1 / 46

Electronic Commerce

Electronic Commerce. Lecture 5. Get Started: Planning. Questions to Ask: How is EC going to change our business or create new channel for new business? How do we uncover new types of business opportunities?

kaemon
Download Presentation

Electronic Commerce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Electronic Commerce Lecture 5

  2. Get Started: Planning Questions to Ask: • How is EC going to change our business or create new channel for new business? • How do we uncover new types of business opportunities? • How can we take advantage of new electronic linkages with customers and trading partners? (Extended Enterprise) • Do we become intermediaries ourselves? (Shrink and Specialize; Expand and Capture)

  3. Planning • How do we bring more buyers together electronically (and keep them there)? • How do we change the nature of our products and services or create new ones? • Why is the Internet affecting other companies more than ours? • How do we manage and measure the evolution of our strategy? • How to assess the success of EC?

  4. What to do? Mougayar (1998, Opening Digital Markets) • Conduct Necessary Education and Training • Review Current/New Distribution and Supply Chain Models • Understand What Your Customers and Partners Expect from the Web • Re-evaluate the Nature of Your Products and Services • Give a New Role to Your Human Resources Department

  5. What to do? • Extend Your Current Systems to the Outside • Track New Competitors and Market Shares • Develop a Web-Centric Marketing Strategy • Participate in the Creation and Development of Virtual Marketplaces • Instill EC Management Style

  6. Four System Architechure (Hsu) • Document Connectivity • HTML, … • Applications Connectivity • CGI, Javascript, … • Database Connectivity • ODBC/JDBC, databases • Enterprise Connectivity • Java, CORBA

  7. Five Elements of an EC System(Hsu) • Web Server • Applications Server • Database Server • Internal Networking • Internet Connection

  8. Web-based Enterprise Computing(article 20) Web Browser • WebServer • received request • Invoked applications ODBC/JDBC compliant Web-based Applications API DB db engine

  9. Client-server computing ODBC- & JDBC- compliant DBMS Static vs Dynamic HTML pages Java COM CORBA Drumbeaat 2000 X/Open Informix, Sybase, Oracle CGI programs (Unix shell scripts, C and/or Perl programs) HTTP Applets vs Servlets API ASP vs JSP Lotus Domino, Netscape Enterprise, IIS, … SQL ColdFusion/CFML XML Web-based Enterprise Computing

  10. Infrastructure for EC e-Consumers/e-Customers E-business Plan and Design Technology Infrastructure Internet

  11. e-Consumers/e-Customers E-business Plan and Design • Technology Infrastructure • Web Server • Applications Server • Database Server • Internal Networking • Internet Connection • Document Connectivity (HTML, … • Applications Connectivity (CGI, Javascript… • Database Connectivity (Oracle, ODBC/JDBC,.. • Enterprise Connectivity (Java, CORBA, EDI, … • Network Connectivity (Protocols, Transmission Media, .. Internet

  12. Network Infrastructure Computer networks originally built on top of existing phone network, which in terms was built from the demand of telegraphs Exchange of information from the chosen few that could afford telegraphs to the widespread of the use of phone for voice and data transmission within a given country. Now with computer networking, the boundaries between countries melt away as yet governmental and political issues remain to be resolved.

  13. Network Infrastructure The circuit-switched public telephone networking is challenged by the TCP/IP-based packet-switched networking of the Internet. This switch could be a must to support the fast growing needs for Internet access but it disturbs the many international and domestic regulatory agencies in how to handle this surge of demand. There simply does not exist the infrastructure for the ease of installing the new technology and scrap the old and it is done.

  14. Data Traffic Exceeds Voice Traffic • Folklore? • 30,000 bits for a single-spaced typed sheet • 5-minutes of phone conversation = 640 typed pages • speech is not optimized for digital transmission • maybe: talk less type more? More use of internet (e-business) and Video on demand piped via the same internet links

  15. Internetworking… ??? Source Destination

  16. ARPANET to Internet • DOD initiated in 1960 to establish a communication network that was robust and reliable even with link and/or node failure • Store-and-forward packet switched network • ARPANET and other networks became what we now know as the Internet, propelled by the availability of browsers like Mosaic

  17. ARPANET to Internet • Other similar networks (70’s) • IBM’s SNA (Systems Networks Architecture) in 1974 • DEC’s DECnet in 1975 • Sperry-Univac’s Data Communications Architecture in 1976 • Siemens’ Transdata in 1978 • CII-Honeywell-Bull’s Distributed Systems Architecture in 1979

  18. Historical Events of Internet • ‘69 DOD ARPA funded research on packet switched networks • ‘74 Vint Cerf & Bob Kahn published TCP, its basic mechanism • ‘82 ARPA defined the TCP/IP protocol suite • ‘84 Domain name system introduced • ‘86 NSFNET became the backbone (56kbps) • ‘92 WWW by Tim Berners-Lee, CERN, the European Organization for Nuclear Research

  19. Standards Organization • ITU (International Telecommunications Union), previously known as CCITT (Consultative Committee for International Telegraphy and Telephony

  20. RFC’s • Published only with the approval of IESG (Internet Engineering Steering Group) of the IETF (Internet Engineering Task Force) • All Internet standards originated as RFC’s • Not all RFC’s are Internet standards • http://rs.interic.net/

  21. ISO 7-Layer Reference Model Application Presentation Session Transport Network Network addresses Data Link Organize data Physical Basic network hardware

  22. Classes of IP Address Space • Primary Classes • Class A : 0 + 7-bit prefix/128 networks (24-bit suffix - 16,777,216 hosts)[0 thru 127] • Class B : 10 + 14-bit prefix/16384 networks (16-bit suffix - 65536 hosts)[128 thru 191] • Class C : 110 + 21-bit prefix/2,097,152 networks (8-bit suffix - 256 hosts)[192 thru 223] IPv4: 32 bits (232 ~= 4 billions) Ipng (IPv6): 128 bits (1015)

  23. TCP TCP (Transmission Control Protocol) • Connection-Oriented Transport vs Connectionless-Oriented Transport (User Datagram Protocol or UDP) • To make sure a message arrives at the destination (from source) successfully

  24. Internetworking… IP addresses (137.198.34.10) Domain Name: www.ComeGetMe.com Source Destination TCP/IP

  25. Hong Kong Internet Connections

  26. The HK Internet Exchange

  27. Security • Why? • What are the problems that we are facing in EC? • Discussion…..

  28. Security’s main challenges • Confidentiality: only the parties know • Integrity: only what is sent is received • Authentication: only the right parties are talking

  29. Encryption(Turban, p 396) • Plaintext • Ciphertext: use a set of rules (known between communicating parties) to transform Plaintext to Ciphertext • Encryption algorithm • Keys • Length of a Key

  30. Some Interesting Numbers(Bruce Schneier, “Appliced Cryptography”) With money, what could you do to break the key?

  31. Ciphers • Two Types of Ciphers • Symmetric encryption or secret-key encrpytion • Asymmetric : a pair of matching keys

  32. Symmetric Encryption • Using the same key at the sending and receiving ends • Keys can be private key or secret key key key Encrypt Decrypt Internet Plaintext Ciphertext

  33. Symmetric Encryption Problems: • Has to be secret • Need to communicate a new secret key if a third party obtains the key • Authenticity • Discussion?

  34. Asymmetric Encryption • Involves a • public key • private key • Public-key Cryptography – 1976, Whitfield Diffie & Martin Hellman • Data encryption is possible with public key and decryption is done with only the matching private key (or the opposite)

  35. Private Key Public Key Encrypt Decrypt Internet Private Key Public Key Encrypt Decrypt Internet Plaintext Ciphertext

  36. Asymmetric Encryption • No one can decrypt the message without your private key if the message is intended for you • Don’t know who else is reading… • Discussion…

  37. Hash Function Message Digest Public Key Private Key signature Encrypt Decrypt signature Internet ? Hash Function Tim's Private Key Same or Different Who is Tim?

  38. Public Key Infrastructure (PKI) • Baltimore Technologies (www.baltimore.com) • Wireless e-Security • Entrust Technologies • CyberTrust • RSA Security • VeriSign • Xcert International

  39. PKI • www.uncitral.org/en-index.htm (United Nations Office of Legal Affairs servicing the United Nations Commission on the International Trade Law • X.509 Certificates

  40. PKI • Duplicate names • Revocation • PKI-enabled applications

  41. Digital Certificates (DCs) & Certificate Authorities (CAs) Public Key (I am snoopy) HKPO (CA) Person Information (Beagle; spotted ears) Snoopy DC Public Key (I am snoopy) CA’s Private Key + Beagle; spotted ears Certificate Encryption Algorithm

  42. Verification “Your Dinner is Served” 1. Request DC 2. Send DC 3. Get CA’s Public Key 4. Take Snoopy’s Public Key and encrypt “Your Dinner is Served” 6. Snoopy decrypts message with his own private key 5. Send Encrypted Message

  43. X.509 Certificates • Serial Number: assigned by the entity (in this case, HKPO); will be used in the CRL • Signature Algorithm Identifier: CA uses this to encrypt (sign the certificate) • Validity Period • Subject Name: CN, OU, O, and C Version 3 (1996) is the most recent with extensions

  44. PKIX • X.509 Version 3 Certificates (RFC 2459) • OCSP – Online Certificate Status Protocol (RFC 2560) • Certificate Management Request Format (CRMF) (RFC 2511) • Certificate Revocation List • LDAP: Lightweight Directory Access Protocol (RFC 2251) : V3 Dec 1997

  45. Web Server Requests Web Server Web Client Http: Hyper Text Transport Protocol Internet Responses

  46. MIME • MultipurposeInternetMailExtensions • Open standard for sending information in various forms through Internet email • Supports almost a hundred predefined types of content • Content types are classified as a type and a subtype

More Related