fraud. Hacking is a serious threat to firms that connect to the Internet; however the greatest threat to organization is their own employee.

Encryption schemes can be broken, but making them as hard as possible to break is the job of a good cipher designer. Most companies had implemented a wide range of hardware security measures to offer network protection and business continuity.

Based on this research smart card is an ideal secure storage device. They are simple to use and almost impossible to duplicate. A user merely inserts the smart card into a reader, enters a PIN to unlock the card, the credentials are presented to the applications and access is granted. (Just like using an ATM machine.) Smart cards make it easy to carry digital credentials and use them with other computers at home, in remote offices or on public access terminals. Smart cards enable consolidation of passwords for their PC, LAN, mail system and multiple applications.

Internet may not only have an impact on society, but may become an integral part of our lives when it guides our cars, provides us our entertainment, and allows us to pay our bills. Thus, one of the major question that needs to be dealt with now is the Internet security infrastructure which will be the basis of the new marketplace and the Information Age.

June 10, 1998

Glossary

Application gateway
A firewall that inspects and filters data at the application level.

Application proxy
A program used in an application gateway to filter data for a specific type of application (such as HTTP or FTP).

Asymmetric encryption
Encryption using pairs of public and private keys.

Authentication
A method for proving a user's identity (such as using passwords or authentication tokens).

Certificate authority
An internal entity or trusted third party (such as Verisign) that issues, signs, revokes, and manages digital certificates.

Cryptography
The science of transforming readable text into cipher text and back again.

Decryption
The process of transforming cipher text into readable text.

DES (Data Encryption Standard)
A standard developed by the U.S. government that uses symmetric encryption keys.

Digital certificate
An electronic document that verifies the owner of a public key. A certificate authority issues it.

Digital signature
Any type of text or message, encrypted with a private key, thereby identifying the source.

Encryption
The process of turning readable text into cipher text.

Encryption algorithm
A mathematical formula used to encrypt or decrypt a string of text.

Firewall
Software that creates a barrier between a trusted and an untrusted network, allowing or forbidding data to cross the barrier based on a set of rules that an administrator has configured.

Hash function
A fixed-length value created mathematically to identify data uniquely.

IP (Internet Protocol)
A fundamental protocol in TCP/IP networks that addresses and delivers datagrams across the Internet.

IPsec
A set of Internet Engineering Task Force encryption and authentication standards (part of IPv6) that enable compliant virtual networking products to share public keys and encryption algorithms.

IP spoofing
Any of several methods for changing an IP address to one acceptable to a firewall, so as to trespass on an internal network.

Kerberos
A system that provides a central authentication mechanism for a variety of client/server applications, using passwords and secret keys. It was developed at the Massachusetts Institute of Technology.

Key
A single numeric value that is part of an algorithm for encrypting text.

L2F (Layer Two Forwarding)
Cisco's protocol for forwarding the authentication and authorization process from an Internet service provider to a server elsewhere on the Internet, such as a corporate central office's server.

L2TP (Layer Two Tunneling Protocol)
An IETF standard that combines aspects of Microsoft's Point-to-Point Tunneling protocol and Cisco's Layer Two Forwarding (L2F) protocol.

Network address translation
A feature of most firewalls that prevents internal IP addresses from appearing to users outside the network. Usually it shows only a single IP address to outside users.

Packet filter
A firewall or router that allows or forbids packets to enter or exit a network based on IP address and origin or destination port.

PEM (Privacy Enhanced Mail)
A standard, predating S/MIME, for encrypting e-mail and authenticating senders.

PGP (Pretty Good Privacy)
A set of programs for exchanging encrypted and authenticated e-mail messages designed for a variety of platforms.

PPP (Point-to-Point Protocol)
A protocol for transmitting IP packets over serial (asynchronous or synchronous) lines.

Private key
In asymmetric encryption, the key that a user keeps secret. It can encrypt or decrypt data for a single transaction but cannot do both.

Public key
In asymmetric encryption, the key that a user allows the world to know. It can encrypt or decrypt data for a single transaction but cannot do both.

RADIUS (Remote Authentication Dial-In User
Service)
A standard for authenticating the identity of remote dial-in users (see TACACS+).

RSA (Rivest-Sharmir-Adelman)
A popular encryption and authentication standard that uses asymmetric keys.

Secret key encryption
A method in which a single key known only to the participants encrypts and decrypts data.

SET (Secure Electronic Transactions)
A standard sponsored by Visa and MasterCard that provides secure communications across the Internet among the card provider, the card holder, the card holder's financial institution, and merchants' financial institutions.

S-HTTP (Secure HyperText Transfer Protocol)
An extension to HTTP that uses encryption and digital signatures to provide security in each transaction.

Smart card
A credit-card-size authentication device containing a microprocessor and data, which is read by a smart-card reader and sent across the network.

S/MIME (Secure Multipurpose Internet Mail Extension)
A standard for encrypting e-mail and authenticating users' identities based on RSA encryption.

SSL
(Secure Sockets Layer)
A transport-layer technology developed by Netscape that allows secure transactions among compliant browsers and servers--usually Web servers.

Stateful inspection
A method in which a firewall intercepts a packet at the network layer and then inspects the entire packet to determine whether to let it through.

Symmetric encryption
A method involving a single secret key for both encryption and decryption.

TACACS+ (Terminal Access Controller Access Control System Plus)
A Cisco standard for authenticating transmissions between servers and databases.

TCP (Transmission Control Protocol)
A connection-oriented transport protocol that guarantees data delivery over a network; one of the fundamental protocols of TCP/IP.

Token
A credit-card-size authentication device that a remote user carries. It usually displays numbers that change over time and synchronize with an authentication server on the network; alternatively, it may use a challenge/response scheme with the server.

UDP (User Datagram Protocol)
A connectionless transport protocol that does not guarantee delivery of data.

Virtual private network
An encrypted connection between private networks over a public network.

X.509
A standard for digital certificates developed by the International Telecommunications Union (ITU).