Indian Journal of Science and Technology
Year: 2016, Volume: 9, Issue: 47, Pages: 1-5
Mohammad Arshad1 and Md. Ali Hussain2
1 Computer Science and Engineering, KL University, Vaddesewaram – 520002, Andhra Pradesh, India; [email protected], 2 Department of CSE, Andhra Loyola Institute of Engineering and Technology, Vijayawada -520008, Andhra Pradesh, India; [email protected]
Background/Objectives: Technology has driven the conventional shopping from shop to internet based application tools like PCs, Laptops and smartphones and it is termed as E-Commerce, in which security plays a vital role since it deals with financial transactions. SSL/TLS is responsible for providing security to the application data on both client and server side. Method: An overview on E-Commerce security requirements, SLL layer protocol and security analysis of the protocol is conducted. Findings: Since E-Commerce services are very important, due to lack of efficient cryptographic encryption techniques, PKI infrastructure and digital signature deployment intruders are intercepting sensitive and valuable information of clients. So we conducted a survey on different attacks on SSL layer of E-Commerce applications and find that Man in the Middle (MitM) attack like phishing attack became a severe attack. Improvements: We propose a frame work to mitigate the MitM in SSL protocol which has there modules like front end authentication, backend authentication and bogus CA identification is proposed. Due to dual end authentication its secure compared to traditional SSL. In our future work we implement our proposed framework.
Keywords: E-commerce Security, Man in the Middle (MitM), Public Key Infrastructure (PKI), Secure Socket Layer (SSL), Transport Layer Security (TLS)
Subscribe now for latest articles and news.