Scribd Logo
Upload

Welcome to Scribd!

  • Module 5

    Uploaded by

    alithasni45
    3 views10 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views10 pages

    Module 5

    Uploaded by

    alithasni45

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    E-security

    Module 5:
    ◦ https://youtu.be/lWhJxXDOifM
    ◦ https://youtu.be/ubVJ8hAh1KE
    What is Ecommerce Security?
    What is the importance of Ecommerce Security?
    What are digital signatures?

    ◦ Digital signatures are a type of e signature based on the PKI


    standards. It ensures the contents of a message haven't been
    changed or altered in transit.
    ◦ A public key infrastructure (PKI) is a set of roles, policies, and
    procedures needed to create, manage, distribute, use, store, and
    revoke digital certificates and manage public-key encryption. The
    purpose of a PKI is to facilitate the secure electronic transfer of
    information
    The role of digital signatures

    ◦ In many regions, including parts of North America, the European


    Union, and APAC, digital signatures are considered legally binding
    and hold the same value as traditional document signatures.
    ◦ In addition to digital document signing, they are also used for
    financial transactions, email service providers, and software
    distribution, areas where the authenticity and integrity of digital
    communications are crucial.
    ◦ Industry-standard technology called public key infrastructure
    ensures a digital signature's data authenticity and integrity.
    How do digital signatures work?

    ◦ Using a mathematical algorithm, digital signing solution providers will


    generate two keys: a public key and a private key. When a signer digitally
    signs a document, a cryptographic hash is generated for the document.
    ◦ That cryptographic hash is then encrypted using the sender's private key,
    which is stored in a secure HSM box. It is then appended to the document
    and sent to the recipients along with the sender's public key.
    ◦ The recipient can decrypt the encrypted hash with the sender's public key
    certificate. A cryptographic hash is again generated on the recipient's end.
    ◦ Both cryptographic hashes are compared to check its authenticity. If they
    match, the document hasn't been tampered with and is considered valid.
    How do digital signatures work?

    ◦ https://youtu.be/AQDCe585Lnc

    ◦ https://youtu.be/JR4_RBb8A9Q

    ◦ https://youtu.be/2BldESGZKB8
    What is a certificate authority?

    ◦ For each digital signature transaction, we require a public and


    private key.
    ◦ Those keys should be protected to avoid tampering of digitally
    signed documents.
    ◦ Certificate authorities are the industry-trusted organizations that are
    widely recognized for ensuring key security and digital certificates.

    You might also like