Nowadays, e-commerce is used widely all around the world. In the developed country, the usage of e-commerce is extremely high as compare to Malaysia. The main reason that Malaysian does not practice e-commerce in daily life is because they feel unsecure. They worried that their personal details will be disclosed in the internet since there are lots of fake website existed.
Therefore, 3rd party certification programme took place to ensure the securities of users where a digital certificate issued. A digital certificate is a digital document that validates the identity of the certificate’s owner. Certificate Authority (CA), a trusted party, issued the digital certificates to users or to organizations. Furthermore, the digital certificate will valid for a certain period of time.
Digital certificates rely on public key cryptography for their own authentication. When a digital certificate is issued, the issuing certification authority signs the certificate with its own private key. To validate the authenticity of a digital certificate, a user can obtain that certification authority’s public key and use it against the certificate to determine if it was signed by the certification authority.
For a digital certificate to be useful, it has to be structured in an understandable and reliable way so that the information within the certificate can be easily retrieved and understood. The S/MIME standard specifies that digital certificates used for S/MIME conform to the International Telecommunications Union (ITU) X.509 standard. S/MIME version 3 specifically requires that digital certificates conform to version 3 of X.509. Because S/MIME relies on an established, recognized standard for the structure of digital certificates, the S/MIME standard builds on that standard’s growth and thus increases its acceptance. The X.509 standard specifies that digital certificates contain standardized information. Specifically, X.509 version 3 certificates contain version number, serial number, certificate algorithm identifier, issuer name, validity period, subject name, subject public key information, issuer unique identifier, subject unique identifier, extension and certification authority’s digital signature.
MSC Trustgate
The most popular 3rd party certification programme in Malaysia, MSC Trustgate.com Sdn Bhd, is corporate in 1999. It is licensed under the Digital Signature Act 1997 (DSA), a Malaysia law that sets a global precedent for the mandate of a Certificate Authority. The vision of the corporate is “To enable organization to conduct their business securely over the Internet, as much as what they have been enjoying in the physical world.” Followings are some of the products and services in MSC Trustgate:
As a conclusion, a secure infrastructure is essential on the E-commerce in order to protect the publishers and users. The establishment of Certificate Authority plays a vital role not only to issue digital certificate but also have to ensure the security of E-commerce website. We, as an Internet users, must be aware with the security trademark to prevent from become a victim of security issues.
0 comments:
Post a Comment