Technical Aspects of E-Commerce Part 2

Technical Aspects of
E-Commerce Part 2 of 2
Mort Anvari
Introduction
- Review
- Hardware
- Firewalls
- Networking
- Cryptography
2
Review
PC
Web
Server SQL
Server
PC
PC Internet R FW PC
Mail File PC
Server Server
PC
3
Review
Application: Programs that
CGI Script directly access the
User presentation layer belong
Space at least in part to the
Web Server application layer.
Presentation
Operating Session
System
Space
System Transport
Network
I/O Layer
Software
Motherboard Datalink
Hardware
Physical HD Controller Video Network
World
Hard Drive Card Card
HTML
Physical
Data Pages
4
Hardware
What is it?
- The physical components of a computing
system
- If it can be held in your hand it’s hardware
- If it can’t it’s software
5
Hardware
CGI Script directly access the
User presentation layer belong
Space at least in part to the
Web Server application layer.
Presentation
Operating Session
System
Space
System Transport
Network
I/O Layer
Software
Hardware
Physical HD Controller Current
Video Network
World Topic
HTML
Physical
Data Pages
6
Hardware
- Architecture
- Hard Drives
- Backup Systems
- Network Interfaces
- RAM
7
Architecture
- CISC (Complex Instruction Set Comp.)
Can do complex operations
Can do many functions
i.e. 486, Pentium, PowerPC
- RISC (Reduced Instruction Set Comp.)
Can do a few simple operations
Faster than CISC
i.e. SPARC, HP9000
8
Hard Drives
- Single
A regular hard drive
- Mirrored
Fault-Tolerant
Expensive
- Drive Array
Fault-Tolerant
Slower but cheaper than Mirror
9
Hard Drives
- Highly Redundant Drive Enclosure

External to server
Can lose multiple drives
Very fast
Very expensive
10
Backup Systems
- DAT (Digital Audio Tape)

Fast, efficient and reliable
Tape sizes from 2-24GB
Backwards compatible
- DLT (Digital Linear Tape)
Very fast, reliability problems
Tapes can hold up to 70GB
New technology
11
Backup Systems
- Tape Library
Uses multiple DLTs or DATs
Uses many tapes
Robotic arm changes tapes
12
Network Interfaces
- LAN (Local Area Network)

Small in geographic size
Fast and cheap
Owned
- WAN (Wide Area Network)
Connects distant LANs
Slow and expensive
Rented
13
Random Access Memory
- Regular
Garden variety memory
- Parity
Checks for memory errors
Stops machine on error
- ECC (Error Checking and Correcting)
Checks for memory errors
Corrects errors
14
Firewall
What is it?
- A special computer system designed to isolate one
area of the network
- All network traffic going into or out of the isolated
area must pass through the firewall
- Only allows traffic to pass that meets a set of
criteria based on company policy
- Like the gate house in a jail
- It’s software
15
Firewall
PC
Web
Server SQL
Server
PC
PC Internet R FW PC
Mail File PC
Server Server
PC
16
Firewall
directly access the
User Firewall presentation layer belong
Space Software at least in part to the
application layer.
Presentation
Operating Session
System
Space
System Transport
Network
I/O Layer
Software
Hardware
Video Network
World Topic
Logs Physical
Data
17
Networking
What is it?
- A series of devices called nodes
interconnected by communication pathways
- Nodes can be computers or devices that help
the network function
- Networks can be connected or contain sub
networks
- It’s made up of hardware and software
18
Networking
PC
Web
Server SQL
Server
PC
PC Internet R FW PC
Mail File PC
Server Server
PC
19
Networking
directly access the
User Power Mail Web presentation layer belong
Space Point Client Client at least in part to the
application layer.
Presentation
Operating Session
System
Space
System Transport
Network
I/O Layer
Software
Hardware
Video Network
World Topic
HTML
Physical
Data Pages
20
Networking
- The OSI Model

- An Example Transmission
21
The OSI Model
- Framework describing network

protocols
- 7 Layers
- 1 Layer = 1 Aspect of Networking
- Layers only aware of neighbors
- Layers provide flexibility and
functionality
22
The OSI Model
The OS and the Network Card work together to make a

complete stack.
Application
Presentation
The OS is responsible
Session for these functions
Transport
Network
Datalink The Network Card is
responsible for these
Physical functions
23
Application Layer
A - Where actual services reside

P - HTTP, FTP, Gopher, DNS etc.
S
- Not related to Applications you
T
N use like Word or Excel
D
P
24
Presentation Layer
A - Data “pre-processed”
P - Compression
S
- SSL
T
N - ASCII Translations
D
P
25
Session Layer
A - Manages connections
P - Initiates
S
- Maintains
T
N - Disconnects
D
P
26
Transport Layer
A - Breaks data down into more

P manageable pieces (sending)
S
- Reforms original data from small
T
N pieces (receiving)
D - Checks for errors
P
27
Network Layer
A - Sends data between networks

P - 192.168.0.1 a network address
S
- 192.168.0 = network part
T
N - .1 = host part
D - Router works at this level
P
- If destination is on same network
host sends data directly
28
Network Layer
A
- If destination is on another network
P host sends data to right router
S - If right router is unknown, data is
T
sent to the Default Router or
N
D Default Gateway
P
29
Data Link Layer
A - How data should actually be

P transmitted
S
- How the bits should be arranged
T
N - Detects errors
D - Has a unique “MAC” address
P
ex. 00:60:08:8D:F0:96
30
Data Link Layer
A - A bridge splits network into 2

P segments
S
- Makes decisions based on MAC
T
N address in each packet
D - Improves performance
P
- A switch is a bridge that works
with more than 2 segments
31
The Physical Layer
A - Defines the electrical, mechanical

P and physical aspects of a network
S
- Cables
T
N
- Hubs
D - Connectors
P - Topologies
32
Physical Layer: Topologies
A Star Topology
P Very Manageable and Reasonably Priced
S
T Computers
N Network Cable
D
P
Hub
Examples: 10BaseT, 100BaseT, 100BaseVG
33
Point to Point Topology

A
Used Almost Exclusively in WANs
P
S
T WAN Link
N
D Computers/Routers
P
Examples: Modems, ISDN, Leased Lines, ADSL, T1
34
A Other Topologies
P - Linear Bus
S
- Ring
T
N - Mesh
D - Cell
P
- Torus
35
An Example
Server Client
Send picture to Display picture in
Application client browser Application
Presentation Encrypt using SSL Decrypt using SSL Presentation
Establish Authenticate and
Session connection receive connection Session
Divide picture into Reassemble
Transport tiny packets packets into picture Transport
Send to proper Determine if it’s our
Network network packet and network Network
Format packet and Check for errors
Datalink identify client and if it’s ours Datalink
Transmit packet to Receive packets
Physical client from server Physical
36
An Example
When the packet is transmitted each layer

has added it’s own “Header”. The
Datalink layer often adds a “Tail” as well
to provide error checking.
A Packet in Transit
D N T S P Data Fragment D
37
An Example
PC PC
PC
PC PC
PC
Web
Hub Switch Router Hub PC
Server
PC
PC Hub Client
PC PC PC PC
Network A - Segment 1 (10BaseT) Network A - Segment 3 (FDDI)
Network A - Segment 2 (10BaseT) Network B - Not Segmented (100BaseFX)
38
Encryption
What is it?
- The conversion of data into a form that cannot
be easily understood by unauthorized people
- The opposite is decryption, that is, changing
the difficult to read form back into the original
- It’s usually software, but can be hardware
39
Cryptography
- What does it do for me?

- Symmetric Encryption
- Asymmetric Encryption
- One Way Hash
- Example: An Encrypted E-Mail
40
What does it do for me?
Confidentiality: The data can only be read

by the intended recipients
Non-Repudiation: The data cannot be
forged. If data is “signed” by a person,
the data could only have come from
them. No more “I didn’t send that!”
Data Integrity: The data cannot be modified
without detection
41
Symmetric Encryption
- Data is encrypted and decrypted

with the same key
- Fast
- Key must be kept secret
- Key must be sent Out of Band
- DES and IDEA are symmetric
42
Asymmetric Encryption
- Uses 2 keys
- Data encrypted with one key can
only be decrypted with the other
- Public key is shared with all
- Public key can be sent In Band
- Private key must be kept secret
- RSA is asymmetric
43
One Way Hash
- A “fingerprint” of data
- Any size data = same size hash
- Tiny changes in data produce
a very different hash
44
Example: Encrypted E-Mail
Anne wants to send e-mail to Bob. The

plaintext message compressed to make
it smaller and the ciphertext stronger.
Small
Plaintext Compression
Plaintext
45
The plaintext message is run through a

hash algorithm to generate a
“fingerprint”.
Small
Hash Function Fingerprint
Plaintext
46
The fingerprint is encrypted using

Anne’s private key. This makes it into a
digital signature. It is then appended to
the plaintext.
Small
Fingerprint Anne’s Private
Key Plaintext
Signature
47
A Random key is generated and the e-

mail is symmetrically encrypted using
that.
Small Ciphertext
Encrypted
Plaintext Random Key with
Random
Key
Signature
48
The Random Key is Encrypted using

Bob’s public key. The result is called a
“Strong Box”. Remember that only Bob
can read the contents of the Box.
Bob’s Public A Box for Bob

Random Key
Key Random Key
49
The Box is attached to the ciphertext

and they are sent over e-mail to Bob.
A Box for Bob
Random Key
Ciphertext To Bob Internet

Encrypted
with
Random
Key
50
Bob decrypts his Strong Box to get the

Random Key. Only Bob’s private key
can open the Box which was encrypted
with his public key.
A Box for Bob Bob’s Private Random Key

Random Key Key
51
Bob decrypts the ciphertext using the

random key which he got from his
Strong Box.
Ciphertext
Small
Encrypted
with Random Key Plaintext
Random
Key
Signature
52
Bob decrypts Anne’s signature using

her public key. Since only Anne could
have encrypted it with her private key,
Bob knows the message had to come
from her.
Anne’s Public Fingerprint
Signature
Key
53
Bob runs the unencrypted message

through the hash function. If this
fingerprint is the same as the one from
the signature, the message was not
changed in transit. Calculated
Fingerprint
Small  or 
Hash Function
Plaintext
Received
Fingerprint
54
Finally, the message is uncompressed.

Bob can read the message knowing for
certain that it’s from Anne, it’s what
Anne wrote and only the two of them
could have read it.
Small
Plaintext Compression
Plaintext
55

Technical Aspects of E-Commerce Part 2

Uploaded by

Copyright:

Available Formats

You might also like

Technical Aspects of E-Commerce Part 2

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Technical Aspects of E-Commerce Part 2

Uploaded by

Copyright:

Available Formats

Technical Aspects of

- Highly Redundant Drive Enclosure

- DAT (Digital Audio Tape)

- LAN (Local Area Network)

- The OSI Model

- Framework describing network

The OS and the Network Card work together to make a

A - Where actual services reside

A - Breaks data down into more

A - Sends data between networks

A - How data should actually be

A - A bridge splits network into 2

A - Defines the electrical, mechanical

Examples: 10BaseT, 100BaseT, 100BaseVG

Point to Point Topology

Examples: Modems, ISDN, Leased Lines, ADSL, T1

When the packet is transmitted each layer

Network A - Segment 1 (10BaseT) Network A - Segment 3 (FDDI)

Network A - Segment 2 (10BaseT) Network B - Not Segmented (100BaseFX)

- What does it do for me?

Confidentiality: The data can only be read

- Data is encrypted and decrypted

Anne wants to send e-mail to Bob. The

The plaintext message is run through a

The fingerprint is encrypted using

A Random key is generated and the e-

The Random Key is Encrypted using

Bob’s Public A Box for Bob

The Box is attached to the ciphertext

Ciphertext To Bob Internet

Bob decrypts his Strong Box to get the

A Box for Bob Bob’s Private Random Key

Bob decrypts the ciphertext using the

Bob decrypts Anne’s signature using

Bob runs the unencrypted message

Finally, the message is uncompressed.

You might also like