Professional Documents
Culture Documents
Electronic Commerce and Digital Signature
Electronic Commerce and Digital Signature
Electronic Commerce and Digital Signature
E-commerce consists primarily of the buying and selling of products or services over electronic systems such as the internet and other computer networks.
Electronic Commerce
Types of e-Commerce transactions: 1. Online goods and services Streaming media content www.mp3.com
Electronic Commerce
2. Retail product sales Online retailers www.amazon.com Online ticket sales www.indianrail.gov.in Online banking www.icicidirect.com
Electronic Commerce
3. Marketplace services. Facilitate b2b, b2c, c2c, b2e, g2b, and other transactions through an online community or online auction business model. E.g. www.ebay.com, www.dell.com, www.echoupal.com Online wallet services. (stores online shopping information) Online advertising Price comparison service
Electronic Commerce
Government to citizen sales and services www.mca.gov.in
E-procurement www.eprocurement.gov.in
Act provides:
Minimize the incidence of electronic forgeries; Enable and foster authentication of computer based documents; Facilitate commerce by means of computerized transactions. Legal recognition of electronic contracting and acceptance and use of electronic records and electronic signatures by the government entities. Also provides for civil and criminal liabilities for fraudulent falsifying computer records, circumventing controls, unauthorized use or access into the computer system and unauthorized alteration or destruction of computer data or system
Digital signature
The Information Technology Act, 2000 (IT Act) prescribes digital signature as a means of authentication of electronic record.
Digital signature
Digital signatures are an application of asymmetric key cryptography. Cryptography is primarily used as a tool to protect national secrets and strategies. In 1978, Ron Rivest, Adi Shamir and Leonard Adleman discovered the first practical public key encryption and signature scheme, now referred to as RSA.
Digital signature
How it works: It is the science of using mathematics to encrypt and decrypt data.
Digital signature
Objective: Confidentiality Data integrity Authentication Non-repudiation
Digital signature
Different types of cryptography Symmetric cryptography Asymmetric cryptography Hash function
Digital signature
The digital signature creation and verification process achieves the following: Signer authentication Message authentication Affirmative act
Digital signature
Digital signature certificate contains a public key as certified by a Certifying authority (CA).
Digital signature
Digital signature should satisfy following conditions: It should be unique to the subscriber affixing it. It should be capable of identifying such subscriber. It should be created in a manner or using a means under the exclusive control of the subscriber. It should be linked to the electronic record to which it relates in such a manner that if the electronic record were altered, the digital signature would be invalidated.
According to notification G.S.R. 735 (E), notified by the Central government on the 29th of October, 2004, as secure digital signature is one to which the following security procedure has been applied.
A smart card or a hardware token is used to create key pair. Private key always remain present in smart card. Private key retrieval and returning should be take place in smart card. Smart card is solely under the control of the person who is purported to have created the digital signature. Digital signature can be verified by using public key listed in the digital signature certificate issued to that person. Rule 6 of the IT (CA) rules, 2000 have been complied with, in so far as they relate to the creation, storage and transmission of the digital signatures. The digital signature is linked to the electronic record in such a manner that if the electronic record was altered the digital signatures would be invalidated.
According to notification G.S.R. 735 (E), notified by the Central government on the 29th of October, 2004, as secure digital signature is one to which the following security procedure has been applied.
A smart card or a hardware token is used to create key pair. Private key always remain present in smart card. Private key retrieval and returning should be take place in smart card. Smart card is solely under the control of the person who is purported to have created the digital signature. Digital signature can be verified by using public key listed in the digital signature certificate issued to that person. Rule 6 of the IT (CA) rules, 2000 have been complied with, in so far as they relate to the creation, storage and transmission of the digital signatures. The digital signature is linked to the electronic record in such a manner that if the electronic record was altered the digital signatures would be invalidated.