1.11 Smart Cards.

The internet is based on open network architecture, so information can be transferred freely and efficiently. While this greatly facilitates the development of I-commerce applications, it also raises many security concerns. One of the major roles that is provided by the data communications technology is the ability to apply security to EDI transactions. If we buy something over the Internet, we may ask: Will this payment information be captured and changed by someone on the Internet?

To provide data confidentiality, encryption is used. Integrity makes sure that if the content of a message is altered, the receiver can detect it. So if the payment information is changed, the message is no longer valid. A digital signature is commonly used to ensure data integrity. It can be viewed as a combination of message digest and public key encryption. A popular example is the RSA/MDS digital signature algorithm. This algorithm employs RSA and MD5 for performing encryption and message digest, respectively (Chan, et al. 2001). We before discussed these algorithm in lesson 8.

For small businesses the cost is not always worth the efficiencies achieved. Commercial Value-added networks (VANs) make the burdens of the communications complexities easy by offering their communications services to prospective EDI user [Copeland , Hwang 1997].

1.11 Smart Cards.

A digital certificate is an identification document. It functions like your passport or any other identity card. Among other information, the content of a digital certificate consists of the owner's information and the owner's public key. The content is signed digitally by a trusted party called the Certification Authority (CA). RSA/MDS signature method may be used. Figure 2 shows an example of digital certificate general format (Chan, et al. 2001).


                                                          Figure 2 : General format of a digital certificate