540 likes | 1.17k Views
Electronic Commerce Technology Patrick McKeown Professor and Head Dept of MIS, Terry College of Business Today’s Topics Electronic commerce infrastructure Electronic commerce technology problems and solutions The HTTP protocol Counting visitors Creating a shopping cart
E N D
Electronic Commerce Technology Patrick McKeown Professor and Head Dept of MIS, Terry College of Business
Today’s Topics • Electronic commerce infrastructure • Electronic commerce technology problems and solutions • The HTTP protocol • Counting visitors • Creating a shopping cart • Electronic commerce security and payment systems
Electronic Commerce Applications Business services infrastructure Electronic publishing infrastructure Message distribution infrastructure Global information infrastructure Electronic Commerce Infrastructure
Global Information Infrastructure Layer Global information infrastructure (GII) layer - composed of various national information infrastructures, in which some components may differ depending on the country Can you use yours in Europe?
National information infrastructure (NII) • communication networks and protocols, including: • satellite and cable television networks • telephone networks • mobile communication systems • computer networks • EDI and Internet protocols (TCP/IP)
Message Distribution Infrastructure Layer • The software layer of electronic commerce that sends and receives messages. • Electronic Data Interchange (EDI) • E-mail (SMTP) • File Transfer Protocol (FTP) • Hypertext Transfer Protocol (HTTP) –The Web
Electronic Publishing Infrastructure Layer • Permits organizations to publish text and multimedia over the message distribution infrastructure. • Messages are composed in Hypertext Markup Language (HTML) • Associated multimedia files are linked to the message • Includes the uniform resource locator (URL), which uniquely identifies any Web server
Some HTML <html> <body> <center><h1>Welcome to FarEast Foods</h1> <img src="bowl_Main.gif"></center> <h2>Select a country:</h2> <a href="china.html">China</a><br> <a href="china.html">Japan</a><br> <a href="china.html">Korea</a><br> <a href="china.html">Thailand</a><br> <a href="china.html">Vietnam</a><br> <h3><i>Thanks and enjoy your food!</I></h3> </body> </html>
Business Services Infrastructure Layer • Software layer that handles the services required to support business transactions • encryption • decryption
Electronic Commerce Layers • Electronic Commerce Application Layer • transactions take place in this part of the electronic commerce infrastructure • Catalogs of books and CDs • Listings of automobiles
Electronic Commerce Applications DVD catalog Encryption Business services infrastructure Electronic publishing infrastructure HTML HTTP Message distribution infrastructure Global information infrastructure Internet Electronic Commerce Infrastructure for DVD Distributor
Web-Based Electronic Commerce • Process begins with the customer finding a Web site • URL of an electronic commerce site is sent over the Web • User receives one or more Web pages • User makes a purchase from the Web • Process ends with customer receiving verification of order
Finding Web Sites with Search Sites • Computer-driven search sites • Search engines • Spiders • eg, Google • Human-indexed search sites • Humans create categories • Humans add sites to categories • eg, Yahoo, MSN
Transacting an Order over the Web Web server Browser sends URL Database server
Transacting an Order over the Web Web server 1. Browser sends URL 2. Server returns HTML Database server
Transacting an Order over the Web Web server 1. Browser sends URL 2. Server returns HTML 3. Browser sends data Database server
Transacting an Order over the Web Web server 1. Browser sends URL 2. Server returns HTML 3. Browser sends data 4. Server processes data using database Database server
Transacting an Order over the Web Web server 1. Browser sends URL 2. Server returns HTML 3. Browser sends data 5. Server sends confirmation 4. Server processes data using database Database server
Client and Server-Side Processing • Client-side processing- on the browser • Applets- Java app on browser • Server-side processing- on the server
Microsoft or Open-Source Web Server • Open-source software - software that is created and supported by volunteers who make it freely available to users who can then add personally desired features • ApacheWeb server software - runs 60% of Web servers and is an open-source software similar to Linux • Microsoft IIS- developed by Microsoft and has close to 30% of the Web server market
Problems ... and solutions • The Internet and Web • The HTTP protocol • Counting visitors • Creating a shopping cart
The Internet • Can be thought of as a “Network of Networks” • Created in 1969 by a consulting company to connect universities • Enabled researchers to use computers at other universities • Insecure • Was NOT created as a way to send messages in time of nuclear war • Was NOT invented by Al Gore
Internet Protocol • Protocol: an agreement about how messages will be sent • TCP/IP: the Internet protocol • universal agreement so no need for a central computer • not very secure • Packet switching used to send messages • messages broken up into packets each with an address and sequence number • all make their way to destination computer separately
The World Wide Web • The Web – software, protocols and conventions based on hypertext and multimedia that make the Internet easy to use and browse • Invented by Tim Berners-Lee • Sends data as “plain” text with tags • Browser then formats data using the tags • Very low overhead since only plain text is being sent • Uses hypertext and multimedia
Advantages of the HTTP Protocol • Modest amount of code • Efficient linking • Works regardless of previous operations • Unrestricted set of formats • Some privacy built in
Problems with the HTTP Protocol • Session: a client/server protocol in which a continuous sequence of transactions occurs between client and server • HTTP is a Stateless protocol • No memory of previous visit • No real session exists • Causes problems with: • Counting • Shopping
Counting Web Site Visitors • Why count Web site visitors? • Indicates how good the site is at attracting visitors • Used to determine rate charged advertisers on site • Indicates audiences served by Web site • HTTP does not handle counting unique visits to a Web site • Visitors who come from behind a firewall, a dial-up, or cable ISP can not be accurately counted • Dynamic IP address allocation
Using Cookies for Counting Visitors • A cookie is information that a Web site stores on a computer’s hard drive to enable it to identify the computer at a later time. • Session cookie - a cookie that exists only during the current series of interactions between the browser and Web server. • Persistent cookie - a file that exists indefinitely on the user’s hard disk and that the browser uses to identify the user to the corresponding Web site.
Session ID Session-id 102-4697360-3579304 amazon.com Session-id-time 1011686400 amazon.com Session time Cookie for Amazon.com
Using Cookies for Counting • First time user visits a Web site, they are assigned a cookie • Each subsequent time user visits Web site, they cookie is used to identify them as a unique visit • Firewalls and ISP dynamic IPs don’t effect the counting using cookies
Passing Cookies • Cookies are passed through the URL Used to recognize me My cookie at Amazon.com
Problems with shopping using the Web • Since the HTTP (Web) protocol is stateless, it forgets you! • Web site would not recognize you on multiple visits to the same shopping site • This is true even if you are just trying to purchase an item and then check out • It is also true if you are trying to purchase multiple items
Solution to shopping problems • Use a session cookie so the Web site remembers you between visits • Link a session cookie to each item purchased and put in a virtual shopping cart • At checkout, it is used to retrieve those items you have purchased and sum their costs
Securing Electronic Commerce Transactions • Consumers remain afraid to use electronic commerce • Because the intent of the Internet is to give remote access to information, it is inherently open • The same technologies that form the basis of electronic commerce can be used to attack computer systems • Server security is generally not easy to breach
Encryption • Encryption - the conversion of readable text into characters that disguise the original meaning of the text • Decryption - the conversion of an encrypted, seemingly senseless character string into the original message • Key - an algorithm used to encode and decode messages • Encryption systems: public key and private key
Public-Key Encryption An public key encryption system with two keys - one private and one public • Public key - in a public-key encryption system, this is the key that is freely distributed to encrypt messages Private key -in a public-key encryption system, this is the only key that can decrypt the message
Encrypt Decrypt Sender Receiver Receiver’s public key Receiver’s private key Public-Key Encryption
Another approach: Steganography Steganography: hiding messages or images in other, unrelated images
Sign Verify Sender Receiver Sender’s private key Sender’s public key Digital Signatures Digital Signature - a digital code that is attached to an electronically transmitted message and that uniquely identifies the sender