Cryptography and E-Commerce: A Wiley Tech Brief

Overview

A clear and easy guide on how to use cryptography to secure e-commerce transactions
To be on the cutting edge of e-commerce, you need to understand how to best utilize cryptography to offer secure services for your customers over the Internet. But if you reach for most of the available books on the subject, you'll find that they are far too technical for most business needs. If you need a quick and lucid managerial summary to help you develop ...
See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (14) from $1.99   
  • New (5) from $11.94   
  • Used (9) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$11.94
Seller since 2005

Feedback rating:

(1608)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
New

Ships from: Fort Worth, TX

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$47.32
Seller since 2010

Feedback rating:

(53)

Condition: New
"New, ships through UPS and DHL. Excellent customer service. Satisfaction guaranteed!! "

Ships from: STERLING HEIGHTS, MI

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
$51.50
Seller since 2014

Feedback rating:

(258)

Condition: New
Brand New Item.

Ships from: Chatham, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$60.00
Seller since 2014

Feedback rating:

(139)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$64.25
Seller since 2014

Feedback rating:

(0)

Condition: New
Hardcover New in new dust jacket. Brand New US edition, 3-5 days shipping!

Ships from: foxboro, MA

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

A clear and easy guide on how to use cryptography to secure e-commerce transactions
To be on the cutting edge of e-commerce, you need to understand how to best utilize cryptography to offer secure services for your customers over the Internet. But if you reach for most of the available books on the subject, you'll find that they are far too technical for most business needs. If you need a quick and lucid managerial summary to help you develop effective e-commerce strategies, this is the book for you.
Geared to nontechnical managers who would like to explore the underlying concepts of modern cryptography, this book features an easily accessible, logical explanation of how cryptography works to solve real-world e-commerce problems, a tutorial on the underlying mathematics, and two case studies of PKI cryptographic architectures, showing how Kerberos and PKC can be wedded to protect a company's intranet and how a full-blown working PKI provides security to a company's Internet communications.
Divided into three major parts tailored to readers' needs-Introduction to Modern Cryptography, Tutorial on the Mathematics of Cryptography, and case studies-the book covers:
How symmetrical key cryptography ensures confidentiality of messages
How cryptography lets you detect whether a message has been modified in transit
Why the distribution of cryptographic keys is important and difficult
The nuts and bolts of Kerberos-a major component of Microsoft's Windows 2000 security solution
How Public Key Cryptography ensures security between people who share no prior secret information
Digital signatures on electronic contracts and the concept of non-repudiation
How digital certificates ensure positive identification of individuals
Read More Show Less

Editorial Reviews

Booknews
For non-technical managers who would like to explore the underlying concepts of cryptology, cryptographic architect Graff explains how it works to solve real-world problems in electronic commerce. He also provides a tutorial on the underlying mathematics and two studies of architectures. Annotation c. Book News, Inc., Portland, OR (booknews.com)
Read More Show Less

Product Details

  • ISBN-13: 9780471405740
  • Publisher: Wiley
  • Publication date: 12/15/2000
  • Series: Technology Briefs Series , #6
  • Edition number: 1
  • Pages: 240
  • Product dimensions: 7.48 (w) x 9.36 (h) x 0.53 (d)

Meet the Author

JON C. GRAFF, PhD, is Vice President and Chief Cryptographic Architect at NetReliance. An internationally known speaker and author, he has architected cryptographic systems for companies such as Tracor Ultron, Wells Fargo Bank, KPMG, Deloitte & Touche, the California Independent System Operator (Cal ISO), and NetReliance.
Read More Show Less

Read an Excerpt

Chapter 1: Integrity Protection

In its Chapter:

How you can detect if an electronic message has been modified What a cryptographic checksum is, and how it is used to ensure message integrity What MaCS are, and what MaCing is What a strong one-way function is, and how it is used to ensure message integrity How banks protect your aTM transactions from being modified during transmission. actually, the term Integrity Protection is somewhat of a misnomer. It doesn't prevent a message from being modified; it is a mechanism that detects any modification of a message. So, it really functions as an Integrity or a message modification detector.

In Chapter 1 "Symmetrical Key Cryptography," we saw how alice and Bob can send a confidential message over an insecure medium (i.e., in the presence of Eve) protected by symmetrical key cryptography. But what if alice wants to send Bob a message that she wants to be sure Eve doesn't change while the message is in transit? Because many electronic transmissions occur across "broadcast" medium, anyone (e.g., Eve) can both read and intercept messages. If Eve is malicious and clever (which we know she is), she can intercept a message and either change it or substitute a different one in its place. In Figure 2.1, we see Eve intercepting and changing an electronic check that alice is trying to send to Bob.

You may ask, based on Chapter 1, wouldn't a modern cryptographic symmetrical key cipher prevent a person from changing an encrypted message? That is, a change in the message should make the decrypted message unintelligible from that point on. Well, that's true; however, there are other considerations. First, many modern symmetricalkey ciphers are "self-correcting," especially if run in a "streaming" mode, which is used with long messages. This means that if a change is induced, there will be a short segment of the message that will not decrypt properly after the "error," but then, after the short uncorrected segment, the cipher will self-correct and properly decrypt the rest of the encrypted message. This "self-correcting" becomes a problem in a number of cases. For example, if a photograph is being sent, an error may show a small and perhaps unnoticeable glitch in the plaintext photo, which could be significant if the photo is being used for scientific or intelligence purposes, and if the glitch obscures an important feature in the photograph. another example might occur in the transmission of large block of random-looking data. Within the large block of data, a small string of incorrect data may be overlooked, or possibly even be decrypted into undetectable "normal" looking text. This incorrect data could be significant if it is part of a critically ill person's diagnostic test results.

On the other hand, maybe alice has cause to send a plaintext message to Bob, and Bob needs assurance that the plaintext message he receives from alice has not be modified either accidentally or overtly.

So, how can alice protect the message from being modified in transit? For instance, alice may be sending Bob an electronic check for a ticket for a show that everyone knows Bob is selling, so the check and the transmission are common knowledge. Nonetheless, Bob would be put out if he sold alice a $10 ticket and received an electronic check from alice for only $1.

One way alice could protect the check is to put the check in a glass box and lock the box with a secret key that only she and Bob share (see Figure 2.2). Eve could then see the check within the box when the check and box are in transit, but she couldn't change it. When Bob receives the glass box, he could unlock the lock with the secret key he shares with alice, remove the lock, open the box, and remove the check to cash it.

as we discussed in the last chapter, alice would have difficulty stuffing a glass box into a computer or telephone. So, how can alice protect the message if it is sent over an electronic medium? Modern Cryptography to the rescue! In order to explain the process, we need to make a small digression to the supermarket.

When you go to the supermarket and make purchases, you generally receive a receipt, as shown in Figure 2.3. On this receipt is a list of purchased items, their price, and at the bottom, a "sum" or "total." The total is a result of the prices of all the purchases. If you changed your purchase, the total would change (provided you bought items of different value, of course).

The total acts as a CHECKSUM, so that if you presented the receipt to a petty cash accountant for reimbursement, the accountant could total the sales and see that you had not changed it and falsified the receipt.

another property of the total acting as a checksum is that if you were to give only the total to someone, he or she would have a hard time recreating an identical detailed receipt that matched yours. The total (or sum, or checksum) is an example of a ONE-WaY FUNCTION. a property of the one-way function is that it is difficult to reconstruct the function's result (in this case, the total) without the original input.However, the shopping receipt total or checksum is said to be a WEaK ONE-WaY FUNCTION, because it is possible in a finite period of time to come up with another receipt that has the same total. To find this second list, you'd do a lot of guessing and fiddling with various goods until you have a selection of different items that would give the original checksum value, but you could do it if you wanted...

Read More Show Less

Table of Contents

Preface.

Acknowledgments.

Introduction.

AN INTRODUCTION TO MODERN CRYPTOGRAPHY.

Symmetrical Key Cryptography.

Integrity Protection.

The Key Management Problem.

Kerberos, a Symmetrical Key Solution of the n? Problem.

Public Key Cryptography.

Certificate Hierarchies.

Certificate Extension and Attribute Certificates.

The Future of Cryptography and the United States Governmental Politics of Cryptography.

Concluding Remarks.

A TUTORIAL ON THE MATHEMATICS OF PUBLIC KEY CRYPTOGRAPHY.

Underlying Mathematics for Cryptography.

CASE STUDIES OF MODERN CRYPTOGRAPHIC ARCHITECTURES.

Case Study: Protecting an Intranet with a Kerberos and PKC Hybrid.

Case Study: Protecting the California ISO Internet Communications Using PKC.

Bibliography.

Glossary.

Index.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted February 20, 2001

    A must-read for anyone in the business of information security business

    The world of information security is full of complex inter-relationships between cooperating systems. A solid understanding of issues and possible solutions is a must for all levels of management. This book delivers on its promise of teaching security in E-commerce to readers of all levels. Though it is rich in content and full of excellent examples, it does not overwhelm the reader. Case studies are especially intriguing as they provide real-life examples of practical deployment scenarios. The humor in the book makes it very delightful to read. I highly recommend this book.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)