Protocols for Secure Electronic Commerce, Third Edition presents a compendium of protocols for securing electronic commerce, or e-commerce, in consumer- and business-to-business applications. Attending to a variety of electronic payment systems currently in use around the globe, this edition:
Updates all chapters to reflect the latest technical advances and developments in areas such as mobile commerce Adds a new chapter on Bitcoin and other cryptocurrencies that did not exist at the time of the previous edition's publication Increases the coverage of PayPal in accordance with PayPal's amplified role for consumers and businesses Expands the discussion of bank cards, dedicating a full chapter to magnetic stripe cards and a full chapter to chip-and-PIN technology Protocols for Secure Electronic Commerce, Third Edition offers a state-of-the-art overview of best practices for the security of e-commerce, complete with end-of-chapter review questions and an extensive bibliography of specialized references. A Solutions Manual and PowerPoint slides are available with qualifying course adoption.
Mostafa Hashem Sherif (AT&T Middletown New Jersey USA)
Apple Academic Press Inc.
Country of Publication:
3rd New edition
31 May 2016
Overview of Electronic Commerce Electronic Commerce and Mobile Commerce Effects of the Internet and Mobile Networks Network Access Barcodes Smart Cards Parties in Electronic Commerce Security Summary Questions Money and Payment Systems Mechanisms of Classical Money Payment Instruments Types of Dematerialized Monies Purses, Holders, and Wallets Transactional Properties of Dematerialized Currencies Overall Comparison of the Means of Payment Practice of Dematerialized Money Clearance and Settlement in Payment Systems Drivers of Innovation in Banking and Payment Systems Summary Questions Algorithms and Architectures for Security Security of Open Financial Networks OSI Model for Cryptographic Security Security Services at the Link Layer Security Services at the Network Layer Security Services at the Application Layer Message Confidentiality Data Integrity Identification of the Participants Biometric Identification Authentication of the Participants Access Control Denial of Service Nonrepudiation Secure Management of Cryptographic Keys Exchange of Secret Keys: Kerberos Public Key Kerberos Exchange of Public Keys Certificate Management Authentication Security Cracks Summary Appendix: Principles of Symmetric Encryption Appendix: Principles of Public Key Encryption Appendix: Principles of the Digital Signature Algorithm and the Elliptic Curve Digital Signature Algorithm Questions Business-to-Business Commerce Drivers for Business-to-Business Electronic Commerce Four Stages of Systems Integration Overview of Business-to-Business Commerce Short History of Business-to-Business Electronic Commerce Examples of Business-to-Business Electronic Commerce Evolution of Business-to-Business Electronic Commerce Implementation of Business-to-Business Electronic Commerce X12 and EDIFACT EDI Messaging Security of EDI Integration of XML and Traditional EDI New Architectures for Business-to-Business Electronic Commerce Electronic Business (Using) Extensible Markup Language Web Services Relation of EDI with Electronic Funds Transfer Summary Questions Transport Layer Security and Secure Sockets Layer Architecture of SSL/TLS SSL/TLS Security Services SSL/TLS Subprotocols Performance of SSL/TLS Implementation Pitfalls Summary Questions Wireless Transport Layer Security Architecture From TLS to WTLS Operational Constraints WAP and TLS Extensions WAP Browsers Summary Questions The SET Protocol SET Architecture Security Services of SET Certification Purchasing Transaction Optional Procedures Efforts to Promote SETs SET versus TLS/SSL Summary Questions Payments with Magnetic Stripe Cards Point-of-Sale Transactions Communication Standards for Card Transactions Security of Point-of-Sale Transactions Internet Transactions 3D Secure Migration to EMV Summary Questions Secure Payments with Integrated Circuit Cards Description of Integrated Circuit Cards Integration of Smart Cards with Computer Systems Standards for Integrated Circuit Cards Multiapplication Smart Cards Security of Smart Cards Payment Applications of Integrated Circuit Cards EMV (R) Card General Consideration on the Security of Smart Cards Summary Questions Mobile Payments Reference Model for Mobile Commerce Secure Element in Mobile Phones Barcodes Bluetooth Near-Field Communication Text Messages Bank-Centric Offers Mobile Operator-Centric Offers Third-Party Service Offers Collaborative Offers Payments from Mobile Terminals Summary Questions Micropayments Characteristics of Micropayment Systems Standardization Efforts Electronic Purses Online Micropayments Research Projects Market Response to Micropayment Systems Summary Questions PayPal Evolution of PayPal Personal Accounts Business Accounts Summary Questions Digital Money Privacy with Cash and Digital Money DigiCash (eCash) Anonymity and Untraceability in DigiCash Evaluation of DigiCash Questions Bitcoin and Cryptocurrencies Background Bitcoin Protocol Operation Risk Evaluation Summary and Conclusions Appendix: The Crypto Anarchist Manifesto Appendix: Bitcoin as a Social Phenomenon Appendix: Other Significant Cryptocurrencies Appendix: Service Offers Based on Bitcoin Questions Dematerialized Checks Processing of Paper Checks Dematerialized Processing of Checks Virtual Checks Summary Questions Electronic Commerce in Society Harmonization of Communication Interfaces Governance of Electronic Money Protection of Intellectual Property Electronic Surveillance and Privacy Content Filtering and Censorship Taxation of Electronic Commerce Trust Promotion Archives Dematerialization Summary Questions References Websites
Mostafa Hashem Sherif is a principal member of the technical staff at AT&T in Middletown, New Jersey, USA. He received a BSc in electronics and communications and an MSc in electrical engineering from Cairo University, Egypt, in 1972 and 1975, respectively, and a PhD in engineering from the University of California, Los Angeles, USA, in 1980. In 1996, he earned a master of science in management of technology from Stevens Institute of Technology, Hoboken, New Jersey, USA. Widely published, Dr. Sherif is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and a member of the steering committee of the Kaleidoscope series of conferences organized by the International Telecommunication Union (ITU). He was a member of the steering committee of the IEEE Symposium on Computers and Communication from 1995 to 2006, a member of the evaluation committee for the State of New Jersey Commission on Science and Technology from 2000 to 2002, and a participant in activities on innovation and technology management sponsored by the National Science Foundation in 1987, 1989, 1996, 1998, 1999, 2000, and 2002.
Reviews for Protocols for Secure Electronic Commerce
The new edition of this unique book on secure communications, which are critically important for e-commerce, is very timely and fills a big void in the literature. It is well structured and well written. It provides a comprehensive and thorough treatment of the field. It is a valuable reference book for practitioners, as well as a solid textbook for students and teachers. -Mehmet Ulema, Manhattan College, New York, New York, USA