Part 3 - PowerPoint PPT Presentation

chapter 3 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Part 3 PowerPoint Presentation
Part 3

play fullscreen
1 / 25
Download Presentation
Download Presentation

Part 3

Presentation Transcript


  2. The Internet • electronic highway, consisting of various standards and protocols • The Internet has no central command and control structure.

  3. TCP (Transmission Control Protocol) • a protocol for dividing electronic messages into "packets" of information and then reassembling these packets at the receiving end

  4. Internet Protocol (IP) Addresses • specific location of a computer on the Internet--a unique identifier (e.g., 408.78.230.2) • domain name is an alias that can be used in place of the IP number ( • Domain names and their corresponding IP addresses are kept in the domain name servers (DNSs).

  5. Intranets • in-house networks that use Internet-type protocols. • recently Cisco has announced joint ventures with TCI and others to bring intranet-type technology to homes

  6. Intranet Security • Firewalls limit access to information on company servers from the rest of the world. • Proxy servers filter all outgoing requests for information. Ethical and moral issues emerge from proxy server filters.

  7. Client-Server Technology • A server is program that constantly runs and exchanges information with users who request it. • Clients are programs that access and exchange information with servers. • Examples include mail servers, file servers (File Transfer Protocol--FTP sites), web servers.

  8. World Wide Web • A web server is a server that allows a user (client) to access documents and run computer that reside on remote computers.

  9. Electronic Payment Systems • electronic bill payment systems: payment instructions sent to a bank • credit card systems: credit card information supplied to secure commerce server

  10. Electronic Payment Systems • Secure Electronic Transaction (SET) systems: special type of credit card payment system established by Visa and MasterCard • Secure Sockets Layer (SSL) is another industry-wide protocol for enhancing security and integrity of transactions on the internet.

  11. Security for Electronic Transactions • Encryption involves using a password or digital key to scramble a readable (plaintext) message into an unreadable (ciphertext) message.

  12. Types of Encryption Systems • Secret Key • Public Key • Hybrid

  13. Secret key Encryption • the same key is used for both encrypting and decrypting a message

  14. Public Key Encryption • two keys are used in association with each encrypted message, one key to encrypt the message and another key to decrypt it

  15. Hybrid Systems and Digital Envelopes • A random key generated by sender encrypts message. • Using the recipient’s public key, the random key is encrypted, and both the encrypted message and the random key is sent to the recipient in a digital envelope. • The recipient then uses his/her private key to decrypt the random key and then decrypt the message.

  16. Digital Signatures • What is a digital signature? • There are significant implications for accountants. For example, Impact on how transactions will be authorized Impact on how authenticity of transactions will be verified by auditors

  17. Cryptanalysis • various techniques for analyzing encrypted messages for purposes of decoding them without legitimate access to the keys

  18. factoring attack • the private key can be deduced by factoring the public key into to prime numbers

  19. key attacks • most attacks against public key systems are likely to be made at the key management level

  20. Digital Certificates • digital documents that attest to the fact that a particular public key belongs to a particular individual or organization • Digital certificates are issued by some certifying authority (CA). • Examples of Digital Certificates Fidelity NetBenefits Discover Dean Witter

  21. Certification • The CA creates a digital certificate by digitally signing a document that includes the name of the person being certified, that person s public key, the name of the CA, the expiration date of the key being certified, and the expiration date of the certificate.

  22. Certificate Revocation Lists (CRLs) • a list of public keys that have been revoked before their expiration dates. • Certificate Chains: certificates can be linked together in chains. • Certificate Signing Units: protect private keys.

  23. Virtual Cash Systems • Digital Cash: a bank digitally signs an electronic bank note • Blinded Digital Cash: a bank to issues digital cash so that it is unable to link the payer to the payee.

  24. Virtual Cash in Electronic Cards • Smart cards are hand-held electronic cards that are used for payments.

  25. The End