1. Safety requirements

It's not uncommon to talk about the security of Internet exchanges, usually to say how risky it is to trade on this network. The fact that data circulates on networks open to all, and that servers or workstations can be accessed from anywhere in the world, can give cause for concern. So what are the security issues to be addressed when it comes to e-commerce (in the sense of commercial transactions) or any other type of exchange over the Internet? Let's take a look at some of them, after an aside on terminology.

Identification and authentication

In computer parlance, we distinguish between identification, which consists in associating a simple identifier (more often used today, the term identifier) with a given person (e.g. a short name), and authentication, which consists in verifying, by any appropriate means (password,...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Safety requirements

Previous
page Electronic certification

Public key cryptography

Bibliography

References

(1) - LAMBERTERIE (I. de) - Les actes authentiques électroniques. - La documentation Française (2002).
(2) - - Procédures et politiques de certification de clés – - Commission Interministérielle pour la Sécurité...

Standards and norms

Information Technology – Open systems interconnection – The directory: general framework for public key and attribute certificates - ITU Rec. X.509 - 2016
Information technology – Open Systems Interconnection – The Directory – Part 8: Public-key and attribute certificate frameworks - ISO/IEC 9594-8 - 2-2017
Secure Hash Standard (SHS) - FIPS PUB 180 - 4(2015)
Data Encryption Standard (DES) - FIPS...

Regulations

Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures (OJ L. 13, 19 January 2000, pp. 12-20).

Law no. 2000-230 of March 13, 2000 adapting the law of evidence to information technologies and relating to electronic signatures (JO no. 62 of March 14, 2000). Replaced by Ordinance n° 2016-131.

Decree...