e buss all task
TRANSCRIPT
-
7/27/2019 E BUSS ALL TASK
1/14
Online Monetary Transactions
Composed by:
Noormalita Irviana (10522116)
Faculty of industrial Technology
Islamic University of Indonesia
-
7/27/2019 E BUSS ALL TASK
2/14
-
7/27/2019 E BUSS ALL TASK
3/14
at participating merchants sites. E-wallets also store e-checks, e-cash and your credit-
card information for multiple cards.
d. Micropayments
A micropayment is an e-commerce transaction-type with a low financial
amount. Micropayments are typically used to purchase online products and services
such as e-books, music and memberships.
Micropayments, or payments that generally do not exceed $10, offer a way for
nominally priced products and services (music, pictures, text or video) to be sold over
the Web. Millicent (see the Millicent feature in this section) is a micropayment
technology provider.
e. Smart card
Smart cards, cards with computer chips embedded on their faces, are able to
hold more information than ordinary credit cards with magnetic strips. There are
contactand contactless smart cards. In order to read the information on the smart card
and update information on the computer chip, contact smart cards need to be placed in
a smart card reader. A contactless smart card has both a coiled antenna and a
computer chip inside, enabling the card to transmit information. A contactless smart
card can be placed in a device in your car to charge your account as you drive through
toll booths.
-
7/27/2019 E BUSS ALL TASK
4/14
-
7/27/2019 E BUSS ALL TASK
5/14
-
7/27/2019 E BUSS ALL TASK
6/14
In a basic secure conversation using public-key cryptography, the sender
encrypts the message using the receiver's public key. Remember that this key is
known to everyone. The encrypted message is sent to the receiving end, who will
decrypt the message with his private key. Only the receiver can decrypt the message
because no one else has the private key. Also, notice how the encryption algorithm is
the same at both ends: what is encrypted with one key is decrypted with the other key
using the same algorithm.
c. Digital signature
A digital signature is a mathematical scheme for demonstrating the
authenticity of a digital message or document. A valid digital signature gives a
recipient reason to believe that the message was created by a known sender, such that
the sender cannot deny having sent the message (authenticationandnon-repudiation)
and that the message was not altered in transit (integrity). Digital signatures are
commonly used for software distribution, financial transactions, and in other cases
where it is important to detect forgery or tampering.
A digital signature authenticates the senders identity, and, like a written
signature, digital signatures are difficult to forge. To create a digital signature, a
sender first takes the original plaintext message and runs it through a hash function,
which is a mathematical calculation that gives the message a hash value. The hash
value is also known as a message digest. Next, the sender uses the senders private
key to encrypt the message digest. This step creates a digital signature and
authenticates the sender, since only the owner of that private key could encrypt it the
message.
http://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Authentication -
7/27/2019 E BUSS ALL TASK
7/14
-
7/27/2019 E BUSS ALL TASK
8/14
e. Ssl
The Secure Sockets Layer (SSL) is a commonly-used protocol for managing
the security of a message transmission on the Internet. SSL has recently been
succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a
programlayerlocated between the Internet's Hypertext Transfer Protocol (HTTP) and
Transport Control Protocol (TCP) layers. SSL is included as part of both the
Microsoft and Netscape browsers and most Web server products. Developed by
Netscape, SSL also gained the support of Microsoft and other Internet client/server
developers as well and became the de facto standard until evolving into Transport
Layer Security. The "sockets" part of the term refers to thesocketsmethod of passing
data back and forth between a client and a server program in a network or between
program layers in the same computer. SSL uses the public-and-private keyencryption
system from RSA, which also includes the use of a digital certificate. Examples of
SSL: you are purchasing a DVD from Amazon.com, you are filing your taxes online,
or you are transferring funds between your checking and savings accounts.
f. Kerberos
Kerberos is a computer network authenticationprotocolwhich works on the
basis of "tickets" to allownodescommunicating over a non-secure network to prove
their identity to one another in a secure manner. Its designers aimed primarily at a
http://searchnetworking.techtarget.com/definition/protocolhttp://searchnetworking.techtarget.com/definition/protocolhttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Computer_networkhttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchnetworking.techtarget.com/definition/protocol -
7/27/2019 E BUSS ALL TASK
9/14
clientserver model, and it provides mutual authenticationboth the user and the
server verify each other's identity. Kerberos protocol messages are protected against
eavesdropping and replay attacks. Kerberos builds on symmetric key cryptography
and requires a trusted third party, and optionally may use public-key cryptography
during certain phases of authentication. Kerberos employs symmetric secret-key
cryptography to authenticate users in a network and to maintain the integrity and
privacy of network communications.
With Kerberos, by exchanging time-sensitive tickets, you can make
transactions secure without sending passwords in plaintext over the network. For a
client program to take advantage of Kerberos, it must be Kerberized, which means
that it can obtain tickets from the Kerberos server and negotiate with a Kerberos-
aware service. Most programs can be Kerberized, including web browsers, telnet
applications, POP email clients, and print utilities. Similarly, services that can be
made Kerberos-aware include web sites, printers, file servers, and POP mail servers
g. Firewall
Firewall is a set of related programs, located at a networkgatewayserver, that
protects the resources of a private network from users from other networks. (the term
also implies the security policy that is used with the programs.) An enterprise with an
intranet that allows its workers access to the wider internet installs a firewall to
prevent outsiders from accessing its own private data resources and for controlling
what outside resources its own users have access to.
Basically, a firewall, working closely with a routerprogram, examines each
networkpacket to determine whether to forward it toward its destination. A firewall
also includes or works with aproxy serverthat makes network requests on behalf of
workstation users. A firewall is often installed in a specially designated computer
separate from the rest of the network so that no incoming request can get directly at
private network resources.
http://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Mutual_authenticationhttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://searchnetworking.techtarget.com/definition/gatewayhttp://searchnetworking.techtarget.com/definition/gatewayhttp://whatis.techtarget.com/definition/serverhttp://whatis.techtarget.com/definition/serverhttp://whatis.techtarget.com/definition/serverhttp://searchwindevelopment.techtarget.com/definition/intranethttp://searchwindevelopment.techtarget.com/definition/intranethttp://searchnetworking.techtarget.com/definition/routerhttp://searchnetworking.techtarget.com/definition/routerhttp://searchnetworking.techtarget.com/definition/packethttp://searchnetworking.techtarget.com/definition/packethttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://searchnetworking.techtarget.com/definition/packethttp://searchnetworking.techtarget.com/definition/routerhttp://searchwindevelopment.techtarget.com/definition/intranethttp://whatis.techtarget.com/definition/serverhttp://searchnetworking.techtarget.com/definition/gatewayhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Mutual_authenticationhttp://en.wikipedia.org/wiki/Client%E2%80%93server -
7/27/2019 E BUSS ALL TASK
10/14
-
7/27/2019 E BUSS ALL TASK
11/14
1. Find a site on the web that you feel could be designed better
grosirjamoriginal.com
This website contains about watch selling. They sell original watchs from many
brands.
2. Plan the layout of the home page
In this case, we can re-desain this home page be better than before. First, we can
change the background color, it seems that white color makes the web-site not
interesting. So, we can change to the other color, like light green or light red. Second,
we can increase the font, because in that website, the font is too small. And the third,
we can erase some unused icon or picture.
3. Plan the layout of the second page for example, a contact page, a products page, an
about us page or a services page.
http://www.zona-buku.com/http://www.zona-buku.com/http://www.zona-buku.com/ -
7/27/2019 E BUSS ALL TASK
12/14
Before we go to the other pages, we must scroll down the homepage until get
the information box. Its not effective and efficient, so we can move the information
box (link to the other page) to the top home page so we dont need to scroll down the
homepage.
After we select one of the information box, we get some information, there
are: how to order, testimonial, contact, and about discount etc.
4. Plan the layout of the third page
If we want to buy a watch, we can click the categories in the homepage.
Based on the picture, we can minimization the categories, because with many
categories, we make the buyer confuse to select it. We can give the categories based
on the brand, so the buyer can select the watch just only based on the brand
5. Plan the layout of the fourth page
For example, we select link contact us.
-
7/27/2019 E BUSS ALL TASK
13/14
Based on the picture, there are some numbers or ID the seller. We can re-
desain it by change the color and alignment, so it can be more interesting. In that
picture, seems that the seller gives 2 BB PIN, one of them is full contact and the
others is new. Its better if we delete the pin which full contact.
6. Plan the layout of the fifth page ( Reseller and Discount )
Based on the picture, the alignment is too random, and not interesting, so we
can make make the alignment be justified, and increase the font.
7. What links will you provide?
Before:
This information placed on the bottom of home page, that we must to scroll down
After :
we put this link at the top of homepage
-
7/27/2019 E BUSS ALL TASK
14/14