- To introduce the environment in which e-commerce takes place, the main technologies for supporting e-commerce, and how these technologies fit together;
- To introduce security as a major issue in secure e-commerce, and to provide an overview of security issues;
- To introduce encryption as a means of ensuring security, and to describe how secure encryption can be delivered;
- To introduce issues relating to privacy; and
- To introduce auction protocols and negotiation mechanisms as emerging e-commerce technologies
1. Introduction (1 week)
- What is e-commerce? What are the issues in delivering goods and services over the internet? What form do solutions to these problems take?
- Frameworks for e-commerce; business to business, business to consumer.
2. Ecommerce basics (3 weeks)
- The history and architecture of the internet, internet protocols, web servers, ISPs.
- How e-commerce makes use of the internet, how e-commerce fits into other IT functions, client side and server side processes.
- Current technologies and their uses. Scripting languages, CGI, ASP, Active X, plugins,XML
- Future technologies. Shopbots and Pricebots.
- Electronic marketing, information finding, placement on search engines.
- Auction mechanisms and interaction protocols.
3. Web security (2 weeks)
- The problem of web security; where the weak spots are, denial of service.
- Host security, Site security, Web server security
- How firewalls work, how they help. User safety, secure transactions.
4. Cryptography (3 weeks)
- Cryptography basics, history of ciphers, symmetric key algorithms, public key algorithms.
- Cryptography and the web, existing cryptography systems, RSA, PGP, DES.
- Message digests, digital signatures, public key infrastructure, certification authorities, digital cash.
- Secure Sockets Layer, SSLeay, using SSL to ensure secure transactions.
- Java support for cryptography, Java Cryptography Architecture (JCS), JCE.
5. Privacy issues (1 week)
- Log files, cookies, anonymizers.
- Wire tapping, key escrow and key recovery.
William Stallings : Cryptography and Network Security - Principles and Practice. (Prentice Hall)
Upon completing this module, a student will:
- understand the main technologies behind e-commerce systems and how these technologies interact;
- understand the security issues which relate to e-commerce;
- understand how encryption can be provided and how it can be used to ensure secure commercial transactions;
- understand implementation aspects of e-commerce and cryptographic systems;
- have an appreciation of privacy issues; and
- understand auction protocols and interaction mechanisms.
Teaching will be mainly by 30 hours of lectures, but will also include practical exercises.