Protocols for Secure Electronic Commerce: 3rd Edition (Paperback) book cover

Protocols for Secure Electronic Commerce

3rd Edition

By Mostafa Hashem Sherif

CRC Press

461 pages | 27 Color Illus. | 192 B/W Illus.

Purchasing Options:$ = USD
Paperback: 9781138586055
pub: 2018-03-29
$71.95
x
Hardback: 9781482203745
pub: 2016-05-25
$190.00
x
eBook (VitalSource) : 9781315373973
pub: 2017-12-19
from $35.98


FREE Standard Shipping!

Description

Protocols for Secure Electronic Commerce, Third Edition presents a compendium of protocols for securing electronic commerce, or e-commerce, in consumer- and business-to-business applications. Attending to a variety of electronic payment systems currently in use around the globe, this edition:

  • Updates all chapters to reflect the latest technical advances and developments in areas such as mobile commerce
  • Adds a new chapter on Bitcoin and other cryptocurrencies that did not exist at the time of the previous edition's publication
  • Increases the coverage of PayPal in accordance with PayPal’s amplified role for consumers and businesses
  • Expands the discussion of bank cards, dedicating a full chapter to magnetic stripe cards and a full chapter to chip-and-PIN technology

Protocols for Secure Electronic Commerce, Third Edition offers a state-of-the-art overview of best practices for the security of e-commerce, complete with end-of-chapter review questions and an extensive bibliography of specialized references. A Solutions Manual and PowerPoint slides are available with qualifying course adoption.

Reviews

"The new edition of this unique book on secure communications, which are critically important for e-commerce, is very timely and fills a big void in the literature. It is well structured and well written. It provides a comprehensive and thorough treatment of the field. It is a valuable reference book for practitioners, as well as a solid textbook for students and teachers."

—Mehmet Ulema, Manhattan College, New York, New York, USA

Table of Contents

Overview of Electronic Commerce

Electronic Commerce and Mobile Commerce

Effects of the Internet and Mobile Networks

Network Access

Barcodes

Smart Cards

Parties in Electronic Commerce

Security

Summary

Questions

Money and Payment Systems

Mechanisms of Classical Money

Payment Instruments

Types of Dematerialized Monies

Purses, Holders, and Wallets

Transactional Properties of Dematerialized Currencies

Overall Comparison of the Means of Payment

Practice of Dematerialized Money

Clearance and Settlement in Payment Systems

Drivers of Innovation in Banking and Payment Systems

Summary

Questions

Algorithms and Architectures for Security

Security of Open Financial Networks

OSI Model for Cryptographic Security

Security Services at the Link Layer

Security Services at the Network Layer

Security Services at the Application Layer

Message Confidentiality

Data Integrity

Identification of the Participants

Biometric Identification

Authentication of the Participants

Access Control

Denial of Service

Nonrepudiation

Secure Management of Cryptographic Keys

Exchange of Secret Keys: Kerberos

Public Key Kerberos

Exchange of Public Keys

Certificate Management

Authentication

Security Cracks

Summary

Appendix: Principles of Symmetric Encryption

Appendix: Principles of Public Key Encryption

Appendix: Principles of the Digital Signature Algorithm and the Elliptic Curve Digital Signature Algorithm

Questions

Business-to-Business Commerce

Drivers for Business-to-Business Electronic Commerce

Four Stages of Systems Integration

Overview of Business-to-Business Commerce

Short History of Business-to-Business Electronic Commerce

Examples of Business-to-Business Electronic Commerce

Evolution of Business-to-Business Electronic Commerce

Implementation of Business-to-Business Electronic Commerce

X12 and EDIFACT

EDI Messaging

Security of EDI

Integration of XML and Traditional EDI

New Architectures for Business-to-Business Electronic Commerce

Electronic Business (Using) Extensible Markup Language

Web Services

Relation of EDI with Electronic Funds Transfer

Summary

Questions

Transport Layer Security and Secure Sockets Layer

Architecture of SSL/TLS

SSL/TLS Security Services

SSL/TLS Subprotocols

Performance of SSL/TLS

Implementation Pitfalls

Summary

Questions

Wireless Transport Layer Security

Architecture

From TLS to WTLS

Operational Constraints

WAP and TLS Extensions

WAP Browsers

Summary

Questions

The SET Protocol

SET Architecture

Security Services of SET

Certification

Purchasing Transaction

Optional Procedures

Efforts to Promote SETs

SET versus TLS/SSL

Summary

Questions

Payments with Magnetic Stripe Cards

Point-of-Sale Transactions

Communication Standards for Card Transactions

Security of Point-of-Sale Transactions

Internet Transactions

3D Secure

Migration to EMV

Summary

Questions

Secure Payments with Integrated Circuit Cards

Description of Integrated Circuit Cards

Integration of Smart Cards with Computer Systems

Standards for Integrated Circuit Cards

Multiapplication Smart Cards

Security of Smart Cards

Payment Applications of Integrated Circuit Cards

EMV® Card

General Consideration on the Security of Smart Cards

Summary

Questions

Mobile Payments

Reference Model for Mobile Commerce

Secure Element in Mobile Phones

Barcodes

Bluetooth

Near-Field Communication

Text Messages

Bank-Centric Offers

Mobile Operator–Centric Offers

Third-Party Service Offers

Collaborative Offers

Payments from Mobile Terminals

Summary

Questions

Micropayments

Characteristics of Micropayment Systems

Standardization Efforts

Electronic Purses

Online Micropayments

Research Projects

Market Response to Micropayment Systems

Summary

Questions

PayPal

Evolution of PayPal

Personal Accounts

Business Accounts

Summary

Questions

Digital Money

Privacy with Cash and Digital Money

DigiCash (eCash)

Anonymity and Untraceability in DigiCash

Evaluation of DigiCash

Questions

Bitcoin and Cryptocurrencies

Background

Bitcoin Protocol

Operation

Risk Evaluation

Summary and Conclusions

Appendix: The Crypto Anarchist Manifesto

Appendix: Bitcoin as a Social Phenomenon

Appendix: Other Significant Cryptocurrencies

Appendix: Service Offers Based on Bitcoin

Questions

Dematerialized Checks

Processing of Paper Checks

Dematerialized Processing of Checks

Virtual Checks

Summary

Questions

Electronic Commerce in Society

Harmonization of Communication Interfaces

Governance of Electronic Money

Protection of Intellectual Property

Electronic Surveillance and Privacy

Content Filtering and Censorship

Taxation of Electronic Commerce

Trust Promotion

Archives Dematerialization

Summary

Questions

References

Websites

About the Author

Mostafa Hashem Sherif is a principal member of the technical staff at AT&T in Middletown, New Jersey, USA. He received a BSc in electronics and communications and an MSc in electrical engineering from Cairo University, Egypt, in 1972 and 1975, respectively, and a PhD in engineering from the University of California, Los Angeles, USA, in 1980. In 1996, he earned a master of science in management of technology from Stevens Institute of Technology, Hoboken, New Jersey, USA. Widely published, Dr. Sherif is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and a member of the steering committee of the Kaleidoscope series of conferences organized by the International Telecommunication Union (ITU). He was a member of the steering committee of the IEEE Symposium on Computers and Communication from 1995 to 2006, a member of the evaluation committee for the State of New Jersey Commission on Science and Technology from 2000 to 2002, and a participant in activities on innovation and technology management sponsored by the National Science Foundation in 1987, 1989, 1996, 1998, 1999, 2000, and 2002.

Subject Categories

BISAC Subject Codes/Headings:
COM043000
COMPUTERS / Networking / General
COM053000
COMPUTERS / Security / General
COM059000
COMPUTERS / Computer Engineering