electronic commerce
DESCRIPTION
Electronic Commerce. Lecture 5. Get Started: Planning. Questions to Ask: How is EC going to change our business or create new channel for new business? How do we uncover new types of business opportunities? - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/1.jpg)
Electronic Commerce
Lecture 5
![Page 2: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/2.jpg)
Get Started: PlanningQuestions to Ask: How is EC going to change our business or create
new channel for new business? How do we uncover new types of business
opportunities? How can we take advantage of new electronic
linkages with customers and trading partners? (Extended Enterprise)
Do we become intermediaries ourselves? (Shrink and Specialize; Expand and Capture)
![Page 3: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/3.jpg)
Planning How do we bring more buyers together
electronically (and keep them there)? How do we change the nature of our products and
services or create new ones? Why is the Internet affecting other companies
more than ours? How do we manage and measure the evolution of
our strategy? How to assess the success of EC?
![Page 4: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/4.jpg)
What to do?Mougayar (1998, Opening Digital Markets)
1. Conduct Necessary Education and Training2. Review Current/New Distribution and Supply
Chain Models3. Understand What Your Customers and Partners
Expect from the Web4. Re-evaluate the Nature of Your Products and
Services5. Give a New Role to Your Human Resources
Department
![Page 5: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/5.jpg)
What to do?6. Extend Your Current Systems to the
Outside7. Track New Competitors and Market
Shares8. Develop a Web-Centric Marketing
Strategy9. Participate in the Creation and
Development of Virtual Marketplaces10. Instill EC Management Style
![Page 6: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/6.jpg)
Four System Architechure (Hsu)
Document Connectivity HTML, …
Applications Connectivity CGI, Javascript, …
Database Connectivity ODBC/JDBC, databases
Enterprise Connectivity Java, CORBA
![Page 7: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/7.jpg)
Five Elements of an EC System(Hsu)
Web Server Applications Server Database Server Internal Networking Internet Connection
![Page 8: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/8.jpg)
Web-based Enterprise Computing (article 20)
DB
db engine
ODBC/JDBC compliant
WebServer-received request-Invoked applications
APIWeb-based
Applications
WebBrowser
![Page 9: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/9.jpg)
Web-based Enterprise Computing Client-server computing ODBC- & JDBC- compliant DBMS Static vs Dynamic HTML
pages Java COM CORBA Drumbeaat 2000 X/Open Informix, Sybase, Oracle
CGI programs (Unix shell scripts, C and/or Perl programs)
HTTP Applets vs Servlets API ASP vs JSP Lotus Domino, Netscape
Enterprise, IIS, … SQL ColdFusion/CFML XML
![Page 10: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/10.jpg)
Infrastructure for EC
E-business Plan and Design
e-Consumers/e-Customers
Technology Infrastructure
![Page 11: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/11.jpg)
E-business Plan and Design
Technology InfrastructureWeb ServerApplications ServerDatabase ServerInternal NetworkingInternet Connection
e-Consumers/e-Customers
Document Connectivity (HTML, …
Applications Connectivity (CGI, Javascript…Database Connectivity (Oracle, ODBC/JDBC,..Enterprise Connectivity (Java, CORBA, EDI, …
Network Connectivity (Protocols, Transmission Media, ..
![Page 12: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/12.jpg)
Network InfrastructureComputer networks originally built on top of
existing phone network, which in terms was built from the demand of telegraphs
Exchange of information from the chosen few that could afford telegraphs to the widespread of the use of phone for voice and data transmission within a given country. Now with computer networking, the boundaries between countries melt away as yet governmental and political issues remain to be resolved.
![Page 13: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/13.jpg)
Network InfrastructureThe circuit-switched public telephone networking is
challenged by the TCP/IP-based packet-switched networking of the Internet. This switch could be a must to support the fast growing needs for Internet access but it disturbs the many international and domestic regulatory agencies in how to handle this surge of demand. There simply does not exist the infrastructure for the ease of installing the new technology and scrap the old and it is done.
![Page 14: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/14.jpg)
Data Traffic Exceeds Voice Traffic Folklore? 30,000 bits for a single-spaced typed sheet 5-minutes of phone conversation = 640 typed pages speech is not optimized for digital transmission maybe: talk less type more? More use of internet (e-
business) and Video on demand piped via the same internet links
![Page 15: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/15.jpg)
Source Destination
Internetworking…
![Page 16: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/16.jpg)
ARPANET to Internet DOD initiated in 1960 to establish a
communication network that was robust and reliable even with link and/or node failure
Store-and-forward packet switched network ARPANET and other networks became what we
now know as the Internet, propelled by the availability of browsers like Mosaic
![Page 17: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/17.jpg)
ARPANET to Internet Other similar networks (70’s)
IBM’s SNA (Systems Networks Architecture) in 1974
DEC’s DECnet in 1975 Sperry-Univac’s Data Communications
Architecture in 1976 Siemens’ Transdata in 1978 CII-Honeywell-Bull’s Distributed Systems
Architecture in 1979
![Page 18: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/18.jpg)
Historical Events of Internet ‘69 DOD ARPA funded research on packet
switched networks ‘74 Vint Cerf & Bob Kahn published TCP, its
basic mechanism ‘82 ARPA defined the TCP/IP protocol suite ‘84 Domain name system introduced ‘86 NSFNET became the backbone (56kbps) ‘92 WWW by Tim Berners-Lee, CERN, the
European Organization for Nuclear Research
![Page 19: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/19.jpg)
Standards Organization ITU (International Telecommunications
Union), previously known as CCITT (Consultative Committee for International Telegraphy and Telephony
![Page 20: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/20.jpg)
RFC’s Published only with the approval of IESG
(Internet Engineering Steering Group) of the IETF (Internet Engineering Task Force)
All Internet standards originated as RFC’s Not all RFC’s are Internet standards http://rs.interic.net/
![Page 21: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/21.jpg)
ISO 7-Layer Reference Model
Application
Presentation
Session
Network
Data Link
Physical
Transport
Basic network hardware
Organize data
Network addresses
![Page 22: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/22.jpg)
Classes of IP Address Space Primary Classes
Class A : 0 + 7-bit prefix/128 networks (24-bit suffix - 16,777,216 hosts) [0 thru 127]
Class B : 10 + 14-bit prefix/16384 networks (16-bit suffix - 65536 hosts) [128 thru 191]
Class C : 110 + 21-bit prefix/2,097,152 networks (8-bit suffix - 256 hosts) [192 thru 223]
IPv4: 32 bits (232 ~= 4 billions) Ipng (IPv6): 128 bits (1015)
![Page 23: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/23.jpg)
TCPTCP (Transmission Control Protocol)
Connection-Oriented Transport vs Connectionless-Oriented Transport (User Datagram Protocol or UDP)
To make sure a message arrives at the destination (from source) successfully
![Page 24: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/24.jpg)
Source Destination
Internetworking…
TCP/IP
IP addresses (137.198.34.10)
Domain Name: www.ComeGetMe.com
![Page 25: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/25.jpg)
Hong Kong Internet Connections
![Page 26: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/26.jpg)
The HK Internet Exchange
![Page 27: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/27.jpg)
Security Why? What are the problems that we are facing in
EC? Discussion…..
![Page 28: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/28.jpg)
Security’s main challenges
Confidentiality: only the parties know Integrity: only what is sent is received
Authentication: only the right parties are talking
![Page 29: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/29.jpg)
Encryption(Turban, p 396)
Plaintext Ciphertext: use a set of rules (known
between communicating parties) to transform Plaintext to Ciphertext
Encryption algorithm Keys
Length of a Key
![Page 30: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/30.jpg)
Some Interesting Numbers(Bruce Schneier, “Appliced Cryptography”)
With money, what could you do to break the key?
Cost 40 56 64 80 128
$100 thousand
2 secs 35 hrs 1 yr 70,000 yrs
1019 yrs
$100 billion
2 microsecs
.1 sec 32 secs 24 days 1013 yrs
![Page 31: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/31.jpg)
Ciphers Two Types of Ciphers
Symmetric encryption or secret-key encrpytion
Asymmetric : a pair of matching keys
![Page 32: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/32.jpg)
Symmetric Encryption Using the same key at the sending and
receiving ends Keys can be Keys can be private keyprivate key or secret keysecret key
Encrypt Internet Decrypt
Plaintext Ciphertext
![Page 33: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/33.jpg)
Symmetric Encryption
Problems: Has to be secret Need to communicate a new secret key
if a third party obtains the key Authenticity Discussion?
![Page 34: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/34.jpg)
Asymmetric Encryption Involves a
public key private key
Public-key Cryptography – 1976, Whitfield Diffie & Martin Hellman
Data encryption is possible with public key and decryption is done with only the matching private key (or the opposite)
![Page 35: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/35.jpg)
Encrypt Internet Decrypt
Plaintext Ciphertext
Encrypt Internet Decrypt
![Page 36: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/36.jpg)
Asymmetric Encryption
No one can decrypt the message without your private key if the message is intended for you
Don’t know who else is reading… Discussion…
![Page 37: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/37.jpg)
Encrypt
Internet
Decrypt
Hash FunctionMessageDigest
signature
signature
Hash Function
Same or Different
Who is Tim?
![Page 38: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/38.jpg)
Public Key Infrastructure (PKI) Baltimore Technologies (www.baltimore.com)
Wireless e-Security
Entrust Technologies CyberTrust RSA Security VeriSign Xcert International
![Page 39: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/39.jpg)
PKI www.uncitral.org/en-index.htm (United
Nations Office of Legal Affairs servicing the United Nations Commission on the International Trade Law
X.509 Certificates
![Page 40: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/40.jpg)
PKI Duplicate names Revocation PKI-enabled applications
![Page 41: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/41.jpg)
Digital Certificates (DCs) & Certificate Authorities (CAs)
Public Key (I am snoopy)
Person Information(Beagle; spotted ears)
Public Key (I am snoopy)
Beagle; spotted ears
CA’sPrivate Key
EncryptionAlgorithm
DC
![Page 42: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/42.jpg)
Verification“Your Dinner is Served”
1. Request DC
2. Send DC
3. Get CA’s Public Key4. Take Snoopy’s Public Key and encrypt “Your Dinner is Served”
5. Send Encrypted Message
6. Snoopy decrypts message with his own private key
![Page 43: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/43.jpg)
X.509 Certificates Serial Number: assigned by the entity (in
this case, HKPO); will be used in the CRL Signature Algorithm Identifier: CA uses
this to encrypt (sign the certificate) Validity Period Subject Name: CN, OU, O, and CVersion 3 (1996) is the most recent with
extensions
![Page 44: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/44.jpg)
PKIX X.509 Version 3 Certificates (RFC 2459) OCSP – Online Certificate Status Protocol
(RFC 2560) Certificate Management Request Format
(CRMF) (RFC 2511) Certificate Revocation List LDAP: Lightweight Directory Access
Protocol (RFC 2251) : V3 Dec 1997
![Page 45: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/45.jpg)
Web Server
WebServer
WebClient Internet
HttpHttp: HHyper TText TTransport PProtocol
Requests
Responses
![Page 46: Electronic Commerce](https://reader036.vdocuments.net/reader036/viewer/2022062315/56815515550346895dc2f96b/html5/thumbnails/46.jpg)
MIME Multipurpose Internet Mail Extensions Open standard for sending information in
various forms through Internet email Supports almost a hundred predefined
types of content Content types are classified as a type and a
subtype