Digital Signatures and Ecommerce
Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.
Testing strategies for electronic money build on the legal requirements of traditional contracts. Electronic and paper-based contracts have common elements, the most important of which is the signature requirement
A signature is a mark, including an electronic mark, made with the intention of authenticating a document. A digital signature fulfills several roles, and each of these roles support test cases. A digital mark assures integrity of communication by verifying that the document has not been altered and that the signer really exists. Therefore, the digital signature meets the following four traditional requirements:
1. It is unable to be forged
2. It can be authenticated
3. It is unalterable
4. It is nonreuseable.
Digital signatures use the private key/public key cryptography encryption process. Once encrypted, you can only read the message if you have a matching decryption key. Typically, the public key is widely published so that anyone can encrypt messages using it. The private key that performs decryption is kept secret.
Technically, the digital signature is a message that uses an asymmetric cryptosystem and a hash function. A person that has the initial message and the signer’s public key can accurately determine whether the message used the private key that corresponds to the signer’s public key, and whether the initial message has been altered since the transformation was made.
Thus, use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature [2]:
* Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.
* Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
Digital signatures differ from other types of electronic signatures, such as an electronically-stored handwritten signature, in that it is composed of a unique sequence of bits. These bits identify a specific message from a specific individual or computer.
A Certification Authority (CA) is a trusted third party that provides independent verification of the link between the public key and the signer’s true identity. This reduces fraudulent representations. CAs issue certificates of varying types. Basic certificates are digitally-signed messages that delegate an attribute to a public key. Identity certificates bind the name of an entity to a public key.
Digital signatures have several advantages. For one, float can be virtually eliminated. Business can be conducted more rapidly. Electronic documents are easier to send and cheaper to store. Access is faster. Digital signatures also allow for authentication and provide safeguards against forgery.
As electronic documents become cheaper and more reliable than paper, their use will broaden, thereby changing the way we do business. By securing transactions over the Internet rather than attempting to secure the Internet itself, the use of digital signatures allows e-commerce companies to benefit from the openness of the Internet and its low transaction costs while having the protection of a closed network.
Microsoft® BizTalkServer supports digital encryption and security. This server facilitates the interchange of business documents among various platforms and operating systems regardless of the application being used to process a business document. By providing a standard gateway for sending and receiving documents via the Internet, BizTalk™ allows companies to interchange documents with external trading partners [1].
Trading partner authentication is accomplished through the exchange of digital signatures, or certificates. Each trading partner publishes a certificate as part of a trading partner profile. Through the use of encryption, BizTalk Server is able to maintain data and document privacy. Security specifications are part of the envelope schema that is contained in a trading partner profile.
Verification requires that the recipient possess a copy of the public key from the sender’s signature certificate. The recipient then decrypts the digital signature using the public key and calculates a message digest independently. The results of the two digests are compared; if they are identical, the information has not been tampered with and the recipient is able to view the information.
These processes are reminders of how negotiations and agreements in cyberspace can depend heavily on technological assistance, particularly where contracts would provide for a non-immediate exchange of funds and goods.
|
Owner of Quick Loans Providing the Best Quick Loans |
Make Money related resouces: Get more about Affiliate Program resouces and Affiliate Marketing tips.
« 25 Killer Ways to Pump Up Your Product Pages Discover ITV Venture Niche Marketing and How To Use It »
- September 23rd
Related Posts
- I Want To Create My Own eBook - How Do I Come Up With A Fantastic, Eye-Popping Title?
- Make money with paypal
- The Importance of Keywords
- Using Backlinks To Make Money Online
- Winning Benefits of Forums
- 7 Powerful Ways To Make Money From Adsense
- Ezine Marketing Tips - How To Start Your Own Ezine
- Top Selling Clickbank Ebooks in a Nutshell
- 3 Keys to Make More Profit with RSS
- Who Are The Best Pay Per Click Search Engines? Here's My Experience
Reply To "Digital Signatures and Ecommerce"