TRADING SYSTEM ON THE INTERNET

                Trading system on the internet is the way or the process of buying or Sales of goods and services through electronic systems such as the www transact electronically via the virtual credit card, internet banking, and so on.
Requirements that must exist in a transaction that occurs in the system
commerce on the Internet:

1.       Secrecy (confidentiality): Transaction data should be submitted in secret.

2.      Wholeness (integrity): Data on each transaction should not be changed when delivered through a communication channel.

3.      Validity or authenticity (authenticity), including the validity of parties to a transaction and the validity of the existence of the traders it self.

4.      The validity of the transaction data: transaction data by recipients believed that
made by parties claiming to make

5.      Can be used as evidence / Undeniable (non-repudiation): note about transactions that have been made can be used as evidence at a time when there is a dispute.

            Classification System Trading on the Internet

a.      Readiness Based Payment (debit system, credit system, system pre-paid)

b.      Based Traceability Transaction (Transaction tracked unidentified, anonymous transactions,

c.       Based on Validity Confirmation Transaction Time (on-line, off-line

d.      Based on the Legal Status of the Parties the Transaction (In the merchant consumer system, On the system of peer-to-peer,

e.      Based on How Faith Cast (Systems that require high confidence to other parties involved in the transaction, the transaction system that does not require high confidence to the other party)

            Additional Terms for Trading Systems on the Internet

1.       If using the HTTP protocol, can run well on the popular web browsers such as Netscape Navigator or Microsoft Internet Explorer

2.      Open, meaning that the software or hardware trading systems on the Internet are not made ​​just for the sake of just one trader, but the trading system on the Internet can be used by a variety of merchants

3.      At SPI that requires special client software, the software must be made ​​on many platforms in order to extend its use

4.      Trading system on the Internet as much as possible should be able to receive payment

5.      If the payment is done interactively (which is not / less interactive typically use electronic mail), secure data processing can take place in time that can be tolerated.

6.      There are several SPI is trying to not be tied to a software protocol or hardware specific.

7.      In certain cases, the transaction is expected that anonymous and can not be tracked. Whereas in other cases, it is expected that the identity of the transaction parties to a transaction can be identified and can be tracked properly.

            Cryptography: is the study of how to create a message that can be delivered by the sender to the recipient safely

            Encryption is the process of converting an original message (plaintext) into a coded message in the (ciphertext). Where as decryption is the process of change in a coded message to the original message back.

Type attacks

            Below we present some kind of attacks on the messages that have been
In encryption:

a)     Only ciphertext attac

b)     Known plaintext attack

c)      Choosen plaintext attack

            Based on the position and how someone get messages the communication channel, assault can be categorized into:

a)     Sniffing

b)     replay attack

c)      spoofing

d)     Man-in-the-middle

            Symmetric key cryptography is the most common type used. The key to making the encoded message with the key to unlock the encrypted messages. Anyone who has the keys including those who do not want - to create and expose secrets ciphertext. The most obvious problem here is sometimes not a matter of sending the ciphertext, but the problem of how to convey the symmetric key to the desired Sample famous symmetric key algorithms are DES (Data Encryption Standard) and RC-4.

            Is the asymmetric key pair of cryptographic keys, one of which is used for encryption and another for decryption. All those who get public key can use it to encrypt a message, while only one person who has a certain secret - in this case the private key, for the demolition of the password that is sent to him.
            Asymmetric encryption technique is much slower than symmetric key encryption. Therefore, it is usually not the message itself is encrypted with asymmetric keys, but only simetrislah key encoded with an asymmetric key. While the message is sent after the encrypted symmetric key earlier. Examples of well-known algorithms that use asymmetric keys are RSA (which stands for the inventors Rivest, Shamir and Adleman).