Next:
3.1 Local Network: Security
Up:
Security & Electronic Commerce
Previous:
2.3.3 Point to point
3 How Can Security Issue Be Addressed?
3.1 Local Network: Security Policy
3.1.1 Principles
3.1.2 Access decisions
3.1.3 Systems development process
3.1.4 Physical security
3.1.5 Data security
3.1.6 Monitoring and review
3.1.7 Personnel management
3.1.8 Personnel security
3.1.9 Training
3.1.10 User-level security policy
3.2 Access Security: Firewalls
3.2.1 Introduction
3.2.2 Design decisions
3.2.3 Levels of threat
3.2.4 Firewalls and their components
3.2.5 Comments
3.3 Data Security: Cryptography
3.3.1 What is cryptography?
3.3.2 What is a key?
3.3.3 What is public key cryptography (PKC)?
3.3.4 How does someone obtain a pair of keys?
3.3.5 How is information integrity assured?
3.3.6 What about authenticity?
3.3.7 Is the certificate trustworthy?
3.3.8 What about non-repudiatability of origin?
3.3.9 What about non-repudiatability of receipt?
3.4 Transaction Security
3.4.1 What are Kerberos, PGP, PEM, SSL, S-HTTP and IPSEC?
Kerberos
Pretty Good Privacy (PGP)
Privacy Enhanced Mail (PEM)
Secure Sockets Layer (SSL)
Secure HTTP (S-HTTP)
Comparison between SSL and S-HTTP
Internet Protocol Security (IPSEC)
3.4.2 How can these protocols contribute to transaction security?
3.5 What a Smart Card is Intended for - A Typical Example: the Authentication Issue
3.5.1 Smart card applications
Prepaid smart cards
Electronic money
3.5.2 What is a smart card?
Presentation
The plastic card
Access control to the information
3.5.3 How can your company use smart card systems?
Two-factor authentication process
Card requirements
3.5.4 The future
Denis Arnaud
12/19/1997
