Next:
List of Figures
Security Status and Issues
&
Electronic Commerce on the Internet
Denis Arnaud
July 1995
A Postscript version is also available here.
List of Figures
1 Introduction
1.1 The Internet
1.2 Why is Security on the Internet an Issue?
2 What is Security Needed for?
2.1 Introduction
2.2 Local Computing Environment
2.2.1 Introduction
2.2.2 The risks
2.2.3 The goals
2.2.4 Control decisions
2.3 What Does the Use of the Web Imply About Security?
2.3.1 Client threats
2.3.2 Server threats
2.3.3 Point to point security issues
3 How Can Security Issue Be Addressed?
3.1 Local Network: Security Policy
3.1.1 Principles
3.1.2 Access decisions
3.1.3 Systems development process
3.1.4 Physical security
3.1.5 Data security
3.1.6 Monitoring and review
3.1.7 Personnel management
3.1.8 Personnel security
3.1.9 Training
3.1.10 User-level security policy
3.2 Access Security: Firewalls
3.2.1 Introduction
3.2.2 Design decisions
3.2.3 Levels of threat
3.2.4 Firewalls and their components
3.2.5 Comments
3.3 Data Security: Cryptography
3.3.1 What is cryptography?
3.3.2 What is a key?
3.3.3 What is public key cryptography (PKC)?
3.3.4 How does someone obtain a pair of keys?
3.3.5 How is information integrity assured?
3.3.6 What about authenticity?
3.3.7 Is the certificate trustworthy?
3.3.8 What about non-repudiatability of origin?
3.3.9 What about non-repudiatability of receipt?
3.4 Transaction Security
3.4.1 What are Kerberos, PGP, PEM, SSL, S-HTTP and IPSEC?
Kerberos
Pretty Good Privacy (PGP)
Privacy Enhanced Mail (PEM)
Secure Sockets Layer (SSL)
Secure HTTP (S-HTTP)
Comparison between SSL and S-HTTP
Internet Protocol Security (IPSEC)
3.4.2 How can these protocols contribute to transaction security?
3.5 What a Smart Card is Intended for - A Typical Example: the Authentication Issue
3.5.1 Smart card applications
Prepaid smart cards
Electronic money
3.5.2 What is a smart card?
Presentation
The plastic card
Access control to the information
3.5.3 How can your company use smart card systems?
Two-factor authentication process
Card requirements
3.5.4 The future
4 Payment and Transaction Issues
4.1 The Rush Is on to Make Net Commerce Happen
4.1.1 Introduction
4.1.2 What is available? What is coming?
4.1.3 Connecting financial systems
4.1.4 No numbers, no crime
4.1.5 Internet-savvy business
4.2 A Tool to Make Web Commerce Secure
4.2.1 Introduction
4.2.2 A head for business
4.2.3 The safe sell
4.2.4 Terisa is born
4.2.5 The clang of the cash register
4.2.6 Money makes the world go round
5 The legal issue: Clipper's Still Kicking
5.1 Introduction
5.2 The Clipper Controversy
5.3 A Chip with Nine Lives
5.4 Uncle Sam is Listening
5.5 Getting Clipped
5.6 An Orwellian Future?
6 Conclusion
6.1 General
6.2 Prospectives: Opportunities for Your company
Denis Arnaud
12/19/1997