Está en la página 1de 41

Explain any three basic needs of consumer oriented e-commerce.

It has been said that the meeting of money, commerce, computing and networks form
the global consumer market place. It includes facilities for negotiations, bargaining; order
processing, payment and customer service. Though it is desirable that the entire system
is automated, it may be possible that one/more of these activities may be transactcd in a
traditional manner. The order is placed over phone, further negotiations may be made
with the sales representative calling on the buyer, the payment may be made through a
cheque etc.
The following criteria arc essential for consumer-oriented electronic commerce:
Critical mass of buyers and sellers. The trick is getting a critical mass of corporations
and consumers to use electronic mechanisms. In other words, the electronic
marketplace should be the first place customers go to find the products and services
they need.
Opportunity for independent evaluations and for customer dialogue and discussion. In
the marketplace, not only do users buy and sell products or services, they also compare
notes on who has the best products and whose prices are outrageous. The ability to
openly evaluate the wares offered is a fundamental principle of a viable marketplace.
Negotiation and bargaining. No market place is complete if it does not support
negotiation. Buyers and sellers need to be able to haggle over conditions of mutual
satisfaction, including money, terms and conditions, delivery dates, and evaluation
ctiteria New products and services. In a viable marketplace, consumers can make
requests for products and services not currently offered and have reasonable
expectations that someone will turn up with a proposed offering to meet that request.
List the OMCs (Order Management Cycle) generic steps.
OMC has the following generic steps:
1)Order Planning and Order Generation: The business process begins long before an
actual order is placed by the customer. The first step is order planning. Order planning
leads into order generation. Orders are generated in number of ways in the e-commerce
environment. The sales force broadcasts ads (direct marketing), sends personalized email to customers (cold calls), or creates a WWW page.
2) Cost Estimation and Pricing: Pricing is the bridge between customer needs and
company capabilities. Pricing at the individual order level depends on understanding, the
value to the customer that is generated bye ach order, evaluating the cost of filling each
order; and instituting a system that enables the company to price each order based on
its valued and cost.
3) Order Receipt and Entry: After an acceptable price quote, the customer enters the
order receipt and entry phase of OMC. Traditionally, this was under the purview of
departments variously titled customer service, order entry, the inside sales desk, or
customer liaison. These departments are staffed by customer service representatives,
usually either very experienced, long-term employees or totally inexperienced trainees.
4) Order Selection and Prioritization: Customer service representatives are also often
responsible for choosing which orders to accept and which to decline. In fact, not all
customer orders are created equal; some are simply better for the business than others.
Another completely ignored issue concerns the importance of order selection and
prioritization. Companies that put effort into order selection and link it to their business
strategy stand to make more money.
5) Order Scheduling: Ordering scheduling phase the prioritized orders get slotted into
an actual production or operational sequence. This task is difficult because the different
functional departments sales, marketing, and customer service may have conflicting
goals.

6) Order Fulfillment and Delivery: The order fulfillment and delivery phase the actual
provision of the product or service is made. While the details vary from industry to
industry, in almost every company this step has become increasingly complex. Often,
order fulfillment involves multiple functions and locations.
7)
Order Billing and Account/Payment management: After the order has been fulfilled
and delivered, billing is typically handled by the finance staffs, who view their job as
getting the bill out efficiently and collecting quickly.
8) Post-sales Service: This phase plays an increasingly important role in all elements of
a companys profit equation: customer value, price, and cost. Depending on the specifics
of the business, it can include such elements as physical installation of a product, repair
and maintenance, customer training, equipment upgrading and disposal. Because of the
information conveyed and intimacy involved, post sales service can affect customer
satisfaction and company profitability for years.
What is supply chain management? Give its characteristics.
Supply Chain Management (SCM): Supply chain management (SCM) is a network of
suppliers and customers within which any business can operates. It is a chain of
suppliers and customers for a particular business
In electronic commerce, supply chain management has the following
characteristics:
An ability to source raw material or finished goods from anywhere in the world.
A global business and management strategy with flawless local execution.
On-line, real-time distributed information processing to the desktop, providing total
supply chain information visibility.
The ability to manage information not only within a company but across industries and
enterprises.
The seamless integration of all supply chain processes and measurements, including
third-party suppliers, information systems, cost accounting standards, and measurement
systems.
The development and implementation of accounting models such as activity-based
costing that 1 ink cost to performance are used as tools for cost reduction.
A reconfiguration of the supply chain organization into high-performance teams going
from the shop floor to senior management.

B1
What are the desirable characteristics of E-marketing ?
Before we embark on the detailed study of e-commerce, we shall discuss some of
related issues.
Commonsense tells us that few transactions are more congenial for e-marketing than
others. We list out the desirable features of a hypothetical market pace let us call it emarket.
1. A minimal size of the place- Obviously for any such place to thrive there is a critical
size, below which it is not profitable to operate. This minimal number of buyers and
sellers characterises the profitability of the place.
2. A scope for interactions- Interactions include trial runs of the products, classifications
of doubts on the part of the customers, details of after sales services, ability to compare

different products and of course scope for negotiations and bargaining. Negotiations can
be in terms of cost, value additions, terms and conditions, delivery dates etc.
What are the three types electronic tokens? Explain.
None of the banking or selling payment methods is completely adequate in their present
form for the consumer-oriented e-commerce environment. Totally new forms of financial
instruments are also being developed. One such new financial instrument is electronic
tokens in the form of electronic cash / money or checks. Electronic tokens are designed
as electronic analogs of various forms of payment backed by a bank or financial
institution. Simply stated, electronic tokens are equivalent to cash that is backed by a
bank.
Electronic tokens are of three types:
1. Cash or real-time. Transactions are settled with the exchange of electronic currency.
An example of on-line currency exchange is electronic cash (e-cash).
2. Debit or prepaid. Users pay in advance for the privilege of getting information.
Examples of prepaid payment mechanisms are stored in smart cards and electronic
purses that store electronic money.
3. Credit or postpaid. The server authenticates the customers and verifies with the
bank that funds are adequate before purchase. Examples of postpaid mechanisms are
credit / debit cards and electronic checks.
Draw the layered architecture of EDI.
EDI architecture specifies four layers:
a) The semantic (or application) layer
b) The standards translation layer
c) The packing (or transport) layer
d) The physical network infrastructure layer.
The EDT semantic layer describes the business application that is driving EDT. The
Information seen at the EDT semantic layer must be translated from a company-specific
form to a more generic or universal form so that it can be sent to various trading
partners, who could be using a variety of software applications at their end. To facilitate
the transfer of computer files between two trading partners requires that the computer
applications of both sender and receiver use a compatible format for EDT document
exchange. The EDT translation software converts the proprietary format into a standard
mutually agreed on by the processing systems. When a company receives the
document, their EDT translation software automatically changes the standard format into
the proprietary format of their document processing software.
The EDT transport layer corresponds closely with the non-electronic activity of sending a
business form one company to another. The content and structure of the form are
separated from the transport carrier. EDT documents are exchanged rapidly over
electronic networks using the existing e-mail programs and infrastructure.
EDI in Action The use of EDT transporter saves large administration costs by

eliminating the bulk of flow paperwork.

Describe the steps involved in designing electronic payment system.


Despite cost and efficiency gains, many hurdles remain to the spread of electronic
payment systems. These include several factors, many non-technical in nature that must
be addressed before any new payment method can be successful.
Privacy: A user expects to trust in a secure system
Security: A secure system verifies the identity of two-party transaction through user
authentication and reserves flexibility to restrict information / service through access
control.
Intuitive interface: The payment interface must be as easy to use as a telephone.
Generally speaking, users value convenience more than anything.
Database integration: With home banking, for example, a customer wants to play with
all his accounts. To date, separate accounts have been stored on separate databases.
Brokers: A network banker someone to broker goods and services, settle conflicts,
and facilitate financial transactions electronically must be in place.
Pricing: One fundamental issue is how to price payment system services.
Standard: Without standards, the welding of different payment users into different
networks and different systems is impossible. Standards enable interoperability, giving
users the ability to buy and receive information, regardless of which bank is managing
their money.
o None of these hurdles are intractable. The biggest question
concerns how customers will take to a paperless and (if not cashless) less-cash world.
What do you mean by value added networks (VANS) ? Explain. A VAN is a
communications network that typically exchanges EDT messages among trading
partners. It also provides other services, including holding messages in electronic
mailboxes, interfacing with other VANs and supporting many telecommunications
modes and transfer protocols. A VANs electronic mailbox is a software feature into
which a user deposits EDT transactions and then retrieves those messages when
convenient. It works much like residential personal mailboxes, and it allows everybody
involved to be flexible and cost-effective.
Business can exchange data either by connecting to each other directly or by hooking
into a VAN. Traditionally, by acting as middlemen between companies, VANs have
allowed companies to automatically and securely exchange purchase orders, invoices,
and payments. When a company sends and EDT transaction, it arrives at a message
storehouse on the VAN to await pickup by the destination company. In this way VANs
can safeguard the transaction network.
The disadvantage of EDT- enabling VANs is that they are slow and high priced, charging

by the number of characters transmitted.


In the figure we see the EDT process. Company A puts an EDT message for trading
partner manufacturing company B in the VAN mailbox at a date and time of its choosing.
The VAN picks up the message from the mailbox and delivers it to trading partner Bs
mailbox, where it will remain until trading partner B logs on and picks it up. Trading
partner B responds to trading partner A in the same fashion. The cycle repeats itself on a
weekly, daily, or perhaps even hourly basis as needed. This service is generally referred
to as mail-enabled
EDT.
List the four advantages of internet.
1. Flat pricing,
2. cheap access,
3. common standards and
4. secure
1 Flat-pricing that is not dependent on the amount of information transferred. The
Internet flat- rate model is better for the customer as opposed to the standard VAN
approach of charges per character.
2 Cheap access with the low cost of connection often a flat monthly fee for leased line
or dial- up access. Business users have access to commercial and noncommercial
Tnternet services in some 140 countries providing ubiquitous network coverage.
3 Common mail standards and proven networking and interoperable systems; another
attraction is that Internet mail standards are nonproprietary and handle congestion and
message routing exceptionally well. It has been noted that sometimes on a VAN network
an e-mail message can take hours or days to reach its destination, while on the Tnternet
it usually takes seconds to minutes.
4 Security- public-key encryption techniques are being incorporated in various electronic
mail systems. This will enable systems to ensure the privacy of EDT messages and give
users a way to verify the sender or recipient.
There many advantages to using the internet such as:
Email.
Email is now an essential communication tools in business. It is also excellent for
keeping in touch with family and friends. The advantages to email is that it is free ( no
charge per use) when compared to telephone, fax and postal services.
Information.
There is a huge amount of information available on the internet for just about every
subject known to man, ranging from government law and services, trade fairs and
conferences, market information, new ideas and technical support.
Services.
Many services are now provided on the internet such as online banking, job seeking and
applications, and hotel reservations . Often these services are not available off-line or
cost more.
Buy or sell products.
The internet is a very effective way to buy and sell products all over the world.

Communities.
Communities of all types have sprung up on the internet. Its a great way to meet up with
people of similar interest and discuss common issues.
What are the security threats to E-commerce ?
Some of the threats that stimulated the upsurge of interest in security include the
following
Organized and internal attempts to obtain economic or market information from
competitive organizations in the private sector.
Organized and intentional attempts to obtain economic information from government
agencies.
Inadvertent acquisition of economic or market information.
Inadvertent acquisition of information about individuals.
Intentional fraud through illegal access to computer repositories including acquisition of
funding data, economic data, law enforcement data, and data about individuals.
Government intrusion on the rights of individuals
Invasion of individuals rights by the intelligence community.

What is EDI and electronic fund transfer?


The economic advantages of EDI arc widely recognized, but until recently, companies
have been able to improve only discrete processes such as automating the accounts
payable function or the funds transfer process. Companies are realizing that to truly
improve their productivity thcy need to automate their external processes as well as their
internal processes. Another goal of new EDI services is to reduce the cost of setting up
an EDt relationship. These costs arc still very high because of the need for a detailed
two-sided agreement between the involved business partners and for the necessary
technical agreements. Therefore most successful EDI implementations are either in
long-term partnerships or among a limited number of partners. The advent of interorganizational commerce, several new types of EDT are emerging that can be broadly
categorized as traditional EDT and open EDT.
Electronic Funds Transfer is the automatic transfer of funds among banks and other
organizations.
Explain secure socket layer (SSL).
SSL is an encrypted communication protocol that we use to implement security by
switching a website into the secure mode. SSL prevents transactions between a
company and its customers from packet-sniffing attacks. The protocol allows
client/server applications to communicate in a way that data transmissions cannot be
altered. The strength of SSL is that it is application- independent. HTTP, telnet, and FTP
can be placed on top of SSL transparently. SSL provides channel security through
encryption and reliability through a message integrity check.
SSL uses three-part process. First, information is encrypted to prevent unauthorized
disclosure. Second, the information is authenticated to make sure that the information is
being sent and received by the correct party. Finally, SSL provides message integrity to
prevent the information from being altered during interchanges between the source and

sink.
Explain secure electronic payment protocol.
SEPP: SEPP stands from Secure Electronic Payment System. SEPP is the electronic
corresponding of the paper charge slide, signature, and submission process. SEPP is an
open, vendor-neutral, nonproprietary, license free specification for securing on-line
transactions. SEPP takes input from the cooperation process and causes the payment to
happen via a three-way communication among the cardholder, merchant, and acquirer.
SEPP only addresses the payment process.
There are several major business requirements addressed by SEPP.
1. To enable confidentiality of payment information.
2. To ensure integrity of all payment data transmitted.
3. To provide authentication that a cardholder is the legitimate owner of a card account.
4. To provide authentication that a merchant can accept master-card, branded card
payments with an acquiring member financial institution.
SEPP PROCESS: SEPP suppose the cardholder and merchant have been
communicating in order to negotiate terms of a purchase and generate an order. These
processes may be conducted via a WWW browser. SEPP is designed to support
transaction action swapped in both interactive and non interactive modes.
The SEPP system is composed of a collection of elements involved in electronic
commerce.
Card holder: This is an authorized holder of a bankcard supported by an issuer and
registered to perform electronic commerce.
Merchant: This is a merchant of goods, services, and/or e-products who accepts
payment for them electronically and may provide selling services and / or electronic
delivery of items for sale.
Acguirer: This is a financial institution that supports merchants by providing service for
processing credit card based transactions.
Certificate management system: This is an agent of one or more bankcard associations
that provides for the creation and distribution of electronic certificates for merchants,
acquirers, and cardholders.
Banknet: This represents the existing Network which interfaces acquirers, issuers and
the certificate management systems.
What are the desirable characteristics of an electronic market.
Desirable characteristics of E-Marketplace:
The following criteria are essential for consumer-oriented electronic commerce:
Critical mass of buyers and sellers. The trick is getting a critical mass of
corporations and consumers to use electronic mechanisms. In other words, the
electronic marketplace should be the first place customers go to find the products and
services they need.
Opportunity for independent evaluations and for customer dialogue and
discussion. In the marketplace, not only do users buy and sell products or services,
they also compare notes on who has the best products and whose prices are
outrageous. The ability to openly evaluate the wares offered is a fundamental principle of
a viable marketplace.
Negotiation and barainin. No market place is complete if it does not support
negotiation. Buyers and sellers need to be able to haggle over conditions of mutual
satisfaction, including money, terms and conditions, delivery dates, and evaluation
criteria.
New products and services. In a viable marketplace, consumers can make requests

for products and services not currently offered and have reasonable expectations that
someone will turn up with a proposed offering to meet that request.
Seamless interface. The biggest barrier to electronic trade is having all the pieces
work together so that information can flow seamlessly from one source to another. This
requires standardization. On the corporate side, companies need compatible EDT
software and network services in order to send electronic purchase orders, invoices, and
payments back and forth.
Recourse for disgruntled buyers. A viable marketplace must have a recognized
mechanism for resolving disputes among buyers and sellers. Markets typically include a
provision for resolving disagreements by returning the product or through arbitrage in
other cases.

B2

Write short note on the following:


a) Kinds of shopping.
Variety of experiences
There are many ways that cardholders will shop. This section describes two ways. The
SET protocol supports each of these shopping experiences and should support others
as they are defined.
On-line catalogues
The growth of electronic commerce can largely be attributed to the popularity of the
World Wide Web.
Merchants can tap into this popularity by creating virtual storefronts on the Web that
contain on-line catalogues. These catalogues can be quickly updated as merchants
product offerings change or to reflect seasonal promotions.
Cardholders can visit these Web pages selecting items for inclusion on an order. Once
the cardholder finishes shopping, the merchants Web server can send a completed
order form for the cardholder to review and approve. Once the cardholder approves the
order and chooses to use a payment card, the SET protocol provides the mechanisms
for the card holder to securely transmit payment instructions as well as for the merchant
to obtain authorization and receive payment for the order.
Electronic catalogues
Merchants may distribute
catalogues on electronic media such as diskettes or CD-ROM. This approach allows the
cardholder to browse through merchandise off-line. With an on-line catalogue, the
merchant has to be concerned about bandwidth and may choose to include fewer
graphics or reduce the resolution of the graphics. By providing an off-line catalogue,
such constraints are significantly reduced.
b) Secret-key cryptography.
Secret Key cryptography, also known as symmetric cryptography, uses the same key to
encrypt and decrypt the message. Therefore, the sender and recipient of a message
must share a secret, namely the key. A well known secret-key cryptography algorithm is
the Data Encryption Standard(DES), which is used by financial institutions to encrypt

PINs.
Public Key cryptography, also known as
asymmetric cryptography, uses two keys: one key to encrypt the message and the other
key to decrypt the message. The two keys are mathematically related such that data
encrypted with either key can only be decrypted using the other. Each user has two
keys: a public key and a private key. The user distributes the public key. Because of the
relationship between the two keys, the user and anyone receiving the public key can be
assured that data encrypted with the public key and sent to the user can only be
decrypted by the user using the private key. This assurance is only maintained if the user
ensures that the private key is not disclosed to another. Therefore, the key pair should
be generated by the usr. The best known public-key cryptography algorithm is RSA
( named after its inventors Rivest, Shamir and Adleman).

Secret-key cryptography is impractical for


exchanging messages with a large group of previously unknown correspondents over a
public network. In order for a merchant to conduct transactions securely with millions of
Internet subscribers, each consumer would need a distinct key assigned by the
merchant and transmitted over a separate secure channel. On the other hand, by using
public-key cryptography, that same merchant could create a public/private key pair and
publish the public key allowing any consumer to send a secure message to the
merchant.
c) Viruses and worms.
A virus is a program that can affect other programs by modifying them, the modified
program includes a copy of the virus program, which can then go into another programs.
A warm is a program that makes use of networking software to replicate itself and move
from system to system. The worm performs some activity on each system it gains
access to, such as consuming processor resources or depositing viruses.
Countering the threat of viruses: The best solution for the threat of viruses is
prevention: do not allow a virus to get into the system in the first place. In general, this
goal is impossible to achieve, although prevention can reduce the number of successful
viral attacks. The next best approach is to do the following:
Detection: After the infection has occurred, determine that it has occurred and locate
the virus.
Purging: Remove the virus from all infected systems so that the disease cannot
spread further.
Recovery: Recover any lost data or programs.
Because of the variety of viruses, there is no universal remedy. A number of programs
provide some protection, and the security manager should be advised to contact several
vendors and assess their products.

Explain in detail the e-commerce architecture.


The electronic commerce application architecture consists of six layers of functionality or
services:
(1) Applications Services: The application services layer of e-commerce will be
comprised of existing and hope applications built on the native architecture.
Brokerage services, data or transaction management: The information brokerage
and management layer provides service integration through the concept of information
brokerages, the development of which is necessitated by the increasing information
resource fragmentation. The concept of information brokerage to represent an
intermediary who provides service integration between customers and information
providers, given some constraint such as a low price, fast service, or profit maximization
for a client. In foreign exchange trading, information is retrieved about the latest currency
exchange rates in order to hedge currency holdings to minimize risk and maximize profit.
The brokerage function is the support for data management and traditional transaction
services. Brokerages may provide tools to accomplish more sophisticated, time- delayed
updates or future- compensating transactions.
(3) Interface and support layers: Interface and support services, will provide interfaces
for electronic commerce applications such as interactive catalogs and will support
directory services job needed for information search and access. Interactive catalogs
are the modified interface to consumer applications such as home shopping. An
interactive catalog is an extension of the paper-based catalog and incorporates
additional features. The primary difference between the two is that unlike interactive
catalogs, which deal with people, directory support services interact directly with
software applications. For this reason, they need not have the multimedia flash and
ballet generally associated with interactive catalogs.
(4) Secure messaging, security, and electronic document interchange: The
importance of the fourth layer, secured messaging, is clear. Messaging is the software
that sits between the network infrastructure and the clients or e-commerce applications,
masking the peculiarities of the environment. Messaging products are not applications
that solve problems; they are more enablers of the applications that solve problems. The
main disadvantages of messaging are the new types of applications it enables which
appear to be more complex, especially to traditional programmers and the jungle of
standards it involves. Also, security, privacy, and confidentiality through data encryption
and authentication techniques are important issues that need to be resolved.
5) Middleware and structured document interchange: Middleware is a relatively new
concept. With the growth of networks, client-server technology, and all other forms of
communicating between / among unlike platforms, the harms of getting all the pieces to
work together grew. Middleware is the ultimate mediator between diverse 51w programs
that enables them talk to one another. Middleware is the computing shift from application
centric to data centric.
(6) Network infrastructure and basic communications services: Transparency
implies that users should be unaware that they are accessing multiple systems.
Transparency is essential for dealing with higher-level issues than physical media and
interconnection that the underlying network infrastructure is in charge of. Transparency
is accomplished using middleware that facilitates a distributed computing environment.
The goal is for m the applications to send a request to the middleware layer, which then
satisfies the request any way it can, using remote information.

Explain, how information flows with EDI.


Electronic data
interchange (EDI) is the structured transmission of data between organizations by
electronic means. It is used to transfer electronic documents or business data from one
computer system to another computer system, i.e. from one trading partner to another
trading partner without human intervention. It is more than mere e-mail ; for instance,
organizations might replace bills of lading and even cheques with appropriate EDI
messages. It also refers specifically to a family of standards , e.g. UN/EDIFACT, ANSI
X12. The National Institute of Standards and Technology in a 1996 publication [1]
defines electronic data interchange as "the computer-to-computer interchange of strictly
formatted messages that represent documents other than monetary instruments. EDI
implies a sequence of messages between two parties, either of whom may serve as
originator or recipient. The formatted data representing the documents may be
transmitted from originator to recipient via telecommunications or physically transported
on electronic storage media.". It goes on further to say that "In EDI, the usual processing
of received messages is by computer only. Human intervention in the processing of a
received message is typically intended only for error conditions, for quality review, and
for special situations. For example, the transmission of binary or textual data is not EDI
as defined here unless the data are treated as one or more data elements of an EDI
message and are not normally intended for human interpretation as part of online data
processing." [1] EDI can be formally defined as 'The transfer of structured data, by
agreed message standards, from one computer system to another without human
intervention'. Most other definitions used are variations on this theme. Even in this era of
technologies such as XML web services , the Internet and the World Wide Web, EDI
may be the data format used by the vast majority of electronic commerce transactions in
the world.
How does digital signature works? Explain
This is the
simplest version of how a Digital Signature works. A "Digital Signature" is slightly
different than an "Electronic Signature", which is a broader term simply referring to any
indication of agreement and identity. A "Digital Signature" often refers to a Public /
Private Key encryption system, the most common of which is "PGP", or "Pretty Good
Privacy", which is a bit of humorous understatement as it's the basis of most military
security and included in export regulations as a U.S. national security secret. By
providing two keys, one with the public and the other privately with the buyer. The
signature is coded with both.

Explain EDI business application layer with a diagram.


The first step in the EDT process creates a document in this case, an invoice in a
software application. This software application then sends the document to an EDT
translator, which automatically reformats the invoice into the agreed- on EDT standard. If
these two pieces of software are from different vendors, it is very important that the
document preparation application seamlessly integrate with the EDT translation
software. Tf both the EDT translator and business application are on the same type of
computer, the data will move faster and more easily from one to another. The translator
creates and wraps the document in an electronic envelope EDT package that has a
mailbox TD for the companys trading partners. The EDT wrapper software can be a

module to the translator, a programming tool to write a different communications

protocols, or a separate application.


Explain main categories of SCM in details
Computerworld - In the simplest
terms, supply chain management (SCM) lets an organization get the right goods and
services to the place theyre needed at the right time, in the proper quantity and at an
acceptable cost. Efficiently managing this process involves overseeing relationships with
suppliers and customers, controlling inventory, forecasting demand and getting constant
feedback on whats happening at every link in the chain.
The supply chain involves several elements:
Location. Its important to know where production facilities, stocking points and
sourcing points are located; these determine the paths along which goods will flow.
Production. An organization must decide what products to create at which plants,
which suppliers will service those plants, which plants will supply specific distribution
centers, and, sometimes, how goods will get to the final customer. These decisions have
a big impact on revenue, costs and customer service.
Inventory. Each link in the supply chain has to keep a certain inventory of raw
materials, parts, subassemblies and other goods on hand as a buffer against
uncertainties and unpredictabilities. Shutting down an assembly plant because an
expected parts shipment didnt arrive is expensive. But inventory costs money too, so its
important to manage deployment strategies, determine efficient order quantities and
reorder points, and set safety stock levels.
Transportation. How do materials, parts and products get from one link in the supply
chain to the next? Choosing the best way to transport goods often involves trading off
the shipping cost against the indirect cost of inventory. For example, shipping by air is
generally fast and reliable. Shipping by sea or rail will likely be cheaper, especially for
bulky goods and large quantities, but slower and less reliable. So if you ship by sea or
rail, you have to plan further in advance and keep larger inventories than you do if you
ship by air.
Mention some hacking techniques.
Some Hacking Techniques:
Stolen access: Involves the use of another users ID or password without permission to
gain access to the internet.
Stolen resources: Search for processors to store stolen software and data bases.
Internet virus: Virus designed to traverse through the network, passing through multiple
processors and either sending information back to the originator or doing damage to the
processors it passes though.
Email Impostures: Sending email while falsifying from field Email passes through at
least two nodes to be received, email.
Email snooping: passes through these nodes, and is stored transiently, it is susceptible

to people tithe system access, unless secured.


Sniffing: If a hacker has gained access to a host, the hacker may set up sniffing
programs to observe traffic storing information (IDs/passwords) that can be used to
compromise other systems.
Spoofing: Assuming someone elses identity, whether it is a login ID, an IP address a
server, or an ecommerce merchant.
Async attacks: While programs are idle in host memory, a hacker may have the
opportunity to access the programs data.
Trojan horses: Viruses concealed within a software package injected into a host. May
be destructive or perform some covert activity designed to send data back to the hacker.
Back doors : Applications/system programmers may implement a secret password that
allows the programmer easy access to a host or application on the host; these
passwords may be infiltrated.
Explain digital signature technique.
If digital signatures are to replace handwritten signatures, they must have the same legal
status as handwritten signatures. The digital signature provides a means for a third party
to verify that the notarized object is authentic. Digital signatures should have greater
legal authority than handwritten signatures. If the contract was signed by digital
signatures, however, a third party can verify that not one byte of the contract has been
altered.
B3
Write a note on the following:
(a) Significance of
WWW on e-commerce
World
Wide Web (WWW) as the architecture: -Electronic commerce depends on the
unspoken statement that computers co-operate efficiently for seamless information
sharing. Unfortunately, this statement of interoperability has not been supported by the
realities of practical computing. Computing is still a world make up of many technical
directions, product, implementations and competing vendors. The Web community of
developers and users is tackling these complex problems. The architecture is made up
of three primary entities: client browser, Web server, and third-party services. The client
browser usually interacts with the WWW server, which acts as an intermediary in the
interaction with third-party services. The client browser resides on the users PC or
workstation and provides an interface to the various types of content. The browser has
to be smart enough to understand what file it is downloading and what browser
extension it needs to activate to display the file. Browsers are also capable of
manipulating local files.
Web server functions can be categorized into information retrieval, data and transaction
management, and security. The third-party services could be other Web servers that
make up the digital library, information processing tools, and electronic payment
systems.
(b) Security threats
Some of the threats that stimulated the upsurge of interest in security include the
following
Organized and internal attempts to obtain economic or market information from
competitive
organizations in the private sector.
Organized and intentional attempts to obtain economic information from government
agencies.

Inadvertent acquisition of economic or market information.


Inadvertent acquisition of information about individuals.
Intentional fraud through illegal access to computer repositories including acquisition of
funding data,
economic data, law enforcement data, and data about individuals.
Government intrusion on the rights of individuals
Invasion of individuals rights by the intelligence community
(c) Security tools
Secure Transport Stacks (Secure Transport Protocol):
The internet uses the transport control protocol / Internet protocol (TCP/IP) as the
primary network protocol engine. Each IP packet contains the data that is to be sent to
some endpoint destination. The IP packet consists of a 32 bit source and destination
address optional bit flags, a header checksum, and the data itself. There is guarantee at
the network layer that the IP protocol data units will be received, and even if they are
received, they may not be received in any particular order. We cannot solely rely on the
source address to validate the identity of the user who sent the packet. TCP provided
retransmission of lost or corrupted protocol data units into their original order of
transmission. Each packet contains a sequence number which is what TCP uses to sort
the protocol data units. The acknowledgement number is the sequence number of the
last packet transmitted. The two most prominent secure transmission protocols for
secure Web communication are:
1 .Secure Sockets Layer
2.Secure HTTP (S-HTTP)
(d) Cryptography
Protection of sensitive information
Cryptography has been used for centuries to protect sensitive information as it is
transmitted from one location to another. In a cryptographic system, a message is
encrypted using a key. The esulting ciphertext is then transmitted to the recipient where
it is decrypted using a key to produce the original message. There are two primary
encryption methods in use today: secret-key cryptography and public- key cryptography.
SET uses both methods in its encryption process. Secret key cryptography
Secret Key cryptography, also known as symmetric cryptography, uses the same key
to encrypt and
decrypt the message. Therefore, the sender and recipient of a message must share a
secret, namely the key. A well known secret-key cryptography algorithm is the Data
Encryption Standard(DES), which is used by financial institutions to encrypt PINs.
(e) S-HTTP
S-HTTP sets up security details with special packet headers that are exchanged in SHTTP. The headers define the type of security techniques, including the use of privatekey encryption, server authentication, client authentication, and message integrity. A
secure envelope encapsulates a message and provides secrecy, integrity, and
client/server authentication.
S-HTTP provides a number of security features. These include:
Client and server authentication
Spontaneous encryption
S-HTTP operates at the topmost layer of the protocol suitethe application layer.
It provides:
Symmetric encryption for maintaining secret communications.
Public-key encryption to establish client/server authentication.
Message digests for data integrity.
(f) Payment processing
Transactions described

This section describes the flow of transactions as they are processed by various
systems.
SET defines a variety of transaction protocols that utilize the cryptographic concepts
introduced in
previous section to securely conduct electronic commerce. The section describes the
following transactions:
Cardholder registration
Merchant registration
Purchase request
Payment authorization
Payment capture
Other transactions
The following additional transactions are part of these specifications, but are not
described in this
section:
Certificate query
Purchase inquiry
Purchase notification
Sale transaction
Authorization reversal
Capture reversal
Credit
Credit reversal
Stages of E-Commerce architecture on Web.
1 .Client browser,
2. WWW server functions and
3. third party services.
The Web community of developers and users is tackling these complex problems. The
architecture is made up
of three primary entities: client browser, Web server, and third-party services. The client
browser usually
interacts with the WWW server, which acts as an intermediary in the interaction with
third-party services. The
client browser resides on the users PC or workstation and provides an interface to the
various types of content. The browser has to be smart enough to understand what file it
is downloading and what browser extension it needs to activate to display the file.
Browsers are also capable of manipulating local files
What are the basic banking services provided in e-commerce.
1. Basic banking services: -normal customer would be transacting with his bank most
of the time. They are mainly related to personal finances. A customer has with his bank
can be classified into the following:
i Checking his accounts statements
ii Round the
clock banking (ATM)
iii Payment of bills etc.
iv Fund transfer and
v Updating of his
pass books etc. The concept of Automated Teller Machines is to allow the customer to
draw money from his account at any part of the day or night. The customer need not go
to the bank at all for his most important service. ATMs are connected to a Bank
Switching Centre. The Switching Centre of several banks is interconnected to an
association switching centre.

2. Home shopping: -We assume it is television based shopping. It may be noted that
this concept is picking up now in India in a small way, wherein the channels set apart
only a very small portion of their broadcasting time to teleshopping. Customer can order
the items over phone. The goods are delivered to his home and payment can be made
in the normal modes. Concepts of traditional marketing like negotiations, trial testing etc.
are missing from this scheme and it is most suitable for those customers who are almost
sure of what they need to buy but who are to busy to go to the shops.
3. Home entertainment: - The next example of this type of commerce is home
entertainment. Dubbed on line movies, it is possible for the user to select a movie/CD
online and make his cable operator play the movie exclusively for him (movie on
demand) cause against payment like Tata Sky. Payment can be either online/ payable to
his account. It is also possible to play interactive games online/download them to your
computer to play. The concept of downloading games/news etc. At a cost to the mobiles
is also a similar concept. It may be noted that in all these cases, the physical movement
of the customer/trader is avoided; of course, the computer need not always be a part of
the deal.
4. Micro-transaction for information: - The telephone directories provide a basic type
of micro- transaction. If we want by one particular type of item say books they list
the addresses and phone numbers of the various book dealers whom we may contact.
Similar facilities are available on the internet may be for more number of items and
also with more details. This can be though of as an extension of the earlier described
television based ordering. We dont have to order only those items that are shown in the
computer, but search for an item that we need.
Basic Tenets of E-Commerce in a consumer oriented scenario: - It has been said
that the meeting of money, commerce, computing and networks form the global
consumer market place. It includes facilities for negotiations, bargaining; order
processing, payment and customer service. Though it is desirable that the entire system
is automated, it may be possible that one/more of these activities may be transacted in a
traditional manner. The order is placed over phone, further negotiations may be made
with the sales representative calling on the buyer, the payment may be made through a
cheque etc.
Some of the fundamental issues of consumer oriented e-commerce can be made
broad based are listed below:
a) Standard business practices and processes for buying and selling of products as well
as services need to be established.
b) Easy to use and well accepted software and hardware implementations of the various
stages of ecommerce like order taking, payment, delivery, after sales interactions etc.
need to be established.
c) Secure commercial and transport practices that make the parties believe that they are
not at the mercy of any body else for the safety of their information and goods need to
be in place.
It may be noted that each one of the above requirements can be established only over a
period of time with several trial and error methods.
What are the benefits of EDI.
EDI can be a costand time-saving system, for many reasons. The automatic transfer of information from
computer to computer reduces the need to rekey information and as such reduces costly
errors to near zero. EDI transactions produce acknowledgments of receipt of data.
Saving also accrues from the following improvements: Reduced paper-based systems:
EDI can impact the effort and expense a company devotes to maintaining records,
paper- related supplies, filing cabinets, or other storage systems and to the personnel

required to maintain all of these systems. EDI can also reduce postage bills because of
the amounts of paper that no longer need be sent.
Improved problem resolution and customer service:
EDI can
minimize the time companies spend to identify and resolve inter-business problems. EDI
can improve customer service by enabling the quick transfer of business documents and
a marked decrease in errors.
Expanded customer/supplier base: Many large manufacturers and retailers with the
necessary clout are ordering their suppliers to institute an EDT program. However, these
are isolated islands of productivity because they are unable to build bridges to other
companies. With the advent of electronic commerce, the bridge is now available.

What is e-cash give the properties of e-cash.


Electronic Cash: Electronic cash (e-cash) is a new concept in on-line payment systems
because it combines computerized convenience with security and privacy that improve
on paper cash. E-cash presents some interesting characteristics that should make it an
attractive alternative for payment over the Internet. E-cash focuses on replacing cash as
the principal payment vehicle in consumer-oriented electronic payments. The
predominance of cash indicates an opportunity for innovative business practice that
revamps the purchasing process where consumers are heavy users of cash. Cash is
negotiable, meaning it can be given or traded to some one else. Cash is legal tender,
meaning the payee is obligated to take it. Cash is a bearer instrument, meaning that
possession is prima facie proof of ownership.
Properties of E-cash: Specifically, e-cash must have the following four properties:
monetary value, interoperability, retrievability, and security.
E-cash must have a monetary value it must be backed by cash (currency), bankauthorized credit, or a bank-certified cashiers check. When e-cash created by one bank
is accepted by others, reconciliation must occur without any problems. Stated another
way, e-cash without proper bank certification caffies the risk that when deposited, it
might be returned for insufficient funds.
E-cash must be interoperable exchangeable as payment for other e-cash, paper
cash, goods or services, lines of credit, deposits in banking accounts, bank notes or
obligations, electronic benefits transfers,. E-cash must be storable and retrievable. The
cash could be stored on a remote computers memory, in smart cards, or in other easily
transported standard devices. Because it might be easy to create counterfeit cash that is
stored in a computer, it might be preferable to store cash on a committed device that
cannot be misused.
E-cash should not be easy to copy or tamper with while being exchanged this
includes detecting duplication and double-spending. Fake a particular problem, in the
Internet and anywhere in the world and so is difficult to catch without appropriate
international agreements. Detection is essential in order to audit whether prevention is
working. Then there is the tricky issue of double spending (DFN88). Preventing doublespending from occurring is extremely difficult if multiple banks are involved in the
transaction. For this reason, most systems rely on post-fact detection and punishment.
What is electronic pulse? Explain.
A new digital andphysical Label for electronic Music. electronic pulse records is not just a
label. Velocity is electronic pulse records!a comprehensive platform for artists,
musicians, producers and all other friends of electronic music.Completely independent
and solely to the development and Expansion of electronic music, open to everything

and constantly on the lookout for new sounds that is electronic pulse records!!
Compare push and pull based supply chains.
The business terms push and pull originated in the marketing and selling world.but are
also applicable in the world of electronic content and supply chain management. The
push/pull relationship is that between a product or piece of information and who is
moving it. A customer pulls things towards themselves, while a
producer pushes things toward customers.
With a push-based supply chain, products are pushed through the channel, from the
production side up to the retailer. The manufacturer sets production at a level in accord
with historical ordering patterns from retailers. It takes longer for a push-based supply
chain to respond to changes in demand, which can result in overstocking or bottlenecks
and delays, unacceptable service levels and product obsolescence.
In a pull-based supply chain, procurement, production and distribution are demand
driven so that they are coordinated with actual customer orders, rather than forecast
demand. A supply chain is almost always a combination of both push and pull, where the
interface between the push- based stages and the pull-based stages is known as the
push-pull boundary. An example of this would be Dells build to order supply chain.
Inventory levels of individual components are determined by forecasting general
demand, but final assembly is in response to a specific customer request. The push-pull
boundary would then be at the beginning of the assembly line. A push-pull-system in
business describes the movement of a product or information between two subjects. On
markets the consumers usually pulls the goods or information they demand for their
needs, while the offerers or suppliers pushes them toward the consumers. In logistic
chains or supply chains the stages are operating normally both in push- and pullmanner. The interface between push-based stages and pull-based stages are called
push-pull boundary or decoupling point .
Explain electronic tokens present in payment systems
None of the
banking or selling payment methods is completely adequate in their present form for the
consumer-oriented e-commerce environment. Totally new forms of financial instruments
are also being developed. One such new financial instrument is electronic tokens in
the form of electronic cash / money or checks. Electronic tokens are designed as
electronic analogs of various forms of payment backed by a bank or financial institution.
Simply stated, electronic tokens are equivalent to cash that is backed by a bank.
Electronic tokens are of three types:
1. Cash or real-time. Transactions are settled with the exchange of electronic currency.
An example of on-line currency exchange is electronic cash (e-cash).
2. Debit or prepaid. Users pay in advance for the privilege of getting information.
Examples of prepaid payment mechanisms are stored in smart cards and electronic
purses that store electronic money.
3. Credit or postpaid. The server authenticates the customers and verifies with the
bank that funds are adequate before purchase. Examples of postpaid mechanisms are
credit / debit cards and electronic checks.

B4

What are the desirable characteristics of e-commerce


Desirable characteristics of E-Commerce: - Commonsense tells us that few
transactions are friendlier for e-marketing than others. We list out the desirable features
of a hypothetical market pace let us call it e-market.
a) A minimal size of the place: Obviously for any such place to thrive there is a critical
size, below which it is not profitable to operate. This minimal number of buyers and
sellers characterizes the profitability of the place.
A scope for interactions: Interactions include trial runs of the products, classifications
of doubts on the part of the customers, details of after sales services,
b) ability to compare different products and of course scope for negotiations and
bargaining. Negotiations can be in terms of cost, value additions, terms and conditions,
delivery dates etc.
c) Scope for desinint new products: The customer need not buy only what is
available. He can ask for modifications, up-gradations etc. The supplier must be able to
accept these and produce made to order items.
d) A seamless connection to the marketplace: It is obvious that each customer will be
operating with a different type of computer, software, connectivity etc. There should be
available standards sot that any of these costumers will be able to attach himself to any
of the markets without changing his hardware/software/interfaces etc.
Recourse for disgruntled users: It is nave to believe that transaction of such a place
end up in complete satisfaction to all parties concerned. Especially because of the
facelessness of the customer and the supplier, there should be a standard recourse to
settle such disputes.
Define e-commerce. Name any two areas which are reasons of worry in e
commerce.
1.Security and
2. legal acceptance Security. A secure system verifies the identity of two-party
transaction through user
authentication and reserves flexibility to restrict information / service through access
control. Millions of dollars have been embezzled by computer fraud. No systems are yet
fool-proof,
although designers are concentrating closely on security.
Legal acceptance. It is not that the concept of e-commerce is totally without side effects.
The very nature of the concept, that is revolutionary makes it difficult for the users to
understand fully the various issues involved. There are several areas of security, safety
against fraud etc., the concept of legal acceptance that are yet to be solved. Also since
the internet knows no national boundaries, the concepts become more complex, since
what is legal in one country may not be so in another. There is also the concepts of
taxation and state controls that needs to be solved. All these issues will be taken up in
some detail during the course of this topic.
How does the commerce and e-commerce are related.
Concept of Commerce and E-Commerce: -Commerce is normally associated with the
buying and selling of items. Commerce is one of the oldest activities of human beings
and the concept of traders selling and buying items is a part of history. Markets are a
common place where the buyers and sellers meet along with their products. Money is
also an essential part of the market place. The concept of money, we have several
concepts of banking, various methods of representing and transferring money like

cheques, MOUs, Drafts etc.


The key element of e-commerce is information processing. Every stage of commerce,
except of route production of goods and their physical delivery can be automated. The
tasks that can be automated include information gathering, processing, and manipulation
and information distribution.
Explain the four layers of EDI architecture and list the benefits of EDI.
a) The semantic (or application) layer
b) The standards translation layer
c) The packing (or transport) layer
d) The physical network infrastructure layer.
The EDT semantic layer describes the business application that is driving EDT. The
Information seen at the EDT semantic layer must be translated from a company-specific
form to a more generic or universal form so that it can be sent to various trading
partners, who could be using a variety of software applications at their end. To facilitate
the transfer of computer files between two trading partners requires that the computer
applications of both sender and receiver use a compatible format for EDT document
exchange. The EDT translation software converts the proprietary format into a standard
mutually agreed on by the processing systems. When a company receives the
document, their EDT translation software automatically changes the standard format into
the proprietary format of their document processing software.
The EDT transport layer corresponds closely with the non-electronic activity of sending a
business form one company to another. The content and structure of the form are
separated from the transport carrier. EDT documents are exchanged rapidly over
electronic networks using the existing e-mail programs and infrastructure.
Tandble Benefits of EDI: EDT can be a cost- and time-saving system, for many
reasons. The automatic transfer of information from computer to computer reduces the
need to rekey information and as such reduces costly errors to near zero. EDT
transactions produce acknowledgments of receipt of data. Saving also accrues from
the following improvements:
Reduced paper-based systems: EDT can impact the effort and expense a company
devotes to maintaining records, paper- related supplies, filing cabinets, or other storage
systems and to the personnel required to maintain all of these systems. EDT can also
reduce postage bills because of the amounts of paper that no longer need be sent.
Improved problem resolution and customer service: EDT can minimize the time
companies spend to identify and resolve inter-business problems. EDT can improve
customer service by enabling the quick transfer of business documents and a marked
decrease in errors.
Expanded customer/supplier base: Many large manufacturers and retailers with the
necessary clout are ordering their suppliers to institute an EDT program. However, these
are isolated islands of productivity because they are unable to build bridges to other
companies. With the advent of electronic commerce, the bridge is now available.
Explain the legal and security aspects of EDI
Since in the case of EDT, we are dealing with trade between countries and company,
issues of legal admissibility and computer security are paramount. However, careful
assessment of the trade-offs must be part of this process and should satisfy legal
requirements.
1)Legal status of EDI Messages: There has been considerable debate concerning the
legal status of EDT messages and electronic messages in general. No rules exist that
indicate how electronic messages may be considered binding in business or other

related transactions. The establishment of such a framework is essential if EDT is to


become widespread.
2)Digital Signatures and EDI: If digital signatures are to replace handwritten
signatures, they must have the same legal status as handwritten signatures. The digital
signature provides a means for a third party to verify that the notarized object is
authentic. Digital signatures should have greater legal authority than handwritten
signatures. If the contract was signed by digital signatures, however, a third party can
verify that not one byte of the contract has been altered.
Name three broad phases of consumers perspective and give categories of
consumers.
1) Pre-purchase Preparative: The pre-purchase preparation phase includes search
and discovery for a set of products in the larger information space capable of meeting
customer requirements and products selection from the smaller set of products based on
attribute comparison.
2) Purchase Consummation: The purchase consummation phase includes mercantile
protocols that specify the flow of information and documents associated with purchasing
and negotiation with purchasing and negotiation with merchants for suitable terms, such
as price, availability, and delivery dates; and electronic payment mechanisms that
integrate payment into the purchasing process.
3) Post-purchase interaction: The post-purchase interaction phase includes customer
service and support to address customer complaints, product returns, and product
defects. Purchase deliberation is defined as the elapsed time between a consumers first
thinking about buying and the actual purchase
Pre-purchase Preparative: Purchase deliberation is defined as the elapsed time
between a consumers first thinking about buying and the actual purchase itself.
Information search should constitute the major part of the duration, but comparison of
alternatives and price negotiation would be included in the continually evolving
information search and deliberation process.
Customer can be categorized into three types:
1. Impulsive buyers: - Who purchase products quickly.
2. Patient buyers: -Who purchase products after making some comparisons.
3. Analytical buyers: - Who do large research before making the decision to purchase
products or services.
Marketing researchers have isolated several types of purchasing:
Specifically planned purchases. The need was recognized on entering the store and
the shopper
bought the exact item planned.
Generally planned purchases. The need was recognized, but the shopper decided instore on the actual
manufacturer of the item to satisfy the need.
Reminder purchases. The shopper was reminded of the need by some store influence.
This shopper is
influenced by in-store advertisements and can substitute products readily.
Entirely unplanned purchases. The need was not recognized entering the store like gift
items.
Purchase Consummation: After identifying the products to be purchased, the buyer
and seller must interact in some way to actually carry out the mercantile transaction. A
mercantile transaction is defined as the exchange of information between the buyer and
seller followed by the necessary payment. There may be many variants of this protocol,
the basic flow remains the same;

they are listed below:


1. Buyer contacts vendor to purchase product or service.
2. Vendor states price.
3. Buyer and vendor may or may not engage in negotiation.
4. If satisfied, buyer authorizes payment to the vendor with an encrypted transaction
containing a digital signature for the agreed price.
5.Vendor contacts his or her billing service to verify the encrypted authorization for
authentication.
6. Billing service decrypts authorization and checks buyers account balance or credit
and puts a hold on the amount of transfer.
7. Billing service gives the vendor the green light to deliver product and sends a
standardized message giving details of transaction.
8. On notification of adequate funds to cover financial transaction, vendor delivers the
goods to buyer or in the case of information purchase provides a crypto key to unlock
the file.
9. On receiving the goods, the buyer signs and delivers receipt. Vendor then tells billing
service to complete the transaction.
10. At the end of the billing cycle, buyer receives a list of transactions. Buyer can then
either deny certain transactions or complain about over billing. Suitable audit or
customer service actions are then initiated depending on the payment scheme.
Post-purchase Interaction: Returns and claims are an important part of the purchasing
process that impact administrative costs, scrap and transportation expenses, and
customer relations. Other complex customer service challenges arise in customized
retailing that we have not fully understood or resolved:
Inventory issues: To serve the customer properly, a company should inform a
customer right away when an item ordered is sold out-not with a rain check or backorder notice several days later. On the other hand, if the item is in stock, a company
must be able to assign that piece to the customer immediately and remove it from
available inventory.
Database access and compatibility issues: Unless the customer can instantly
access all the computers of all the direct-response vendors likely to advertise on the
Information Superhighway on a realtime basis, with compatible software he or she
is not likely to get the kind of service that customers normally get.
Customer service issues: Customers often have questions about the product (color,
size, shipment), want expedited delivery, or have one of a myriad of other things in mind
that can be resolved only by talking to an order entry operator.
What are security strategies and list the security tools.
There is basic security strategies that can be utilized to combat the threats discussed so
for: access to control, integrity, confidentiality, and authentication
Secure Transport Stacks (Secure Transport Protocol):
The internet uses the transport control protocol / Internet protocol (TCP/IP) as the
primary network protocol engine. Each TP packet contains the data that is to be sent to
some endpoint destination. The IP packet consists of a 32 bit source and destination
address optional bit flags, a header checksum, and the data itself. There is guarantee at
the network layer that the IP protocol data units will be received, and even if they are
received, they may not be received in any particular order. We cannot solely rely on the
source address to validate the identity of the user who sent the packet. TCP provided
retransmission of lost or corrupted protocol data units into their original order of
transmission. Each packet contains a sequence number which is what TCP uses to sort

the protocol data units. The acknowledgement number is the sequence number of the
last packet transmitted. The two most prominent secure transmission protocols for
secure Web communication are:
Secure Sockets Layer: SSL is an encrypted communication protocol that we use to
implement security by switching a website into the secure mode. SSL prevents
transactions between a company and its customers from packet-sniffing attacks. The
protocol allows client/server applications to communicate in a way that data
transmissions cannot be altered. The strength of SSL is that it is applicationindependent. HTTP, telnet, and FTP can be placed on top of SSL transparently. SSL
provides channel security through encryption and reliability through a message integrity
check.
SSL uses three-part process. First, information is encrypted to prevent unauthorized
disclosure. Second, the information is authenticated to make sure that the information is
being sent and received by the correct party. Finally, SSL provides message integrity to
prevent the information from being altered during interchanges between the source and
sink.
SSL depends on RSA encryption for exchange of the session key and client/server
authentication and for various other cryntographic algorithms. The length of key can vary
between 40 to 1024 bits. The information is sent to the company, which then uses a
private key to decrypt the information. The process is transparent to customers; hence it
is easy to use: the shoppers enter their credit card numbers, SSL encrypts them and
sends the encrypted files to the merchant; the transmission proceeds as soon as SSL
decrypts the files.
Secure HTTP (S-HTTP: S-HTTP sets up security details with special packet headers
that are exchanged in S-HTTP. The headers define the type of security techniques,
including the use of private-key encryption, server authentication, client authentication,
and message integrity. A secure envelope encapsulates a message and provides
secrecy, integrity, and client/server authentication.
S-HTTP provides a number of security features. These include:
Client and server authentication
Spontaneous encryption
What are the approaches for enterprise level security.
A firewall is a security mechanism that allows users with special rights to access a
protected network. Illegal users are denied access to the protected websites on the
Internet. It is important to note that a firewall can only prevent the corporate data against

user threats, but it cannot protect against viruses.


Firewalls are mainly used to protect sites that involve financial transactions. A selection
basis is applied while granting access to external users. The selection procedure is
based on the user name and password, Internet Protocol (IP) address, or domain name.

For example, a vendor could permit entry to its website through the firewall only to those
users with specific domain names belonging to customer companies.
Firewalls are classified into three main categories: 1. Packet filters: Packet filtering at the
network layer can be use as a first defense. Basic filtering comes as part of most routers
software. Each packet is either forwarded or dropped based on its source address
destination address, or a defined (TCP) port. Configuring a filter involves some
determination of what services/ addresses should and should not be permitted to access
the network or server.2. Application level gateways: An application-level gateway
provides a mechanism
for filtering traffic for various applications. The administrator defines and implements
code specific to applications or services used by the users site. Services or users that
can compromise the network security can then e restricted. To counter some
weaknesses associated with packet filtering routers, firewalls utilize software
applications to forward and filter connections for services such as Telnet, FTP, and
HTTP. 3. Proxy servers: A proxy server terminates a users connection (by application)
and sets up a new connection to the ultimate destination on behalf of the user, proxying
for the user. A user connects with a port on the proxy; the connection is routed through
the gateway to a destination port, which is routed to the destination address.
B5
Name any four issues addressed in a e- payment system? Despite cost and
efficiency gains, many hurdles remain to the spread of electronic payment systems.
These
include several factors, many non-technical in nature that must be addressed before any
new payment method
can be successful.
Privacy: A user expects to trust in a secure system
Security: A secure system verifies the identity of two-party transaction through user
authentication
and reserves flexibility to restrict information / service through access control.
Intuitive interface: The payment interface must be as easy to use as a telephone.
Generally speaking,
users value convenience more than anything.
Database integration: With home banking, for example, a customer wants to play with
all his accounts.
To date, separate accounts have been stored on separate databases.
Brokers: A network banker someone to broker goods and services, settle conflicts,
and facilitate
financial transactions electronically must be in place.
Pricing: One fundamental issue is how to price payment system services.
Standard: Without standards, the welding of different payment users into different
networks and
different systems is impossible. Standards enable interoperability, giving users the ability
to buy and receive
information, regardless of which bank is managing their money.
None of these hurdles are intractable. The biggest question concerns how customers will
take to a paperless and (if not cashless) less-cash world.

Explain any four components of EDI implementation.


EDT implementation starts with an agreement between a company and its trading
partner. The data moves without much interference to the trading partners application,
with no additional steps to slow the process. Both parties exchange message based on
a structured format each type of message; a standard format has been agreed on by the
exchanging parties.
The basic kit necessary for EDT implementation are:
Common EDT standards dictate syntax and standardize on the business language.
EDT standards basically specify transaction sets complete sets of business
documents.
Translation software sends messages between trading partners, integrates data into
and from existing computer applications, and translates among EDT message
standards.
Trading partners are a firms customers and suppliers with whom business is
conducted.
Banks facilitate payment and remittance.
EDT Value -Added Network services (VANs). A VAN is a third-party service provider
that manages data communications networks for businesses that exchange electronic
data with other businesses.
Proprietary hardware and networking if it is a hub company. Hubs, also called
sponsors, are large companies, very active in EDT, that facilitate their business partners
use of EDT. An important feature of EDT is that software evaluates and processes
structured messages. The information system then proceeds to act upon the message.
How does the commerce and e-commerce are related.
Concept of Commerce and E-Commerce: -Commerce is normally associated with the
buying and selling of items. Commerce is one of the oldest activities of human beings
and the concept of traders selling and buying items is a part of history. Markets are a
common place where the buyers and sellers meet along with their products. Money is
also an essential part of the market place. The concept of money, we have several
concepts of banking, various methods of representing and transferring money like
cheques, MOUs, Drafts etc.
The key element of e-commerce is information processing. Every stage of commerce,
except of route production of goods and their physical delivery can be automated. The
tasks that can be automated include information gathering, processing, and manipulation
and information distribution.
What is meant by integrity of data ? Explain the encryption Algorithm on which
SSL depends.
Data integrity is data that has a complete or whole structure. All characteristics of the
data including business rules, rules for how pieces of data relate, dates, definitions and
lineage must be correct for data to be complete.
Per the discipline of data architecture, when functions are performed on the data the
functions must ensure integrity. Examples of functions are transforming the data, storing
the history, storing the definitions (Metadata) and storing the lineage of the data as it
moves from one place to another. The most important aspect of data integrity per the
data architecture discipline is to expose the data, the functions and the datas
characteristics.
Data that has integrity is identically maintained during any operation (such as transfer,
storage or retrieval). Put simply in business terms, data integrity is the assurance that
data is consistent, certified and can be reconciled.

In terms of a database data integrity refers to the process of ensuring that a database
remains an accurate reflection of the universe of discourse it is modelling or
representing. In other words there is a close correspondence between the facts stored in
the database and the real world it models
A Web server that utilizes security protocols like SSL to encrypt and decrypt data,
messages, and online payment gateways to accept credit cards, to protect them against
fraud, false identification, or third party tampering. Purchasing from a secure Web server
ensures that a users credit card information, or personal information can be encrypted
with a secret code that is difficult to break. Popular security protocols include SSL,
SHTTP, SSH2, SFTP, PCT, and IPSec.

List advantages and disadvantages of internet.


Tnternet is probably one of the greatest inventions of the century. Before we have to go
to the library to do our research work but now, all we have to do is go to Google and do
our research. We can do many things with the internet: we can shop from eBay , chat
with your friends in Facebook or Skype , watch videos in YouTube, earn money from
blogging, and many more!
Internet is really useful and has a lot of advantages, but there are also some
disadvantages of using it. Check out this list of advantages and disadvantages of the
internet:
AdvantagesCommunication : The foremost target of internet has always been the communication.
And internet has excelled beyond the expectations . Still; innovations are going on to
make it faster, more reliable. By the advent of computers Internet, our earth has reduced
and has attained the form of a global village.
Now we can communicate in a fraction of second with a person who is sitting in the other
part of the world. Today for better communication, we can avail the facilities of e-mail; we
can chat for hours with our loved ones. There are plenty messenger services in offering.
With help of such services, it has become very easy to establish a kind of global
friendship where you can share your thoughts, can explore other cultures of different
ethnicity.
Information: Information is probably the biggest advantage internet is offering. The
Internet is a virtual treasure trove of information. Any kind of information on any topic
under the sun is available on the Internet. The search engines like Google, yahoo is at
your service on the Internet. You can almost find any type of data on almost any kind of
subj ect that you are looking for. There is a huge amount of information available on the
internet for just about every subj ect known to man, ranging from government law and
services, trade fairs and conferences, market information, new ideas and technical
support, the list is end less.
Students and children are among the top users who surf the Internet for research. Today,
it is almost required that students should use the Internet for research for the purpose of
gathering resources. Teachers have started giving assignments that require research on
the Internet. Almost every coming day, researches on medical issues become much
easier to locate. Numerous web sites available on the net are offering loads of
information for people to research diseases and talk to doctors online at sites such as,
Americas Doctor. During 1998 over 20 million people reported going online to retrieve
health information.
Entertainment: Entertainment is another popular raison dtre why many people prefer

to surf the Internet. In fact, media of internet has become quite successful in trapping
multifaceted entertainment factor. Downloading games, visiting chat rooms or just surfing
the Web are some of the uses people have discovered. There are numerous games that
may be downloaded from the Internet for free. The industry of online gaming has tasted
dramatic and phenomenal attention by game lovers. Chat rooms are popular because
users can meet new and interesting people. In fact, the Internet has been successfully
used by people to find life long partners. When people surf the Web, there are numerous
things that can be found. Music, hobbies, news and more can be found and shared on
the Internet.
Services: Many services are now provided on the internet such as online banking, job
seeking, purchasing tickets for your favorite movies, guidance services on array of topics
engulfing the every aspect of life, and hotel reservations. Often these services are not
available off-line and can cost you more.
E-Commerce: Ecommerce is the concept used for any type of commercial
maneuvering, or business deals that involves the transfer of information across the globe
via Internet. It has become a phenomenon associated with any kind of shopping, almost
anything. You name it an Ecommerce with its giant tentacles engulfing every single
product and service will make you available at your door steps. It has got a real amazing
and wide range of products from household needs, technology to entertainment.
Disadvantages
Theft of Personal information
If you use the Internet, you may be facing grave danger as your personal information
such as name, address, credit card number etc. can be accessed by other culprits to
make your problems worse.
Spamming: Spamming refers to sending unwanted e-mails in bulk, which provide no
purpose and needlessly obstruct the entire system. Such illegal activities can be very
frustrating for you, and so instead of just ignoring it, you should make an effort to try and
stop these activities so that using the Internet can become that much safer.
Virus threat: Virus is nothing but a program which disrupts the normal functioning of
your computer systems. Computers attached to internet are more prone to virus attacks
and they can end up into crashing your whole hard disk, causing you considerable
headache.
Pornography: This is perhaps the biggest threat related to your childrens healthy
mental life. A very serious issue
concerning the Internet. There are thousands of pornographic sites on the Internet that
can be easily found and can be a detrimental factor to letting children use the Internet.
In short answer
The advantages of
using internet communication are that
* can callibrate easily with people
* its easy to access with just one click
* we have the ability to link to peapole and places immediately
The disadvantages of using Internet communication are that
* not everyone have the access to the Internet
* it requires a specialist staff
The disadvantages of using the Internet in general are
* young children have access to porn
* anyone can easily access instructions on making bombs, guns, silencers, or other
dangerous materials.
*anyone can find information on committing an almost untraceable murder

*anyone can find anything, no matter how illegal

List the six layers of E-Commerce architecture and what are the four types of
Purchases.
The electronic commerce application architecture consists of six layers of functionality or
services:
(1) Applications Services: The application services layer of e-commerce will be
comprised of existing and hope applications built on the native architecture.
Three district classes of electronic commerce applications can be famous:
a) Customer-to- business: Customers learn about products differently through electronic
publishing, buy them using electronic cash and secure payment systems, and have them
delivered differently.
b) Business-to-business: Businesses, governments, and other organizations depend on
computer-to-computer communication as a fast, an economical, and a reliable way to
conduct business transactions. Small companies are also beginning to see the benefits
of adopting the similar methods.
c) Intra-oranization:
A Company becomes market driven by dispersing throughout the firm information about
its customers and competitors. To maintain the relationships that are critical to delivering
superior customer value, management must pay close attention to service, both before
and after sales.
(2) Brokerage services, data or transaction management: The information brokerage
and management layer provides service integration through the concept of information
brokerages, the development of which is necessitated by the increasing information
resource fragmentation. The concept of information brokerage to represent an
intermediary who provides service integration between customers and information
providers, given some constraint such as a low price, fast service, or profit maximization
for a client. In foreign exchange trading, information is retrieved about the latest currency
exchange rates in order to hedge currency holdings to minimize risk and maximize profit.
The brokerage function is the support for data management and traditional transaction
services. Brokerages may provide tools to accomplish more sophisticated, time- delayed
updates or future- compensating transactions.
(3) Interface and support layers: Interface and support services, will provide interfaces
for electronic commerce applications such as interactive catalogs and will support
directory services job needed for information search and access. Interactive catalogs
are the modified interface to consumer applications such as home shopping. An
interactive catalog is an extension of the paper-based catalog and incorporates
additional features. The primary difference between the two is that unlike interactive
catalogs, which deal with people, directory support services interact directly with
software applications. For this reason, they need not have the multimedia flash and
ballet generally associated with interactive catalogs.
(4) Secure messaging, security, and electronic document interchange: The
importance of the fourth layer, secured messaging, is clear. Messaging is the software
that sits between the network infrastructure and the clients or e-commerce applications,
masking the peculiarities of the environment. Messaging products are not applications
that solve problems; they are more enablers of the applications that solve problems. The
main disadvantages of messaging are the new types of applications it enables which

appear to be more complex, especially to traditional programmers and the jungle of


standards it involves. Also, security, privacy, and confidentiality through data encryption
and authentication techniques are important issues that need to be resolved.
5) Middleware and structured document interchange: Middleware is a relatively new
concept. With the growth of networks, client-server technology, and all other forms of
communicating between / among unlike platforms, the harms of getting all the pieces to
work together grew. Middleware is the ultimate mediator between diverse s/w programs
that enables them talk to one another. Middleware is the computing shift from application
centric to data centric.
(6) Network infrastructure and
basic communications services: Transparency implies that users should be unaware
that they are accessing multiple systems. Transparency is essential for dealing with
higher-level issues than physical media and interconnection that the underlying network
infrastructure is in charge of. Transparency is accomplished using middleware that
facilitates a distributed computing environment. The goal is for m the applications to
send a request to the middleware layer, which then satisfies the request any way it can,
using remote information.
Marketing researchers have isolated several types of purchasing:
Specifically planned purchases. The need was recognized on entering the store and
the shopper
bought the exact item planned.
Generally planned purchases. The need was recognized, but the shopper decided instore on the actual
manufacturer of the item to satisfy the need.
Reminder purchases. The shopper was reminded of the need by some store influence.
This shopper is
influenced by in-store advertisements and can substitute products readily.
Entirely unplanned purchases. The need was not recognized entering the store like gift
items.
Explain the primary elements of SCM.
Logistics, integrated marketing and agile manufacturing.
Logistics is a fairly new order that deals with the mixing of materials management and
physical distribution. Logistics and SCM are sometimes interchanged, think of SCM as
an umbrella that incorporates the logistics function. Over the years areas such as
materials management and distribution have evolved into logistics, which in turn has
become one integral component of SCM.
Most managers often dont realize that order dispensation and finishing processes may
exceed 15 percent of the cost of sales. In electronic commerce, the order process could
be initiated by marketing information systems such as point-of-sale systems. Today, with
the aid of technology, we are able to integrate the customer directly and react to
changes in demand by modifying the supply chain.
Agile manufacturing: Consumers and manufacturers are stressing quality and speed.
One of the most important visions of production goes by the name of nimble
manufacturing.
B6
Explain horizontal and vertical organization.
a) The Vertical organization: The vertical approach to corporate management poses
two problems to smooth operations. First, it creates boundaries that discourage

employees in different departments from interacting with one another. Second,


departmental goals are typically set in a way that could cause friction among
departments. For instance, goals for sales are typically set to maximize sales and pay
little attention to account collection or service delivery.
The vertical organization allows gaps to exist between employees from different
departments and lacks a channel to facilitate interaction and communication. The lower
level in the hierarchy, the larger the gap. These gaps expand with geographic dispersion
and corporate growth. Problems can result when a need arises for two departments to
communicate at the lower level. This structure consumes time and resources, and the
lack of communication channels and practices clearly contributes to misunderstanding
and frustration among departments. Finally, three key ingredients are missing from the
vertical organizations chart: The product, the process, and the customer
b) The Horizontal Organization:_The principal goal of horizontal management is to
facilitate the smooth transition of intermediate products and services through its various
functions to the customer. This is achieved by empowering employees, improving
communication, and eliminating unnecessary work. The importance of having a clear
view of how products and services flow from one department to another eventually, to
the customer is apparent. The structure of a horizontal organization is two-tiered instead
of multilayered, as seen in vertical organizations: a core group of senior management
responsible for strategic decisions and policies, and a stratum of employees in process
teams. The objective of a horizontal structure is to change the staffs focus from
coordinating and reporting to improving flow managements and work quality and
increasing value for customers. The horizontal structure eliminates the need to devote
resources to vertical communication. However, there is an increased need for
coordination of the various parties involved.
What is non-repudiation? List the four basic goals of electronic security.
A person cannot deny after having sent I received a message.
Non-repudiation of origin -The ability to identify who sent the information
originally versus which intermediary forwarded it.
Nonrepudiation of receipt-The ability to identify that the information was received by the
final addressed destination in a manner that cannot be repudiated. The information has
been opened and interpreted to some degree.
Nonrepudiation of delivery - The ability to identify whether the information was delivered
to an appropriate in a manner if cannot repudiate.
Computer security has several fundamental goals. They are following:
1. Privacy: Keep private documents private, using encryption, passwords, and accesscontrol systems.
2. Integrity: Data and applications should
be safe from modification without the owners consent.
3. Authentication: Ensure that the people using the computer are the authorized users
of that system.
4. Availability: The end system (host)
and data should be available when needed by the authorized user.
What is VAN? Explain the functions of VAN.
A VAN is a communications network that typically exchanges EDT messages among
trading partners. It also provides other services, including holding messages in
electronic mailboxes, interfacing with other VANs and supporting many
telecommunications modes and transfer protocols. A VANs electronic mailbox is a
software feature into which a user deposits EDT transactions and then retrieves those

messages when convenient. It works much like residential personal mailboxes, and it
allows everybody involved to be flexible and cost-effective.
What is E-Commerce ? Name two stages of commerce that cannot be automated.
The key element of e-commerce is information processing. Every stage of commerce,
except of route
production of goods and their physical delivery can be automated. The tasks that can be
automated include
information gathering, processing, and manipulation and information distribution.
The following categories of operations came under e- commerce:
1) Transactions between a supplier/a shopkeeper and a buyer or between two
companies over a public
network like the service provider network (like ISP). With suitable encryption of data and
security for
transaction, entire operation of selling/buying and settlement of accounts can be
automated.
2) Transactions with the trading partners or between the officers of the company located
at different
locations.
3) Information gathering needed for market research.
4) Information processing for decision making at different levels of management.
5) Information manipulation for operations and supply chain management.
6) Maintenance of records needed for legal purposes, including taxation, legal suits etc.
7) Transactions for information distributions to different retailers, customers etc. including
advertising,
sales and marketing.
The uses of computers in these areas not only make the operations quicker, but also
error free and provides for consolidated approach towards the problem. It is not that the
concept of e-comnierce is totally without side effects. There are several areas of security,
safety against fraud etc., the concept of legal acceptance that is however to be solved.
Production of goods and delivery of goods.

List any two tangible benefits of EDI.


EDI - Electronic Data Interchange. It helps trading partners to establish communication
between their computers. The communication can be as simple as a floppy I CD but
normally we talk of an electronic connection. EDT communication information pertinent
for business transactions between the computer system of transaction between the
computer system of companies, govt, organizations, small business and banks.
Tangible benefits of EDT:
0 Reduced paper based systems: - EDT can impact the effort and expense a
company devotes to maintaining records, paper related supplies, filling cabinets, or
other
storage system and to the personal required to maintain all of these system.
0 Tmproved problem resolution and customer service: EDT can minimize the time
companies spend to identify and resolve interbussines problem.
0 Expanded customer! supplier base: Many large manufacturers and retailers with the
necessary clout are ordering their supplier to institute an EDT program.. The issues that
are yet to be tackled are: Issue of legal, admissibility and computer security is

paramount.
Explain four objectives of SET and what are the seven major business
requirements addressed by SET.
At this juncture, the industry is counting on SET to accelerate internet electronic
commerce. SET is becoming the de facto standard for security. Depicts its operation.
The following list depicts key functions of the specification.
*Provide for confidential payment information and enable confidentiality of order
information that is transmitted with payment information
* Ensure integrity for all transmitted data
* Provide authentication that a buyer is a legitimate user of a branded (e.g. Visa, Master
Card, American Express) bankcard account.
* Provide authentication that a merchant can accept bank card payments through its
relationship with an appropriate financial institution.
* Ensure the use of the best security practices and design techniques to protect all
legitimate
parties in an electronic commerce transaction.
* Ensure the creation of a protocol that is neither department on transport security
mechanismsmno prevents their use.
* Facilitate and encourage interoperability across software and network providers.
What are the two desirable properties in any e-transaction ? Name any four issues
addressed in a e-payment system.
A recently proposed abstraction, called e-Transaction (exactly-once Transaction),
specifies a set of properties capturing end-to-end reliability aspects for three-tier Webbased systems. In this paper we propose a distributed protocol ensuring the eTransaction properties for the general case of multiple, autonomous back- end
databases. The key idea underlying our proposal consists in distributing, across the
back-end tier, some recovery information reflecting the transaction processing state. This
information is manipulated at low cost via local operations at the database side, with no
need for any form of coordination among asynchronous replicas of the application server
within the middle-tier. Compared to existing solutions, our protocol has therefore the
distinguishing features of being both very light and highly scalable. The latter aspect
makes our proposal particularly attractive for the case of very high degree of replication
of the application access point, with distribution of the replicas within infrastructures
geographically spread on public networks over the Internet (e.g., Application Delivery
Networks), namely, a configuration that also provides the advantages of reduced user
perceived latency and increased system availability.
What in the role of encryption in data transfer? List the various encryption
Techniques.
Introduction Often there has been a need to protect information from prying eyes. In
the electronic age, information that could otherwise benefit or educate a group or
individual can also be used against such groups or individuals. Industrial espionage
among highly competitive businesses often requires that extensive security measures be
put into place. And, those who wish to exercise their personal freedom, outside of the
oppressive nature of governments, may also wish to encrypt certain information to avoid
suffering the penalties of going against the wishes of those who attempt to control. Still,
the methods of data encryption and decryption are relatively straightforward, and easily
mastered. I have been doing data encryption since my college days, when I used an

encryption algorithm to store game programs and system information files on the
university mini-computer, safe from prying eyes. These were files that raised eyebrows
amongst those who did not approve of such things, but were harmless [we were always
careful NOT to run our games while people were trying to get work done on the
machine]. I was occasionally asked what this rather large file contained, and I once
demonstrated the program that accessed it, but you needed a password to get to certain
files nonetheless. And, some files needed a separate encryption program to decipher
them.
Methods of Encrpyting Data
Traditionally, several methods can be used to encrypt data streams, all of which can
easily be implemented through software, but not so easily decrypted when either the
original or its encrypted data stream are unavailable. (When both source and encrypted
data are available, code-breaking becomes much simpler, though it is not necessarily
easy). The best encryption methods have little effect on system performance, and may
contain other benefits (such as data compression) built in. The well-known PKZIP
utility offers both compression AND data encryption in this manner. Also DBMS
packages have often included some kind of encryption scheme so that a standard file
copy cannot be used to read sensitive information that might otherwise require some
kind of password to access. They also need high performance methods to encode and
decode the data.
With the help of a diagram explain horizontal and vertical oranization.
a) The Vertical organization: The vertical approach to corporate management poses
two problems to smooth operations. First, it creates boundaries that discourage
employees in different departments from interacting with one another. Second,
departmental goals are typically set in a way that could cause friction among
departments. For instance, goals for sales are typically set to maximize sales and pay
little attention to account collection or service delivery. The vertical organization allows
gaps to exist between employees from different departments and lacks a channel to
facilitate interaction and communication. The lower level in the hierarchy, the larger the
gap. These gaps expand with geographic dispersion and corporate growth. Problems
can result when a need arises for two departments to communicate at the lower level.
This structure consumes time and resources, and the lack of communication channels
and practices clearly contributes to misunderstanding and frustration among
departments. Finally, three key ingredients are missing from the vertical organizations
chart: The product, the process, and the customer.
b) The Horizontal Organization: The principal goal of horizontal management is to
facilitate the smooth transition of intermediate products and services through its various
functions to the customer. This is achieved by empowering employees, improving
communication, and eliminating unnecessary work. The importance of having a clear
view of how products and services flow from one department to another eventually, to
the customer is apparent. The structure of a horizontal organization is two-tiered instead
of multilayered, as seen in vertical organizations: a core group of senior management
responsible for strategic decisions and policies, and a stratum of employees in process
teams. The objective of a horizontal structure is to change the staffs focus from
coordinating and reporting to improving flow managements and work quality and
increasing value for customers. The horizontal structure eliminates the need to devote
resources to vertical communication. However, there is an increased need for
coordination of the various parties involved.

Explain its importance in E-commerce.


Electronic commerce,
or Ecommerce, which literally means business trading through the Internet, has been
around the globe since mid 90s. However, until the recent few years, Ecommerce is
getting more and more attention from entrepreneur and consumers, both local and
international. One of the main reasons is due to the highly successful operations of
some well known names on the Internet, such as eBay, Yahoo and Dell. The sales
revenue these companies shown in their annual reports are without doubt, one of the
biggest factors why
Ecommerce is important in the commercial market nowadays.
Ecommerce proved its importance based on the fact where time is essence. In the
commercial markets, time plays an important role to both the business and consumers.
From the business perspective, with less time spent during each transaction, more
transaction can be achieved on the same day. As for the consumer, they will save up
more time during their transaction. Because of this, Ecommerce steps in and replaced
the traditional commerce method where a single transaction can cost both parties a lot of
valuable time. With just a few clicks in minutes, a transaction or an order can be placed
and completed via the internet with ease. For instance, a banking transaction can be
completed through the Internet within a few minutes compared to the traditional banking
method which may take up to hours. This fact obviously proves that Ecommerce is
beneficial to both business and consumer wise as payment and documentations can be
completed with greater efficiency. From the business viewpoint, Ecommerce is much
more cost effective compared to traditional commerce method. This is due to the fact
where through Ecommerce, the cost for the middleperson to sell their products can be
saved and diverted to another aspect of their business. One example is the giant
computer enterprise, Dell, which practice such a method by running most of their
business through internet without involving any third parties. Aside from that, marketing
for Ecommerce can achieve a better customer to cost ratio as putting an advertisement
on the internet is comparably much cheaper than putting up a roadside banner or filming
a television commercial. For Ecommerce, the total overheads needed to run the
business is significantly much less compared to the traditional commerce method. The
reason due to that is where most of the cost can be reduced in Ecommerce. For
example, in running an Ecommerce business, only a head office is needed rather than a
head office with a few branches to run the business. In addition to that, most of the cost
for staff, maintenance, communications and office rental can be substitute by a single
cost, web hosting for the Ecommerce business. To both the consumers and business,
connectivity plays an important part as it is the key factor determining the whole
business. From the business point of view, Ecommerce provides better connectivity for
its potential customer as their respective website can be accessed virtually from
anywhere through Internet. This way, more potential customers can get in touch with the
companys business and thus, eliminating the limits of geographical location. From the
customer standpoint, Ecommerce is much more convenient as they can browse through
a whole directories of catalogues without any hassle, compare prices between products,
buying from another country and on top of that, they can do it while at home or at work,
without any necessity to move a single inch from their chair. Besides that, for both
consumers and business, Ecommerce proves to be more convenient as online trading
has less red tape compared to traditional commerce method.
In global market sense, the appearance of Ecommerce as a pioneer has opened up
various windows of opportunities for a variety of other companies and investors. For
instance, due to the booming of Ecommerce, more and more resources are being
directed into electronic securities, internet facilities, business plans and new

technologies. In result of this phenomenon, a variety of new markets have emerged from
Ecommerce itself giving a boost to the global market.
B7

What is the purpose of Kerberose.


Kerberos is a protocol that allows individuals communicating over an insecure network to
prove their identity to one another in a secure manner. Kerberos prevents replay attacks
and ensures the integrity of the data. Kerberos works on client-server model and it
provides mutual authentication, both the user and the service verify each others identity.
Kerberos is built on synimetric key cryptography and requires a trusted third party. Tt
offers more security. It can work with any client logon method. It uses the standard
Microsoft policy control. It is platform independent. Kerberos uses a trusted third-party
authentication scheme, in which users and hosts rely on the third party to bear the
burden of trust both the hosts and users trust the third party and not each other.
Some of the design principles of Kerberos are as follows: * Both one-way and two-way
authentications are supported. * Authentication should be achieved without transmitting
unencrypted passwords over a network. * No unencrypted passwords should be stored
in the KDC. * Clear text passwords entered by client users should be retained in memory
for the shortest time possible, and then destroyed. * Authentication compromises that
might occur should be limited to the length of the users current login session. * Each
authentication should have a finite lifetime, lasting about as long as a typical logic
session.
What is the role of encryption in data transfer? Name any two concepts of TV
based home entertainment.
Role of encryption in data transferHome entertainment: - The next example of this type of commerce is home
entertainment. Dubbed on line movies, it is possible for the user to select a movie/CD
online and make his cable operator play the movie exclusively for him (movie on
demand) cause against payment like Tata Sky. Payment can be either online/ payable to
his account. It is also possible to play interactive games online/download them to your
computer to play. The concept of downloading games/news etc. At a cost to the mobiles
is also a similar concept. It may be noted that in all these cases, the physical movement
of the customer/trader is avoided; of course, the computer need not always be a part of
the deal.
What are the main types of EDI access method?
Three main types of EDT access methods are available:
1) Direct dial or modem to modem connection:
Direct-dial systems are by far the simplest and most common.
The user has direct access to partners modem and communicates by using the
modem to dial the modem of the other party.
A direct computer-to-computer transfer of documents through a modem.
2) Limited third-party value-added network services:
Limited VANs are regional and international communications services similar to those
used with email.

These VANs often provide only the very basic technical services such as protocol
conversion and data
error detection and correction, directing and delivering EDT traffic to thousands of buyers
and sellers.
3) Full-service third-party VANs:
Full third-party services provide more than just communication between two or more
parties.
Electronic mailboxes and associated extra features are the heart of these third-party
services.
Extra features include access control for security and document tracking, which allows
users to track
their own documents as they pass though the system.
This feature supports audit needs.
A third-party network can also provide a gateway to interconnect with other third-party
networks.
Explain the three broad phases of consumers perspective?
The business process model from a consumers perspective consists of seven activities
that can be grouped into three phases: pre-purchase phase, purchase consummation,
and post-purchase interaction.
1) Pre-purchase Preparative: The pre-purchase preparation phase includes search
and discovery for a set of products in the larger information space capable of meeting
customer requirements and products selection from the smaller set of products based on
attribute comparison.
2)Purchase
Consummation: The purchase consummation phase includes mercantile protocols that
specify the flow of information and documents associated with purchasing and
negotiation with purchasing and negotiation with merchants for suitable terms, such as
price, availability, and delivery dates; and electronic payment mechanisms that integrate
payment into the purchasing process
3) Postpurchase interaction: The post-purchase interaction phase includes customer service
and support to address customer complaints, product returns, and product defects.
Purchase deliberation is defined as the elapsed time between a consumers first thinking
about buying and the actual purchase itself.
Name of few operations performed by e-commerce?
1) Transactions between a supplier/a shopkeeper and a buyer or between two
companies over a publicnetwork like the service provider network (like ISP). With
suitable encryption of data and security fortransaction, entire operation of selling/buying
and settlement of accounts can be automated.
2) Transactions with the trading partners or between the officers of the company located
at different locations.
3) Information gathering needed for
market research.
4) Information processing for decision making at
different levels of management.
5)
Information manipulation for operations and supply chain management.
6) Maintenance of records needed for legal purposes, including taxation, legal suits etc.
7) Transactions for information distributions to different retailers, customers etc. including
advertising,sales and marketing.

Explain any seven business requirements?


There are seven major business requirements addressed by SET:
1. Provide confidentiality of payment information and enable confidentiality or order
information that is
transmitted along with the payment information.
2. Ensure integrity for all transmitted data.
3. Provide authentication that a cardholder is a legitimate user of a branded payment
card account.
4. Provide authentication that a merchant can accept branded payment card
transactions through its
relationship with an acquiring financial institution. 5. Ensure the use of the best security
practices and system design techniques to protect all legitimate parties of an electronic
commerce transaction.
6. Ensure the creation of a protocol that is neither dependent on transport security
mechanisms nor prevents their use.
7. Facilitate and encourage interoperability across software and network providers.
What are the two approaches of virtual organization.
The virtual organization is defined as being closely coupled upstream with its suppliers
and downstream with its customers such that where one begins and the other ends
means little to those who manage the business processes within the entire organization.
In simplest terms, it is an organization having the essence or effect of a traditional
corporation without the structure or appearance of one. In the virtual organization, each
separate firm retains authority in major budgeting and pricing matters and functions as
part of a greater organization coordinated by a core firm acting as integrator of the
actions done by the various partners. Interdependence among partners differentiates the
virtual corporation from the traditional hierarchy. Companies adept at coordinating and
maximizing the capabilities of suppliers will gain more control over key elements of time
from overall order to shipment lead time to product specific cycle time. In addition, full
fledged alliances that tap the resources of multiple parties will effectively slash productor process- development time.
push and pull.
List the activities of banking system for business.
The concepts under basic banking services are what a normal customer would be
transacting with his bank most of the time. They are mainly related to personal finances.
It can safely be presumed that most of normal transactions that a customer has with his
bank can be classified into the following.
i. Checking his accounts statements
ii. Round the clock banking (ATM)
iii. Payment of bills etc.
iv. Fund transfer and
v. Updating of his pass books etc.
Can the digital signature fully replace handwritten signature?
The cryptographic community is exploring various technical uses of digital signatures by
which messages might be time-stamped or digitally notarized to establish dates and
times at which a recipient might claim to have had access or even read a particular
message. If digital signatures are to replace handwritten signatures, they must have the
same legal status as handwritten signatures. The digital signature provides a means for
a third party to verify that the notarized object is authentic. Digital signatures should have

greater legal authority than handwritten signatures. For instance, if a ten-page contract is
signed by hand on the tenth page, one cannot be sure that the first nine pages have not
been altered. If the contract was signed by digital signatures, however, a their party can
verify that not one byte of the contract has been altered. Without such a framework, it is
hard to see how EDT can fulfill the role envisioned for it in the future.
Why are information brokerages needed? Explain with an example.
The information brokerage and management layer provides service integration through
the concept of information brokerages, the development of which is necessitated by the
increasing information resource fragmentation. The concept of information brokerage to
represent an intermediary who provides service integration between customers and
information providers, given some constraint such as a low price, fast service, or profit
maximization for a client. In foreign exchange trading, information is retrieved about the
latest currency exchange rates in order to hedge currency holdings to minimize risk and
maximize profit. The brokerage function is the support for data management and
traditional transaction services. Brokerages may provide tools to accomplish more
sophisticated, time-delayed updates or future- compensating transactions.
Explain Public Key.
Public Key cryptography, also known as asymmetric cryptography, uses two keys:
one key to encrypt the message and the other key to decrypt the message. The two
keys are mathematically related such that data encrypted with either key can only be
decrypted using the other. Each user has two keys: a public key and a private key. The
user distributes the public key. Because of the relationship between the two keys, the
user and anyone receiving the public key can be assured that data encrypted with the
public key and sent to the user can only be decrypted by the user using the private key.
This assurance is only maintained if the user ensures that the private key is not
disclosed to another. Therefore, the key pair should be generated by the usr. The best
known public-key cryptography algorithm is RSA ( named after its inventors Rivest,
Shamir and Adleman).
On what factors can negotiations take place?
Over money, terms and conditions, delivery dates and evaluation criteria. Negotiation
occurs in business, non-profit organizations, government branches, legal proceedings,
among nations and in personal situations such as marriage, divorce, parenting, and
everyday life. The study of the subject is called negotiation theory . Professional
negotiators are often specialized, such as union negotiators, leverage buyout
negotiators, peace negotiators, hostage negotiators, or may work under other titles, such
as diplomats , legislators or brokers.
What should be covered in the policy.
a) The following is a list of topics that should be covered in this area of the policy.
1) What guidelines you have regarding resource use.
2) What might
constitute abuse
3) Whether users are permitted
to share accounts or let others use their accounts.
4) How users should keep their passwords secret.
5) How often users
should change their passwords and any password restrictions or requirements.
6) Restrictions on disclosure of information that may be proprietary. 7) Statement or
electronic mail privacy.
8) Policy on electronic
communications, mail forging, and so on.
9) The organizations policy

concerning controversial mail or postings to mailing lists or discussion groups.


What is the need for seamless connections? Define a Software Agent.
A seamless connection to the marketplace: It is obvious that each customer will be
operating with a different type of computer, software, connectivity etc. There should be
available standards sot that any of
these costumers will be able to attach himself to any of the markets without changing his
hardware/software/interfaces etc.
Software agents are used to implement information brokerages. Agents are
encapsulations of users instructions that perform all kinds of tasks in electronic
marketplaces spread across networks. Information brokerages dispatch agents capable
of information resource gathering, negotiating deals and performing transactions.
What is EFT ? List any four components of EDI implementation.
Electronic Funds Transfer is the automatic transfer of funds among banks and other
organizations.
EDT implementation starts with an agreement between a company and its trading
partner. The data moves without much interference to the trading partners application,
with no additional steps to slow the process. Both parties exchange message based on
a structured format each type of message; a standard format has been agreed on by the
exchanging parties.
Describe the VAN pricing system.
VANs bill in various ways for services rendered. Typically, customers can pick and
choose from an array of
VAN service and be billed accordingly. These services may include EDT translation
software and support,
EDT to fax support, email capability, inter-VAN connectivity, and, most commonly,
transmission of X. 12
documents.
What are the basic types of physical data security and threats to data.
Data integrity and Data availability
Data Integrity
Abstract resource such as information is usually more difficult than providing physical
security. Data integrity is critical; so is data availability. Because information can in
principle be copied as it passes across a network, protection must also prevent
unauthorized read/write/delete; that is, network security must include a guarantee of
privacy.
What is the need for open EDI?
The increased interest in open EDT is a result of discontent with traditional EDT. Open
EDT is a business process for automating the operation of the law of contract within the
context of electronic commerce where transactions are not repeated or sustained over a
long period of time. The aid revisions and aids in more speedy agreement on a final
version.
B8

También podría gustarte