Prepared: Kurateva E.
According to the UN Committee on Crime Prevention and Control, computer crime has reached the level of one of the international problems. Therefore, it is extremely important to achieve an effective solution to the problems of securing commercial information in the global Internet and related Intranet networks, which in their technical essence are not fundamentally different and differ mainly in scale and openness.
There have been a number of committees on the Internet for a long time, mostly from volunteer organizations, who are cautiously pursuing proposed technologies through the standardization process. These committees, which form the main part of the Internet Engineering Task Force (IETF), have standardized several important protocols, accelerating their implementation on the Internet. The immediate results of the IETF effort include protocols such as the TCP / IP data transfer family, SMTP (Simple Mail Transport Protocol) and POP (Post Office Protocol) for , and Simple Network Management Protocol (SNMP) for network management.
SSL (Secure Socket Layer) is a popular network protocol with data encryption for secure transmission over the network. It allows you to establish a secure connection, monitor the integrity of data and solve various related tasks. The SSL protocol provides data protection between service protocols (such as HTTP, FTP, etc.) and transport protocols (TCP / IP) using modern cryptography. The SSL protocol is discussed in detail in Chapter 11.
The SET (Security Electronics Transaction) protocol is a promising standard for secure electronic transactions on the Internet, designed to organize electronic commerce via the Internet. The SET protocol is based on the use of d As mentioned earlier, the basic tasks of protecting information are to ensure its accessibility, confidentiality, integrity and legal relevance. SET, in contrast to other protocols, allows you to solve these tasks to protect information in general. igital certificates for the X.509 standard.
In particular, it provides the following special requirements for the protection of e-commerce transactions: confidentiality of payment data and confidentiality of order information transmitted along with data on payment; maintaining the integrity of payment data. Integrity of payment information is provided by means of a digital signature; special cryptography with a public key for authentication; credit card holder authentication. It is provided by the use of digital signature and cardholder certificates; authentication of the seller and his ability to accept payments on plastic cards using digital signature and certificates of the seller.