Technical Aspects of E-Commerce Part 2
-
Upload
tejasvi-sharma -
Category
Documents
-
view
103 -
download
0
Transcript of Technical Aspects of E-Commerce Part 2
![Page 1: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/1.jpg)
Technical Aspects ofTechnical Aspects ofE-Commerce Part 2 of 2E-Commerce Part 2 of 2
Mort AnvariMort Anvari
![Page 2: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/2.jpg)
2
IntroductionIntroduction
- Review
- Hardware
- Firewalls
- Networking
- Cryptography
![Page 3: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/3.jpg)
3
ReviewReview
PC Internet
WebServer
FWR PC
PC
PC
PC
PC
MailServer
SQLServer
FileServer
![Page 4: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/4.jpg)
4
ReviewReview
Operating
System
I/O Layer
HTMLPagesData
UserSpace
SystemSpace
Physical World
NetworkCard
VideoCard
HD Controller
Hard Drive
Motherboard
Presentation
Session
Transport
Network
Datalink
Physical
Application: Programs that directly access the presentation layer belong at least in part to the application layer.Web Server
CGI Script
Software
Hardware
![Page 5: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/5.jpg)
5
HardwareHardware
What is it?- The physical components of a computing
system
- If it can be held in your hand it’s hardware
- If it can’t it’s software
![Page 6: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/6.jpg)
6
HardwareHardware
Operating
System
I/O Layer
HTMLPagesData
UserSpace
SystemSpace
Physical World
NetworkCard
VideoCard
HD Controller
Hard Drive
Motherboard
Presentation
Session
Transport
Network
Datalink
Physical
Application: Programs that directly access the presentation layer belong at least in part to the application layer.Web Server
CGI Script
Software
Hardware
Current Topic
![Page 7: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/7.jpg)
7
HardwareHardware
- Architecture
- Hard Drives
- Backup Systems
- Network Interfaces
- RAM
![Page 8: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/8.jpg)
8
ArchitectureArchitecture
- CISC (Complex Instruction Set Comp.)Can do complex operations
Can do many functions
i.e. 486, Pentium, PowerPC
- RISC (Reduced Instruction Set Comp.)Can do a few simple operations
Faster than CISC
i.e. SPARC, HP9000
![Page 9: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/9.jpg)
9
Hard DrivesHard Drives
- SingleA regular hard drive
- MirroredFault-Tolerant
Expensive
- Drive ArrayFault-Tolerant
Slower but cheaper than Mirror
![Page 10: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/10.jpg)
10
Hard DrivesHard Drives
- Highly Redundant Drive EnclosureExternal to server
Can lose multiple drives
Very fast
Very expensive
![Page 11: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/11.jpg)
11
Backup SystemsBackup Systems
- DAT (Digital Audio Tape)Fast, efficient and reliable
Tape sizes from 2-24GB
Backwards compatible
- DLT (Digital Linear Tape)Very fast, reliability problems
Tapes can hold up to 70GB
New technology
![Page 12: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/12.jpg)
12
Backup SystemsBackup Systems
- Tape LibraryUses multiple DLTs or DATs
Uses many tapes
Robotic arm changes tapes
![Page 13: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/13.jpg)
13
Network InterfacesNetwork Interfaces
- LAN (Local Area Network)Small in geographic size
Fast and cheap
Owned
- WAN (Wide Area Network)Connects distant LANs
Slow and expensive
Rented
![Page 14: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/14.jpg)
14
Random Access MemoryRandom Access Memory
- RegularGarden variety memory
- ParityChecks for memory errors
Stops machine on error
- ECC (Error Checking and Correcting)Checks for memory errors
Corrects errors
![Page 15: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/15.jpg)
15
FirewallFirewall
What is it?- A special computer system designed to isolate
one area of the network
- All network traffic going into or out of the isolated area must pass through the firewall
- Only allows traffic to pass that meets a set of criteria based on company policy
- Like the gate house in a jail
- It’s software
![Page 16: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/16.jpg)
16
FirewallFirewall
PC Internet
WebServer
FWR PC
PC
PC
PC
PC
MailServer
SQLServer
FileServer
![Page 17: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/17.jpg)
17
FirewallFirewall
Operating
System
I/O Layer
LogsData
UserSpace
SystemSpace
Physical World
NetworkCard
VideoCard
HD Controller
Hard Drive
Motherboard
Presentation
Session
Transport
Network
Datalink
Physical
Application: Programs that directly access the presentation layer belong at least in part to the application layer.
Software
Hardware
Current Topic
Firewall Software
![Page 18: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/18.jpg)
18
NetworkingNetworking
What is it?- A series of devices called nodes
interconnected by communication pathways
- Nodes can be computers or devices that help the network function
- Networks can be connected or contain sub networks
- It’s made up of hardware and software
![Page 19: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/19.jpg)
19
NetworkingNetworking
PC Internet
WebServer
FWR PC
PC
PC
PC
PC
MailServer
SQLServer
FileServer
![Page 20: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/20.jpg)
20
NetworkingNetworking
Operating
System
I/O Layer
HTMLPagesData
UserSpace
SystemSpace
Physical World
NetworkCard
VideoCard
HD Controller
Hard Drive
Motherboard
Presentation
Session
Transport
Network
Datalink
Physical
Application: Programs that directly access the presentation layer belong at least in part to the application layer.
Software
Hardware
Current Topic
Power Point
Web Client
Mail Client
![Page 21: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/21.jpg)
21
NetworkingNetworking
- The OSI Model
- An Example Transmission
![Page 22: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/22.jpg)
22
The OSI ModelThe OSI Model
- Framework describing network
protocols
- 7 Layers
- 1 Layer = 1 Aspect of Networking
- Layers only aware of neighbors
- Layers provide flexibility and
functionality
![Page 23: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/23.jpg)
23
The OSI ModelThe OSI Model
The OS and the Network Card work together to make a complete stack.
The OS is responsiblefor these functions
The Network Card is responsible for these
functions
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
DatalinkDatalink
PhysicalPhysical
![Page 24: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/24.jpg)
24
Application LayerApplication Layer
- Where actual services reside
- HTTP, FTP, Gopher, DNS etc.
- Not related to Applications you
use like Word or Excel
AA
PP
SS
TT
NN
DD
PP
![Page 25: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/25.jpg)
25
Presentation LayerPresentation Layer
- Data “pre-processed”
- Compression
- SSL
- ASCII Translations
AA
PP
SS
TT
NN
DD
PP
![Page 26: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/26.jpg)
26
Session LayerSession Layer
- Manages connections
- Initiates
- Maintains
- Disconnects
AA
PP
SS
TT
NN
DD
PP
![Page 27: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/27.jpg)
27
Transport LayerTransport Layer
- Breaks data down into more
manageable pieces (sending)
- Reforms original data from small
pieces (receiving)
- Checks for errors
AA
PP
SS
TT
NN
DD
PP
![Page 28: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/28.jpg)
28
Network LayerNetwork Layer
- Sends data between networks
- 192.168.0.1 a network address
- 192.168.0 = network part
- .1 = host part
- Router works at this level
- If destination is on same network
host sends data directly
AA
PP
SS
TT
NN
DD
PP
![Page 29: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/29.jpg)
29
Network LayerNetwork Layer
- If destination is on another network
host sends data to right router
- If right router is unknown, data is
sent to the Default Router or
Default Gateway
AA
PP
SS
TT
NN
DD
PP
![Page 30: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/30.jpg)
30
Data Link LayerData Link Layer
- How data should actually be
transmitted
- How the bits should be arranged
- Detects errors
- Has a unique “MAC” address
ex. 00:60:08:8D:F0:96
AA
PP
SS
TT
NN
DD
PP
![Page 31: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/31.jpg)
31
Data Link LayerData Link Layer
- A bridge splits network into 2
segments
- Makes decisions based on MAC
address in each packet
- Improves performance
- A switch is a bridge that works
with more than 2 segments
AA
PP
SS
TT
NN
DD
PP
![Page 32: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/32.jpg)
32
The Physical LayerThe Physical Layer
- Defines the electrical, mechanical
and physical aspects of a network - Cables
- Hubs
- Connectors
- Topologies
AA
PP
SS
TT
NN
DD
PP
![Page 33: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/33.jpg)
33
Star TopologyVery Manageable and Reasonably Priced
Examples: 10BaseT, 100BaseT, 100BaseVG
Physical Layer: TopologiesPhysical Layer: Topologies
Hub
Computers
Network Cable
AA
PP
SS
TT
NN
DD
PP
![Page 34: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/34.jpg)
34
Physical Layer: TopologiesPhysical Layer: Topologies
Point to Point TopologyUsed Almost Exclusively in WANs
Examples: Modems, ISDN, Leased Lines, ADSL, T1
WAN Link
Computers/Routers
AA
PP
SS
TT
NN
DD
PP
![Page 35: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/35.jpg)
35
Physical Layer: TopologiesPhysical Layer: Topologies
Other Topologies
- Linear Bus
- Ring
- Mesh
- Cell
- Torus
AA
PP
SS
TT
NN
DD
PP
![Page 36: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/36.jpg)
36
An ExampleAn Example
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
DatalinkDatalink
PhysicalPhysical
Send picture to clientSend picture to client
Encrypt using SSLEncrypt using SSL
Establish connectionEstablish connection
Divide picture into tiny packetsDivide picture into tiny packets
Send to proper networkSend to proper network
Format packet and identify clientFormat packet and identify client
Transmit packet to clientTransmit packet to client
ServerDisplay picture in
browserDisplay picture in
browser
Decrypt using SSLDecrypt using SSL
Authenticate and receive connection
Authenticate and receive connection
Reassemble packets into picture
Reassemble packets into picture
Determine if it’s our packet and networkDetermine if it’s our packet and network
Check for errors and if it’s ours
Check for errors and if it’s ours
Receive packets from server
Receive packets from server
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
DatalinkDatalink
PhysicalPhysical
Client
![Page 37: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/37.jpg)
37
An ExampleAn Example
When the packet is transmitted each layer has added it’s own “Header”. The
Datalink layer often adds a “Tail” as well to provide error checking.
A Packet in TransitDD NN TT SS PP Data FragmentData Fragment DD
![Page 38: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/38.jpg)
38
An ExampleAn Example
HubWeb
ServerSwitch PC
PC
PC
PC
PC
Client
PC
PC
Router
PC
PCPCPC
Hub
Hub
Network A - Segment 1 (10BaseT)
Network A - Segment 2 (10BaseT)
Network A - Segment 3 (FDDI)
PC
Network B - Not Segmented (100BaseFX)
PC
![Page 39: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/39.jpg)
39
EncryptionEncryption
What is it?- The conversion of data into a form that cannot
be easily understood by unauthorized people
- The opposite is decryption, that is, changing the difficult to read form back into the original
- It’s usually software, but can be hardware
![Page 40: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/40.jpg)
40
CryptographyCryptography
- What does it do for me?
- Symmetric Encryption
- Asymmetric Encryption
- One Way Hash
- Example: An Encrypted E-Mail
![Page 41: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/41.jpg)
41
What does it do for me?What does it do for me?
Confidentiality: The data can only be read by the intended recipients
Non-Repudiation: The data cannot be forged. If data is “signed” by a person, the data could only have come from them. No more “I didn’t send that!”
Data Integrity: The data cannot be modified without detection
![Page 42: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/42.jpg)
42
Symmetric EncryptionSymmetric Encryption
- Data is encrypted and decrypted
with the same key
- Fast
- Key must be kept secret
- Key must be sent Out of Band
- DES and IDEA are symmetric
![Page 43: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/43.jpg)
43
Asymmetric EncryptionAsymmetric Encryption
- Uses 2 keys
- Data encrypted with one key can
only be decrypted with the other
- Public key is shared with all
- Public key can be sent In Band
- Private key must be kept secret
- RSA is asymmetric
![Page 44: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/44.jpg)
44
One Way HashOne Way Hash
- A “fingerprint” of data
- Any size data = same size hash
- Tiny changes in data produce
a very different hash
![Page 45: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/45.jpg)
45
Example: Encrypted E-MailExample: Encrypted E-Mail
Anne wants to send e-mail to Bob. The plaintext message compressed to make it smaller and the ciphertext stronger.
Plaintext CompressionSmall
Plaintext
![Page 46: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/46.jpg)
46
Example: Encrypted E-MailExample: Encrypted E-Mail
The plaintext message is run through a hash algorithm to generate a “fingerprint”.
Small
PlaintextHash Function Fingerprint
![Page 47: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/47.jpg)
47
Example: Encrypted E-MailExample: Encrypted E-Mail
The fingerprint is encrypted using Anne’s private key. This makes it into a digital signature. It is then appended to the plaintext.
Anne’s PrivateKey
Small
Plaintext
Signature
Fingerprint
![Page 48: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/48.jpg)
48
Example: Encrypted E-MailExample: Encrypted E-Mail
A Random key is generated and the e-mail is symmetrically encrypted using that.
Small
Plaintext Random Key
CiphertextEncrypted
withRandom
KeySignature
![Page 49: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/49.jpg)
49
Example: Encrypted E-MailExample: Encrypted E-Mail
The Random Key is Encrypted using Bob’s public key. The result is called a “Strong Box”. Remember that only Bob can read the contents of the Box.
Bob’s PublicKey
Random KeyRandom Key
A Box for Bob
![Page 50: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/50.jpg)
50
Random Key
A Box for Bob
Example: Encrypted E-MailExample: Encrypted E-Mail
The Box is attached to the ciphertext and they are sent over e-mail to Bob.
CiphertextEncrypted
withRandom
Key
To Bob Internet
![Page 51: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/51.jpg)
51
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts his Strong Box to get the Random Key. Only Bob’s private key can open the Box which was encrypted with his public key.
Bob’s PrivateKey
Random KeyRandom Key
A Box for Bob
![Page 52: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/52.jpg)
52
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts the ciphertext using the random key which he got from his Strong Box.
Random Key
CiphertextEncrypted
withRandom
Key
Small
Plaintext
Signature
![Page 53: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/53.jpg)
53
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts Anne’s signature using her public key. Since only Anne could have encrypted it with her private key, Bob knows the message had to come from her.
Anne’s PublicKeySignature Fingerprint
![Page 54: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/54.jpg)
54
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob runs the unencrypted message through the hash function. If this fingerprint is the same as the one from the signature, the message was not changed in transit.
Small
PlaintextHash Function
CalculatedFingerprint
ReceivedFingerprint
or
![Page 55: Technical Aspects of E-Commerce Part 2](https://reader035.fdocuments.us/reader035/viewer/2022062318/5517b4fe497959ee3e8b49a9/html5/thumbnails/55.jpg)
55
Example: Encrypted E-MailExample: Encrypted E-Mail
Finally, the message is uncompressed. Bob can read the message knowing for certain that it’s from Anne, it’s what Anne wrote and only the two of them could have read it.
Plaintext CompressionSmall
Plaintext