20
1 E-business • E-business is the process of selling a product or service, or providing information to customers through an online portal. It is also the act of using the Internet to do the research for your business and stay in touch with clients, suppliers and employees. • E-business (electronic business) is, in its simplest form, business perform on the Internet. It is a more generic term than eCommerce because it refers to not only buying and selling but also servicing customers and collaborating with business partners. All the major e-business models are under 4 main categories : B2B (Business to Business) B2C (Business to Customer) C2C (Customer to Customer)

Chap 8

  • Upload
    gtu

  • View
    428

  • Download
    0

Embed Size (px)

DESCRIPTION

Management Information SystemChapter-8

Citation preview

Page 1: Chap 8

1

E-business• E-business is the process of selling a product or service, or providing information to customers through an online portal. It is also the act of using the Internet to do the research for your business and stay in touch with clients, suppliers and employees.

• E-business (electronic business) is, in its simplest form, business perform on the Internet. It is a more generic term than eCommerce because it refers to not only buying and selling but also servicing customers and collaborating with business partners.

• All the major e-business models are under 4 main categories :

– B2B (Business to Business)– B2C (Business to Customer)– C2C (Customer to Customer)– C2B (Customer to Business)

.

Page 2: Chap 8

2

B2B (Business to Business) : - Larger companies that are supplying products to smaller businesses who then sell it to their customers.

- It is like the manufacturer (producer) supplying goods to the retailer or wholesaler. E.g. Dell sells computers and other related accessories online but it is does not manufacture all those products. So, in order to sell those products, it first purchases them from different businesses i.e. the manufacturers of those products. B2C (Business to Customer) :

- This represents the vast majority of E-commerce web sites online. i.e. any website that has a product for sale, music downloads.

- In this model, online businesses sell to individual consumers.

- E.g. Online Books. (i.e. any online transaction)

E-business

Page 3: Chap 8

3

C2C (Customer to Customer) :

- Any website where people are brought together to buy, sell, or trade.

- It facilitates the online transaction of goods or services between two people.

C2B (Customer to Business) : - Here the Customer deal with the business organization.

- Customer download the information of various product, Seeing manuals/ drawings/ pictures/ images.

- E.g. Mobile Phone.

E-business

Page 4: Chap 8

4

Computer Crime and Cyberterrorism• A computer crime is any illegal action where the data is accessed through computers or

internet without any permission.

• Computer crime or Cyber crime is a form of crime where the Internet or computers are used to commit crime. Issues surrounding this type of crime have become high-profile, particularly hacking, copyright breach (breaking the contract), child pornography (representation of sexual activity), murder, theft.

• The characteristics of the computer crime are: - Illegal behavior that is punishable by the law. - specific way for committing crime using computer. - special object for protection, security of computer’s data.

• Illegal activities are carried out with the use of computer. Computer crime includes criminal breach, theft of computerized data, and the use of an on-line system to commit a fraud.

• The computer can be a target of a crime or an instrument of a crime.

Page 5: Chap 8

5

• Computers As Target of Crime : - Breaching the confidentiality of protected computerized data.

- Accessing a computer system without authority. - Accessing a protected computerized data to become fraud.

- Accessing a protected computerized data and causing damage. - Knowingly transmitting a program, program code, or command that causes damage to a protected computer. - These crimes are committed by a selected group of criminals.

- These crimes requires the technical knowledge.

• Computers As Instrument (tool) of Crime : - Unauthorized copying of software or copyrighted property, such as

articles, books, music and video. - Illegally accessing e-mail and voice mail. - Transmitting or processing child pornography using a computer. - These crimes are committed by individual.

- These crimes generally involve less technical expertise.

Computer Crime and Cyberterrorism

Page 6: Chap 8

6

• Cyber crime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music files, stealing millions of dollars from online bank accounts.

• Cyber crime includes any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted

through the Internet. For example, credit card account theft is considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

• Hence, the computer will be looked at as either a target or tool.

Computer Crime and Cyberterrorism

Page 7: Chap 8

7

• Phishing : Phishing is similar to fishing in a lake, but instead of trying to capture fish,

phishes attempt to steal your personal information.

- They sending e-mail messages that comes from legitimate (legal) websites to ask users for confidential personal data.

- The e-mails instructs that your information needs to be updated or validated and ask for your username and password, after clicking a link included in the e-mail. Some e-mails will ask that you enter even more information, such as your full name, address, phone number,social security number, and credit card number. However, if you visit the fake website and just enter your username and password, the phisher may be able to gain access to more information by just logging in to you account.

Computer Crime and Cyberterrorism

Page 8: Chap 8

8

Computer Forensics• Computer forensics is a scientific collection, examination, authentication

(verification), preservation and analysis of data held or retrieved from computer storage in such a way that the information can be used as evidence in a court of law.

• It deals with the following problems : - Recovering deleted, encrypted or damaged file (data) from the computer

system. - Securely storing and handling recovered electronic data. - Presenting the information to a court of law.

• Electronic evidence exist on computer storage in the form of computer files. for eg. : 1) If the files has been deleted on computer storage, it can recover through various techniques. Computer forensics experts try to recover such hidden files (data). 2) Recovering thousands of deleted emails.

Page 9: Chap 8

9

Computer Forensics• How Computer forensics are used ?

– Child pornography Case– Homicides (murder) Case– Embezzlement (fraud)– Divorce– Breach of contract

Page 10: Chap 8

10

Information Lifecycle Management• The process of managing information growth, storage, and retrieval based on its

value to the organization. It is referred as Information Lifecycle Management (ILM) or Data Lifecycle Management (DLM).

• ILM is a comprehensive approach to managing the flow of an information (data) of the system.

• (Information Lifecycle Management) : An umbrella term for a comprehensive storage management program within an organization. It is called as “Data

Lifecycle Management" (DLM).

Page 11: Chap 8

11

• In general, there are three stages in the information lifecycle:

- The creation of the data : information comes into the organization either by created by one or more individuals or being obtained through e-mails, faxes,

phone calls etc.

- The publication of the data : some information needs to be published, either in print form or on a company’s intranet or a public Web site.

- The removal of the data : some information must be archived for later use, and some information can be discarded once it has served its purpose or is no longer valuable to the organization.

Information Lifecycle Management

Page 12: Chap 8

12

• Create (Allocate) : The file must be created in the correct type.

• Backup (Recovery): The file must be backed up according to predefined policies. The policies may also dictate where the backups will be kept. Backups may be a combination of mirrored copies, and snapshot copies. Backups are usually recorded in a database to make recovery easy.

• Restore : If the file becomes corrupt, it must be possible to restore it from backup.

• Migrate : When the file is first created, it usually needs to be kept on fast access disk as it is used frequently. After a while, the file becomes stale (out of date), and can be moved to less expensive storage with a slower access speed (i.e. migration of data). Migration is the process of moving a file up and down the storage pyramid, so it is kept in the correct place for its current value. However, the file must be accessible at all times.

• Recall : When a migrated file is needed again, it may be automatically retrieved back to fast storage.

• Disaster Recovery : In a disaster, the file must be recoverable to different hardware in a different site. Of course, disaster recovery involves a lot more than just retrieving data. Hopefully, this will just involve creating a copy of the data at regular intervals, to test out the disaster recovery process (for testing purpose).

Information Lifecycle Management

Page 13: Chap 8

13

Information Lifecycle Management

Page 14: Chap 8

14

• Archive : An Archive is usually a copy of an application and retained for several years.

• Retrieve : If the archived file is required again, we can retrieve it.

• Delete : The file should be retained for as long as it is needed, then deleted. This will be governed by legal requirements. The backups must be deleted too, but the latest backup may be kept for a while.

Information Lifecycle Management

Page 15: Chap 8

15

Information Security• Most of this information is collected, processed and stored on computers and

transmitted across networks to other computers. If this information destroy into the wrong hands, it could lead to lost business, law suits or even bankruptcy (unable to pay one’s debt) of the business. Because of this issues, information security is required.

• Information security means protecting information and information systems from unauthorized user access. This is called as information security, computer security or information assurance.

• Information Security include network security, application and database security, security testing, business continuity planning, digital forensic science and biometric techniques (fingerprints, eyes, voice, etc.)

• Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered.

Page 16: Chap 8

16

Information Security

Page 17: Chap 8

17

• There are six elements of Information Security :

• Confidential : Keep the information secret

- Whether the information is related to the computer systems, information technology, information and communication technology, or a simple means of communication, the first element is maintaining the confidentiality of the matter.

- for eg. : 1) Confidentiality of username and password.

- No data or information shall be disclosed to any person within or outside the organization, other than the persons who are authorized to use that data.

• Integrity: Maintaining honesty - Integrity in information security is related to data integrity.

- Information (Data) Integrity splits a close relationship with the data preservation.

- No data/information or programs shall be allowed to be modified by anyone without proper authority.

Page 18: Chap 8

18

• Availability: Ease of use

- With confidentiality and integrity, the factor availability is also required to maintain the security of information.

- All Information Systems including hardware, communication networks, software applications and the data, they hold shall be available to users at all times to carry out business activities.

• Possession or Control :

- for eg. : A thief were to steal a sealed envelope containing a bank debit card and its personal identification number. The victim (destroyed thing) of the theft would legally be concerned that (s)he could do so at any time without the control of the owner. That situation illustrates a loss of control or possession or ownership of information.

Page 19: Chap 8

19

• Authenticity : Accuracy

- For electronic information, a digital signature could be used to verify the authorship of a digital document (could also be used to verify the integrity of the document).

• Utility : Usefulness

- For example, suppose someone encrypted data on disk to prevent unauthorized access and then lost the decryption key: that would be a breach of utility. The data would be confidential, controlled, integral, authentic, and available.

Page 20: Chap 8

20


Credit Management Chap 8

Credit Management Chap 8

Education
Ogc chap 8

Ogc chap 8

Education
Chap 8-final

Chap 8-final

Documents
chap-8 (1)

chap-8 (1)

Documents
Chap.8 Molecules

Chap.8 Molecules

Documents
Chap 8 bte1113

Chap 8 bte1113

Engineering
Chap 8 Earthsegment

Chap 8 Earthsegment

Documents
Entrepreneurship Chap 8

Entrepreneurship Chap 8

Business
Chap 8 Presentation

Chap 8 Presentation

Documents
Contents Chap. 1 Chap. 2 Chap. 3 Chap. 4 Chap. 5 Chap. 6 Chap. 7 Chap. 8 Chap. 9 Chap. 10 Chap. 11 Chap. 12 Chap. 13 Chap. 14 Chap. 15 Chap. 16 Chap. 17 Chap. 18

Contents Chap. 1 Chap. 2 Chap. 3 Chap. 4 Chap. 5 Chap. 6 Chap. 7 Chap. 8 Chap. 9 Chap. 10 Chap. 11 Chap. 12 Chap. 13 Chap. 14 Chap. 15 Chap. 16 Chap. 17 Chap. 18

Documents
Ppt Chap 8

Ppt Chap 8

Health & Medicine
Tunisie Chap. 8

Tunisie Chap. 8

Documents
Lecture8 (Chap 8)

Lecture8 (Chap 8)

Documents
Chap 8 cardiovascular monitoring

Chap 8 cardiovascular monitoring

Documents
Fortgeschrittene funktionale Contents Programmierung...Chap. 4 Part III Chap. 5 Chap. 6 Part IV Chap. 7 Chap. 8 Chap. 9 Chap. 10 Chap. 11 Chap. 12 Chap. 13 Chap. 14 Part V Chap. 15

Fortgeschrittene funktionale Contents Programmierung...Chap. 4 Part III Chap. 5 Chap. 6 Part IV Chap. 7 Chap. 8 Chap. 9 Chap. 10 Chap. 11 Chap. 12 Chap. 13 Chap. 14 Part V Chap. 15

Documents
JOHANSSON - chap (8)

JOHANSSON - chap (8)

Documents
International Financial (Chap. 8) and Monetary (Chap. 9

International Financial (Chap. 8) and Monetary (Chap. 9

Documents
chap-8-€¦ · Title: chap-8-.pdf Subject: דוח בנק ישראל Keywords ()

chap-8-€¦ · Title: chap-8-.pdf Subject: דוח בנק ישראל Keywords ()

Documents
ap gov chap 8

ap gov chap 8

News & Politics
ACT2220 Chap 8 - Copie

ACT2220 Chap 8 - Copie

Documents
Chap 8 IC Family

Chap 8 IC Family

Documents
CHAP. 8: IMPEACHMENT

CHAP. 8: IMPEACHMENT

Documents
Chap 8- Diathermy.ppt

Chap 8- Diathermy.ppt

Documents
Chap 8-Career Counseling

Chap 8-Career Counseling

Documents
Chap 8 MGT162

Chap 8 MGT162

Technology
Chap 8 Ppt

Chap 8 Ppt

Documents
MIS chap # 8

MIS chap # 8

Education
Chap 8 switching

Chap 8 switching

Technology
Protitts chap 8 notes

Protitts chap 8 notes

Technology
Chap 8 GroundWr

Chap 8 GroundWr

Documents