Ecmon 0.5


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ecmon 0.5

  1. 1.
  2. 2. Pieces of the E-commerce Site-Building Puzzle<br />Copyright © 2004 Pearson Education, Inc.<br />
  3. 3. The Systems Development Life Cycle<br />Systems Development Life Cycle (SDLC) is a methodology for understanding the business objectives of a system and designing an appropriate solution<br />Five major steps in the SDLC are:<br /><ul><li>Systems analysis/planning
  4. 4. Systems design
  5. 5. Building the system
  6. 6. Testing
  7. 7. Implementation</li></ul>Slide 4-3<br />
  8. 8. Web Site Systems Development Life Cycle<br />Slide 4-4<br />
  9. 9. A Logical Design for a Simple Web Site<br />
  10. 10. Choices in Building and Hosting<br />Figure 4.4, Page 203<br />Copyright © 2004 Pearson Education, Inc.<br />Slide 4-6<br />
  11. 11. The Spectrum of Tools for Building Your Own E-commerce Site<br />Slide 4-7<br />
  12. 12. Costs of Customizing E-commerce Packages<br />Slide 4-8<br />
  13. 13. Testing, Implementation and Maintenance<br />Testing: <br /><ul><li>Includes unit testing, system testing and acceptance testing</li></ul>Implementation and maintenance: <br /><ul><li>Maintenance is ongoing, with 20% of time devoted to debugging code and responding to emergency situations, 20% with changing reports, data files and links to backend databases; and 60% to general administration and making changes and enhancements to system
  14. 14. Benchmarking: process by which site is compared to those of competitors in terms of response speed, quality of layout and design</li></ul>Slide 4-9<br />
  15. 15. Components of a Web Site Budget<br />Slide 4-10<br />
  16. 16. Key Players in Web Server Software<br />Slide 4-11<br />
  17. 17. Basic Functionality Provided by Web Servers<br />Slide 4-12<br />
  18. 18. Widely Used Midrange and High-end E-commerce Suites<br />Slide 4-13<br />
  19. 19. Security Threats in the E-commerce Environment<br />Three key points of vulnerability:<br /><ul><li>Client
  20. 20. Server
  21. 21. Communications channel</li></ul>Most common threats:<br /><ul><li>Malicious code
  22. 22. Hacking and cybervandalism
  23. 23. Credit card fraud/theft
  24. 24. Spoofing
  25. 25. Denial of service attacks
  26. 26. Sniffing
  27. 27. Insider jobs</li></ul>Slide 5-14<br />
  28. 28. A Typical E-commerce Transaction<br />Slide 5-15<br />
  29. 29. Slide 5-16<br />Credit Card Fraud<br />Fear that credit card information will be stolen deters online purchases<br />Hackers target credit card files and other customer information files on merchant servers; use stolen data to establish credit under false identity<br />One solution: New identity verification mechanisms<br />
  30. 30. Spoofing, DoS and dDoS Attacks, Sniffing, Insider Jobs<br />Spoofing: Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else<br />Denial of service (DoS) attack: Hackers flood Web site with useless traffic to inundate and overwhelm network<br />Distributed denial of service (dDoS) attack: hackers use numerous computers to attack target network from numerous launch points<br />Sniffing: type of eavesdropping program that monitors information traveling over a network; enables hackers to steal proprietary information from anywhere on a network<br />Insider jobs:single largest financial threat<br />Slide 5-17<br />
  31. 31. Slide 5-18<br />Technology Solutions<br />Protecting Internet communications (encryption)<br />Securing channels of communication (SSL, S-HTTP, VPNs)<br />Protecting networks (firewalls)<br />Protecting servers and clients <br />
  32. 32. Tools Available to Achieve Site Security<br />Slide 5-19<br />
  33. 33. A Security Plan: Management Policies<br />Steps in developing a security plan:<br /><ul><li>Perform risk assessment – assessment of risks and points of vulnerability
  34. 34. Develop security policy – set of statements prioritizing information risks, identifying acceptable risk targets and identifying mechanisms for achieving targets
  35. 35. Develop implementation plan – action steps needed to achieve security plan goals
  36. 36. Create security organization – in charge of security; educates and trains users, keeps management aware of security issues; administers access controls, authentication procedures and authorization policies
  37. 37. Perform security audit – review of security practices and procedures</li></ul>Slide 5-20<br />