web engineering unit v as per rgpv syllabus

Unit-V/Web Engineering Truba College of Sc. Tech., Bhopal

Prepared By: Ms. Nandini Sharma(CSE DEPT.)

INTRODUCTION

E Commerce stands for electronic commerce and caters to trading ingoods and services through the

electronic medium such as internet, mobile or any other computer network. It involves the use of

Information and Communication Technology (ICT) and Electronic Funds Transfer (EFT) in making

commerce between consumers and organizations, organization and organization or consumer and

consumer. With the growing use of internet worldwide, Electronic Data Interchange (EDI) has also

increased in humungous amounts and so has flourished e-commerce with the prolific virtual internet

bazaar inside the digital world which is righty termed as e-malls.

We now have access to almost every knick-knack of our daily lives at competitive prices on the

internet. No matter one is educated or illiterate, an urbane or a countryman, in India or in U.K; all

you need is an internet connection and a green bank account. With e-commerce then, you can buy

almost anything you wish for without actually touching the product physically and inquiring the

salesman n number of times before placing the final order. Here is a beautiful picture depicting how

has human life evolved to adapt to the digital world and hence trading over the internet. As seen,

from pizza and potted plant to pair of shoes, we have everything on sale on the internet available in

tempting offers..!! Snapdeal.com, Amazon, eBay, Naaptol, Myntra, etc are some of the most popular

e-commerce websites. E-Commerce or Electronics Commerce business models can generally

categorized in following categories.

Business - to - Business (B2B)

Business - to - Consumer (B2C)

Consumer - to - Consumer (C2C)

Consumer - to - Business (C2B)

Business - to - Government (B2G)

Government - to - Business (G2B)

Government - to - Citizen (G2C)

1. Business - to - Business (B2B) - Website following B2B business model sells its product to

an intermediate buyer who then sells the product to the final customer. As an example, a

wholesaler places an order from a company's website and after receiving the consignment,

sells the end product to final customer who comes to buy the product at wholesaler's retail

outlet.



2. Business - to - Consumer(B2C) - Website following B2C business model sells its product

directly to a customer. A customer can view products shown on the website of

business organization. The customer can choose a product and order the same. Website will

send a notification to the business organization via email and organization will dispatch the

product/goods to the customer.

3. Consumer - to - Consumer (C2C) - Website following C2C business model helps consumer

to sell their assets like residential property, cars, motorcycles etc. or rent a room by

publishing their information on the website. Website may or may not charge the consumer for

its services. Another consumer may opt to buy the product of the first customer by viewing

the post/advertisement on the website.



4. Consumer - to - Business (C2B) - In this model, a consumer approaches website showing

multiple business organizations for a particular service. Consumer places an estimate of

amount he/she wants to spend for a particular service. For example, comparison of interest

rates of personal loan/ car loan provided by various banks via website. Business organization

who fulfills the consumer's requirement within specified budget approaches the customer and

provides its services.

5. Business - to - Government (B2G) - B2G model is a variant of B2B model. Such websites are

used by government to trade and exchange information with various business organizations.

Such websites are accredited by the government and provide a medium to businesses to

submit application forms to the government.



6. Government - to - Business (G2B)- Government uses B2G model website to approach

business organizations. Such websites support auctions, tenders and application submission

functionalities.

7. Government - to - Citizen (G2C) - Government uses G2C model website to approach citizen

in general. Such websites support auctions of vehicles, machinery or any other material. Such

website also provides services like registration for birth, marriage or death certificates. Main

objectives of G2C website are to reduce average time for fulfilling people requests for various

government services.

E-COMMERCE INFRASTRUCTURE

Every business requires an infrastructure to support its customers and operations. This includes

facilities, equipment, and processes to support all the functional areas of your business. Choosing the

correct infrastructure to match your business strategies enables your operations to run efficiently.

Conversely, if an element of your infrastructure is out of sync with your strategies, you will likely

feel the pain in every aspect of your business.

Here’s an example. If your value proposition is to provide the highest level of customer service for

premium products, then your infrastructure should include processes to deliver quick and responsive

service, including live chat, self-service tools, and quick turnaround on questions and orders. I

addressed strategies for value propositions earlier, in ―What’s the Value Proposition of Your

Ecommerce Company?‖

If your value proposition is to provide the lowest prices every day, then your infrastructure should be

focused being the low cost provider. You can accomplish this in various ways, but you need to

ensure that your cost of goods sold and overhead expenses — which include infrastructure costs —

are as low as possible.

Typically, ecommerce businesses try to maintain a high degree of flexibility in their infrastructure to

keep fixed costs low and to be able to react quickly to market changes or competitive pressures. A

key infrastructure decision is whether to outsource or manage operations in house.

Most ecommerce businesses are small, with fewer than 25 employees. If you look at all the

functional areas of the business that must be managed on a daily basis, it will be hard to find and

afford an in house staff with all the skills required be successful. When deciding on your business

infrastructure and operations, be sure to evaluate what your core strengths are. Know what you do

http://www.practicalecommerce.com/articles/3516-What-s-the-Value-Proposition-of-Your-Ecommerce-Company-





well and know what you do not do well. They are equally important. Look to outsource part time

activities or ones that require high levels of skill or specialization.

Here are seven important infrastructure decisions that ecommerce businesses face.

1. Marketing - Of all the infrastructure elements, marketing may be the most important. To succeed,

your website must be found. Once visitors are on your site, you need to keep them there and compel

them to buy from you. That’s the job of your marketing team. Whether it’s website design, social

media, search marketing, merchandising, email, or other forms of advertising, it’s all about

marketing.

To effectively manage marketing activities in-house is very challenging. Most small ecommerce

businesses outsource some element of marketing.

2. Facilities - A key competitive advantage that ecommerce businesses have over brick-and-mortar

stores is the investment in their physical offices and warehouses. In many cases, you can host your

business out of a home office and your basement or garage. If you drop ship or outsource fulfilment,

you may be able to do that for a long period of time. Even when you grow to have many employees,

you can set up your offices in class B or C space, as you have no need for a fancy store in the right

location.

A word of advice is to keep your options flexible. Try to find an office park that has a wide variety of

spaces in different sizes. You may be able to start in a smaller space and move up to a larger one

without penalty, as your needs change.

3. Customer Service - There are many choices today for delivering high-quality customer service.

You can manage those activities in-house or outsource to a third party. Basic customer service for

sales and post-sales activities can be handled using email, and by providing an 800 number for more

extensive phone support. A customer-management system will make those activities easier, but for

smaller companies it is not a requirement.

Live chat will impact your operations as someone needs to be available during specified hours of

operation. Be sure to gauge the impact of that on your organization, if you decide to handle those

activities in house.

4. Information Technology - Choosing the right ecommerce platform is one of the most important

decisions you will make in your business. Do you want to build and host your own system, outsource

the development and then manage the system going forward, or use a hosted, software-as-a-service

platform that is more turnkey and externally managed?

If you build and host your own system, you may need more cash up front and skilled administrators

and developers on your staff. By using a SaaS platform, you will not need to host or manage the

system in-house, but you may still need web developers on staff. Choosing to outsource the

development and hosting will reduce your staffing costs, but you will incur higher costs for any

future enhancements or changes to your websites.



There are pros and cons to any approach. Just be sure to think through the impacts on both your

staffing and your cash flow and bottom line before you move forward.

5. Fulfilment - Another key decision is whether you will manage your own inventory or outsource

those activities to a fulfilment house or through drop shipping arrangements with your supBpliers.

Managing your own inventory will provide you with a high level of control, but you will tie up your

cash in inventory, warehouse space, and your own fulfilment staff. In some industries — like the

jewellery supply industry that my previous business was in — managing your own inventory was the

most logical choice. We had no alternative for drop shipping, and most items were purchased in bulk

and were very small. We did not trust preparation and fulfilment to an outside service.

Select the best fulfilment option to meet your needs. Be sure to understand the costs involved and

analyze the other options before moving forward.

6. Finance and Administration - As with other business operations, you will need to decide if you

want to manage your finance and administration activities in-house, outsource, or a hybrid of the

two. If your ecommerce platform is tightly integrated to your accounting system, you may have very

little need for an in-house bookkeeper. If you use separate systems for your website, order

management and accounting, you may need more help for data entry and making sure that the

information is properly managed Many ecommerce companies use outside services for vendor

payments, payroll, and other basic accounting activities. They decide to focus on the sales,

marketing, and customer service. This allows them to maintain a focus on growing their businesses,

instead of paying an internal accountant — or doing that work yourself as the business owner.

On the administration side, you need a leadership team and provide direction to them. Good

communication is important, whether you have 3 or 100 employees. Whether you choose to be more

authoritative or democratic in your management style is up to you. But choose a style and stay

consistent. Be sure that everyone understands their roles, as well as the overall business strategies.

You may need to adjust your approach as your business evolves.

7. Human Resources - Many small-business owners avoid the human resources function. Recruiting,

setting up compensation, maintaining compliance and other HR activities are specialized and time

consuming. You may choose to bring the resources in-house to manage those activities, but also

evaluate outsourcing them. There are many individuals and agencies well equipped to take on your

HR activities.

ELECTRONIC COMMERCE ENVIRONMENT AND OPPORTUNITIES

Electronic commerce includes all forms of business transactions, such as the purchase of goods or

services, undertaken through electronic means, such as telephones, televisions, computers, and

the Internet. It is believed to be the means through which most business will be conducted in the

future. With the growing numbers of people connecting to the Internet, electronic commerce is

gaining rapid acceptance. Many people think of electronic commerce in terms of shopping on the

Internet, or shopping on-line, but it's really much more than that. Electronic commerce impacts our

lives in more ways than we realize.



A manufacturer checking inventory on parts at a supplier's warehouse through the

Internet in evolved in electronic commerce.

A direct deposit transaction, such as the direct deposit of a paycheck or a tax

refund into a bank account, is an electronic commerce transaction.

A person advertising a seldom used exercise bike on-line is engaging in electronic

commerce.

Each time someone takes money out of an ATM, or uses a debit or credit card to

purchase goods or services, that person is taking part in electronic commerce.

A catalogue shopper placing an order over the telephone is also participating in

electronic commerce.

Electronic commerce may be in the form of business to business activities, business to consumer, or

direct consumer to consumer contacts. Links to governments, educational institutions, libraries and

not-for-profit organizations are all a part of the electronic commerce environment. Goods, services,

and information are the content of electronic commerce; the whole world is its venue.

Evolution of the Internet and Electronic Commerce

Although electronic commerce encompasses all forms of electronic commercial transactions, the

recent commercialization of the Internet has greatly facilitated the growth of electronic commerce.

The basis of today's Internet was initially developed through U.S. Government investment

in computer networking technology dating back to the 1960's. The Internet was originally used for

linking and transmitting information among scientists and universities doing government sponsored

research in diverse locations. In the 1990's, however, the network was commercialized. Since then,

the number of business transactions taking place electronically has grown at an astronomical pace. In

fact, the volume of electronic commerce is projected to grow from just $8 billion in 1997 to well

over $327 billion in the year 2002.

Electronic Commerce Environment

For the purpose of this bulletin we will concentrate primarily on the purchase of goods and services

on-line, a form of electronic commerce using the Internet that is becoming very popular with

consumers. In fact, a recent study found that 10 million people in the U.S. and Canada have actually

purchased something on-line, up from 7.4 million just six months earlier.(1)

To shop on-line, consumers need a computer or network device that is connected to the Internet

through an Internet service provider (ISP). Generally, most ISPs provide local access numbers that

home computer owners can dial into directly through telephone lines. ISPs not only act as a

"gateway" or "on ramp" to the Internet, but many also provide their own information and

entertainment services and shopping outlets. Once connected to the Internet, web

browsers and search engines help consumers locate specific destinations on the network, such as

the web site for a particular store or product manufacturer. Consumers can either type in the specific

Internet addresses or search for locations by entering keywords that describe what they are looking

for.

http://www.library.unt.edu/gpo/oca/cb12.htm#N_1_



Products and services are arranged in a variety of ways on the Internet. For example, many retail

stores and catalogue companies now offer their goods on-line for selection and purchase by

customers. New on-line or "virtual" stores selling everything from books and CDs to computer

equipment and used automobiles are now open for business on the World Wide Web. Providers of

services such as real estate brokers, insurance companies and travel agents also have an on-line

presence. Some airlines, for example, offer discounted "cyberfares" to consumers who book their

arrangements via the Internet.

However, an Internet shopper need not go directly to an on-line store in order to buy something.

Some media sites, ISPs, and search engines prominently feature retailers and provide direct links to

their sites. Specialty retailers, large discounters, service companies, and mall/marketplaces from

around the world have their place on-line.

Most on-line shopping outlets try to make the electronic shopping experience as familiar and easy for

consumers as possible. Physical goods such as flowers, clothing, and household products are often

described with detailed product information, pricing and size information, and are represented with

photographs of the product. When ready to make a purchase, the customer has only to decide

whether to complete the transaction on-line or not. To purchase on-line, a customer selects the

product, enters basic name and address information along with a credit card number, depresses the

enter key on the computer, and the transaction is completed. Some consumers, however, prefer to use

the Internet primarily as an information resource, comparing prices and then making their purchases

through traditional means.

Advantages of Electronic Commerce for Consumers

There are numerous advantages for consumers who shop on-line. These include:

Access to a truly global marketplace with an availability of sources from around the

world.

Access to products, services and information at any time of day or night.

The convenience and speed of shopping without leaving home.

Easier price comparisons and often discounted prices for goods purchased directly on-

line.

An interactive opportunity to learn more about products and how to use them.

Security of Information

How safe is it to provide credit card information over the Internet? Will someone else be able to steal

and use credit card information provided? Is ordering through the Internet as safe as ordering by

phone or mail?

Most Internet purchases are currently made by entering credit card and delivery information on a

computerized form and transmitting it electronically to the retailer. Even though consumers are

accustomed to giving credit card information over the telephone, many are reluctant to give it on-line

for fear that it will be stolen or misused. This reluctance is often cited as the largest barrier to the

growth of retail sales on the Internet.



Internet retailers, however, are using technology and standards for safeguarding sensitive information

that consumers provide as part of an electronic transaction. Before completing on-line transactions,

consumers should take time to become familiar with methods the retailer uses for protecting their

information.

To reassure potential customers, many on-line retailers offer descriptions of the technology used to

protect credit card transactions. As with traditional transactions, there is always some risk involved

with exchanging personal data over the Internet. However, as technology develops and more people

shop on-line and have trouble-free experiences, concerns about security should lessen.

Privacy

Consumers are also concerned about who is going to see the information that is provided and about

the use of the information once the transaction is completed. Will others have access to their personal

information? Will lists of personal information be sold to providers of similar or related products?

The privacy rights of individuals must be balanced with the benefits derived from the free flow of

information. But, a certain amount of personal privacy must be assured to increase consumer

confidence in the use of the system.

In order to empower consumers to have control of their own personal information, the U.S.

Government is encouraging the private sector to establish codes of conduct and self-regulation for

the protection of consumer privacy. Effective self-regulation involves substantive rules, as well as

the means to ensure that consumers know the rules, that companies comply with them, and that

consumers have appropriate recourse when there is non-compliance.

The Role of Government in Electronic Commerce

Commerce on the Internet promises to total tens of billions of dollars by the turn of the century. For

this potential to be realized fully, the U.S. Government believes that governments must adopt a non-

regulatory, market-oriented approach to electronic commerce, one that facilitates the emergence of a

predictable legal environment to support global business and commerce. The U.S.Government's

approach to electronic commerce policy making is that:

The private sector should lead.

Governments should avoid undue restrictions on electronic commerce.

Where government involvement is needed, its aim should be to support and enforce a

predictable and simple legal environment for electronic commerce.

Governments should recognize the unique qualities of the Internet.

Electronic commerce over the Internet should be facilitated globally.

Governments around the world are participating in the creation of legal frameworks that will

facilitate electronic transactions nationally and globally. The challenge is to provide an adequate

level of protection for consumers and businesses without stifling competition and technological

development through excessive or unnecessary regulation. Mechanisms should be established that

give consumers assurances that their on-line transactions carry the same legal rights and

responsibilities as off-line transactions. Questions regarding customs and taxes, protection of



intellectual property rights as they affect consumers, privacy and security, and protection against

fraud are under discussion in a variety of fora--both national and international. For example:

Through the World Trade Organization, the U.S. Government is seeking to have the

Internet declared a tariff-free environment.

The Treasury Department is debating tax issues and the development of electronic

payment systems through the Organization for Economic Cooperation and

Development.

Uniform Commercial Codes are now being considered at the international level.

The Department of Commerce is working with U.S. industry and foreign governments

to develop self-regulatory mechanisms that protect consumer privacy and the

collection, storage and re-use of personal data.

The Federal Government is also working to encourage technological developments to

expand Internet capabilities and the further development of the global

telecommunications infrastructure.

The Role of Security for E-commerce

E-commerce has many standardized security services. These services deal with the control and flow

of information so that the information’s integrity remains as its originator intended. These services

protect E-commerce transactions by:

Authentication: Identities such as users, computers, and files can be uniquely identified.

Control of Access: Controlling unwanted access to realms of the internetwork.

Data Confidentiality: Protection of privacy.

Data Integrity Assurance: Protection of data from modifications.

Transaction Non-Repudiation: Reliability of transactions.

These security services are provided to ensure basic E-commerce requirements. Security services

provide a way for safe, authentic, and reliable communications between two or more

parties. Security not only includes that the information stays within the communicating parties but

also it can be verified and noted as authentic. Signing of contracts, registration of mail, disclosures,

anonymity, and authorization schemes of the real world must be able to be replicated and done in

the electronic world.

APPROACHES TO E-COMMERCE

The following three approaches to e-commerce are common among Australian online merchants.

1. For real time e-commerce the merchant establishes the internet merchant facility with their

bank, integrates the payment gateway, and uses either a shopping cart or order form for

information capture. In most circumstances it will be easier and more cost effective for the

merchant to charge in Australian dollars only.



From a security point of view the advantage of using a payment gateway means that the

customer’s details (name, address, credit card number) are not captured (or seen) by the

merchant but rather are captured by the payment gateway provider only. Also the transfer of

the customer’s details from the merchant’s website to the payment gateway is secure

(encrypted) and cannot be intercepted.

2. Another approach is where the merchant uses a third party hosted solution such as Paypal,

Worldpay or Paymate who look after some or all of the key components of e-commerce. The

advantage is the ease in which the Australian company can charge the customer in different

currencies without having to establish dedicated currency bank accounts.

3. The last approach and the least preferred from a security perspective is where the merchant

uses either a shopping cart or order form for information capture and then manually re-keys

the credit card number into an EFTPOS facility they have leased from a bank. Essentially the

website captures the order information and the transaction is processed manually off-line.

With this approach the company does not require a payment gateway service because the

transaction is not in real time.

This approach is not preferred for a number reasons relating to security. The problem is that once the

customer details (name, address, credit card number) are entered into the online order form in order

for the merchant to access them, they are either emailed or stored in a back-end database for

retrieval. If emailed they are generally unsecured (not encrypted). If they are stored in the database,

behind password access, they are still potentially vulnerable to a hacker who knows a thing or two

about data bases.

ELECTRONIC PAYMENT

Traditionally, all payment transaction involved some form of paper, whether a check, an invoice, a

credit card slip or cash. Now you can pay all of your monthly bills with a few clicks of the mouse,

purchase products without leaving your desk or sofa and have your paycheck directly deposited into

your bank account.

Characteristics of e-payments

An electronic payment is a payment that is transmitted electronically either over

telephone lines or between web sites on the internet.

No tangible currency such as a bank note or check changes hands.

Any information required to make the payment such as a credit card number or Personal

Identification Number (PIN), exists only in digital form.

Projected growth - The use of electronic methods to pay bills and purchase products online is

growing as the internet grows.

Electronic Payment Categories - Most e-payments is for B2B and B2C. You can divide e-payments

for B2C into two categories –:



Payments made for goods and services purchased online. For example, the consumer selects

a product, completes an online form and selects a payment method, such as credit card, debit

card, e-cash or e-check.

Payments made in response to bills or invoices. For example, a consumer authorizes a bank

to transfer money from a bank account to specified recipients such as the telephone

company or a utility company.

Electronic Payment Process

A customer who decides to purchase an item from an online business is transferred to a

secure server where he or she enters a credit card number into a form.

The information entered into the secure server is encrypted using security technologies.

The payment information moves to the online transaction server where the payment is

authorized (or declined), depending on whether the credit card number is valid and the

customer has sufficient credit to cover the purchase.

If the credit card information is valid and funds are available, the information is

transmitted to the institution or organization that receives payments owed to the merchant

and a deposit is made to the merchant’s bank account.

The customer is informed that the transaction has been processed and shipping the goods

has been initiated.

If the goods are shipped electronically such as a downloadable computer game, then the

entire process could take no more than a minute or two from the time the customer

submits the payment to the time that the file appears on the customer’s hard drive,

depending on the size of the file and the computer’s download speed. Figure 6.1

illustrates the process.

Figure 6.1: Electronic payment process



Four parts involved in e-payments:

Issuer – the bank or a financial institution which issues the credit card and sets the limit

based on the customer’s credit history.

Customer – Person who purchase a product and made an electronic payment.

Merchant – Party that receives payment form customer via electronically.

Regulator – Governmental agency which controls the electronic payment process according

to law.

Electronic Payment Issues

The increasing dependence on using electronic methods to process payments has its benefits

and its challenges.

On the other hand, electronic payments can be less expensive to process than paper

payments.

But the perceived risk of fraud might worry some vendors, while concerns about the

security of electronic transactions and the buying pattern they divulge might discourage

some consumers.

Costs and Benefits Issues

Electronic payments are intended to lower transaction costs significantly.

Since less paper resources are used to process an online payment, the environment may

benefit from a decreased demand for paper products.

On the other hand, significant technical resources, such as high-speed internet

connections, secure servers and computers capable of processing high volume

transactions, are required.

Public Key Crytography

Public key cryptography, also known as asymmetric cryptography, is a form of

cryptography in which a user has a pair of cryptographic keys - a public key and a private

key.

The private key is kept secret, while the public key may be widely distributed.

The keys are related mathematically, but the private key cannot be practically derived

from the public key.

A message encrypted with the public key can be decrypted only with the corresponding

private key.

Conversely, Secret key cryptography, also known as symmetric cryptography uses a

single secret key for both encryption and decryption.

The two main branches of public key cryptography are:



Public key encryption — a message encrypted with a recipient's public key cannot be

decrypted by anyone except the recipient possessing the corresponding private key. This is

used to ensure confidentiality.

Digital signatures — a message signed with a sender's private key can be verified by anyone

who has access to the sender's public key, thereby proving that the sender signed it and that

the message has not been tampered with. This is used to ensure authenticity.

An analogy for public-key encryption is that of a locked mailbox with a mail slot. The mail slot is

exposed and accessible to the public; its location (the street address) is in essence the public key.

Anyone knowing the street address can go to the door and drop a written message through the slot;

however, only the person who possesses the key can open the mailbox and read the message. An

analogy for digital signatures is the sealing of an envelope with a personal wax seal. The message

can be opened by anyone, but the presence of the seal authenticates the sender.

A big random number is used to make a public-key pair.

Anyone can encrypt using the public key, but only the holder of the private key can decrypt. Secrecy

depends on the secrecy of the private key. By combining your own private key with the other user's

public key, you can calculate a shared secret that only the two of you know. The shared secret can be

used as the key for a symmetric cipher. A central problem for public-key cryptography is proving

that a public key is authentic, and has not been tampered with or replaced by a malicious third party.

The usual approach to this problem is to use a public-key infrastructure (PKI), in which one or more

third parties, known as certificate authorities, certify ownership of key pairs..

Infrastructure and Security of Electronic Payment

Secure Socket Layer (SSL) - Transport Layer Security (TLS) and its predecessor,

Secure Sockets Layer (SSL), are cryptographic protocols which provide secure

communications on the Internet for such things as web browsing, e-mail, Internet

faxing, instant messaging and other data transfers. The TLS protocol(s) allow

applications to communicate across a network in a way designed to prevent

eavesdropping, tampering, and message forgery. TLS provides endpoint

authentication and communications privacy over the Internet using cryptography.

Typically, only the server is authenticated (i.e., its identity is ensured) while the client

http://en.wikipedia.org/wiki/Image:Public_key_making.svg



remains unauthenticated; this means that the end user (whether an individual or an

application, such as a Web browser) can be sure with whom they are communicating.

The next level of security—in which both ends of the "conversation" are sure with

whom they are communicating—is known as mutual authentication. Mutual

authentication requires public key infrastructure (PKI) deployment to clients.

Secure Electronic Transactions (SET) - Secure Electronic Transaction (SET) is a

standard protocol for securing credit card transactions over insecure networks,

specifically, the Internet. SET is not itself a payment system, but rather a set of

security protocols and formats that enables users to employ the existing credit card

payment infrastructure on an open network in a secure fashion. SET specification lists

the following business requirements for secure payment processing with credit cards

over the Internet and other networks:

Provide confidentiality of payment and ordering information

Ensure the integrity of all transmitted data

Provide authentication that a cardholder is a legitimate user of credit

card account

Provide authentication that a merchant can accept credit card

transactions through its relationship with a financial institution

Ensure the use of the best security practices and system design

techniques to protect all legitimate parties in an electronic commerce

transaction

Create a protocol that neither depends in transport security mechanisms

nor prevents their use

Facilitate and encourage interoperability among software and network

providers

Digital Signatures - A digital signature or digital signature scheme is a type of

asymmetric cryptography used to simulate the security properties of a signature in

digital, rather than written, form. Digital signature schemes normally give two

algorithms, one for signing which involves the user's secret or private key, and one for

verifying signatures which involves the user's public key. The output of the signature

process is called the "digital signature." Digital signatures, like written signatures, are

used to provide authentication of the associated input, usually called a "message.

Messages may be anything, from electronic mail to a contract, or even a message sent

in a more complicated cryptographic protocol. Digital signatures are used to create

public key infrastructure (PKI) schemes in which a user's public key (whether for

public-key encryption, digital signatures, or any other purpose) is tied to a user by a

digital identity certificate issued by a certificate authority. PKI schemes attempt to

unbreakably bind user information (name, address, phone number, etc.) to a public

key, so that public keys can be used as a form of identification.Digital signatures are

often used to implement electronic signatures, a broader term that refers to any

electronic data that carries the intent of a signature, but not all electronic signatures

use digital signatures.



ISSUES IN ADVERTISING OF INTERNET.

Over the next several weeks, we will highlight some of the important legal issues that advertisers and

agencies face when advertising through social media platforms. In this series of articles, we will

examine:

1. Controlling and monitoring social media to protect a brand

2. The Federal Trade Commission’s (FTC) March 2013 guidelines regarding effective online

disclosures and the Securities and Exchange Commission’s (SEC) guidance regarding the use

of social media to disclose material information

3. The Twitter and Facebook terms of use regarding advertising, promotions and data

collection and use

4. The Digital Millennium Copyright Act as it relates to social media

5. The industry self-regulatory side of digital place-based advertising

As a starting point, it is important to remember that the same rules and regulations that govern traditional

advertising apply in the social media context. This means that the advertisement must be truthful (and not

misleading or deceptive), the claims made in the advertisement must be substantiated (backed by

evidence), and the advertisement cannot be unfair. The FTC recently made clear that the rules as

expressed in its new guidance are platform and device neutral and that it ―will continue to enforce

its consumer protection laws,‖ and ―evaluate online advertising, using traditional criteria, while

recognizing the challenges that may be presented by future innovations.‖ In our next column, we will

explore how companies can protect their brand when advertising through social media. Advertisers must

ensure the proper use of their intellectual property by internal and external teams and protect against the

improper use of that intellectual property by a third parties. Agencies responsible for creating and

deploying social media content must also understand what they can and cannot do. Protecting the brand

in the social media space is challenging and requires proactive measures.

ELECTRONIC PUBLISHING

The 'deliberative purchasing' model of electronic commerce represents a conventional 'industrial

revolution' / 'rationalist management' view: resources are allocated efficiently through the use of a

structured process of sequential steps. This perspective was applied to electronic publishing in Clarke

(1997g), which perceives electronic publishing to be a defined sub-set of electronic commerce:

“electronic publishing is electronic commerce in digital goods and services that are intended for

consumption by the human senses”

It encompasses a wide range of formats, including:

text;

structured data;

image, both raster/bit-map and vector;

moving image (animation and video);

sound; and

combinations of the above ('multi-media').

http://www.rogerclarke.com/EC/Bled97.html#EPBusP





The following are examples of the kinds of digital goods and services that are encompassed

by that definition:

documents in electronic form, including articles and books;

data, such as statistical tables;

low-volatility reference information, such as dictionaries and encyclopaedias;

high-volatility reference information, such as news, sports reports and weather forecasts;

speeches;

musical performances;

cartoons;

films and video-clips; and

entertainment, infotainment, edutainment and education.

Software publishing requires essentially the same infrastructure as electronic publishing. Moreover,

software is increasingly an intrinsic component of electronic publications, particularly in the form of

Javascript and Java applets.

Conventional Publishing

Desk-Top Publishing

During the mid-1980s, it became feasible to prepare quite sophisticated layouts, using a PC of the

kinds affordable not only by small businesses, but also by individuals. This substantially increased

the speed of production, enabled higher quality presentation, and began to undermine the justification

of large publishing houses' dominance of the publishing process.

Electronic Publishing

Desk-top publishing essentially electronised aspects of the production process for conventionally

printed materials. During the early-to-mid-1990s, it became increasingly feasible to publish materials

using media other than sacrificial arborea (aka dead trees). CD-ROMs were an early mover, but

various forms of Internet-reticulated soft-copy emerged, and the explosion of the World Wide Web,

commencing in 1993, quickly settled the argument about the medium of choice.



Cross-Media Publishing

During the latter part of the 1990s, maturation has been taking place at both ends of the production

chain. At the content-originator's end, there is a drift away from specialised software in which to

prepare electronic publications, as mainstream 'word processing' packages are migrated towards

'document processing' tools. Meanwhile, the infrastructure is being developed to enable storage in

one, master-format (most convincingly XML), with delivery to the consumer in any of multiple

formats (e.g. HTML, Word, PDF, Postscript, XML).

Interactive Publishing

The conventional models described above provide a valuable basis for analysis. But they represent

recent and current conventionalism, and miss the revolutionary impacts of the channels and media on

which electronic publishing is built. Each model described so far has involved a production-line or

industry value-chain, with a series of providers passing materials to an ultimate consumer of content.

Publishing has assumed a mass medium, broadcast, one-way.

E-COMMERCE MARKETING CONCEPTS

Marketing Concepts has become a leader in the direct commerce industry by using the

knowledge that comes from a 20-year history in direct marketing. Our philosophy is simple; we

apply the knowledge and experience of our professional team to provide our customers with the

services they need for maximum success and profitability.

Contact Center - Marketing Concepts provides a 24/7 full-service Customer Contact Center. Our

Midwest based Contact Center team is trained and motivated to increase sales and treat your

customers with the utmost respect and care. We understand the value of treating your customers

right each and every time they make contact. Our Contact Center services include Call Center,

Mail, Email, and Chat.

Web Design & Development

Design - Today, establishing a look for your business, your website and all your communications

is important in the challenge to be recognized by consumers. A lasting image is the key to

customer recognition. Marketing Concepts' talented team of design professionals can create or

enhance your company image to make sure your customers know and recognize you across

http://www.prsindia.org/billtrack/the-information-technology-rules-2011-1908/


















channels.

Development - Even the most robust software products do not provide every functionality

suitable or necessary to keep up with today's fast paced web marketing needs. Marketing

Concepts' team of web programmers can help you create a website with the functionality you

want and need to run your business.

Marketing - Demanding consumers require companies to focus on the expanding challenges of

multi-channel marketing. Integrated systems with integrated strategies require insight into

creating the best marketing solutions and techniques to generate and track consumer response

and loyalty. Marketing Concepts knows how to create and manage those strategies and solutions

across channels.

Technical Solutions - Marketing Concepts offers a range of web hosting solutions from shared

servers to dedicated servers with full-redundancy. Our hosting packages include managing your

telecommunications and 24/7 customer support. Some companies need help in handling systems

integration and some companies simply want to outsource it all. Marketing Concepts has

different levels of "co-location" for Ecometry customers. From simple "house and maintaining"

to handling your HP to the max including testing code, setting up offers, or generating order and

credit card processing, we can do it all! The rapid growth of today's technology requires skill and

knowledge to provide complete and fluid service. Let the professionals at Marketing Concepts

help you manage your technology needs.

Professional Services & Consulting - Marketing Concepts provides project management

services for operational projects of every description from implementing a new software system,

to helping you move your entire operation. We also offer consulting services available in almost

every area of direct commerce.

The Information Technology Rules

The Government had notified four sets of Rules under the Information Technology Act, 2000 on

April 11, 2011. A copy of the Rules as notified and the PRS Rules and Regulations Review can be

downloaded here.

Key Features of the Rules

Four sets of Rules have been introduced under the Information Technology Act, 2000, as

amended by the Information Technology (Amendment) Act, 2008.

The Security Practices Rules require entities holding sensitive personal information of users

to maintain certain specified security standards.

The Intermediary Guidelines Rules prohibit content of specific nature on the internet. An

intermediary, such as a website host, is required to block such content.

The Cyber Café Rules require cyber cafés to register with a registration agency and maintain

a log of identity of users and their internet usage.

Under the Electronic Service Delivery Rules the government can specify certain services,

such as applications, certificates, licenses etc, to be delivered electronically.

Issues and Analysis



The Security Practices Rules require sensitive personal information to be disclosed to

government agencies. The safeguards against such disclosure differ from those under other

laws. Also, these Rules may be superseded by an agreement.

The Intermediary Guidelines Rules that allow blocking of content on the internet may violate

the right to free speech. These Rules differ from the requirements governing content of other

media like newspapers and television.

The Cyber Café Rules may have negative implications for privacy and personal safety of the

users.

FIREWALL

A firewall is a set of related programs, located at a network gateway server, that protects the

resources of a private network from users from other networks. (The term also implies the security

policy that is used with the programs.) An enterprise with an intranet that allows its workers access to

the wider Internet installs a firewall to prevent outsiders from accessing its own private data

resources and for controlling what outside resources its own users have access to.

Basically, a firewall, working closely with a router program, examines each network packetto

determine whether to forward it toward its destination. A firewall also includes or works with

a proxy server that makes network requests on behalf of workstation users. A firewall is often

installed in a specially designated computer separate from the rest of the network so that no incoming

request can get directly at private network resources.

There are a number of firewall screening methods. A simple one is to screen requests to make sure

they come from acceptable (previously identified) domain name and Internet Protocol addresses. For

mobile users, firewalls allow remote access in to the private network by the use of secure logon

procedures and authentication certificates.

A number of companies make firewall products. Features include logging and reporting, automatic

alarms at given thresholds of attack, and a graphical user interface for controlling the firewall.

Computer security borrows this term from firefighting, where it originated. In firefighting, a firewall

is a barrier established to prevent the spread of fire.

CYBERCRIME

Cybercrime is criminal activity done using computers and the Internet. This includes anything from

downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime

also includes non-monetary offenses, such as creating and distributing viruses on other computers or

posting confidential business information on the Internet.

Perhaps the most prominent form of cybercrime isidentity theft, in which criminals use the Internet to

steal personal information from other users. Two of the most common ways this is done is through

phishing and pharming. Both of these methods lure users to fake websites (that appear to be

legitimate), where they are asked to enter personal information. This includes login information, such

http://searchnetworking.techtarget.com/definition/gateway

http://whatis.techtarget.com/definition/server

http://searchwindevelopment.techtarget.com/definition/intranet

http://searchnetworking.techtarget.com/definition/router

http://searchnetworking.techtarget.com/definition/packet

http://whatis.techtarget.com/definition/proxy-server

http://searchwindevelopment.techtarget.com/definition/domain-name

http://searchunifiedcommunications.techtarget.com/definition/Internet-Protocol

http://searchmidmarketsecurity.techtarget.com/definition/remote-access

http://www.techterms.com/definition/virus

http://www.techterms.com/definition/phishing

http://www.techterms.com/definition/pharming

http://www.techterms.com/definition/login



as usernames and passwords, phone numbers, addresses, credit card numbers, bank account numbers,

and other information criminals can use to "steal" another person's identity. For this reason, it is

smart to always check the URL or Web address of a site to make sure it is legitimate before entering

your personal information.

Because cybercrime covers such a broad scope of criminal activity, the examples above are only a

few of the thousands of crimes that are considered cybercrimes. While computers and the Internet

have made our lives easier in many ways, it is unfortunate that people also use these technologies to

take advantage of others. Therefore, it is smart to protect yourself by using antivirus

and spyware blocking software and being careful where you enter your personal information.

CYBER LAW

Cyberlaw or Internet law is a term that encapsulates the legal issues related to use of the Internet. It is

less a distinct field of law than intellectual property or contract law, as it is a domain covering many

areas of law and regulation. Some leading topics include internet access and usage, privacy, freedom

of expression, and jurisdiction.

"Computer law" is a third term which tends to relate to issues including both Internet law and

the patent and copyright aspects of computer technology and software.

1. Law: Standard East Coast Code, and the most self-evident of the four modes of regulation.

As the numerous statutes, evolving case law and precedents make clear, many actions on the

internet are already subject to conventional legislation (both with regard to transactions

conducted on the internet and images posted). Areas like gambling, child pornography, and

fraud are regulated in very similar ways online as off-line. While one of the most

controversial and unclear areas of evolving laws is the determination of what forum has

subject matter jurisdiction over activity (economic and other) conducted on the internet,

particularly as cross border transactions affect local jurisdictions, it is certainly clear that

substantial portions of internet activity are subject to traditional regulation, and that conduct

that is unlawful off-line is presumptively unlawful online, and subject to similar laws and

regulations. Scandals with major corporations led to US legislation rethinking

corporate governance regulations such as the Sarbanes-Oxley Act.

2. Architecture: West Coast Code: these mechanisms concern the parameters of how

information can and cannot be transmitted across the internet. Everything from internet

filtering software (which searches for keywords or specific URLs and blocks them before

they can even appear on the computer requesting them), to encryption programs, to the very

basic architecture of TCP/IP protocol, falls within this category of regulation. It is arguable

that all other modes of regulation either rely on, or are significantly supported by, regulation

via West Coast Code.

3. Norms: As in all other modes of social interaction, conduct is regulated by social norms and

conventions in significant ways. While certain activities or kinds of conduct online may not

be specifically prohibited by the code architecture of the internet, or expressly prohibited by

applicable law, nevertheless these activities or conduct will be invisibly regulated by the

http://www.techterms.com/definition/url

http://en.wikipedia.org/wiki/Legal_aspects_of_computing#Internet_Law

http://en.wikipedia.org/wiki/Internet

http://en.wikipedia.org/wiki/Intellectual_property

http://en.wikipedia.org/wiki/Contract

http://en.wikipedia.org/wiki/Internet

http://en.wikipedia.org/wiki/Privacy

http://en.wikipedia.org/wiki/Freedom_of_expression



http://en.wikipedia.org/wiki/Jurisdiction

http://en.wikipedia.org/wiki/Governance

http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act



inherent standards of the community, in this case the internet "users." And just as certain

patterns of conduct will cause an individual to be ostracised from our real world society, so

too certain actions will be censored or self-regulated by the norms of whatever community

one chooses to associate with on the internet.

4. Markets: Closely allied with regulation by virtue of social norms, markets also regulate

certain patterns of conduct on the internet. While economic markets will have limited

influence over non-commercial portions of the internet, the internet also creates a virtual

marketplace for information, and such information affects everything from the comparative

valuation of services to the traditional valuation of stocks. In addition, the increase in

popularity of the internet as a means for transacting all forms of commercial activity, and as a

forum for advertisement, has brought the laws of supply and demand in cyberspace.

web engineering unit v as per rgpv syllabus

Engineering

business b2b business

business c2b business

business b2b website

consumer c2c consumer

consumer b2c consumer

consumer c2c website

c2c business model

b2b business model