TKK | Tietoverkkolaboratorio | Opetus

[intro] [cryptography] [schemes] [protocols] [implementations] [authors>

Secure Electronic Transaction (SET) Developed by SETCo, which is owned by Visa International and Mastercard International, SET provides a way to make secure credit card transactions through the Internet. For this purpose the SET protocol also provides means for user and merchant authentication. The cardholder is linked to a certain card number by a cardholder certificate. Cardholders are also able to identify merchants by merchant certificates. As mentioned, SET uses public key authentication. The private key is stored on the cardholder´s computer. It is accessed by a software called the Digital Wallet that takes care of the transaction.The Digital Wallet is a software where the cardholder´s personal information (digital certificate, card number, expiration date, etc) is stored. The software is password protected. Accordingly, the security that SET provides on the net is high but if a malicious person gains access to the cardholder´s computer, password is the only protection. This is of course the problem with other methods, too. SET has not gained too great a popularity. It was introduced in 1997. A more comprehensive presentation in Finnish can be read here. A more user-friendly presentation is found here. Secure HTTP (S-HTTP) Another protocol for providing authenticity in the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard. HTTP is the protocol that forms the basis of the World Wide Web, allowing the exchange of multimedia documents on the Web. Secure HTTP is an enhancement to the Web HyperText Transfer Protocol that supports applications requiring confidentiality and authenticity. S-HTTP can use any of four methods to exchange data-encrypting keys. The possible methods are public key encryption, out-band , in-band, and Kerberos. By convention, Web pages that employ S-HTTP start with shttp:// instead of http://. In spite of its many strengths, S-HTTP is not as widely used as for example SSL. HTTP 1.1 A new version of the HyperText Transfer Protocol provides a way of user authentication. It uses the message digest authentication to make sure the user is who he claims to be. A password must be shared between the server and the user prior to the connection. Kerberos Kerberos is based on the trusted-third-party authentication principle. It has several advantages but has not been applied to WWW yet.

Tietoverkkolaboratorio on nyt osa Tietoliikenne- ja tietoverkkotekniikan laitosta. Tällä sivulla oleva tieto voi olla vanhentunutta.

Kurssien ajantasainen tieto on MyCourses-palvelussa.