1 An icsa white Paper

IA&A on the WWW 
_____________________________________________________________________________________________ 
_____________________________________________________________________________________________ 
Copyright © 1997 M. E. Kabay & ICSA. All rights reserved. Page 4 of 33
3.4 
Authorization and Single Sign-On................................................................................ 17 
3.4.1 Kerberos................................................................................................................ 17 
3.4.2 
OPS -- Open Profiling Standard for Authorization and Single Sign-On.............. 18 
3.5 Interoperability.............................................................................................................. 18 
4. Products ................................................................................................................................ 20 
4.1 
VeriSign Digital IDs ..................................................................................................... 20 
4.2 DigiCash ....................................................................................................................... 22 
4.3 CyberCash..................................................................................................................... 22 
4.4 
Xcert Sentry CA............................................................................................................ 23 
4.5 
Auric Systems ASA ...................................................................................................... 23 
4.6 
Security Dynamics SecurID & ACE/Server ................................................................. 23 
4.7 Bellcore's 
S/KEY .......................................................................................................... 24 
4.8 Internet 
Mall ................................................................................................................. 24 
4.9 
Extending the Usefulness of Certificates...................................................................... 24 
4.9.1 
VeriSign Digital Certificates ................................................................................ 24 
4.9.2 NCR 
TrustedPASS................................................................................................ 25 
5. Concluding 
remarks .............................................................................................................. 27 
6. 
Appendix: Basics of Cryptography for E-commerce............................................................ 28 
6.1 
Symmetrical Encryption Algorithms ............................................................................ 28 
6.2 
Asymmetrical Encryption Algorithms: the Public Key Cryptosystem......................... 29 
6.3 
Using the PKC to Protect Confidentiality..................................................................... 29 
6.4 
Using the PKC to Establish Authenticity ..................................................................... 30 
6.5 
Using the PKC to Establish Integrity............................................................................ 31 

IA&A on the WWW 
_____________________________________________________________________________________________ 
_____________________________________________________________________________________________ 
Copyright © 1997 M. E. Kabay & ICSA. All rights reserved. Page 5 of 33

Download 250,94 Kb.

Do'stlaringiz bilan baham: