Secure Electronic Communication Between Businesses: XML Based Transaction Systems - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Secure Electronic Communication Between Businesses: XML Based Transaction Systems

Description:

... on the secure electronic communication between businesses over the Internet. ... Value Added Network (VAN). Background Information for the Study ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 15
Provided by: han45
Category:

less

Transcript and Presenter's Notes

Title: Secure Electronic Communication Between Businesses: XML Based Transaction Systems


1
Secure Electronic Communication Between
Businesses XML Based Transaction Systems
  • Johan Boije af Gennäs
  • Department of Accounting
  • 25.7.2001

2
Structure of the Study
  • Chapter 1 Introduction to the problem area of
    the study
  • Chapter 2 Background study, standards and
    implementations
  • Chapter 3 Research methods, development of the
    research model
  • Chapter 4 Research findings
  • Chapter 5 Conclusions and discussions about the
    findings

3
Research Objective
  • To explore and establish the current state of
    XML based transactions systems with a focus on
    the secure electronic communication between
    businesses over the Internet.

4
Problem Area of the Study
  • Businesses conduct transactions with several
    partners using Value Added Networks.
  • VANs
  • Expensive inefficient techniques
  • -packet switching data networks
  • -dedicated communications lines
  • -dial-up links
  • -mainframe terminal emulation
  • -security, auditing, and lost packets
    recovery
  • Internet
  • Advantagesmore efficient, faster,less costly
  • Disadvantagescreates security issues such as
    confidentiality, integrity, authentication and
    non-repudiation.

5
Background Information for the Study
  • Electronic Data Interchange (EDI)
  • Information Security
  • Local Area Networks (LAN)
  • Wide Area Networks (WAN)
  • Public Key Infrastructure (PKI)
  • Standard Generalized Mark-up Language (SGML)
  • Extensible Mark-up Language (XML)
  • Value Added Network (VAN).

6
Background Information for the Study
  • Components of information security
  • Access security
  • Communication security
  • Content security
  • Security management
  • Open Systems Interconnection (OSI)
  • Hyper Text Transfer Protocol (HTTP)
  • File Transfer Protocol (FTP)
  • Simple Mail Transfer Protocol (SMTP)
  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP).

7
Background Information for the Study
  • Cryptography
  • Symmetric asymmetric algorithms
  • Public key infrastructure (PKI).
  • Digital signature
  • Public Key Infrastructure with X.509
    certificates (PKIX)
  • Simple Public Key Infrastructure (SPKI)
  • Message formats for electronic transaction
    systems
  • UN/EDIFACT
  • ANSI/ASC X.12.

8
What is XML?
  • XML documents are composed of mark-up and
    content.
  • Five kinds of mark-up in an XML document
  • 1- Elements
  • 2- Entity References
  • 3- Comments
  • 4- Processing instructions
  • 5- Marked sections
  • Current standards for business-to-business
    messaging
  • Electronic Business XML (ebXML)
  • RosettaNet by RosettaNet
  • BizTalk.

9
The research method
  • Research strategy explorative study
  • Database
  • - uses purposive sampling
  • - separated in 2 categories industry and
    users
  • Interviewees for industry group
  • represent 2 of the world's biggest IT companies
    a smaller local one
  • short exploratory interviews (30 min) using
    e-mail
  • Interviewees for the users group
  • represent industries from financial services to
    steel industry.
  • four respondents interviewed in person, using
    semi-structured interviews, conducted in 1.5
    hours.
  • Answers
  • - graded as low-medium-high, showing the level
    of emphasis on the specific subject.

10
Framework of the research
  • Table with separate columns for users and
    industry, sections for the interviewees' opinions
    on the main areas (and sub-areas) of the
    discussion - Electronic processes and security
  • - cryptography, PKI
  • - Existing message formats and their security
    issues
  • - XML
  • - general view on XML and its usage
  • - messaging standards
  • - security, signatures, encryption algorithms
  • - experience with tools available. -
    Applications
  • - discussion around the uses of XML, present
    and for the future system-system, backend,
    application layer, front end
  • - what type of applications
  • - advantages of XML
  • - how security is achieved.

11
Research findings
  • Industry group homogeneous opinions
  • Users group very mixed opinions
  • The two groups agree on most important issues
  • - The needs of the users and the focus of the
    industry are in conjunction
  • - Security enabler and integrated part of the
    solutions.
  • - XML brings benefits.
  • - XML together with public key encryption are
    emerging technologies, enabling end-to-end
    security and fulfilling the requirements for
    security.
  •  

12
Validity of the Study
  • The study just explores the direction of
    development does not use any statistical
    methods
  • The results cannot be generalized.

13
Contribution of the Thesis
  • The study has contributed to the knowledge of the
    state of XML based transaction systems, focusing
    on the security issues in electronic
    communication between businesses over the
    Internet.

14
Viable ideas for new research projects
  • PKI
  • Business drivers for the technologies discussed
    in the paper
  • Data interchange standards (e-Speak, ebXML)
  • Statistical study that tests the benefits of XML
    in e-business communication.
Write a Comment
User Comments (0)
About PowerShow.com