Learning Outcome 4

Learners will be able to discuss the need for secure communication on the Internet, explain the Infrastructure that enables it, and advise on appropriate strategy for securing the e-Business infrastructure.

What event will trigger the application of the learning?

What degree of success will learner accomplish?

When the learners needs to advice on potential threats that may compromise the system, appropriateness of strategy for going online and design the architecture of the infrastructure for secure communication.

Learners will be able to explain the potential threats to online business, the protocols, the schemes, and the infrastructure for secure communicating.

Learning Objectives in the 'Mandatory Objectives' column refer to the bare minimum you need to learn to pass. It is essential that this learning is undertaken.

Successful completion of the 'Honours' column, together with the 'Mandatory Objectives' column, will prepare you more thoroughly.

If you complete all of the learning in each column, then you will be in the best position to obtain a high mark during the assessments.

For each category, click on individual Learning Objectives to access the relevant learning material.

Mandatory Objectives:

Honours:

First Class:

What are the threats? Why is Web attractive to intruders and attackers? What are the consequences to online economy?

What is encryption?

What are symmetric encryption and asymmetric encryption?

How does Public Key Infrastructure work?
What do we need to protect against (What do we need to ensure)? What are the advantages and disadvantages of various security strategies? What are the communication protocols that ensure secure communication?
 Where do we use these strategies? What are the overheads of secure communication?
How does online payment processing work? How does SET ensure privacy of both order and payment details? How does online payment processing compare with traditional credit card payment processing?

 

Are there any tools that learners can use in pursuit of this outcome?

PC with Internet access, books, periodicals.

 

Are there any special words or terms which can be used in the glossary?

security treat, symmetric (private key) and asymmetric (public key) encryption, cryptography, digital certificate, certificate authority, public key infrastructure, digital envelope, public key infrastructure, SSL, SET, message digest,

 

What references (books/articles/URLs) can the learner draw on?

Internet cryptography, R.E. Smith, Addison-Wessley. Web security, Amrit Tiwana, Digital Press. http://hotwired.lycos.com/webmonkey, http://www.baltimore.com/unicert/xkms/index.asp?pR=w3HP