Learning Objectives• What is e-commerce and e-business?• Why organisations need to develop e-business models?• What are different e-business models?• What are different e-business technologies?• How secure is the technology?• What are the Legal complexities of e-business models?
E-Commerce• Electronic commerce (E-commerce) can be defined as any business transaction conducted using electronic means.• E-commerce is usually associated with buying and selling over the Internet, or through a computer- mediated network.• A more complete definition is: E-commerce is the use of electronic communications and digital information processing technology in business transactions to create, transform, and redefine relationships for value creation between or among organizations, and between organizations and individuals.
E-Business• E-Business does not mean only buying or selling products on-line, it will lead to significant changes in the way products are customized, distributed and exchanged and the way consumers search and bargain for the products and services and consume them.• E-business focus more on enhancement of the Customer process, production process and employee processes.
Goal of E-Business• The goal of any E-Business solution is to create value, which can be created in the following manner: – Increased Profitability – More Satisfied Customer – Increased Employee Motivation – Better Supplier Relationships
Categories of E-Business Solutions• Business-to-Business (B2B)• Business-to-Consumer (B2C)• Consumer-to-Consumer (C2C)• Consumer-to-Business (C2B)• Mobile Commerce
Building E-Business Models• Market Opportunity Analysis• Value Proposition• Online Strategy• Resource Management• Source of Revenue
Revenue Models• There are many revenue models that exists on the internet, but some of the most popular ones are: – Advertising – Affiliation – Licensing – Sales – Subscription
M-Commerce• M-commerce allows integration of the traditional e-business models on the mobile networks.• Number of applications of m-commerce includes: – Mobile Ticketing – Mobile Coupons – Mobile Content – Local Services – Mobile Banking – Mobile Marketing
E-Business Security• There are two broader levels of threats that are common. One is the network level of threat and the other is the data level threat.• Network Level threat deals with the security of the complete network, including the LANs, WANs, Internet, Intranet and Extranets. Enforces that only the right users or the authorized users are accessing the network.• Data Level threat in which one needs to ensure the security of data when it is on the move from one computer to another.
E-Business SecurityNetwork level• Ensuring only the right people are accessing the network• Password, encrypted smart cards, firewallsData Level• Ensuring the privacy & confidentiality of data• Data encryptionData Pipeline/Grid 12
Network Security Hacking hacker is an individual who intends to gain unauthorized access to a computer system cracker is the term typically used within the hacking community to demote a hacker with criminal intent Three type of hackers - white, black and grey hat hackers. Firewalls Proxy Servers 13
Common Security Attacks• Interruption, in terms of delay, denial of receipt or denial of service• Snooping or Interception - Unauthorized party gaining access to information by browsing through files.• Spoofing or Masquerading - Spurious information is inserted into the system or network by making it appears as if it is from a legitimate entity• Non-Repudiation - False denial that an entity created something• Modification or alteration - Unauthorized party changes information in transit or information stored for subsequent access• Malicious code / Applet (MalWare) - Malicious code or Applets includes a variety of threats such as viruses, worms and Trojan horses. 14
Data Level Security Concerns– Authenticity - the sender (either client or server) of a message - who he/she is or it claims to be– Privacy - the contents of a message are secret and only known to the sender and receiver– Integrity - the contents of a message are not modified (intentionally or accidentally) during transmission– Non-repudiation - the sender of a message cannot deny that he, she or it actually sent the message– Confidentiality - refers to the ability to ensure that messages and data are available only to those who are authorized to view them– Availability - refers to the ability to ensure that an e- commerce site continues to function as intended 15
Cryptography• Cryptography is a means of providing information security. Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, integrity, authentication, and non-repudiation which form the main goals of cryptography.• Cryptographic techniques : – Symmetric-key Cryptography – Public-key Cryptography – Digital Signature – Digital Certificate 16
Secure Socket Layer (SSL)• A protocol that operates at the TCP/IP layer• Encrypts communications between browsers and servers• Supports a variety of encryption algorithms and authentication methods• Secure negotiated session is a client-server session in which the URL of the requested document, along with the contents, the contents of forms, and the cookies exchanged, are encrypted.• Session key is a unique symmetric encryption key chosen for a single secure session 17
E-Business – A Competitive Tool• Improved customer service gives customers tangible benefits, i.e. faster delivery times, and a better understanding of needs.• An increase in business opportunities is another one of the greatest benefits of E-Business; that can result in improved brand image and enhance a companys stock market valuation.• Greater efficiency enables shorter product development cycles and enhanced inventory turnover, thus freeing up capital by receiving payment earlier in the purchase process.• Greater profitability: as companies exist to make money, by utilizing the E-Business methodologies explained, companies could improve overall effectiveness and directly increase profitability.
Summary• E-business is a method of doing business using technology.• Electronic commerce (E-commerce) can be defined as any business transaction conducted using electronic means. E-commerce is usually associated with buying and selling over the Internet, or through a computer-mediated network.• Whereas, E-Business does not mean only buying or selling products on-line, it will lead to significant changes in the way products are customized, distributed and exchanged and the way consumers search and bargain for the products and services and consume them.• The major categories of e-business solutions that have been implemented by the different organization worldwide are: Business-to-business (B2B); Business-to-Consumer (B2C); Consumer-to-consumer (C2C) and Consumer-to-Business (C2B).• Mobile Commerce (M-Commerce) is the buying and selling of goods and services through wireless technology, such as, handheld devices such as cellular telephones and personal digital assistants (PDAs).• M-commerce is quite popular in financial services including mobile banking. Customers are using their mobile phones to access their accounts and pay their bills. Customer is also using this for utility services, information services and entertainment.• The E-Business model is like any business model, which describes how an organiszation functions, how it offer its products or services, how it generates revenue, and how it will create and adapt to new markets and technologies. It has five traditional components market opportunity analysis, value proposition, on-line strategy, resource management and sources of revenue.• The models that were discussed in the chapter include, broker model, auction brokers, reverse auction, advertising model, portals, info-mediaries, merchant models, e- procurement and community models.
Summary• An organisation that is implementing e-business models needs to secure their models from multiple levels of threats – from hackers, insiders, pirates and thieves. One of the biggest potential security problems in an E-Business is of human, rather than electronic, origin.• There are two broader levels of threats that are common. One is the network level of threat and the other is the data level threat.• In a network level threat, one needs to ensure the security of the complete network, including the LANs, WANs, Internet, Intranet and Extranets. This will enforce that only the right users or the authorized users are accessing the network. The basic threat is from the Hackers who try to hack the network to get an unauthorized access.• In data level threat one needs to ensure the security of data when it is on the move from one computer to another. Here the basic threat is either from the hackers or even from the insiders.• Hacker is an individual who intends to gain unauthorized access to a computer system, whereas Cracker is the term typically used within the hacking community to demote a hacker with criminal intent. There are three types of hackers, white-hat, grey-hat and black- hat hackers. Hackers use different kind of techniques that may include Denial of Service, Spoofing, Sniffing and password cracking.• A firewall is hardware or software solution that insulates a private network from a public network using carefully established controls on the types of request they will route through to the private network for processing and fulfillment.• The another level of security threat is the data level security. Data when is communicated between two parties for business purpose needs to meet the challenge like confidentiality, authenticity, integrity, non-repudiation, privacy, authorization and validation.