07-02-2012, 02:16 PM
RESOURCE PERSON
[attachment=17243]
Introduction
An application-layer security mechanism, consisting of a set of protocols.
Protect credit card transaction on the Internet.
Companies involved:– MasterCard, Visa, IBM, Microsoft, Netscape, RSA,
Terisa and Verisign
Not a payment system.
It has a complex specification.
Credit Cards on the Internet
Problem: communicate credit card and purchasing data securely to gain consumer trust
Authentication of buyer and merchant
Confidential transmissions
Systems vary by
type of public-key encryption
type of symmetric encryption
message digest algorithm
number of parties having private keys
number of parties having certificates
SET Business Requirements (cont’d)
Ensure the use of the best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction.
Create a protocol that neither depends on transport security mechanisms nor prevents their use.
Facilitate and encourage interoperability among software and network providers.