Скачать презентацию Chapter 23 Electronic Commerce and Security Outline Скачать презентацию Chapter 23 Electronic Commerce and Security Outline

b79ab05178d3d87f0f8fb0b3b4826132.ppt

  • Количество слайдов: 51

Chapter 23 – Electronic Commerce and Security Outline 23. 1 23. 2 23. 3. Chapter 23 – Electronic Commerce and Security Outline 23. 1 23. 2 23. 3. 1 23. 3 23. 4. 1 23. 5 23. 6. 1 23. 6. 2 23. 6. 3 23. 6. 4 23. 6. 5 Introduction Shopping-Cart Technology Case Study: Amazon. com Online-Auction Case Study: e. Bay Online Trading Case Study: E*TRADE Other E-Businesses Security Public-Key Cryptography Secure Sockets Layer (SSL) Secure Electronic Transaction™ (SET™) Case Study: Microsoft Authenticode Online Payments; Case Study: Cyber. Cash™ 2000 Deitel & Associates, Inc. All rights reserved. 23. 7 23. 8. 1 23. 8. 2 23. 8. 3 23. 8. 4 23. 9 23. 10 23. 11 23. 12 23. 13 XML and E-Commerce Data Mining, Bots and Intelligent Agents Case Study: Priceline. com Case Study: Travelocity. com Case Study: Scour. net Case Study: Bottomdollar. com Case Study: Using Yahoo! Store to Set up an Online Store Commerce Server Case Study: Microsoft Site Server Commerce Edition E-Commerce Core Technologies Future of E-Commerce Internet Marketing: Increasing Traffic at your Web Site

23. 1 Introduction • In this chapter – Introduce popular e-business models – Introduce 23. 1 Introduction • In this chapter – Introduce popular e-business models – Introduce underlying technologies on which these models based • To conduct e-commerce, merchants need to – – – Organize online catalogs of products Take orders through Web sites Accept payments in a secure environment Send merchandise to customers Manage customer data Market sites for potential customers 2000 Deitel & Associates, Inc. All rights reserved.

23. 1 Introduction (II) • E-commerce – Has been conducted by large corporations for 23. 1 Introduction (II) • E-commerce – Has been conducted by large corporations for decades • Banking industry uses Electronic Funds Transfer (EFT) to transfer money between accounts • Many companies use Electronic Data Interchange (EDI) to share information electronically – Until recently only feasible for large companies – Internet and WWW make possible for • Small businesses to compete with larger ones • Business to be conducted 24 hours a day, 7 days a week • Problem with business over WWW – Inherently insecure medium of communication – Important to secure network transactions 2000 Deitel & Associates, Inc. All rights reserved.

23. 2 Shopping-Cart Technology • Shopping-Cart – Most common e-commerce model – Allows customers 23. 2 Shopping-Cart Technology • Shopping-Cart – Most common e-commerce model – Allows customers to accumulate and store lists of items they wish to buy – Supported by product catalog • Hosted on the merchant server in form of a database • Database - Collection of information – – – Product specifications Descriptions Prices Availabilities Customer information 2000 Deitel & Associates, Inc. All rights reserved.

23. 2. 1 Case Study: Amazon. com • Opened 1994 – Mail-order book retailer 23. 2. 1 Case Study: Amazon. com • Opened 1994 – Mail-order book retailer with small inventory • Now more than 10 million customers – Merchandise includes books, music, videos, DVDs, toys • Uses sophisticated server-side database – Allows customers on client side to search for products – Example of client/server application – Collection of products specs, availability, shipping info, stock levels, on-order info and other data – Makes product cross-referencing possible • Personalizes site to service returning customers 2000 Deitel & Associates, Inc. All rights reserved.

23. 2. 1 Case Study: Amazon. com (II) • Buying is a simple process 23. 2. 1 Case Study: Amazon. com (II) • Buying is a simple process – – Enter search string or browse recommendations One click adds item to shopping cart When ready to place order, proceed to checkout First-time buyers • Fill out shipping and billing information – Return customers • Enter password and computer reuses previously entered info • 1 -clicksm system allows customer to order item with 1 click, avoiding checkout by reusing previous information • Operates secure server to protect personal information • Amazon. com Associates Program ( affiliate program) – Encourages other sites to reference customers to Amazon. com 2000 Deitel & Associates, Inc. All rights reserved.

23. 3 Online-Auction Case Study: e. Bay • Leading online auction company – Posts 23. 3 Online-Auction Case Study: e. Bay • Leading online auction company – Posts more than 2 million unique auctions and 250, 000 new items each day – Brings restrictive offline business model to the Internet • People can buy and sell almost anything – Provides liaison service between parties – no large inventory • Fees – Submission fee – Multitiered final fee • Uses Database to manage millions of auctions 2000 Deitel & Associates, Inc. All rights reserved.

23. 3 Online-Auction Case Study: e. Bay (II) • Has spawned new businesses – 23. 3 Online-Auction Case Study: e. Bay (II) • Has spawned new businesses – Use e. Bay as primary means of selling products • Must remain up and running continuously – High-availability computing • Attempts to minimize site down time – Continuous-availability computing • Attempts to eliminate site down time – Fault-tolerant systems • Use redundancy – Failure to keep site running can be costly if not fatal 2000 Deitel & Associates, Inc. All rights reserved.

23. 4 Online Trading • Fast-growing area of e-commerce – Accounted for 30% all 23. 4 Online Trading • Fast-growing area of e-commerce – Accounted for 30% all securities trades - second half of 1998 – Accounted for 37% all securities trades - first half of 1999 – Putting pressure on major Wall St. firms to offer online trading • Stock trades – Used to be handled only through brokers – paid commissions – As online trading grows • Number of brokers will shrink – Online trading fees nominal compared to broker commissions 2000 Deitel & Associates, Inc. All rights reserved.

23. 4. 1 Case Study: E*TRADE • Founded 1982 to offer online stock quotes 23. 4. 1 Case Study: E*TRADE • Founded 1982 to offer online stock quotes to major firms • Created trading Website – Individual investors can manage investments without brokers • Allows customers to buy, sell and research – – Stocks Mutual funds Bonds Other securities • Cheaper and faster than offline trading • Offers mock stock trading games with fake money 2000 Deitel & Associates, Inc. All rights reserved.

23. 5 Other E-businesses • E-commerce forcing traditional offline companies to move into e-business 23. 5 Other E-businesses • E-commerce forcing traditional offline companies to move into e-business • Dell Computer Corporation – 1984: mail-order catalog business – Today, sells more than $30 million through Website every day – Approximately two thirds online sales are business to business • Total Internet B-to-B transactions could reach $1 trillion by 2004 • ebates. com – Example of hobby turned into profitable business – No product – affiliate of online retailers – Simplifies process of finding rebates on online merchandise and cashing them in – Makes money through selling banner ads 2000 Deitel & Associates, Inc. All rights reserved.

23. 6 Security • Privacy issue – Would you transmit sensitive info if third 23. 6 Security • Privacy issue – Would you transmit sensitive info if third parties could tap it? • Integrity issue – How can you determine if info you send was altered by hacker? • Authentication issue – How do you confirm company receiving your info is reputable? • Non-repudiation issue – How do you legally prove message was sent? • These important questions will be addressed in this section 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography • Channels over which data passes in Internet not 23. 6. 1 Public-Key Cryptography • Channels over which data passes in Internet not secure – Any private information must be protected • Data can be encrypted • Cryptography – Transforms data by using key to make data incomprehensible to all except intended receivers – Unencrypted data called plaintext – Encrypted data called ciphertext – Only intended receivers should have corresponding key to decrypt ciphertext into plaintext 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (II) • Symmetric cryptography (secret-key cryptography) – Used in 23. 6. 1 Public-Key Cryptography (II) • Symmetric cryptography (secret-key cryptography) – Used in past by organizations requiring secure environment – Same secret key used both to encrypt and decrypt message • Process 1. Sender encrypts message with secret key 2. Sends message and secret key to recipient 3. Recipient decrypts message using secret key • Flaws – Privacy and integrity of message can be compromised • If key intercepted as passed over insecure channels – Cannot authenticate which party created message – Different key required for each person to whom messages sent 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (III) • Public-key cryptography – asymmetric cryptography – Higher 23. 6. 1 Public-Key Cryptography (III) • Public-key cryptography – asymmetric cryptography – Higher degree of security – Uses two related keys: • Public key – freely distributed • Private key – kept secret by owner – If public key used to encrypt message only corresponding private key can decrypt it • Process 1. Sender uses receivers public key to encrypt message 2. Receiver decrypts message using receiver’s private key – No one else knows private key • Even if message intercepted, cannot be decrypted by outside party 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (IV) • Digital signature – Developed to be used 23. 6. 1 Public-Key Cryptography (IV) • Digital signature – Developed to be used in public-key cryptography – Solves problems of authentication and integrity – Legal proof of sender’s identity, difficult to forge • To create – Sender runs original message through a hash function • Mathematical calculation which gives message a hash value • Hash value known as message digest – Chance two message will have same message digest statistically insignificant 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (V) • Digital signature process 1. Sender uses private 23. 6. 1 Public-Key Cryptography (V) • Digital signature process 1. Sender uses private key to encrypt message digest, creating digital signature, authenticating sender 2. Sender uses receivers public key to encrypt message 3. Receiver uses sender’s public key to decipher digital signature, reveal message digest 4. Receiver uses own private key to decipher original message 5. Receiver applies hash function to original message – If hash value of original message matches message digest in signature • Message has integrity – has not been altered in transmission 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (VI) • Problems with Public-key cryptography – Anyone with 23. 6. 1 Public-Key Cryptography (VI) • Problems with Public-key cryptography – Anyone with set of keys can potentially pose as the sender – Example: how do you know if site you are sending information belongs to merchant and not third party • Public Key Infrastructure (PKI) – Adds digital certificates to process for authentication • Digital certificate – Issued by a certification authority (CA) • CA is third party that issues certificates to its customers to authenticate subject’s identity and bind the identity to a public key • Takes responsibility for authentication – Publicly available, help by CA in certificate repositories 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (VII) • Digital certificate signed by CA’s private key 23. 6. 1 Public-Key Cryptography (VII) • Digital certificate signed by CA’s private key • Includes – – – Subject (name of company or individual) Subject’s public key Serial number Expiration date Authorization of trusted CA Other relevant info • Veri. Sign, Inc. – One of leaders in online security – Develops PKI and digital certificate solutions 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (VIII) Verisign Digital Certificate 2000 Deitel & Associates, Inc. 23. 6. 1 Public-Key Cryptography (VIII) Verisign Digital Certificate 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 1 Public-Key Cryptography (IX) • Many still feel e-commerce is insecure • 23. 6. 1 Public-Key Cryptography (IX) • Many still feel e-commerce is insecure • In reality – Transactions using PKI and digital certificates are more secure than exchange of information over then phone – Key algorithms nearly impossible to compromise • RSA Security, Inc. – Encryption and authentication technologies used by most Fortune 100 companies – Encryption products built into more than 450 million copies of popular Internet applications – Most secure communication on Internet uses RSA products 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 2 Secure Sockets Layer (SSL) • SSL protocol – Developed by Netscape 23. 6. 2 Secure Sockets Layer (SSL) • SSL protocol – Developed by Netscape Communications – Commonly used to secure Internet and WWW communications – Built into many Web browsers • Netscape Communicator • Internet Explorer – Operates at network level • Between Internet’s TCP/IP communications protocol and the application software 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 2 Secure Sockets Layer (SSL) (II) • Standard correspondence over Internet – 23. 6. 2 Secure Sockets Layer (SSL) (II) • Standard correspondence over Internet – Sender’s message passed to socket – Socket interprets message to TCP/IP • Transmission Control Protocol/Internet Protocol • Standard set of protocols used for communication between computers on the Internet • Most Internet transmissions sent as set of individual message pieces called packets 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 2 Secure Sockets Layer (SSL) (III) Standard Internet Communication Process • At 23. 6. 2 Secure Sockets Layer (SSL) (III) Standard Internet Communication Process • At sending side 1. Packets of one message numbered sequentially 2. Error-control information attached 3. TCP routes packets to avoid traffic jams – Each packet may travel different route on the Internet • At receiving side 5. TCP makes sure all packets have arrived 6. Determines if packets have arrived with integrity and without alteration – If packets have been altered: TCP/IP will retransmit packets 7. TCP/IP passes message to socket at receiver end 8. Socket translates message back into readable form 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 2 Secure Sockets Layer (SSL) (IV) • Transactions using SSL – Sockets 23. 6. 2 Secure Sockets Layer (SSL) (IV) • Transactions using SSL – Sockets secured using public-key cryptography – Do not require client authentication • Process 1. Client sends message to server 2. Server responds and sends digital certificate for authentication 3. Client and server negotiate session keys to continue transaction – Session keys • Symmetric secret keys used for duration of transaction 4. Once keys established – communication proceeds between client and server using session keys and digital certificates 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 2 Secure Sockets Layer (SSL) (V) • SSL protects info while being 23. 6. 2 Secure Sockets Layer (SSL) (V) • SSL protects info while being passed over Internet • Does not protect private info stored on merchant’s server • When merchant receives private info – Often decrypts info and stores it on merchant’s server • If server insecure and data not encrypted – Outside party could access the information 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 3 Secure Electronic Transaction. TM (SETTM) • SET protocol – Developed by 23. 6. 3 Secure Electronic Transaction. TM (SETTM) • SET protocol – Developed by Visa International and Mastercard – Designed to specifically protect e-commerce payment transactions – Used digital certificates to authenticate each party • Customer • Merchant’s bank – Public-key cryptography used to secure info as passed over the Web 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 3 Secure Electronic Transaction. TM (SETTM) (II) • Merchant must have – 23. 6. 3 Secure Electronic Transaction. TM (SETTM) (II) • Merchant must have – Digital certificate – Special SET software to process transaction • Customer must have – Digital certificate – Digital Wallet software • Digital Wallet – Stores credit or debit information for multiple cards – Stores digital certificate verifying cardholder’s identity – Add convenience to online shopping • Customers do not have to re-enter information for different sites 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 3 Secure Electronic Transaction. TM (SETTM) (III) • SET transaction process – 23. 6. 3 Secure Electronic Transaction. TM (SETTM) (III) • SET transaction process – When customer ready to place order 1. Merchant’s SET software sends order info and merchant’s digital certificate to customer’s digital wallet • This activates digital wallet software 2. Credit card and order info encrypted using merchant’s bank’s public key 3. Info sent to merchant along with customer’s digital certificate 4. Merchant forwards info to merchant’s bank to process payment 5. Merchant’s bank sends amount of purchase and its own digital certificate to customer’s bank to get approval for transaction • If customer’s charge approved 6. Customer’s bank sends authorization to merchant 7. Merchant sends confirmation of order to customer 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 3 Secure Electronic Transaction. TM (SETTM) (IV) • In SET protocol – 23. 6. 3 Secure Electronic Transaction. TM (SETTM) (IV) • In SET protocol – Merchant never sees client’s proprietary information – Reduced risk of fraud • Although SET designed for e-commerce transactions and has high-level of security – Has yet to become the standard protocol used in majority of transactions • Reasons for lack of use in e-commerce – Requires special software on both client and server side • Adds additional costs – Transactions more time-consuming than transactions using other protocols like SSL 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 4 Case Study: Microsoft Authenticode • In our age of viruses and 23. 6. 4 Case Study: Microsoft Authenticode • In our age of viruses and hackers – Security required to ensure downloaded software is trustworthy and has not been altered • Microsoft Authenticode combined with Veri. Sign digital certificates (or digital Ids) – Authenticates publisher of the software – Detects whether the software has been altered – Security feature built into Microsoft Internet Explorer 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 4 Case Study: Microsoft Authenticode (II) • Software publishers must – – 23. 6. 4 Case Study: Microsoft Authenticode (II) • Software publishers must – – Obtain digital certificate designed for publishing software Provide their public key and identifying info Sign an agreement that they will not distribute harmful software Provides legal recourse if downloaded software causes harm • Uses digital-signature technology to sign software – Provides proof that software is safe and has not been altered • When customer attempts to download a file – Dialog box appears displaying digital certificate and CA – Links to publisher and CA provided • If Authenticode determines software is compromised – Transaction is terminated 2000 Deitel & Associates, Inc. All rights reserved.

23. 6. 5 Online Payments; Case Study: Cyber. Cash. TM • Cyber. Cash – 23. 6. 5 Online Payments; Case Study: Cyber. Cash. TM • Cyber. Cash – One of the leaders in secure-payment processing solutions • Cyber. Cash. Register – Enables e-businesses to accept credit-card payments – Cyber. Cash maintains all the secure servers – merchants not responsible for storing sensitive info on their servers – Uses SSL and SET protocols to secure online transactions • Cyber. Cash Insta. Buy – Digital wallet service – Eliminates need to reenter credit-card info at each site • Cyber. Cash Pay. Now – Gives merchants ability to bill and collect payments online 2000 Deitel & Associates, Inc. All rights reserved.

23. 7 XML and E-Commerce • XML (Extensible Markup Language) – Not actually a 23. 7 XML and E-Commerce • XML (Extensible Markup Language) – Not actually a markup language like HTML – Allows creation of customized tags unique to specific applications – No longer limited to using HTML’s fixed set of tags • Standardized XML tags for publishing documents online – Math. ML (Math Markup Language) • XML Language for marking up mathematical formulas in documents – Chem. ML (Chemistry Markup Language) • XML language for marking up the molecular structure of chemicals 2000 Deitel & Associates, Inc. All rights reserved.

23. 7 XML and E-Commerce (II) • Use of XML growing – Changing the 23. 7 XML and E-Commerce (II) • Use of XML growing – Changing the way business is conducted over the Internet • Ability to customize tags – Will allow business data to be used worldwide • Once tags are standardized – Browser must be able to recognize them • Tags built into browser • Plug-in can be downloaded or installed • Impact of XML is profound – Gives online merchants better means of tracking product info • Many industries using XML to improve EDI 2000 Deitel & Associates, Inc. All rights reserved.

23. 7 XML and E-Commerce (III) • XML use Today • Health Level Seven 23. 7 XML and E-Commerce (III) • XML use Today • Health Level Seven (HL 7) organization – Application Protocol for Electronic Exchange in Healthcare – Uses XML to enable healthcare oriented application to exchange data electronically • XML Metadata Interchange Format (XMI) – A standard that combines XML with UML (Unified Modeling Language) – Allows developers worldwide to collaborate on designs of object-oriented software systems • Open Software Description Format – XML specification that enables the distribution of software over the Internet 2000 Deitel & Associates, Inc. All rights reserved.

23. 8 Data Mining, Bots and Intelligent Agents • Help search through enormous amounts 23. 8 Data Mining, Bots and Intelligent Agents • Help search through enormous amounts of information • Data Mining – – Massive amounts of info sifted through Collected data stored in a data warehouse May include whatever info a company needs to maintain Uses a series of searches to find specific patterns and relationships within data – This information used to analyze trends within the company or marketplace – Despite being restrictively expensive, can often improve bottom-line profitability of businesses 2000 Deitel & Associates, Inc. All rights reserved.

23. 8 Data Mining, Bots and Intelligent Agents (II) • Bots – Make data 23. 8 Data Mining, Bots and Intelligent Agents (II) • Bots – Make data mining more effective – Allows specific queries to be made – Eliminates the need for multiple searches • Intelligent agents – Smart bots that learn about customers over time by tracking preferences, actions and buying patterns – Enable e-businesses to offer a level of customer service similar to person-to-person interaction 2000 Deitel & Associates, Inc. All rights reserved.

23. 8. 1 Case Study: Priceline. com • Employs the name-your-price business model • 23. 8. 1 Case Study: Priceline. com • Employs the name-your-price business model • Demand collection system – Patented business mechanism 1. Customer bids a price for a product or service 2. Shopping bot offers customers’ bids to Priceline’s partners • Checks whether any of the partners will accept the a price under that bid for the requested product or service 3. If the partner will accept the price, Priceline retains the difference between that customer’s price and the actual price – Products and services include: • Airline tickets, hotel rooms, new cars, home mortgages, home refinancing and home equity loans 2000 Deitel & Associates, Inc. All rights reserved.

23. 8. 2 Case Study: Travelocity. com • Online travel service • Enables you 23. 8. 2 Case Study: Travelocity. com • Online travel service • Enables you to make all travel arrangements with a single visit to their Website – Eliminates the need and cost of a travel agent – Can book flights, rental cars, hotel rooms and vacation packages • Uses shopping-bot technology – When customer searches for a flight – Bot searches airlines for flights that fit the customer’s search parameters 2000 Deitel & Associates, Inc. All rights reserved.

23. 8. 3 Case Study: Scour. net • Locates multimedia files on the Web 23. 8. 3 Case Study: Scour. net • Locates multimedia files on the Web – Uses bot technology • Users can find – – – Video clips Audio Images Live radio broadcasts Breaking news • Searches for specific file types • Smart. Match intelligent agent responds to customer queries even if partial or misspelled names are entered • Most comprehensive multimedia search site available 2000 Deitel & Associates, Inc. All rights reserved.

23. 8. 4 Bottomdollar. com • Large-scale comparison shopping – Uses intelligent-agent technology – 23. 8. 4 Bottomdollar. com • Large-scale comparison shopping – Uses intelligent-agent technology – Searches Web to find products you want at best available prices – When product requested, visits thousands of stores to find the current lowest prices – Saves shoppers time and money • Similar services include – www. shopper. com – www. dealtime. com – www. mysimon. com 2000 Deitel & Associates, Inc. All rights reserved.

23. 9 Case Study: Using Yahoo! Store to Set up an Online Store • 23. 9 Case Study: Using Yahoo! Store to Set up an Online Store • Many online store-builder solutions available – Ideal for small businesses that cannot afford custom solutions or do not have secure merchant servers • Yahoo! Store – – – Popular e-commerce store-builder Charges monthly fee based on number of items to be sold Includes all features needed for a complete e-commerce site Allows you to set up demo store to test features Offers different styles, templates and editing tools to aid design Hosts sites on Yahoo! secure servers • Maintained on a 24 -by-7 basis • Provides SSL technology to encrypt credit-card transactions 2000 Deitel & Associates, Inc. All rights reserved.

23. 9 Case Study: Using Yahoo! Store to Set up an Online Store (II) 23. 9 Case Study: Using Yahoo! Store to Set up an Online Store (II) Deitel Demo Site on Yahoo! Store 2000 Deitel & Associates, Inc. All rights reserved.

23. 10 Commerce Server Case Study: Microsoft Site Server Commerce Edition • Popular software 23. 10 Commerce Server Case Study: Microsoft Site Server Commerce Edition • Popular software package for e-commerce – Designed for use with MS Windows NT and MS SQL server – More powerful than most prepackaged store-builder solutions • More costly to license, manage and support • Requires merchants to maintain their own 24 -by-7 support • Allows companies to – Manage transactions – Offer secure payment services using both • SSL • SET – Support a large catalog of products – Keep records of online transactions – Help design Web sites 2000 Deitel & Associates, Inc. All rights reserved.

23. 11 E-Commerce Core Technologies Enumeration of Common Technologies at Core of E-Commerce • 23. 11 E-Commerce Core Technologies Enumeration of Common Technologies at Core of E-Commerce • Shopping-cart technology – Enables processing through a Website – Supported by database of products – Hosted on the merchant server • Public-key cryptography – Ensures privacy of messages transmitted over Internet – Uses asymmetric key pair to encrypt and decrypt messages – Insures that messages will only be read by intended received • Digital signature – Used with public-key cryptography to solve problem of authentication – Provides receiver of message with legal proof of sender’s identity – Created by applying hash function to message to create message digest, then encrypting message with sender’s private key 2000 Deitel & Associates, Inc. All rights reserved.

23. 11 E-Commerce Core Technologies (II) Enumeration of Common Technologies at Core of E-Commerce 23. 11 E-Commerce Core Technologies (II) Enumeration of Common Technologies at Core of E-Commerce • Digital certificate – Issued by a certification authority (CA), signed by using CA’s private key – Typically includes name of subject, subject’s public key, serial number, expiration date, authorization and other relevant info – Are publicly available and are held by CA in certificate repositories • Secure Sockets Layer (SSL) – – Uses public-key technology and digital certificates Authenticates the server in a transaction Protects info as it passes from one part to another over the Internet Do not require client authentication • Secure Electronic Transaction (SET) – Uses digital certificates to authenticate parties in an e-commerce transaction – Public-key encryption used to secure information as passed over the Web 2000 Deitel & Associates, Inc. All rights reserved.

23. 11 E-Commerce Core Technologies (III) Enumeration of Common Technologies at Core of E-Commerce 23. 11 E-Commerce Core Technologies (III) Enumeration of Common Technologies at Core of E-Commerce • High-availability computing time – Minimizes server down time • Continuous-availability computing time – Eliminates server down time • Shopping bots and agents – Give consumers the ability to search the Web more effectively and efficiently – Commonly used for comparison shopping • Intelligent agents – Bots that learn about a customer over time by recording usage patterns 2000 Deitel & Associates, Inc. All rights reserved.

23. 11 E-Commerce Core Technologies (IV) Enumeration of Common Technologies at Core of E-Commerce 23. 11 E-Commerce Core Technologies (IV) Enumeration of Common Technologies at Core of E-Commerce • Cookies – Small files sent from server to client – Store information on user’s computer for retrieval later – In subsequent communication, merchant can examine cookies for information about the client’s preferences • Unicode standard – Can be used to encode symbols of the world’s “commercially viable” languages – Character sets for specific industries and specialized occupations have been included in the standard – As internationalization increases, will support the flow of information 2000 Deitel & Associates, Inc. All rights reserved.

23. 12 Future of E-Commerce • Technology trends that will affect the future – 23. 12 Future of E-Commerce • Technology trends that will affect the future – – More powerful computers for less money Decrease in physical size of memory Ability to access bits getting easier, cost per bit declining Increased competition greater bandwidth • Ability to transmit information more cheaply – Increased ability on the Internet for streaming audio and video • Becoming worthwhile to conduct smaller transactions on a larger scale • As number of households on Internet increases – E-commerce will grow from $10 billion in 1999 to $100 billion in 2003 2000 Deitel & Associates, Inc. All rights reserved.

23. 13 Internet Marketing: Increasing Traffic at Your web Site • As number of 23. 13 Internet Marketing: Increasing Traffic at Your web Site • As number of Web sites increase – Marketing of your site becomes more important – Several free Internet marketing resources available • Traffic on Web sites measured by hits – Number of files transferred from server to browsers • Banner advertising – Similar to placing billboards advertising your site on someone else’s site – Banner-hosting services charge for placing your banner • Help search engines: – Provide specific info about your site in META tags • Use affiliate programs, contests, giveaways and offline marketing 2000 Deitel & Associates, Inc. All rights reserved.