Explain any three basic needs of consumer oriented
e-commerce.
It has been said that the meeting of money, commerce, computing
and networks form the global consumer market place. It includes
facilities for negotiations, bargaining; order processing, payment
and customer service. Though it is desirable that the entire system
is automated, it may be possible that one/more of these activities
may be transactcd in a traditional manner. The order is placed over
phone, further negotiations may be made with the sales
representative calling on the buyer, the payment may be made
through a cheque etc.
The following criteria arc essential for consumer-oriented
electronic commerce:
Critical mass of buyers and sellers. The trick is getting a
critical mass of corporations and consumers to use electronic
mechanisms. In other words, the electronic marketplace should be
the first place customers go to find the products and services they
need.
Opportunity for independent evaluations and for customer
dialogue and discussion. In the marketplace, not only do users buy
and sell products or services, they also compare notes on who has
the best products and whose prices are outrageous. The ability to
openly evaluate the wares offered is a fundamental principle of a
viable marketplace.
Negotiation and bargaining. No market place is complete if it
does not support negotiation. Buyers and sellers need to be able to
haggle over conditions of mutual satisfaction, including money,
terms and conditions, delivery dates, and evaluation ctiteria New
products and services. In a viable marketplace, consumers can make
requests for products and services not currently offered and have
reasonable expectations that someone will turn up with a proposed
offering to meet that request.
List the OMCs (Order Management Cycle) generic steps.OMC has the
following generic steps: 1)Order Planning and Order Generation: The
business process begins long before an actual order is placed by
the customer. The first step is order planning. Order planning
leads into order generation. Orders are generated in number of ways
in the e-commerce environment. The sales force broadcasts ads
(direct marketing), sends personalized e-mail to customers (cold
calls), or creates a WWW page. 2) Cost Estimation and Pricing:
Pricing is the bridge between customer needs and company
capabilities. Pricing at the individual order level depends on
understanding, the value to the customer that is generated bye ach
order, evaluating the cost of filling each order; and instituting a
system that enables the company to price each order based on its
valued and cost. 3) Order Receipt and Entry: After an acceptable
price quote, the customer enters the order receipt and entry phase
of OMC. Traditionally, this was under the purview of departments
variously titled customer service, order entry, the inside sales
desk, or customer liaison. These departments are staffed by
customer service representatives, usually either very experienced,
long-term employees or totally inexperienced trainees. 4) Order
Selection and Prioritization: Customer service representatives are
also often responsible for choosing which orders to accept and
which to decline. In fact, not all customer orders are created
equal; some are simply better for the business than others. Another
completely ignored issue concerns the importance of order selection
and prioritization. Companies that put effort into order selection
and link it to their business strategy stand to make more money. 5)
Order Scheduling: Ordering scheduling phase the prioritized orders
get slotted into an actual production or operational sequence. This
task is difficult because the different functional departments
sales, marketing, and customer service may have conflicting goals.
6) Order Fulfillment and Delivery: The order fulfillment and
delivery phase the actual provision of the product or service is
made. While the details vary from industry to industry, in almost
every company this step has become increasingly complex. Often,
order fulfillment involves multiple functions and locations. 7)
Order Billing and Account/Payment management: After the order has
been fulfilled and delivered, billing is typically handled by the
finance staffs, who view their job as getting the bill out
efficiently and collecting quickly. 8) Post-sales Service: This
phase plays an increasingly important role in all elements of a
companys profit equation: customer value, price, and cost.
Depending on the specifics of the business, it can include such
elements as physical installation of a product, repair and
maintenance, customer training, equipment upgrading and disposal.
Because of the information conveyed and intimacy involved, post
sales service can affect customer satisfaction and company
profitability for years.
What is supply chain management? Give its characteristics.
Supply Chain Management (SCM): Supply chain management (SCM) is a
network of suppliers and customers within which any business can
operates. It is a chain of suppliers and customers for a particular
business In electronic commerce, supply chain management has the
following characteristics: An ability to source raw material or
finished goods from anywhere in the world. A global business and
management strategy with flawless local execution. On-line,
real-time distributed information processing to the desktop,
providing total supply chain information visibility. The ability to
manage information not only within a company but across industries
and enterprises. The seamless integration of all supply chain
processes and measurements, including third-party suppliers,
information systems, cost accounting standards, and measurement
systems. The development and implementation of accounting models
such as activity-based costing that 1 ink cost to performance are
used as tools for cost reduction. A reconfiguration of the supply
chain organization into high-performance teams going from the shop
floor to senior management.
B1
What are the desirable characteristics of E-marketing ? Before
we embark on the detailed study of e-commerce, we shall discuss
some of related issues. Commonsense tells us that few transactions
are more congenial for e-marketing than others. We list out the
desirable features of a hypothetical market pace let us call it
e-market. 1. A minimal size of the place- Obviously for any such
place to thrive there is a critical size, below which it is not
profitable to operate. This minimal number of buyers and sellers
characterises the profitability of the place. 2. A scope for
interactions- Interactions include trial runs of the products,
classifications of doubts on the part of the customers, details of
after sales services, ability to compare different products and of
course scope for negotiations and bargaining. Negotiations can be
in terms of cost, value additions, terms and conditions, delivery
dates etc.
What are the three types electronic tokens? Explain. None of the
banking or selling payment methods is completely adequate in their
present form for the consumer-oriented e-commerce environment.
Totally new forms of financial instruments are also being
developed. One such new financial instrument is electronic tokens
in the form of electronic cash / money or checks. Electronic tokens
are designed as electronic analogs of various forms of payment
backed by a bank or financial institution. Simply stated,
electronic tokens are equivalent to cash that is backed by a bank.
Electronic tokens are of three types: 1. Cash or real-time.
Transactions are settled with the exchange of electronic currency.
An example of on-line currency exchange is electronic cash
(e-cash). 2. Debit or prepaid. Users pay in advance for the
privilege of getting information. Examples of prepaid payment
mechanisms are stored in smart cards and electronic purses that
store electronic money. 3. Credit or postpaid. The server
authenticates the customers and verifies with the bank that funds
are adequate before purchase. Examples of postpaid mechanisms are
credit / debit cards and electronic checks.
Draw the layered architecture of EDI.EDI architecture specifies
four layers: a) The semantic (or application) layer b) The
standards translation layer c) The packing (or transport) layer d)
The physical network infrastructure layer. The EDT semantic layer
describes the business application that is driving EDT. The
Information seen at the EDT semantic layer must be translated from
a company-specific form to a more generic or universal form so that
it can be sent to various trading partners, who could be using a
variety of software applications at their end. To facilitate the
transfer of computer files between two trading partners requires
that the computer applications of both sender and receiver use a
compatible format for EDT document exchange. The EDT translation
software converts the proprietary format into a standard mutually
agreed on by the processing systems. When a company receives the
document, their EDT translation software automatically changes the
standard format into the proprietary format of their document
processing software. The EDT transport layer corresponds closely
with the non-electronic activity of sending a business form one
company to another. The content and structure of the form are
separated from the transport carrier. EDT documents are exchanged
rapidly over electronic networks using the existing e-mail programs
and infrastructure. EDI in Action The use of EDT transporter saves
large administration costs by eliminating the bulk of flow
paperwork.
Describe the steps involved in designing electronic payment
system. Despite cost and efficiency gains, many hurdles remain to
the spread of electronic payment systems. These include several
factors, many non-technical in nature that must be addressed before
any new payment method can be successful. Privacy: A user expects
to trust in a secure system Security: A secure system verifies the
identity of two-party transaction through user authentication and
reserves flexibility to restrict information / service through
access control. Intuitive interface: The payment interface must be
as easy to use as a telephone. Generally speaking, users value
convenience more than anything. Database integration: With home
banking, for example, a customer wants to play with all his
accounts. To date, separate accounts have been stored on separate
databases. Brokers: A network banker someone to broker goods and
services, settle conflicts, and facilitate financial transactions
electronically must be in place. Pricing: One fundamental issue is
how to price payment system services. Standard: Without standards,
the welding of different payment users into different networks and
different systems is impossible. Standards enable interoperability,
giving users the ability to buy and receive information, regardless
of which bank is managing their money. o None of these hurdles are
intractable. The biggest question concerns how customers will take
to a paperless and (if not cashless) less-cash world.
What do you mean by value added networks (VANS) ? Explain. A VAN
is a communications network that typically exchanges EDT messages
among trading partners. It also provides other services, including
holding messages in electronic mailboxes, interfacing with other
VANs and supporting many telecommunications modes and transfer
protocols. A VANs electronic mailbox is a software feature into
which a user deposits EDT transactions and then retrieves those
messages when convenient. It works much like residential personal
mailboxes, and it allows everybody involved to be flexible and
cost-effective. Business can exchange data either by connecting to
each other directly or by hooking into a VAN. Traditionally, by
acting as middlemen between companies, VANs have allowed companies
to automatically and securely exchange purchase orders, invoices,
and payments. When a company sends and EDT transaction, it arrives
at a message storehouse on the VAN to await pickup by the
destination company. In this way VANs can safeguard the transaction
network. The disadvantage of EDT- enabling VANs is that they are
slow and high priced, charging by the number of characters
transmitted. In the figure we see the EDT process. Company A puts
an EDT message for trading partner manufacturing company B in the
VAN mailbox at a date and time of its choosing. The VAN picks up
the message from the mailbox and delivers it to trading partner Bs
mailbox, where it will remain until trading partner B logs on and
picks it up. Trading partner B responds to trading partner A in the
same fashion. The cycle repeats itself on a weekly, daily, or
perhaps even hourly basis as needed. This service is generally
referred to as mail-enabled EDT.
List the four advantages of internet. 1. Flat pricing, 2. cheap
access, 3. common standards and 4. secure 1 Flat-pricing that is
not dependent on the amount of information transferred. The
Internet flat- rate model is better for the customer as opposed to
the standard VAN approach of charges per character. 2 Cheap access
with the low cost of connection often a flat monthly fee for leased
line or dial- up access. Business users have access to commercial
and noncommercial Tnternet services in some 140 countries providing
ubiquitous network coverage. 3 Common mail standards and proven
networking and interoperable systems; another attraction is that
Internet mail standards are nonproprietary and handle congestion
and message routing exceptionally well. It has been noted that
sometimes on a VAN network an e-mail message can take hours or days
to reach its destination, while on the Tnternet it usually takes
seconds to minutes. 4 Security- public-key encryption techniques
are being incorporated in various electronic mail systems. This
will enable systems to ensure the privacy of EDT messages and give
users a way to verify the sender or recipient. There many
advantages to using the internet such as: Email. Email is now an
essential communication tools in business. It is also excellent for
keeping in touch with family and friends. The advantages to email
is that it is free ( no charge per use) when compared to telephone,
fax and postal services. Information. There is a huge amount of
information available on the internet for just about every subject
known to man, ranging from government law and services, trade fairs
and conferences, market information, new ideas and technical
support. Services. Many services are now provided on the internet
such as online banking, job seeking and applications, and hotel
reservations . Often these services are not available off-line or
cost more. Buy or sell products. The internet is a very effective
way to buy and sell products all over the world. Communities.
Communities of all types have sprung up on the internet. Its a
great way to meet up with people of similar interest and discuss
common issues.
What are the security threats to E-commerce ? Some of the
threats that stimulated the upsurge of interest in security include
the following Organized and internal attempts to obtain economic or
market information from competitive organizations in the private
sector. Organized and intentional attempts to obtain economic
information from government agencies. Inadvertent acquisition of
economic or market information. Inadvertent acquisition of
information about individuals. Intentional fraud through illegal
access to computer repositories including acquisition of funding
data, economic data, law enforcement data, and data about
individuals. Government intrusion on the rights of individuals
Invasion of individuals rights by the intelligence community.
What is EDI and electronic fund transfer?
The economic advantages of EDI arc widely recognized, but until
recently, companies have been able to improve only discrete
processes such as automating the accounts payable function or the
funds transfer process. Companies are realizing that to truly
improve their productivity thcy need to automate their external
processes as well as their internal processes. Another goal of new
EDI services is to reduce the cost of setting up an EDt
relationship. These costs arc still very high because of the need
for a detailed two-sided agreement between the involved business
partners and for the necessary technical agreements. Therefore most
successful EDI implementations are either in long-term partnerships
or among a limited number of partners. The advent of
inter-organizational commerce, several new types of EDT are
emerging that can be broadly categorized as traditional EDT and
open EDT. Electronic Funds Transfer is the automatic transfer of
funds among banks and other organizations.
Explain secure socket layer (SSL). SSL is an encrypted
communication protocol that we use to implement security by
switching a website into the secure mode. SSL prevents transactions
between a company and its customers from packet-sniffing attacks.
The protocol allows client/server applications to communicate in a
way that data transmissions cannot be altered. The strength of SSL
is that it is application- independent. HTTP, telnet, and FTP can
be placed on top of SSL transparently. SSL provides channel
security through encryption and reliability through a message
integrity check. SSL uses three-part process. First, information is
encrypted to prevent unauthorized disclosure. Second, the
information is authenticated to make sure that the information is
being sent and received by the correct party. Finally, SSL provides
message integrity to prevent the information from being altered
during interchanges between the source and sink.
Explain secure electronic payment protocol.
SEPP: SEPP stands from Secure Electronic Payment System. SEPP is
the electronic corresponding of the paper charge slide, signature,
and submission process. SEPP is an open, vendor-neutral,
nonproprietary, license free specification for securing on-line
transactions. SEPP takes input from the cooperation process and
causes the payment to happen via a three-way communication among
the cardholder, merchant, and acquirer. SEPP only addresses the
payment process. There are several major business requirements
addressed by SEPP. 1. To enable confidentiality of payment
information. 2. To ensure integrity of all payment data
transmitted. 3. To provide authentication that a cardholder is the
legitimate owner of a card account. 4. To provide authentication
that a merchant can accept master-card, branded card payments with
an acquiring member financial institution. SEPP PROCESS: SEPP
suppose the cardholder and merchant have been communicating in
order to negotiate terms of a purchase and generate an order. These
processes may be conducted via a WWW browser. SEPP is designed to
support transaction action swapped in both interactive and non
interactive modes. The SEPP system is composed of a collection of
elements involved in electronic commerce. Card holder: This is an
authorized holder of a bankcard supported by an issuer and
registered to perform electronic commerce. Merchant: This is a
merchant of goods, services, and/or e-products who accepts payment
for them electronically and may provide selling services and / or
electronic delivery of items for sale. Acguirer: This is a
financial institution that supports merchants by providing service
for processing credit card based transactions. Certificate
management system: This is an agent of one or more bankcard
associations that provides for the creation and distribution of
electronic certificates for merchants, acquirers, and cardholders.
Banknet: This represents the existing Network which interfaces
acquirers, issuers and the certificate management systems.
What are the desirable characteristics of an electronic market.
Desirable characteristics of E-Marketplace: The following criteria
are essential for consumer-oriented electronic commerce: Critical
mass of buyers and sellers. The trick is getting a critical mass of
corporations and consumers to use electronic mechanisms. In other
words, the electronic marketplace should be the first place
customers go to find the products and services they need.
Opportunity for independent evaluations and for customer dialogue
and discussion. In the marketplace, not only do users buy and sell
products or services, they also compare notes on who has the best
products and whose prices are outrageous. The ability to openly
evaluate the wares offered is a fundamental principle of a viable
marketplace. Negotiation and barainin. No market place is complete
if it does not support negotiation. Buyers and sellers need to be
able to haggle over conditions of mutual satisfaction, including
money, terms and conditions, delivery dates, and evaluation
criteria. New products and services. In a viable marketplace,
consumers can make requests for products and services not currently
offered and have reasonable expectations that someone will turn up
with a proposed offering to meet that request. Seamless interface.
The biggest barrier to electronic trade is having all the pieces
work together so that information can flow seamlessly from one
source to another. This requires standardization. On the corporate
side, companies need compatible EDT software and network services
in order to send electronic purchase orders, invoices, and payments
back and forth. Recourse for disgruntled buyers. A viable
marketplace must have a recognized mechanism for resolving disputes
among buyers and sellers. Markets typically include a provision for
resolving disagreements by returning the product or through
arbitrage in other cases.
B2
Write short note on the following:a) Kinds of shopping. Variety
of experiences There are many ways that cardholders will shop. This
section describes two ways. The SET protocol supports each of these
shopping experiences and should support others as they are defined.
On-line catalogues The growth of electronic commerce can largely be
attributed to the popularity of the World Wide Web. Merchants can
tap into this popularity by creating virtual storefronts on the Web
that contain on-line catalogues. These catalogues can be quickly
updated as merchants product offerings change or to reflect
seasonal promotions. Cardholders can visit these Web pages
selecting items for inclusion on an order. Once the cardholder
finishes shopping, the merchants Web server can send a completed
order form for the cardholder to review and approve. Once the
cardholder approves the order and chooses to use a payment card,
the SET protocol provides the mechanisms for the card holder to
securely transmit payment instructions as well as for the merchant
to obtain authorization and receive payment for the order.
Electronic catalogues Merchants may distribute catalogues on
electronic media such as diskettes or CD-ROM. This approach allows
the cardholder to browse through merchandise off-line. With an
on-line catalogue, the merchant has to be concerned about bandwidth
and may choose to include fewer graphics or reduce the resolution
of the graphics. By providing an off-line catalogue, such
constraints are significantly reduced. b) Secret-key cryptography.
Secret Key cryptography, also known as symmetric cryptography, uses
the same key to encrypt and decrypt the message. Therefore, the
sender and recipient of a message must share a secret, namely the
key. A well known secret-key cryptography algorithm is the Data
Encryption Standard(DES), which is used by financial institutions
to encrypt PINs. Public Key cryptography, also known as asymmetric
cryptography, uses two keys: one key to encrypt the message and the
other key to decrypt the message. The two keys are mathematically
related such that data encrypted with either key can only be
decrypted using the other. Each user has two keys: a public key and
a private key. The user distributes the public key. Because of the
relationship between the two keys, the user and anyone receiving
the public key can be assured that data encrypted with the public
key and sent to the user can only be decrypted by the user using
the private key. This assurance is only maintained if the user
ensures that the private key is not disclosed to another.
Therefore, the key pair should be generated by the usr. The best
known public-key cryptography algorithm is RSA ( named after its
inventors Rivest, Shamir and Adleman).Secret-key cryptography is
impractical for exchanging messages with a large group of
previously unknown correspondents over a public network. In order
for a merchant to conduct transactions securely with millions of
Internet subscribers, each consumer would need a distinct key
assigned by the merchant and transmitted over a separate secure
channel. On the other hand, by using public-key cryptography, that
same merchant could create a public/private key pair and publish
the public key allowing any consumer to send a secure message to
the merchant. c) Viruses and worms. A virus is a program that can
affect other programs by modifying them, the modified program
includes a copy of the virus program, which can then go into
another programs. A warm is a program that makes use of networking
software to replicate itself and move from system to system. The
worm performs some activity on each system it gains access to, such
as consuming processor resources or depositing viruses. Countering
the threat of viruses: The best solution for the threat of viruses
is prevention: do not allow a virus to get into the system in the
first place. In general, this goal is impossible to achieve,
although prevention can reduce the number of successful viral
attacks. The next best approach is to do the following: Detection:
After the infection has occurred, determine that it has occurred
and locate the virus. Purging: Remove the virus from all infected
systems so that the disease cannot spread further. Recovery:
Recover any lost data or programs. Because of the variety of
viruses, there is no universal remedy. A number of programs provide
some protection, and the security manager should be advised to
contact several vendors and assess their products.
Explain in detail the e-commerce architecture. The electronic
commerce application architecture consists of six layers of
functionality or services: (1) Applications Services: The
application services layer of e-commerce will be comprised of
existing and hope applications built on the native architecture.
Brokerage services, data or transaction management: The information
brokerage and management layer provides service integration through
the concept of information brokerages, the development of which is
necessitated by the increasing information resource fragmentation.
The concept of information brokerage to represent an intermediary
who provides service integration between customers and information
providers, given some constraint such as a low price, fast service,
or profit maximization for a client. In foreign exchange trading,
information is retrieved about the latest currency exchange rates
in order to hedge currency holdings to minimize risk and maximize
profit. The brokerage function is the support for data management
and traditional transaction services. Brokerages may provide tools
to accomplish more sophisticated, time- delayed updates or future-
compensating transactions. (3) Interface and support layers:
Interface and support services, will provide interfaces for
electronic commerce applications such as interactive catalogs and
will support directory services job needed for information search
and access. Interactive catalogs are the modified interface to
consumer applications such as home shopping. An interactive catalog
is an extension of the paper-based catalog and incorporates
additional features. The primary difference between the two is that
unlike interactive catalogs, which deal with people, directory
support services interact directly with software applications. For
this reason, they need not have the multimedia flash and ballet
generally associated with interactive catalogs. (4) Secure
messaging, security, and electronic document interchange: The
importance of the fourth layer, secured messaging, is clear.
Messaging is the software that sits between the network
infrastructure and the clients or e-commerce applications, masking
the peculiarities of the environment. Messaging products are not
applications that solve problems; they are more enablers of the
applications that solve problems. The main disadvantages of
messaging are the new types of applications it enables which appear
to be more complex, especially to traditional programmers and the
jungle of standards it involves. Also, security, privacy, and
confidentiality through data encryption and authentication
techniques are important issues that need to be resolved. 5)
Middleware and structured document interchange: Middleware is a
relatively new concept. With the growth of networks, client-server
technology, and all other forms of communicating between / among
unlike platforms, the harms of getting all the pieces to work
together grew. Middleware is the ultimate mediator between diverse
51w programs that enables them talk to one another. Middleware is
the computing shift from application centric to data centric. (6)
Network infrastructure and basic communications services:
Transparency implies that users should be unaware that they are
accessing multiple systems. Transparency is essential for dealing
with higher-level issues than physical media and interconnection
that the underlying network infrastructure is in charge of.
Transparency is accomplished using middleware that facilitates a
distributed computing environment. The goal is for m the
applications to send a request to the middleware layer, which then
satisfies the request any way it can, using remote information.
Explain, how information flows with EDI. Electronic data
interchange (EDI) is the structured transmission of data between
organizations by electronic means. It is used to transfer
electronic documents or business data from one computer system to
another computer system, i.e. from one trading partner to another
trading partner without human intervention. It is more than mere
e-mail ; for instance, organizations might replace bills of lading
and even cheques with appropriate EDI messages. It also refers
specifically to a family of standards , e.g. UN/EDIFACT, ANSI X12.
The National Institute of Standards and Technology in a 1996
publication [1] defines electronic data interchange as "the
computer-to-computer interchange of strictly formatted messages
that represent documents other than monetary instruments. EDI
implies a sequence of messages between two parties, either of whom
may serve as originator or recipient. The formatted data
representing the documents may be transmitted from originator to
recipient via telecommunications or physically transported on
electronic storage media.". It goes on further to say that "In EDI,
the usual processing of received messages is by computer only.
Human intervention in the processing of a received message is
typically intended only for error conditions, for quality review,
and for special situations. For example, the transmission of binary
or textual data is not EDI as defined here unless the data are
treated as one or more data elements of an EDI message and are not
normally intended for human interpretation as part of online data
processing." [1] EDI can be formally defined as 'The transfer of
structured data, by agreed message standards, from one computer
system to another without human intervention'. Most other
definitions used are variations on this theme. Even in this era of
technologies such as XML web services , the Internet and the World
Wide Web, EDI may be the data format used by the vast majority of
electronic commerce transactions in the world.
How does digital signature works? Explain This is the simplest
version of how a Digital Signature works. A "Digital Signature" is
slightly different than an "Electronic Signature", which is a
broader term simply referring to any indication of agreement and
identity. A "Digital Signature" often refers to a Public / Private
Key encryption system, the most common of which is "PGP", or
"Pretty Good Privacy", which is a bit of humorous understatement as
it's the basis of most military security and included in export
regulations as a U.S. national security secret. By providing two
keys, one with the public and the other privately with the buyer.
The signature is coded with both.
Explain EDI business application layer with a diagram. The first
step in the EDT process creates a document in this case, an invoice
in a software application. This software application then sends the
document to an EDT translator, which automatically reformats the
invoice into the agreed- on EDT standard. If these two pieces of
software are from different vendors, it is very important that the
document preparation application seamlessly integrate with the EDT
translation software. Tf both the EDT translator and business
application are on the same type of computer, the data will move
faster and more easily from one to another. The translator creates
and wraps the document in an electronic envelope EDT package that
has a mailbox TD for the companys trading partners. The EDT wrapper
software can be a module to the translator, a programming tool to
write a different communications protocols, or a separate
application.
Explain main categories of SCM in details Computerworld - In the
simplest terms, supply chain management (SCM) lets an organization
get the right goods and services to the place theyre needed at the
right time, in the proper quantity and at an acceptable cost.
Efficiently managing this process involves overseeing relationships
with suppliers and customers, controlling inventory, forecasting
demand and getting constant feedback on whats happening at every
link in the chain. The supply chain involves several elements:
Location. Its important to know where production facilities,
stocking points and sourcing points are located; these determine
the paths along which goods will flow. Production. An organization
must decide what products to create at which plants, which
suppliers will service those plants, which plants will supply
specific distribution centers, and, sometimes, how goods will get
to the final customer. These decisions have a big impact on
revenue, costs and customer service. Inventory. Each link in the
supply chain has to keep a certain inventory of raw materials,
parts, subassemblies and other goods on hand as a buffer against
uncertainties and unpredictabilities. Shutting down an assembly
plant because an expected parts shipment didnt arrive is expensive.
But inventory costs money too, so its important to manage
deployment strategies, determine efficient order quantities and
reorder points, and set safety stock levels. Transportation. How do
materials, parts and products get from one link in the supply chain
to the next? Choosing the best way to transport goods often
involves trading off the shipping cost against the indirect cost of
inventory. For example, shipping by air is generally fast and
reliable. Shipping by sea or rail will likely be cheaper,
especially for bulky goods and large quantities, but slower and
less reliable. So if you ship by sea or rail, you have to plan
further in advance and keep larger inventories than you do if you
ship by air.
Mention some hacking techniques. Some Hacking Techniques: Stolen
access: Involves the use of another users ID or password without
permission to gain access to the internet. Stolen resources: Search
for processors to store stolen software and data bases. Internet
virus: Virus designed to traverse through the network, passing
through multiple processors and either sending information back to
the originator or doing damage to the processors it passes though.
Email Impostures: Sending email while falsifying from field Email
passes through at least two nodes to be received, email. Email
snooping: passes through these nodes, and is stored transiently, it
is susceptible to people tithe system access, unless secured.
Sniffing: If a hacker has gained access to a host, the hacker may
set up sniffing programs to observe traffic storing information
(IDs/passwords) that can be used to compromise other systems.
Spoofing: Assuming someone elses identity, whether it is a login
ID, an IP address a server, or an ecommerce merchant. Async
attacks: While programs are idle in host memory, a hacker may have
the opportunity to access the programs data. Trojan horses: Viruses
concealed within a software package injected into a host. May be
destructive or perform some covert activity designed to send data
back to the hacker. Back doors : Applications/system programmers
may implement a secret password that allows the programmer easy
access to a host or application on the host; these passwords may be
infiltrated.
Explain digital signature technique.If digital signatures are to
replace handwritten signatures, they must have the same legal
status as handwritten signatures. The digital signature provides a
means for a third party to verify that the notarized object is
authentic. Digital signatures should have greater legal authority
than handwritten signatures. If the contract was signed by digital
signatures, however, a third party can verify that not one byte of
the contract has been altered.
B3
Write a note on the following: (a) Significance of WWW on
e-commerce World Wide Web (WWW) as the architecture: -Electronic
commerce depends on the unspoken statement that computers
co-operate efficiently for seamless information sharing.
Unfortunately, this statement of interoperability has not been
supported by the realities of practical computing. Computing is
still a world make up of many technical directions, product,
implementations and competing vendors. The Web community of
developers and users is tackling these complex problems. The
architecture is made up of three primary entities: client browser,
Web server, and third-party services. The client browser usually
interacts with the WWW server, which acts as an intermediary in the
interaction with third-party services. The client browser resides
on the users PC or workstation and provides an interface to the
various types of content. The browser has to be smart enough to
understand what file it is downloading and what browser extension
it needs to activate to display the file. Browsers are also capable
of manipulating local files. Web server functions can be
categorized into information retrieval, data and transaction
management, and security. The third-party services could be other
Web servers that make up the digital library, information
processing tools, and electronic payment systems. (b) Security
threats Some of the threats that stimulated the upsurge of interest
in security include the following Organized and internal attempts
to obtain economic or market information from competitive
organizations in the private sector. Organized and intentional
attempts to obtain economic information from government agencies.
Inadvertent acquisition of economic or market information.
Inadvertent acquisition of information about individuals.
Intentional fraud through illegal access to computer repositories
including acquisition of funding data, economic data, law
enforcement data, and data about individuals. Government intrusion
on the rights of individuals Invasion of individuals rights by the
intelligence community (c) Security tools Secure Transport Stacks
(Secure Transport Protocol): The internet uses the transport
control protocol / Internet protocol (TCP/IP) as the primary
network protocol engine. Each IP packet contains the data that is
to be sent to some endpoint destination. The IP packet consists of
a 32 bit source and destination address optional bit flags, a
header checksum, and the data itself. There is guarantee at the
network layer that the IP protocol data units will be received, and
even if they are received, they may not be received in any
particular order. We cannot solely rely on the source address to
validate the identity of the user who sent the packet. TCP provided
retransmission of lost or corrupted protocol data units into their
original order of transmission. Each packet contains a sequence
number which is what TCP uses to sort the protocol data units. The
acknowledgement number is the sequence number of the last packet
transmitted. The two most prominent secure transmission protocols
for secure Web communication are: 1 .Secure Sockets Layer 2.Secure
HTTP (S-HTTP) (d) Cryptography Protection of sensitive information
Cryptography has been used for centuries to protect sensitive
information as it is transmitted from one location to another. In a
cryptographic system, a message is encrypted using a key. The
esulting ciphertext is then transmitted to the recipient where it
is decrypted using a key to produce the original message. There are
two primary encryption methods in use today: secret-key
cryptography and public- key cryptography. SET uses both methods in
its encryption process. Secret key cryptography Secret Key
cryptography, also known as symmetric cryptography, uses the same
key to encrypt and decrypt the message. Therefore, the sender and
recipient of a message must share a secret, namely the key. A well
known secret-key cryptography algorithm is the Data Encryption
Standard(DES), which is used by financial institutions to encrypt
PINs. (e) S-HTTP S-HTTP sets up security details with special
packet headers that are exchanged in S-HTTP. The headers define the
type of security techniques, including the use of private-key
encryption, server authentication, client authentication, and
message integrity. A secure envelope encapsulates a message and
provides secrecy, integrity, and client/server authentication.
S-HTTP provides a number of security features. These include:
Client and server authentication Spontaneous encryption S-HTTP
operates at the topmost layer of the protocol suitethe application
layer. It provides: Symmetric encryption for maintaining secret
communications. Public-key encryption to establish client/server
authentication. Message digests for data integrity. (f) Payment
processing Transactions described This section describes the flow
of transactions as they are processed by various systems. SET
defines a variety of transaction protocols that utilize the
cryptographic concepts introduced in previous section to securely
conduct electronic commerce. The section describes the following
transactions: Cardholder registration Merchant registration
Purchase request Payment authorization Payment capture Other
transactions The following additional transactions are part of
these specifications, but are not described in this section:
Certificate query Purchase inquiry Purchase notification Sale
transaction Authorization reversal Capture reversal Credit Credit
reversal
Stages of E-Commerce architecture on Web. 1 .Client browser, 2.
WWW server functions and 3. third party services. The Web community
of developers and users is tackling these complex problems. The
architecture is made up of three primary entities: client browser,
Web server, and third-party services. The client browser usually
interacts with the WWW server, which acts as an intermediary in the
interaction with third-party services. The client browser resides
on the users PC or workstation and provides an interface to the
various types of content. The browser has to be smart enough to
understand what file it is downloading and what browser extension
it needs to activate to display the file. Browsers are also capable
of manipulating local files
What are the basic banking services provided in e-commerce. 1.
Basic banking services: -normal customer would be transacting with
his bank most of the time. They are mainly related to personal
finances. A customer has with his bank can be classified into the
following: i Checking his accounts statements ii Round the clock
banking (ATM) iii Payment of bills etc. iv Fund transfer and v
Updating of his pass books etc. The concept of Automated Teller
Machines is to allow the customer to draw money from his account at
any part of the day or night. The customer need not go to the bank
at all for his most important service. ATMs are connected to a Bank
Switching Centre. The Switching Centre of several banks is
interconnected to an association switching centre. 2. Home
shopping: -We assume it is television based shopping. It may be
noted that this concept is picking up now in India in a small way,
wherein the channels set apart only a very small portion of their
broadcasting time to teleshopping. Customer can order the items
over phone. The goods are delivered to his home and payment can be
made in the normal modes. Concepts of traditional marketing like
negotiations, trial testing etc. are missing from this scheme and
it is most suitable for those customers who are almost sure of what
they need to buy but who are to busy to go to the shops. 3. Home
entertainment: - The next example of this type of commerce is home
entertainment. Dubbed on line movies, it is possible for the user
to select a movie/CD online and make his cable operator play the
movie exclusively for him (movie on demand) cause against payment
like Tata Sky. Payment can be either online/ payable to his
account. It is also possible to play interactive games
online/download them to your computer to play. The concept of
downloading games/news etc. At a cost to the mobiles is also a
similar concept. It may be noted that in all these cases, the
physical movement of the customer/trader is avoided; of course, the
computer need not always be a part of the deal. 4.
Micro-transaction for information: - The telephone directories
provide a basic type of micro- transaction. If we want by one
particular type of item say books they list the addresses and phone
numbers of the various book dealers whom we may contact. Similar
facilities are available on the internet may be for more number of
items and also with more details. This can be though of as an
extension of the earlier described television based ordering. We
dont have to order only those items that are shown in the computer,
but search for an item that we need. Basic Tenets of E-Commerce in
a consumer oriented scenario: - It has been said that the meeting
of money, commerce, computing and networks form the global consumer
market place. It includes facilities for negotiations, bargaining;
order processing, payment and customer service. Though it is
desirable that the entire system is automated, it may be possible
that one/more of these activities may be transacted in a
traditional manner. The order is placed over phone, further
negotiations may be made with the sales representative calling on
the buyer, the payment may be made through a cheque etc. Some of
the fundamental issues of consumer oriented e-commerce can be made
broad based are listed below: a) Standard business practices and
processes for buying and selling of products as well as services
need to be established. b) Easy to use and well accepted software
and hardware implementations of the various stages of ecommerce
like order taking, payment, delivery, after sales interactions etc.
need to be established. c) Secure commercial and transport
practices that make the parties believe that they are not at the
mercy of any body else for the safety of their information and
goods need to be in place. It may be noted that each one of the
above requirements can be established only over a period of time
with several trial and error methods.
What are the benefits of EDI. EDI can be a cost- and time-saving
system, for many reasons. The automatic transfer of information
from computer to computer reduces the need to rekey information and
as such reduces costly errors to near zero. EDI transactions
produce acknowledgments of receipt of data. Saving also accrues
from the following improvements: Reduced paper-based systems: EDI
can impact the effort and expense a company devotes to maintaining
records, paper- related supplies, filing cabinets, or other storage
systems and to the personnel required to maintain all of these
systems. EDI can also reduce postage bills because of the amounts
of paper that no longer need be sent. Improved problem resolution
and customer service: EDI can minimize the time companies spend to
identify and resolve inter-business problems. EDI can improve
customer service by enabling the quick transfer of business
documents and a marked decrease in errors. Expanded
customer/supplier base: Many large manufacturers and retailers with
the necessary clout are ordering their suppliers to institute an
EDT program. However, these are isolated islands of productivity
because they are unable to build bridges to other companies. With
the advent of electronic commerce, the bridge is now available.
What is e-cash give the properties of e-cash. Electronic Cash:
Electronic cash (e-cash) is a new concept in on-line payment
systems because it combines computerized convenience with security
and privacy that improve on paper cash. E-cash presents some
interesting characteristics that should make it an attractive
alternative for payment over the Internet. E-cash focuses on
replacing cash as the principal payment vehicle in
consumer-oriented electronic payments. The predominance of cash
indicates an opportunity for innovative business practice that
revamps the purchasing process where consumers are heavy users of
cash. Cash is negotiable, meaning it can be given or traded to some
one else. Cash is legal tender, meaning the payee is obligated to
take it. Cash is a bearer instrument, meaning that possession is
prima facie proof of ownership. Properties of E-cash: Specifically,
e-cash must have the following four properties: monetary value,
interoperability, retrievability, and security. E-cash must have a
monetary value it must be backed by cash (currency),
bank-authorized credit, or a bank-certified cashiers check. When
e-cash created by one bank is accepted by others, reconciliation
must occur without any problems. Stated another way, e-cash without
proper bank certification caffies the risk that when deposited, it
might be returned for insufficient funds. E-cash must be
interoperable exchangeable as payment for other e-cash, paper cash,
goods or services, lines of credit, deposits in banking accounts,
bank notes or obligations, electronic benefits transfers,. E-cash
must be storable and retrievable. The cash could be stored on a
remote computers memory, in smart cards, or in other easily
transported standard devices. Because it might be easy to create
counterfeit cash that is stored in a computer, it might be
preferable to store cash on a committed device that cannot be
misused. E-cash should not be easy to copy or tamper with while
being exchanged this includes detecting duplication and
double-spending. Fake a particular problem, in the Internet and
anywhere in the world and so is difficult to catch without
appropriate international agreements. Detection is essential in
order to audit whether prevention is working. Then there is the
tricky issue of double spending (DFN88). Preventing double-
spending from occurring is extremely difficult if multiple banks
are involved in the transaction. For this reason, most systems rely
on post-fact detection and punishment.
What is electronic pulse? Explain. A new digital andphysical
Label for electronic Music. electronic pulse records is not just a
label. Velocity is electronic pulse records!a comprehensive
platform for artists, musicians, producers and all other friends of
electronic music.Completely independent and solely to the
development and Expansion of electronic music, open to everything
and constantly on the lookout for new sounds that is electronic
pulse records!! Compare push and pull based supply chains. The
business terms push and pull originated in the marketing and
selling world.but are also applicable in the world of electronic
content and supply chain management. The push/pull relationship is
that between a product or piece of information and who is moving
it. A customer pulls things towards themselves, while a producer
pushes things toward customers. With a push-based supply chain,
products are pushed through the channel, from the production side
up to the retailer. The manufacturer sets production at a level in
accord with historical ordering patterns from retailers. It takes
longer for a push-based supply chain to respond to changes in
demand, which can result in overstocking or bottlenecks and delays,
unacceptable service levels and product obsolescence. In a
pull-based supply chain, procurement, production and distribution
are demand driven so that they are coordinated with actual customer
orders, rather than forecast demand. A supply chain is almost
always a combination of both push and pull, where the interface
between the push- based stages and the pull-based stages is known
as the push-pull boundary. An example of this would be Dells build
to order supply chain. Inventory levels of individual components
are determined by forecasting general demand, but final assembly is
in response to a specific customer request. The push-pull boundary
would then be at the beginning of the assembly line. A
push-pull-system in business describes the movement of a product or
information between two subjects. On markets the consumers usually
pulls the goods or information they demand for their needs, while
the offerers or suppliers pushes them toward the consumers. In
logistic chains or supply chains the stages are operating normally
both in push- and pull-manner. The interface between push-based
stages and pull-based stages are called push-pull boundary or
decoupling point .
Explain electronic tokens present in payment systems None of the
banking or selling payment methods is completely adequate in their
present form for the consumer-oriented e-commerce environment.
Totally new forms of financial instruments are also being
developed. One such new financial instrument is electronic tokens
in the form of electronic cash / money or checks. Electronic tokens
are designed as electronic analogs of various forms of payment
backed by a bank or financial institution. Simply stated,
electronic tokens are equivalent to cash that is backed by a bank.
Electronic tokens are of three types: 1. Cash or real-time.
Transactions are settled with the exchange of electronic currency.
An example of on-line currency exchange is electronic cash
(e-cash). 2. Debit or prepaid. Users pay in advance for the
privilege of getting information. Examples of prepaid payment
mechanisms are stored in smart cards and electronic purses that
store electronic money. 3. Credit or postpaid. The server
authenticates the customers and verifies with the bank that funds
are adequate before purchase. Examples of postpaid mechanisms are
credit / debit cards and electronic checks.
B4
What are the desirable characteristics of e-commerce Desirable
characteristics of E-Commerce: - Commonsense tells us that few
transactions are friendlier for e-marketing than others. We list
out the desirable features of a hypothetical market pace let us
call it e-market. a) A minimal size of the place: Obviously for any
such place to thrive there is a critical size, below which it is
not profitable to operate. This minimal number of buyers and
sellers characterizes the profitability of the place. A scope for
interactions: Interactions include trial runs of the products,
classifications of doubts on the part of the customers, details of
after sales services, b) ability to compare different products and
of course scope for negotiations and bargaining. Negotiations can
be in terms of cost, value additions, terms and conditions,
delivery dates etc. c) Scope for desinint new products: The
customer need not buy only what is available. He can ask for
modifications, up-gradations etc. The supplier must be able to
accept these and produce made to order items. d) A seamless
connection to the marketplace: It is obvious that each customer
will be operating with a different type of computer, software,
connectivity etc. There should be available standards sot that any
of these costumers will be able to attach himself to any of the
markets without changing his hardware/software/interfaces etc.
Recourse for disgruntled users: It is nave to believe that
transaction of such a place end up in complete satisfaction to all
parties concerned. Especially because of the facelessness of the
customer and the supplier, there should be a standard recourse to
settle such disputes.
Define e-commerce. Name any two areas which are reasons of worry
in e commerce.1.Security and 2. legal acceptance Security. A secure
system verifies the identity of two-party transaction through user
authentication and reserves flexibility to restrict information /
service through access control. Millions of dollars have been
embezzled by computer fraud. No systems are yet fool-proof,
although designers are concentrating closely on security. Legal
acceptance. It is not that the concept of e-commerce is totally
without side effects. The very nature of the concept, that is
revolutionary makes it difficult for the users to understand fully
the various issues involved. There are several areas of security,
safety against fraud etc., the concept of legal acceptance that are
yet to be solved. Also since the internet knows no national
boundaries, the concepts become more complex, since what is legal
in one country may not be so in another. There is also the concepts
of taxation and state controls that needs to be solved. All these
issues will be taken up in some detail during the course of this
topic.
How does the commerce and e-commerce are related.Concept of
Commerce and E-Commerce: -Commerce is normally associated with the
buying and selling of items. Commerce is one of the oldest
activities of human beings and the concept of traders selling and
buying items is a part of history. Markets are a common place where
the buyers and sellers meet along with their products. Money is
also an essential part of the market place. The concept of money,
we have several concepts of banking, various methods of
representing and transferring money like cheques, MOUs, Drafts etc.
The key element of e-commerce is information processing. Every
stage of commerce, except of route production of goods and their
physical delivery can be automated. The tasks that can be automated
include information gathering, processing, and manipulation and
information distribution.
Explain the four layers of EDI architecture and list the
benefits of EDI. a) The semantic (or application) layer b) The
standards translation layer c) The packing (or transport) layer d)
The physical network infrastructure layer. The EDT semantic layer
describes the business application that is driving EDT. The
Information seen at the EDT semantic layer must be translated from
a company-specific form to a more generic or universal form so that
it can be sent to various trading partners, who could be using a
variety of software applications at their end. To facilitate the
transfer of computer files between two trading partners requires
that the computer applications of both sender and receiver use a
compatible format for EDT document exchange. The EDT translation
software converts the proprietary format into a standard mutually
agreed on by the processing systems. When a company receives the
document, their EDT translation software automatically changes the
standard format into the proprietary format of their document
processing software. The EDT transport layer corresponds closely
with the non-electronic activity of sending a business form one
company to another. The content and structure of the form are
separated from the transport carrier. EDT documents are exchanged
rapidly over electronic networks using the existing e-mail programs
and infrastructure. Tandble Benefits of EDI: EDT can be a cost- and
time-saving system, for many reasons. The automatic transfer of
information from computer to computer reduces the need to rekey
information and as such reduces costly errors to near zero. EDT
transactions produce acknowledgments of receipt of data. Saving
also accrues from the following improvements: Reduced paper-based
systems: EDT can impact the effort and expense a company devotes to
maintaining records, paper- related supplies, filing cabinets, or
other storage systems and to the personnel required to maintain all
of these systems. EDT can also reduce postage bills because of the
amounts of paper that no longer need be sent. Improved problem
resolution and customer service: EDT can minimize the time
companies spend to identify and resolve inter-business problems.
EDT can improve customer service by enabling the quick transfer of
business documents and a marked decrease in errors. Expanded
customer/supplier base: Many large manufacturers and retailers with
the necessary clout are ordering their suppliers to institute an
EDT program. However, these are isolated islands of productivity
because they are unable to build bridges to other companies. With
the advent of electronic commerce, the bridge is now available.
Explain the legal and security aspects of EDISince in the case
of EDT, we are dealing with trade between countries and company,
issues of legal admissibility and computer security are paramount.
However, careful assessment of the trade-offs must be part of this
process and should satisfy legal requirements. 1)Legal status of
EDI Messages: There has been considerable debate concerning the
legal status of EDT messages and electronic messages in general. No
rules exist that indicate how electronic messages may be considered
binding in business or other related transactions. The
establishment of such a framework is essential if EDT is to become
widespread. 2)Digital Signatures and EDI: If digital signatures are
to replace handwritten signatures, they must have the same legal
status as handwritten signatures. The digital signature provides a
means for a third party to verify that the notarized object is
authentic. Digital signatures should have greater legal authority
than handwritten signatures. If the contract was signed by digital
signatures, however, a third party can verify that not one byte of
the contract has been altered.
Name three broad phases of consumers perspective and give
categories of consumers. 1) Pre-purchase Preparative: The
pre-purchase preparation phase includes search and discovery for a
set of products in the larger information space capable of meeting
customer requirements and products selection from the smaller set
of products based on attribute comparison. 2) Purchase
Consummation: The purchase consummation phase includes mercantile
protocols that specify the flow of information and documents
associated with purchasing and negotiation with purchasing and
negotiation with merchants for suitable terms, such as price,
availability, and delivery dates; and electronic payment mechanisms
that integrate payment into the purchasing process. 3)
Post-purchase interaction: The post-purchase interaction phase
includes customer service and support to address customer
complaints, product returns, and product defects. Purchase
deliberation is defined as the elapsed time between a consumers
first thinking about buying and the actual purchase Pre-purchase
Preparative: Purchase deliberation is defined as the elapsed time
between a consumers first thinking about buying and the actual
purchase itself. Information search should constitute the major
part of the duration, but comparison of alternatives and price
negotiation would be included in the continually evolving
information search and deliberation process. Customer can be
categorized into three types: 1. Impulsive buyers: - Who purchase
products quickly. 2. Patient buyers: -Who purchase products after
making some comparisons. 3. Analytical buyers: - Who do large
research before making the decision to purchase products or
services. Marketing researchers have isolated several types of
purchasing: Specifically planned purchases. The need was recognized
on entering the store and the shopper bought the exact item
planned. Generally planned purchases. The need was recognized, but
the shopper decided in-store on the actual manufacturer of the item
to satisfy the need. Reminder purchases. The shopper was reminded
of the need by some store influence. This shopper is influenced by
in-store advertisements and can substitute products readily.
Entirely unplanned purchases. The need was not recognized entering
the store like gift items. Purchase Consummation: After identifying
the products to be purchased, the buyer and seller must interact in
some way to actually carry out the mercantile transaction. A
mercantile transaction is defined as the exchange of information
between the buyer and seller followed by the necessary payment.
There may be many variants of this protocol, the basic flow remains
the same; they are listed below: 1. Buyer contacts vendor to
purchase product or service. 2. Vendor states price. 3. Buyer and
vendor may or may not engage in negotiation. 4. If satisfied, buyer
authorizes payment to the vendor with an encrypted transaction
containing a digital signature for the agreed price. 5.Vendor
contacts his or her billing service to verify the encrypted
authorization for authentication. 6. Billing service decrypts
authorization and checks buyers account balance or credit and puts
a hold on the amount of transfer. 7. Billing service gives the
vendor the green light to deliver product and sends a standardized
message giving details of transaction. 8. On notification of
adequate funds to cover financial transaction, vendor delivers the
goods to buyer or in the case of information purchase provides a
crypto key to unlock the file. 9. On receiving the goods, the buyer
signs and delivers receipt. Vendor then tells billing service to
complete the transaction. 10. At the end of the billing cycle,
buyer receives a list of transactions. Buyer can then either deny
certain transactions or complain about over billing. Suitable audit
or customer service actions are then initiated depending on the
payment scheme. Post-purchase Interaction: Returns and claims are
an important part of the purchasing process that impact
administrative costs, scrap and transportation expenses, and
customer relations. Other complex customer service challenges arise
in customized retailing that we have not fully understood or
resolved: Inventory issues: To serve the customer properly, a
company should inform a customer right away when an item ordered is
sold out-not with a rain check or back-order notice several days
later. On the other hand, if the item is in stock, a company must
be able to assign that piece to the customer immediately and remove
it from available inventory. Database access and compatibility
issues: Unless the customer can instantly access all the computers
of all the direct-response vendors likely to advertise on the
Information Superhighway on a realtime basis, with compatible
software he or she is not likely to get the kind of service that
customers normally get. Customer service issues: Customers often
have questions about the product (color, size, shipment), want
expedited delivery, or have one of a myriad of other things in mind
that can be resolved only by talking to an order entry
operator.
What are security strategies and list the security tools. There
is basic security strategies that can be utilized to combat the
threats discussed so for: access to control, integrity,
confidentiality, and authentication Secure Transport Stacks (Secure
Transport Protocol): The internet uses the transport control
protocol / Internet protocol (TCP/IP) as the primary network
protocol engine. Each TP packet contains the data that is to be
sent to some endpoint destination. The IP packet consists of a 32
bit source and destination address optional bit flags, a header
checksum, and the data itself. There is guarantee at the network
layer that the IP protocol data units will be received, and even if
they are received, they may not be received in any particular
order. We cannot solely rely on the source address to validate the
identity of the user who sent the packet. TCP provided
retransmission of lost or corrupted protocol data units into their
original order of transmission. Each packet contains a sequence
number which is what TCP uses to sort the protocol data units. The
acknowledgement number is the sequence number of the last packet
transmitted. The two most prominent secure transmission protocols
for secure Web communication are: Secure Sockets Layer: SSL is an
encrypted communication protocol that we use to implement security
by switching a website into the secure mode. SSL prevents
transactions between a company and its customers from
packet-sniffing attacks. The protocol allows client/server
applications to communicate in a way that data transmissions cannot
be altered. The strength of SSL is that it is application-
independent. HTTP, telnet, and FTP can be placed on top of SSL
transparently. SSL provides channel security through encryption and
reliability through a message integrity check. SSL uses three-part
process. First, information is encrypted to prevent unauthorized
disclosure. Second, the information is authenticated to make sure
that the information is being sent and received by the correct
party. Finally, SSL provides message integrity to prevent the
information from being altered during interchanges between the
source and sink. SSL depends on RSA encryption for exchange of the
session key and client/server authentication and for various other
cryntographic algorithms. The length of key can vary between 40 to
1024 bits. The information is sent to the company, which then uses
a private key to decrypt the information. The process is
transparent to customers; hence it is easy to use: the shoppers
enter their credit card numbers, SSL encrypts them and sends the
encrypted files to the merchant; the transmission proceeds as soon
as SSL decrypts the files. Secure HTTP (S-HTTP: S-HTTP sets up
security details with special packet headers that are exchanged in
S-HTTP. The headers define the type of security techniques,
including the use of private-key encryption, server authentication,
client authentication, and message integrity. A secure envelope
encapsulates a message and provides secrecy, integrity, and
client/server authentication. S-HTTP provides a number of security
features. These include: Client and server authentication
Spontaneous encryption
What are the approaches for enterprise level security. A
firewall is a security mechanism that allows users with special
rights to access a protected network. Illegal users are denied
access to the protected websites on the Internet. It is important
to note that a firewall can only prevent the corporate data against
user threats, but it cannot protect against viruses. Firewalls are
mainly used to protect sites that involve financial transactions. A
selection basis is applied while granting access to external users.
The selection procedure is based on the user name and password,
Internet Protocol (IP) address, or domain name. For example, a
vendor could permit entry to its website through the firewall only
to those users with specific domain names belonging to customer
companies. Firewalls are classified into three main categories: 1.
Packet filters: Packet filtering at the network layer can be use as
a first defense. Basic filtering comes as part of most routers
software. Each packet is either forwarded or dropped based on its
source address destination address, or a defined (TCP) port.
Configuring a filter involves some determination of what services/
addresses should and should not be permitted to access the network
or server.2. Application level gateways: An application-level
gateway provides a mechanismfor filtering traffic for various
applications. The administrator defines and implements code
specific to applications or services used by the users site.
Services or users that can compromise the network security can then
e restricted. To counter some weaknesses associated with packet
filtering routers, firewalls utilize software applications to
forward and filter connections for services such as Telnet, FTP,
and HTTP. 3. Proxy servers: A proxy server terminates a users
connection (by application) and sets up a new connection to the
ultimate destination on behalf of the user, proxying for the user.
A user connects with a port on the proxy; the connection is routed
through the gateway to a destination port, which is routed to the
destination address.
B5
Name any four issues addressed in a e- payment system? Despite
cost and efficiency gains, many hurdles remain to the spread of
electronic payment systems. These include several factors, many
non-technical in nature that must be addressed before any new
payment method can be successful. Privacy: A user expects to trust
in a secure system Security: A secure system verifies the identity
of two-party transaction through user authentication and reserves
flexibility to restrict information / service through access
control. Intuitive interface: The payment interface must be as easy
to use as a telephone. Generally speaking, users value convenience
more than anything. Database integration: With home banking, for
example, a customer wants to play with all his accounts. To date,
separate accounts have been stored on separate databases. Brokers:
A network banker someone to broker goods and services, settle
conflicts, and facilitate financial transactions electronically
must be in place. Pricing: One fundamental issue is how to price
payment system services. Standard: Without standards, the welding
of different payment users into different networks and different
systems is impossible. Standards enable interoperability, giving
users the ability to buy and receive information, regardless of
which bank is managing their money. None of these hurdles are
intractable. The biggest question concerns how customers will take
to a paperless and (if not cashless) less-cash world.
Explain any four components of EDI implementation. EDT
implementation starts with an agreement between a company and its
trading partner. The data moves without much interference to the
trading partners application, with no additional steps to slow the
process. Both parties exchange message based on a structured format
each type of message; a standard format has been agreed on by the
exchanging parties. The basic kit necessary for EDT implementation
are: Common EDT standards dictate syntax and standardize on the
business language. EDT standards basically specify transaction sets
complete sets of business documents. Translation software sends
messages between trading partners, integrates data into and from
existing computer applications, and translates among EDT message
standards. Trading partners are a firms customers and suppliers
with whom business is conducted. Banks facilitate payment and
remittance. EDT Value -Added Network services (VANs). A VAN is a
third-party service provider that manages data communications
networks for businesses that exchange electronic data with other
businesses. Proprietary hardware and networking if it is a hub
company. Hubs, also called sponsors, are large companies, very
active in EDT, that facilitate their business partners use of EDT.
An important feature of EDT is that software evaluates and
processes structured messages. The information system then proceeds
to act upon the message.
How does the commerce and e-commerce are related.Concept of
Commerce and E-Commerce: -Commerce is normally associated with the
buying and selling of items. Commerce is one of the oldest
activities of human beings and the concept of traders selling and
buying items is a part of history. Markets are a common place where
the buyers and sellers meet along with their products. Money is
also an essential part of the market place. The concept of money,
we have several concepts of banking, various methods of
representing and transferring money like cheques, MOUs, Drafts etc.
The key element of e-commerce is information processing. Every
stage of commerce, except of route production of goods and their
physical delivery can be automated. The tasks that can be automated
include information gathering, processing, and manipulation and
information distribution.
What is meant by integrity of data ? Explain the encryption
Algorithm on which SSL depends. Data integrity is data that has a
complete or whole structure. All characteristics of the data
including business rules, rules for how pieces of data relate,
dates, definitions and lineage must be correct for data to be
complete. Per the discipline of data architecture, when functions
are performed on the data the functions must ensure integrity.
Examples of functions are transforming the data, storing the
history, storing the definitions (Metadata) and storing the lineage
of the data as it moves from one place to another. The most
important aspect of data integrity per the data architecture
discipline is to expose the data, the functions and the datas
characteristics. Data that has integrity is identically maintained
during any operation (such as transfer, storage or retrieval). Put
simply in business terms, data integrity is the assurance that data
is consistent, certified and can be reconciled. In terms of a
database data integrity refers to the process of ensuring that a
database remains an accurate reflection of the universe of
discourse it is modelling or representing. In other words there is
a close correspondence between the facts stored in the database and
the real world it models A Web server that utilizes security
protocols like SSL to encrypt and decrypt data, messages, and
online payment gateways to accept credit cards, to protect them
against fraud, false identification, or third party tampering.
Purchasing from a secure Web server ensures that a users credit
card information, or personal information can be encrypted with a
secret code that is difficult to break. Popular security protocols
include SSL, SHTTP, SSH2, SFTP, PCT, and IPSec.
List advantages and disadvantages of internet. Tnternet is
probably one of the greatest inventions of the century. Before we
have to go to the library to do our research work but now, all we
have to do is go to Google and do our research. We can do many
things with the internet: we can shop from eBay , chat with your
friends in Facebook or Skype , watch videos in YouTube, earn money
from blogging, and many more! Internet is really useful and has a
lot of advantages, but there are also some disadvantages of using
it. Check out this list of advantages and disadvantages of the
internet: Advantages- Communication : The foremost target of
internet has always been the communication. And internet has
excelled beyond the expectations . Still; innovations are going on
to make it faster, more reliable. By the advent of computers
Internet, our earth has reduced and has attained the form of a
global village. Now we can communicate in a fraction of second with
a person who is sitting in the other part of the world. Today for
better communication, we can avail the facilities of e-mail; we can
chat for hours with our loved ones. There are plenty messenger
services in offering. With help of such services, it has become
very easy to establish a kind of global friendship where you can
share your thoughts, can explore other cultures of different
ethnicity. Information: Information is probably the biggest
advantage internet is offering. The Internet is a virtual treasure
trove of information. Any kind of information on any topic under
the sun is available on the Internet. The search engines like
Google, yahoo is at your service on the Internet. You can almost
find any type of data on almost any kind of subj ect that you are
looking for. There is a huge amount of information available on the
internet for just about every subj ect known to man, ranging from
government law and services, trade fairs and conferences, market
information, new ideas and technical support, the list is end less.
Students and children are among the top users who surf the Internet
for research. Today, it is almost required that students should use
the Internet for research for the purpose of gathering resources.
Teachers have started giving assignments that require research on
the Internet. Almost every coming day, researches on medical issues
become much easier to locate. Numerous web sites available on the
net are offering loads of information for people to research
diseases and talk to doctors online at sites such as, Americas
Doctor. During 1998 over 20 million people reported going online to
retrieve health information. Entertainment: Entertainment is
another popular raison dtre why many people prefer to surf the
Internet. In fact, media of internet has become quite successful in
trapping multifaceted entertainment factor. Downloading games,
visiting chat rooms or just surfing the Web are some of the uses
people have discovered. There are numerous games that may be
downloaded from the Internet for free. The industry of online
gaming has tasted dramatic and phenomenal attention by game lovers.
Chat rooms are popular because users can meet new and interesting
people. In fact, the Internet has been successfully used by people
to find life long partners. When people surf the Web, there are
numerous things that can be found. Music, hobbies, news and more
can be found and shared on the Internet. Services: Many services
are now provided on the internet such as online banking, job
seeking, purchasing tickets for your favorite movies, guidance
services on array of topics engulfing the every aspect of life, and
hotel reservations. Often these services are not available off-line
and can cost you more. E-Commerce: Ecommerce is the concept used
for any type of commercial maneuvering, or business deals that
involves the transfer of information across the globe via Internet.
It has become a phenomenon associated with any kind of shopping,
almost anything. You name it an Ecommerce with its giant tentacles
engulfing every single product and service will make you available
at your door steps. It has got a real amazing and wide range of
products from household needs, technology to entertainment.
Disadvantages Theft of Personal information If you use the
Internet, you may be facing grave danger as your personal
information such as name, address, credit card number etc. can be
accessed by other culprits to make your problems worse. Spamming:
Spamming refers to sending unwanted e-mails in bulk, which provide
no purpose and needlessly obstruct the entire system. Such illegal
activities can be very frustrating for you, and so instead of just
ignoring it, you should make an effort to try and stop these
activities so that using the Internet can become that much safer.
Virus threat: Virus is nothing but a program which disrupts the
normal functioning of your computer systems. Computers attached to
internet are more prone to virus attacks and they can end up into
crashing your whole hard disk, causing you considerable headache.
Pornography: This is perhaps the biggest threat related to your
childrens healthy mental life. A very serious issue concerning the
Internet. There are thousands of pornographic sites on the Internet
that can be easily found and can be a detrimental factor to letting
children use the Internet. In short answer The advantages of using
internet communication are that * can callibrate easily with people
* its easy to access with just one click * we have the ability to
link to peapole and places immediately The disadvantages of using
Internet communication are that * not everyone have the access to
the Internet * it requires a specialist staff The disadvantages of
using the Internet in general are * young children have access to
porn * anyone can easily access instructions on making bombs, guns,
silencers, or other dangerous materials. *anyone can find
information on committing an almost untraceable murder *anyone can
find anything, no matter how illegal
List the six layers of E-Commerce architecture and what are the
four types of Purchases. The electronic commerce application
architecture consists of six layers of functionality or services:
(1) Applications Services: The application services layer of
e-commerce will be comprised of existing and hope applications
built on the native architecture. Three district classes of
electronic commerce applications can be famous: a) Customer-to-
business: Customers learn about products differently through
electronic publishing, buy them using electronic cash and secure
payment systems, and have them delivered differently. b)
Business-to-business: Businesses, governments, and other
organizations depend on computer-to-computer communication as a
fast, an economical, and a reliable way to conduct business
transactions. Small companies are also beginning to see the
benefits of adopting the similar methods. c) Intra-oranization: A
Company becomes market driven by dispersing throughout the firm
information about its customers and competitors. To maintain the
relationships that are critical to delivering superior customer
value, management must pay close attention to service, both before
and after sales. (2) Brokerage services, data or transaction
management: The information brokerage and management layer provides
service integration through the concept of information brokerages,
the development of which is necessitated by the increasing
information resource fragmentation. The concept of information
brokerage to represent an intermediary who provides service
integration between customers and information providers, given some
constraint such as a low price, fast service, or profit
maximization for a client. In foreign exchange trading, information
is retrieved about the latest currency exchange rates in order to
hedge currency holdings to minimize risk and maximize profit. The
brokerage function is the support for data management and
traditional transaction services. Brokerages may provide tools to
accomplish more sophisticated, time- delayed updates or future-
compensating transactions. (3) Interface and support layers:
Interface and support services, will provide interfaces for
electronic commerce applications such as interactive catalogs and
will support directory services job needed for information search
and access. Interactive catalogs are the modified interface to
consumer applications such as home shopping. An interactive catalog
is an extension of the paper-based catalog and incorporates
additional features. The primary difference between the two is that
unlike interactive catalogs, which deal with people, directory
![DEPARTMENT of commerce - NIST · DEPARTMENTOFCOMMERCE Circular ofTHE BureauofStandards No.62 SOAP [ThirdEdition] JANUARY24,1923 PRICE,5CENTS SoldonlybytheSuperintendentofDocuments](https://img.dokumen.tips/doc/110x75/60d4a058b5815513a2289494/department-of-commerce-nist-departmentofcommerce-circular-ofthe-bureauofstandards.jpg)
