Introduction
Electronic commerce is buying and selling of goods and services across the
Internet. An e-commerce site can be as simple as a catalog page with a phone
number or it can range all the way to a real-time credit card processing site
where customers can purchase downloadable goods and receive them on the
spot. Electronic commerce merchants can range from the small business with a
few items for sale all the way to a large on-line retailer such as Amazon.com.
devices. Each layer is assigned a task and the task is completed independently. The OSI
layers have the clear and independent characteristics and tasks.
The 7 layers of the OSI models can be divided into upper and lower layers. I have defined
the characteristics, tasks and features of each layer separately.
Layer 7: Application Layer
The application layer defines the interfaces for communication and data transfer.
This layer also provides and support services such as job transfer, handles network
access, e-mail, supports user applications and error recovery.
Protocols: FTP, DNS, SNMP, SMTP, FINGER, TELNET, TFTP, BOOTP and SMB
protocol are operated on the application layer.
Network Devices: Gateway network device is operated on the application layer.
The presentation layer presents the data into a uniform format and masks the difference
of data format between two dissimilar systems. It also translates the data from application
to the network format. Presentation layer is also responsible for the protocol conversion,
encryption, decryption and data compression. Presentation layer is a best layer for
cryptography.
Network Devices: Gateway Redirector is operates on the presentation layer.
Session layer establish and manages the session between the two users at different ends in
a network. Session layer also manages who can transfer the data in a certain amount of
time and for how long. The examples of session layers and the interactive logins and file
transfer sessions. Session layer reconnect the session if it disconnects. It also reports and
logs and upper layer errors.
Protocols: The protocols that work on the session layer are NetBIOS, Mail Slots, Names
Pipes, RPC
Network Devices: Gateway
Transport layer manages end to end message delivery in a network and also provides the
error checking and hence guarantees that no duplication or errors are occurring in the data
transfers across the network. Transport layer also provides the acknowledgement of the
successful data transmission and retransmits the data if no error free data was transferred.
It also provides and error handling and connectionless oriented data deliver in the
network.
Protocols: These protocols work on the transport layer TCP, SPX, NETBIOS, ATP and
NWLINK.
Network Devices: The Brouter, Gateway and Cable tester work on the transport layer.
Network layer routes the packets according to the unique network addresses. Router
works as the post office and network layer stamps the letters (data) for the specific
destinations.
Protocols: These protocols work on the network layer IP, ICMP, ARP, RIP, OSI, IPX and
OSPF.
Network Devices: Network devices including Router, Brouter, Frame Relay device and
ATM switch devices work on the network layer.
Physical layer defines and cables, network cards and physical aspects. It defines raw bit
stream on the physical media. It also provides the interface between network and network
communication devices. It is also responsible for how many volts for 0 and how many for
1. Physical layer also checks the number of bits transmitted per second and two ways or
one way transmission. Physical layer also dealing with the optical, mechanical and
electrical features.
Protocols: Protocols that work on the physical layer are ISDN, IEEE 802 and IEEE 802.2
Network Devices: Hubs, Repeaters, Oscilloscope and Amplifier works on the network
devices
1. User Authentication
2. Client Authentication
User Authentication
Client Authentication
There are several common types of attacks that hackers employ to gain access
or damage a company’s network. These attacks are easily defeated by FireWall-
1 and VPN-1 Gateways.
The user (client) sends a SYN to the server, the server then returns a
SYN/ACK (to acknowledge receipt of the packet). The connection
between the client and server is now established and they can
communicate with each other. An SYN flood attacker sends numerous
connection requests to a server, from a false address. As a result, the
server is unable to respond and places the request in a queue awaiting a
SYN/ACK (acknowledgement frame from the false address). After several
minutes the server’s TCP sockets time out. If enough false requests are
made, the server’s pending connection queue will full up and it will be
unable to respond to requests even valid ones. If you allow outsiders to
access your system, perhaps to make a purchase order or have access to
corporate information, then this service can be denied if you fall victim to
an SYN flood attack. For an Internet service to be successful, it is
essential that it is reliable, nothing is more frustrating for the user than
endlessly trying to connect a site.
Mention Internet security and most people start talking about firewalls. Firewalls
aren't an Internet security cure-all, but they are essential to just about any
Internet security strategy. A firewall is simply a barrier between two networks--in
most cases an internal network, often called the trusted network, and an external
network, called the untrusted network (in this case, the Internet). Firewalls
examine incoming and outgoing packets according to a set of policies defined by
the administrator, either let them through or block them.
These days, most firewalls use one or more of three packet-screening methods.
Many routers use a firewall technique called packet filtering, which examines the
source and destination addresses and ports of incoming TCP and UDP packets
and denies or allows packets to enter based on a set of predefined rules. Packet
filters are inexpensive, are transparent to users, and have a negligible impact on
network performance. Configuring packet filtering, however, is a relatively
complex process. It usually requires precise knowledge of network, transport,
and sometimes even application protocols.
• Encryption
As offices and organizations have connected to the Net to provide service for
consumers, many have begun eyeing the Internet infrastructure as an
inexpensive vehicle for wide area and remote connections. To use the Internet
for these purposes, however, companies have to protect their information with
encryption. Encryption is simply the process of using a formula, called an
encryption algorithm, to translate plain text into an incomprehensible cipher text
and then back to plain text again. Essential to encryption is a numeric value
called the key that becomes part of the encryption algorithm, setting the
encryption process in motion.
Many different types of encryption algorithms are available, but in this paper only
the most widely used for e-commerce security, such as Cryptography - Public
and Private keys cryptography, DES, RSA, S/MIME, SET, SSL, and Digital
Signature will be discussed.
Protocols in security Standards
Protocols Properties