Lecture notes E commerce security

what is e-commerce cyber law. e-commerce and e-business lecture notes. what is e commerce advantages and disadvantages pdf free download
NancyWest Profile Pic
NancyWest,Germany,Professional
Published Date:12-07-2017
Your Website URL(Optional)
Comment
LECTURE NOTES ON E-COMMERCE &CYBER LAWS COURSE CODE:BCS-402 DEPT OF CSE & IT VSSUT, Burla SYLLABUS: Module – I Electronic Commerce: Overview, Definitions, Advantages & Disadvantages of E Commerce, Threats of E-Commerce, Cyber Laws. Technologies: Relationship between E-Commerce and Networking, Different Types of Networking for E-Commerce, internet, intranet, EDI Systems. Wireless Application Protocol: Definition, Hand Held Devices, Mobility & Commerce. Mobile Computing, Wireless Web, Web Security, Infrastructure Requirement for E Commerce. Business Models of E-Commerce; Model Based on Transaction Type, Model Based onTransaction Party – B2B, B2C, C2B, C2C, E-Governance. Module – II Convergence: Technological Advances in Convergence – Types, Convergence and its implications, Convergence and Electronic Commerce. Collaborative Computing: Collaborative product development, Content Management: Definition of content, Authoring Tools and Content Management, Content – partnership, repositories, convergence, providers Web Traffic & Traffic management: Content Marketing. Call Centre: Definition, Need, Tasks Handled, Mode of Operation, Equipment, Strength & Weaknesses of Call Centre, Customer Premises Equipment (CPE). Supply Chain Management: E-logistics, Supply Chain Portal, Supply Chain planning Tools (SCP Tools), Supply Chain Execution (SCE), SCE – Framework, Internet‘s effect on Supply Chain Power. Module – III E-Payment Mechanism; Payment through card system, E-Cheque, E-Cash, E-Payment Threats & Protections, E-Marketing: Home – shopping, E-Marketing, Tele-Marketing Electronic Data Interchange (EDI): Meaning, Benefits, Concepts, Application, EDI Model, protocols (UN EDI FACT / GTDI, ANSIX – 12 Risk of E-Commerce: Overview, Security for E-Commerce, Security Standards, Firewall, Cryptography, Key Management, Password Systems, Digital Certificates, Digital Signatures Module – IV Enterprise Resource Planning (ERP): Features, capabilities and Overview of Commercial Software, re-engineering work processes for IT applications, Business Process Redesign , Knowledge Engineering and Data Warehouse. Business Modules: Finance, Manufacturing (Production), Human Resources, Plant Maintenance, Materials, Management, Quality Management Sales & Distribution ERP Package ERP Market: ERP Market Place, SAP AG, People Soft, BAAN, JD Edwards, Oracle Corporation.EAI(Enterprise application integration) DEPT OF CSE & IT VSSUT, Burla Chapter-1 1.1 Electronic Commerce: Electronic commerce, commonly known as E-commerce is trading in products or services using computer networks, such as the Internet. Electronic commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems. Modern electronic commerce typically uses the World Wide Web for at least one part of the transaction's life cycle, although it may also use other technologies such as e-mail. Definition of E-commerce: Sharing business information, maintaining business relationships and conducting business transactions using computers connected to telecommunication network is called E-Commerce. 1.2 E-Commerce Categories: 1. Electronic Markets Present a range of offerings available in a market segment so that the purchaser can compare the prices of the offerings and make a purchase decision. Example: Airline Booking System 2. Electronic Data Interchange (EDI) • It provides a standardized system • Coding trade transactions • Communicated from one computer to another without the need for printed orders and invoices & delays & errors in paper handling • It is used by organizations that a make a large no. of regular transactions Example: EDI is used in the large market chains for transactions with their suppliers 3. Internet Commerce • It is use to advertise & make sales of wide range of goods & services. • This application is for both business to business & business to consumer transactions. DEPT OF CSE & IT VSSUT, Burla Example: The purchase of goods that are then delivered by post or the booking of tickets that can be picked up by the clients when they arrive at the event. 1.3 Advantages Of E-commerce:  Buying/selling a variety of goods and services from one's home or business  Anywhere, anytime transaction  Can look for lowest cost for specific goods or service  Businesses can reach out to worldwide clients - can establish business partnerships  Order processing cost reduced  Electronic funds transfer faster  Supply chain management is simpler, faster, and cheaper using ecommerce - Can order from several vendors and monitor supplies. - Production schedule and inventory of an organization can be inspected by cooperating supplier who can in-turn schedule their work 1.4 Disadvantages Of E-commerce:  Electronic data interchange using EDI is expensive for small businesses  Security of internet is not very good - viruses, hacker attacks can paralise e-commerce  Privacy of e-transactions is not guaranteed DEPT OF CSE & IT VSSUT, Burla  E-commerce de-personalises shopping 1.5 Threats of E-commerce: Hackers attempting to steal customer information or disrupt the site A server containing customer information is stolen. Imposters can mirror your ecommerce site to steal customer money Authorised administrators/users of an ecommerce website downloading hidden active content that attacks the ecommerce system. A disaffected employee disrupting the ecommerce system. It is also worth considering where potential threats to your ecommerce site might come from, as identifying potential threats will help you to protect your site. Consider: Who may want to access your ecommerce site to cause disruption or steal data; for example competitors, ex-employees, etc. What level of expertise a potential hacker may possess; if you are a small company that would not be likely to be considered a target for hackers then expensive, complex security may not be needed. 1.6 Features of E-Commerce:  Ubiquity Internet/Web technology is The marketplace is extended beyond traditional available everywhere: at work, at home, and boundaries and is removed from a temporal and elsewhere via mobile devices, anytime. geographic location. ―Marketspace‖ is created; shopping can take place anywhere. Customer convenience is enhanced, and shopping costs are reduced.  Global reach The technology reaches Commerce is enabled across cultural and across national boundaries, around the earth. national boundaries seamlessly and without modification. ―Marketspace‖ includes potentially billions of consumers and millions of businesses worldwide. DEPT OF CSE & IT VSSUT, Burla  Universal standards There is one set of There is one set of technical media standards technology standards, namely Internet across the globe.  Richness Video, audio, and text messages Video, audio, and text marketing messages are are possible. integrated into a single marketing message and consuming experience.  Interactivity The technology works Consumers are engaged in a dialog that through interaction with the user. dynamically adjusts the experience to the individual, and makes the consumer a co- participant in the process of delivering goods to the market.  Information density The technology Information processing, storage, and reduces information costs and raises quality. communication costs drop dramatically, while currency, accuracy, and timeliness improve greatly. Information becomes plentiful, cheap, and accurate.  Personalization/Customization The Personalization of marketing messages and technology allows personalized messages to customization of products and services are be delivered to individuals as well as groups. based on individual characteristics. 1.7 Business models of e-commerce: There are mainly 4 types of business models based on transaction party. Business-to-Consumer (B2C) In a Business-to-Consumer E-commerce environment, companies sell their online goods to consumers who are the end users of their products or services. Usually, B2C E-commerce web shops have an open access for any visitor, meaning that there is no need for a person to login in order to make any product related inquiry. DEPT OF CSE & IT VSSUT, Burla Business-to-Business (B2B) In a Business-to-Business E-commerce environment, companies sell their online goods to other companies without being engaged in sales to consumers. In most B2B E-commerce environments entering the web shop will require a log in. B2B web shop usually contains customer-specific pricing, customer-specific assortments and customer-specific discounts. Consumer-to-Business (C2B) In a Consumer-to-Business E-commerce environment, consumers usually post their products or services online on which companies can post their bids. A consumer reviews the bids and selects the company that meets his price expectations. DEPT OF CSE & IT VSSUT, Burla Consumer-to-Consumer (C2C) In a Consumer-to-Consumer E-commerce environment consumers sell their online goods to other consumers. A well-known example is eBay. 1.8 E-Governance: E-governance is the application of information and communication technology (ICT) for delivering government services, exchange of information communication transactions, integration of various stand-alone systems and services between government-to-customer (G2C), government-to-business (G2B), government-to-government (G2G) as well as back office processes and interactions within the entire government framework. Through e-governance, government services will be made available to citizens in a convenient, efficient and transparent manner. The three main target groups that can be distinguished in DEPT OF CSE & IT VSSUT, Burla governance concepts are government, citizens and businesses/interest groups. In e-governance there are no distinct boundaries. Business - to - Government (B2G) B2G model is a variant of B2B model. Such websites are used by government to trade and exchange information with various business organizations. Such websites are accredited by the government and provide a medium to businesses to submit application forms to the government. Government - to - Business (G2B) Government uses B2G model website to approach business organizations. Such websites support auctions, tenders and application submission functionalities. Government - to - Citizen (G2C) Government uses G2C model website to approach citizen in general. Such websites support auctions of vehicles, machinery or any other material. Such website also provides services like registration for birth, marriage or death certificates. Main objectives of G2C website are to reduce average time for fulfilling people requests for various government services. DEPT OF CSE & IT VSSUT, Burla 1.9 Different Types of Networking For E-Commerce: Internet: The Internet is a global network of computers that allows people to send email, view web sites, download files such as mp3 and images, chat, post messages on newsgroups and forums and much more. The Internet was created by the Advanced Research Projects Agency (ARPA) of the U.S. government in 1960's and was first known as the ARPANet. At this stage the Internet's first computers were at academic and government institutions and were mainly used for accessing files and to send emails. From 1983 onwards the Internet as we know it today started to form with the introduction of the communication protocol TCP/IP to ARPANet. Since 1983 the Internet has accommodated a lot of changes and continues to keep developing. The last two decades has seen the Internet accommodate such things as network LANs and ATM and frame switched services. The Internet continues to evolve with it becoming available on mobile phones and pagers and possibly on televisions in the future. Advantages of internet: There many advantages to using the internet such as: E-mail Email is now an essential communication tool in business. It is also excellent for keeping in touch with family and friends. The advantage to email is that it is free ( no charge per use) when compared to telephone, fax and postal services. Information There is a huge amount of information available on the internet for just about every subject known to man, ranging from government law and services, trade fairs and conferences, market information, new ideas and technical support. Services Many services are now provided on the internet such as online banking, job seeking and applications, and hotel reservations. Often these services are not available off-line or cost more. Buy or sell products. The internet is a very effective way to buy and sell products all over the world. DEPT OF CSE & IT VSSUT, Burla Communities communities of all types have sprung up on the internet. Its a great way to meet up with people of similar interest and discuss common issues. A Leading-Edge Image Presenting your company or organization as leading-edge shows your customers and prospective customers that you are financially strong, technologically savvy, and ready for the 21st century. And that you care enough about your customers to take advantage of new technologies for their benefit. And finally that you have the resources to support your clients in the most beneficial manner possible. More and more advertisers on television, radio, magazines, and newspapers are including a Web address. Now is the time to avoid playing catch-up later. Improved Customer Service The companies are available to their customers 24 hours a day, 7 days a week. The Internet never sleeps. Whenever customer needs information about any company, products or services, they can access the company‘s Web Page. Market Expansion The Internet is a global system. Latest estimates are that there are about 40 million people with access to the Internet, and this number is growing every day. By simply posting a Web Page you are also addressing International markets. Low Cost Marketing Imagine developing a full color brochure without having to incur the costs of proofs, printers, wasted paper, long lead times between revisions, and more. Then imagine a full color product or services brochure that is interactive and which incorporates text, graphics, audio, and/or video. One that can be immediately updated without incurring the usual costs of product material updates. Low Cost Selling Without the cost of direct selling potential customers can get detailed information about your products or services at any time. And they can easily order your products over the Internet, or request additional information be sent to them via a request form on your Web page. Lower Communication Costs Your time, and your employees time, is valuable. Most businesses and organizations spend time answering the same questions over and over again. With a Web page you can make the answers DEPT OF CSE & IT VSSUT, Burla available to everyone immediately. You can also update your Wed page with new information quickly and easily. Intranet: An intranet is a computer network that uses Internet Protocol technology to share information, operational systems, or computing services within an organization. This term is used in contrast to extranet, a network between organizations, and instead refers to a network within an organization. The objective is to organize each individual's desktop with minimal cost, time and effort to be more productive, cost efficient, timely, and competitive. An intranet may host multiple private websites and constitute an important component and focal point of internal communication and collaboration. Any of the well known Internet protocols may be found in an intranet, such as HTTP (web services), SMTP (e-mail), and FTP (file transfer protocol). Internet technologies are often deployed to provide modern interfaces to legacy information systems hosting corporate data. Uses of Intranet: Increasingly, intranets are being used to deliver tools, e.g. collaboration (to facilitate working in groups and teleconferencing) or sophisticated corporate directories, sales and customer relationship management tools, project management etc., to advance productivity. Intranets are also being used as corporate culture-change platforms. For example, large numbers of employees discussing key issues in an intranet forum application could lead to new ideas in management, productivity, quality, and other corporate issues. In large intranets, website traffic is often similar to public website traffic and can be better understood by using web metrics software to track overall activity. User surveys also improve intranet website effectiveness. Larger businesses allow users within their intranet to access public internet through firewall servers. They have the ability to screen messages coming and going keeping security intact. When part of an intranet is made accessible to customers and others outside the business, that part becomes part of an extranet. Businesses can send private messages through the public DEPT OF CSE & IT VSSUT, Burla network, using special encryption/decryption and other security safeguards to connect one part of their intranet to another. Intranet user-experience, editorial, and technology teams work together to produce in-house sites. Most commonly, intranets are managed by the communications, HR or CIO departments of large organizations, or some combination of these. Because of the scope and variety of content and the number of system interfaces, intranets of many organizations are much more complex than their respective public websites. Intranets and their use are growing rapidly. Advantages: Workforce productivity: Intranets can help users to locate and view information faster and use applications relevant to their roles and responsibilities. With the help of a web browser interface, users can access data held in any database the organization wants to make available, anytime and — subject to security provisions — from anywhere within the company workstations, increasing employees' ability to perform their jobs faster, more accurately, and with confidence that they have the right information. Time: Intranets allow organizations to distribute information to employees on an as-needed basis; Employees may link to relevant information at their convenience, rather than being distracted indiscriminately by email. Communication: Intranets can serve as powerful tools for communication within an organization, vertically strategic initiatives that have a global reach throughout the organization. By providing this information on the intranet, staff have the opportunity to keep up-to-date with the strategic focus of the organization. Some examples of communication would be chat, email, and/or blogs. A great real world example of where an intranet helped a company communicate is when Nestle had a number of food processing plants in Scandinavia. Their central support system had to deal with a number of queries every day. Web publishing: allows cumbersome corporate knowledge to be maintained and easily accessed throughout the company using hypermedia and Web technologies. Examples include: employee manuals, benefits documents, company policies, business standards, news feeds, and even training, can be accessed using common Internet standards (Acrobat files, DEPT OF CSE & IT VSSUT, Burla Flash files, CGI applications). Because each business unit can update the online copy of a document, the most recent version is usually available to employees using the intranet. Business operations and management: Intranets are also being used as a platform for developing and deploying applications to support business operations and decisions across the internetworked enterprise. Cost-effective: Users can view information and data via web-browser rather than maintaining physical documents such as procedure manuals, internal phone list and requisition forms. This can potentially save the business money on printing, duplicating documents, and the environment as well as document maintenance overhead. Enhance collaboration: Information is easily accessible by all authorised users, which enables teamwork. Cross-platform capability: Standards-compliant web browsers are available for Windows, Mac, and UNIX. Built for one audience: Many companies dictate computer specifications which, in turn, may allow Intranet developers to write applications that only have to work on one browser (no cross-browser compatibility issues). Promote common corporate culture: Every user has the ability to view the same information within the Intranet. Immediate updates: When dealing with the public in any capacity, laws, specifications, and parameters can change. Intranets make it possible to provide your audience with "live" changes so they are kept up-to-date, which can limit a company's liability. Supports a distributed computing architecture: The intranet can also be linked to a company‘s management information system, for example a time keeping system. 1.10 Wireless Application Protocol: WAP is a technical standard for accessing information over a mobile wireless network. A WAP browser is a web browser for mobile devices such as mobile phones that uses the protocol. WAP is a specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and instant messaging. DEPT OF CSE & IT VSSUT, Burla The WAP layers are: Wireless Application Environment (WAE) Wireless Session Layer (WSL) Wireless Transport Layer Security(WTLS) Wireless Transport Layer (WTP) Web security: It is a branch of Information Security that deals specifically with security of websites, web applications and web services. At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems. Typically web applications are developed using programming languages such as PHP, Java EE, Java, Python, Ruby, ASP.NET, C, VB.NET or Classic ASP. DEPT OF CSE & IT VSSUT, Burla Chapter-2 2.1 Technological convergence: Technological convergence is the tendency that as technology changes, different technological systems sometimes evolve toward performing similar tasks. Digital convergence refers to the convergence of four industries into one conglomerate, ITTCE (Information Technologies, Telecommunication, Consumer Electronics, and Entertainment).Previously separate technologies such as voice data and productivity applications, and video can now share resources and interact with each other synergistically. Telecommunications convergence, network convergence or simply convergence are broad terms used to describe emerging telecommunications technologies, and network architecture used to migrate multiple communications services into a single network. Convergence in this instance is defined as the interlinking of computing and other information technologies, media content, and communication networks that has arisen as the result of the evolution and popularization of the Internet as well as the activities, products and services that have emerged in the digital media space. Convergent services, such as VoIP, IPTV, Mobile TV, Smart TV, and others, tend to replace the older technologies and thus can disrupt markets. IP-based convergence is inevitable and will result in new service and new demand in the market. 2.2 Technology Implications: Convergent solutions include both fixed-line and mobile technologies. Recent examples of new, convergent services include: Using the Internet for voice telephony Video on demand Fixed-mobile convergence Mobile-to-mobile convergence DEPT OF CSE & IT VSSUT, Burla Location-based services Integrated products and bundles Convergent technologies can integrate the fixed-line with mobile to deliver convergent solutions. Convergent technologies include: IP Multimedia Subsystem Session Initiation Protocol IPTV Voice over IP Voice call continuity Digital video broadcasting - handheld 2.3 Collaborative Product Development: CPD is a business strategy, work process and collection of software applications that facilitates different organizations to work together on the development of a product. It is also known as collaborative product definition management (cPDM). Collaborative Product Development helps individual users and companies manage, share and view your CAD projects without the cost and complexity of purchasing an entire PDM or PLM solution. CPD comes in the form of a Software as a service delivery model, which allows for rapid iterations and little or no downloads and installs. Exactly what technology comes under this title does vary depending on whom one asks; however, it usually consists of the Product Lifecycle Management (PLM) areas of: Product Data Management (PDM); Product visualization; team collaboration and conferencing tools; and supplier sourcing software. It is generally accepted as not including CAD geometry tools, but does include data translation technology. Technologies and methods used: Clearly general collaborative software such as email and chat (instant messaging) is used within the CPD process. One important technology is application and desktop sharing, allowing one person to view what another person is doing on a remote machine. For CAD and product visualization applications an ‗appshare‘ product that supports OpenGL graphics is required. Another common application is Data sharing via Web based portals. DEPT OF CSE & IT VSSUT, Burla Specific to product data With product data an important addition is the handling of high volumes of geometry and metadata. Exactly what techniques and technology is required depends on the level of collaboration being carried out and the commonality (or lack thereof) of the partner sites‘ systems. Specific to PLM and CAx collaboration Collaboration using PLM and CAx tools requires technology to support the needs of: 1. People: Personnel of different disciplines and skill levels; 2. Organizations: Organizations throughout an enterprise or extended enterprise with different rules, processes and objectives; 3. Data: Data from different sources in different formats. Appropriate technologies are required to support collaboration across these boundaries.  People Effective PLM collaboration will typically require the participation of people who do not have high level CAD skills. This requires improved user interfaces including tailorable user interfaces that can be tailored to the skill level and specialty of the user. Improved visualization capabilities, especially those that provide a meaningful view of complex information such as the results of a fluid flow analysis will leverage the value of all participants in the collaboration process. Effective collaboration requires that a participant be freed from the burden of knowing the intent history typically imbedded within and constricting the use of parametric models.  Organizations Community collaboration requires that companies, suppliers, and customers share information in a secure environment, ensure compliance with enterprise and regulatory rules and enforce the process management rules of the community as well as the individual organizations. DEPT OF CSE & IT VSSUT, Burla  Data The most basic collaboration data need is the ability to operate in a MultiCAD environment. That is, however, only the beginning. Models from multiple CAD sources must be assembled into an active digital mockup allowing change and/or design in context. 2.4 Content Management System: A content management system (CMS) is a computer application that allows publishing, editing and modifying content, organizing, deleting as well as maintenance from a central interface. Such systems of content management provide procedures to manage workflow in a collaborative environment. CMSs are often used to run websites containing blogs, news, and shopping. Many corporate and marketing websites use CMSs. CMSs typically aim to avoid the need for hand coding, but may support it for specific elements or entire pages. Main features of CMS: The function and use of content management systems is to store and organize files, and provide version-controlled access to their data. CMS features vary widely. Simple systems showcase a handful of features, while other releases, notably enterprise systems, offer more complex and powerful functions. Most CMS include Web-based publishing, format management, revision control (version control), indexing, search, and retrieval. The CMS increments the version number when new updates are added to an already- existing file. Some content management systems also support the separation of content and presentation. A CMS may serve as a central repository containing documents, movies, pictures, phone numbers, scientific data. CMSs can be used for storing, controlling, revising, semantically enriching and publishing documentation. DEPT OF CSE & IT VSSUT, Burla The content management system (CMS) has two elements:  Content management application (CMA) is the front-end user interface that allows a user, even with limited expertise, to add, modify and remove content from a Web site without the intervention of a Webmaster.  Content delivery application (CDA) compiles that information and updates the Web site. 2.5 Web Traffic: Web traffic is the amount of data sent and received by visitors to a web site. Web traffic is measured to see the popularity of web sites and individual pages or sections within a site. This can be done by viewing the traffic statistics found in the web server log file, an automatically generated list of all the pages served. A hit is generated when any file is served. The following types of information are often collated when monitoring web traffic: The number of visitors. The average number of page views per visitor – a high number would indicate that the average visitors go deep inside the site, possibly because they like it or find it useful. Average visit duration – the total length of a user's visit. As a rule the more time they spend the more they're interested in your company and are more prone to contact. Average page duration – how long a page is viewed for. The more pages viewed, the better it is for your company. Domain classes – all levels of the IP Addressing information required to deliver Webpages and content. Busy times – the most popular viewing time of the site would show when would be the best time to do promotional campaigns and when would be the most ideal to perform maintenance Most requested pages – the most popular pages Most requested entry pages – the entry page is the first page viewed by a visitor and shows which are the pages most attracting visitors Most requested exit pages – the most requested exit pages could help find bad pages, broken links or the exit pages may have a popular external link DEPT OF CSE & IT VSSUT, Burla

Advise: Why You Wasting Money in Costly SEO Tools, Use World's Best Free SEO Tool Ubersuggest.