7/27/2019 E BUSS ALL TASK

1/14

Online Monetary Transactions

Composed by:

Noormalita Irviana (10522116)

Faculty of industrial Technology

Islamic University of Indonesia

7/27/2019 E BUSS ALL TASK

2/14

7/27/2019 E BUSS ALL TASK

3/14

at participating merchants sites. E-wallets also store e-checks, e-cash and your credit-

card information for multiple cards.

d. Micropayments

A micropayment is an e-commerce transaction-type with a low financial

amount. Micropayments are typically used to purchase online products and services

such as e-books, music and memberships.

Micropayments, or payments that generally do not exceed $10, offer a way for

nominally priced products and services (music, pictures, text or video) to be sold over

the Web. Millicent (see the Millicent feature in this section) is a micropayment

technology provider.

e. Smart card

Smart cards, cards with computer chips embedded on their faces, are able to

hold more information than ordinary credit cards with magnetic strips. There are

contactand contactless smart cards. In order to read the information on the smart card

and update information on the computer chip, contact smart cards need to be placed in

a smart card reader. A contactless smart card has both a coiled antenna and a

computer chip inside, enabling the card to transmit information. A contactless smart

card can be placed in a device in your car to charge your account as you drive through

toll booths.

7/27/2019 E BUSS ALL TASK

4/14

7/27/2019 E BUSS ALL TASK

5/14

7/27/2019 E BUSS ALL TASK

6/14

In a basic secure conversation using public-key cryptography, the sender

encrypts the message using the receiver's public key. Remember that this key is

known to everyone. The encrypted message is sent to the receiving end, who will

decrypt the message with his private key. Only the receiver can decrypt the message

because no one else has the private key. Also, notice how the encryption algorithm is

the same at both ends: what is encrypted with one key is decrypted with the other key

using the same algorithm.

c. Digital signature

A digital signature is a mathematical scheme for demonstrating the

authenticity of a digital message or document. A valid digital signature gives a

recipient reason to believe that the message was created by a known sender, such that

the sender cannot deny having sent the message (authenticationandnon-repudiation)

and that the message was not altered in transit (integrity). Digital signatures are

commonly used for software distribution, financial transactions, and in other cases

where it is important to detect forgery or tampering.

A digital signature authenticates the senders identity, and, like a written

signature, digital signatures are difficult to forge. To create a digital signature, a

sender first takes the original plaintext message and runs it through a hash function,

which is a mathematical calculation that gives the message a hash value. The hash

value is also known as a message digest. Next, the sender uses the senders private

key to encrypt the message digest. This step creates a digital signature and

authenticates the sender, since only the owner of that private key could encrypt it the

message.

http://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Integrityhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Authentication

7/27/2019 E BUSS ALL TASK

7/14

7/27/2019 E BUSS ALL TASK

8/14

e. Ssl

The Secure Sockets Layer (SSL) is a commonly-used protocol for managing

the security of a message transmission on the Internet. SSL has recently been

succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a

programlayerlocated between the Internet's Hypertext Transfer Protocol (HTTP) and

Transport Control Protocol (TCP) layers. SSL is included as part of both the

Microsoft and Netscape browsers and most Web server products. Developed by

Netscape, SSL also gained the support of Microsoft and other Internet client/server

developers as well and became the de facto standard until evolving into Transport

Layer Security. The "sockets" part of the term refers to thesocketsmethod of passing

data back and forth between a client and a server program in a network or between

program layers in the same computer. SSL uses the public-and-private keyencryption

system from RSA, which also includes the use of a digital certificate. Examples of

SSL: you are purchasing a DVD from Amazon.com, you are filing your taxes online,

or you are transferring funds between your checking and savings accounts.

f. Kerberos

Kerberos is a computer network authenticationprotocolwhich works on the

basis of "tickets" to allownodescommunicating over a non-secure network to prove

their identity to one another in a secure manner. Its designers aimed primarily at a

http://searchnetworking.techtarget.com/definition/protocolhttp://searchnetworking.techtarget.com/definition/protocolhttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Node_%28networking%29http://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Computer_networkhttp://searchsecurity.techtarget.com/definition/digital-certificatehttp://searchsecurity.techtarget.com/definition/RSAhttp://searchsecurity.techtarget.com/definition/encryptionhttp://searchcio-midmarket.techtarget.com/definition/socketshttp://searchnetworking.techtarget.com/definition/client-serverhttp://searchnetworking.techtarget.com/definition/TCPhttp://searchwindevelopment.techtarget.com/definition/HTTPhttp://searchsoftwarequality.techtarget.com/definition/layerhttp://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLShttp://searchnetworking.techtarget.com/definition/protocol

7/27/2019 E BUSS ALL TASK

9/14

clientserver model, and it provides mutual authenticationboth the user and the

server verify each other's identity. Kerberos protocol messages are protected against

eavesdropping and replay attacks. Kerberos builds on symmetric key cryptography

and requires a trusted third party, and optionally may use public-key cryptography

during certain phases of authentication. Kerberos employs symmetric secret-key

cryptography to authenticate users in a network and to maintain the integrity and

privacy of network communications.

With Kerberos, by exchanging time-sensitive tickets, you can make

transactions secure without sending passwords in plaintext over the network. For a

client program to take advantage of Kerberos, it must be Kerberized, which means

that it can obtain tickets from the Kerberos server and negotiate with a Kerberos-

aware service. Most programs can be Kerberized, including web browsers, telnet

applications, POP email clients, and print utilities. Similarly, services that can be

made Kerberos-aware include web sites, printers, file servers, and POP mail servers

g. Firewall

Firewall is a set of related programs, located at a networkgatewayserver, that

protects the resources of a private network from users from other networks. (the term

also implies the security policy that is used with the programs.) An enterprise with an

intranet that allows its workers access to the wider internet installs a firewall to

prevent outsiders from accessing its own private data resources and for controlling

what outside resources its own users have access to.

Basically, a firewall, working closely with a routerprogram, examines each

networkpacket to determine whether to forward it toward its destination. A firewall

also includes or works with aproxy serverthat makes network requests on behalf of

workstation users. A firewall is often installed in a specially designated computer

separate from the rest of the network so that no incoming request can get directly at

private network resources.

http://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Client%E2%80%93serverhttp://en.wikipedia.org/wiki/Mutual_authenticationhttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://searchnetworking.techtarget.com/definition/gatewayhttp://searchnetworking.techtarget.com/definition/gatewayhttp://whatis.techtarget.com/definition/serverhttp://whatis.techtarget.com/definition/serverhttp://whatis.techtarget.com/definition/serverhttp://searchwindevelopment.techtarget.com/definition/intranethttp://searchwindevelopment.techtarget.com/definition/intranethttp://searchnetworking.techtarget.com/definition/routerhttp://searchnetworking.techtarget.com/definition/routerhttp://searchnetworking.techtarget.com/definition/packethttp://searchnetworking.techtarget.com/definition/packethttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://whatis.techtarget.com/definition/proxy-serverhttp://searchnetworking.techtarget.com/definition/packethttp://searchnetworking.techtarget.com/definition/routerhttp://searchwindevelopment.techtarget.com/definition/intranethttp://whatis.techtarget.com/definition/serverhttp://searchnetworking.techtarget.com/definition/gatewayhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Trusted_third_partyhttp://en.wikipedia.org/wiki/Symmetric_key_cryptographyhttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Computer_insecurity#Eavesdroppinghttp://en.wikipedia.org/wiki/Mutual_authenticationhttp://en.wikipedia.org/wiki/Client%E2%80%93server

7/27/2019 E BUSS ALL TASK

10/14

7/27/2019 E BUSS ALL TASK

11/14

1. Find a site on the web that you feel could be designed better

grosirjamoriginal.com

This website contains about watch selling. They sell original watchs from many

brands.

2. Plan the layout of the home page

In this case, we can re-desain this home page be better than before. First, we can

change the background color, it seems that white color makes the web-site not

interesting. So, we can change to the other color, like light green or light red. Second,

we can increase the font, because in that website, the font is too small. And the third,

we can erase some unused icon or picture.

3. Plan the layout of the second page for example, a contact page, a products page, an

about us page or a services page.

http://www.zona-buku.com/http://www.zona-buku.com/http://www.zona-buku.com/

7/27/2019 E BUSS ALL TASK

12/14

Before we go to the other pages, we must scroll down the homepage until get

the information box. Its not effective and efficient, so we can move the information

box (link to the other page) to the top home page so we dont need to scroll down the

homepage.

After we select one of the information box, we get some information, there

are: how to order, testimonial, contact, and about discount etc.

4. Plan the layout of the third page

If we want to buy a watch, we can click the categories in the homepage.

Based on the picture, we can minimization the categories, because with many

categories, we make the buyer confuse to select it. We can give the categories based

on the brand, so the buyer can select the watch just only based on the brand

5. Plan the layout of the fourth page

For example, we select link contact us.

7/27/2019 E BUSS ALL TASK

13/14

Based on the picture, there are some numbers or ID the seller. We can re-

desain it by change the color and alignment, so it can be more interesting. In that

picture, seems that the seller gives 2 BB PIN, one of them is full contact and the

others is new. Its better if we delete the pin which full contact.

6. Plan the layout of the fifth page ( Reseller and Discount )

Based on the picture, the alignment is too random, and not interesting, so we

can make make the alignment be justified, and increase the font.

7. What links will you provide?

Before:

This information placed on the bottom of home page, that we must to scroll down

After :

we put this link at the top of homepage

7/27/2019 E BUSS ALL TASK

14/14