Professional Documents
Culture Documents
Institute of Computing
ES310-E Commerce
Semester 1 - 2010
Assessment 3
E-Commerce Security
Submitted to:
Engr. Ma. Cristina Enriquez
Submitted by:
Ann Juvie S. Papas
BSCS 3- EVENING
August 26,2010
Question 1
Secrecy is the ability to hide or protect all the datum from the outside attackers that
has a bad intention with your online business.
Necessity is one of the elements of a secured E-commerce System that protect from
the outside forces in delaying the message or even removing it.
(a) How John should encrypt the information and send via the Internet so
that the information will be sent securely to MusicPlus.
i) A Sender sends the message, the shared key, and the algorithm identifier to the Encryptor.
ii) Encryptor ciphers the message using the algorithm specified by the sender.
iii) Encryptor creates the EncryptedMessage that includes the cipher text .
(b) How MusicPlus can ensure the information received is not being altered
during the transmission process.
i) A Receiver sends the encrypted message and the shared key to the decryptor.
ii) The Decryptor deciphers the encrypted message using the shared key.
iii) The Decryptor creates the Message that contains the plain text obtained from the previous
step.
iv) The Decryptor sends the plain Message to the receiver.
Question 3
What are the differences between key distribution centre and certification
authority? Briefly describe their mechanisms step by step.
Key distribution centre is a system that distributes and manages shared and private
keys for authentication of network sessions and access to applications while certification
authority (CA) is an authority in a network that issues and manages security credentials
and public keys for message encryption. As part of a public key infrastructure (PKI), a CA
checks with a registration authority (RA) to verify information provided by the requestor of
a digital certificate. If the RA verifies the requestor's information, the CA can then issue a
certificate.