Book 3 chap-8


Published on

Management Information System
Chapter-1 Book 3

Published in: Education, Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Book 3 chap-8

  1. 1. E-business <ul><li>E-business is the process of selling a product or service, or providing information </li></ul><ul><li>to customers through an online portal. It is also the act of using the Internet to do </li></ul><ul><li>the research for your business and stay in touch with clients, suppliers and </li></ul><ul><li>employees. </li></ul><ul><li>E-business (electronic business) is, in its simplest form, business perform on the </li></ul><ul><li>Internet. It is a more generic term than eCommerce because it refers to not only </li></ul><ul><li>buying and selling but also servicing customers and collaborating with business </li></ul><ul><li>partners. </li></ul><ul><li>All the major e-business models are under 4 main categories : </li></ul><ul><ul><li>B2B (Business to Business) </li></ul></ul><ul><ul><li>B2C (Business to Customer) </li></ul></ul><ul><ul><li>C2C (Customer to Customer) </li></ul></ul><ul><ul><li>C2B (Customer to Business) </li></ul></ul><ul><li>.  </li></ul>
  2. 2. <ul><li>B2B (Business to Business) : </li></ul><ul><li>- Larger companies that are supplying products to smaller businesses </li></ul><ul><li> who then sell it to their customers.  </li></ul><ul><li>- It is like the manufacturer (producer) supplying goods to the retailer or </li></ul><ul><li>wholesaler. </li></ul><ul><li>E.g. Dell sells computers and other related accessories online but it is does not </li></ul><ul><li>manufacture all those products. So, in order to sell those products, it first </li></ul><ul><li>purchases them from different businesses i.e. the manufacturers of those </li></ul><ul><li>products. </li></ul><ul><li>B2C (Business to Customer) : </li></ul><ul><li>- This represents the vast majority of E-commerce web sites online. i.e. any </li></ul><ul><li>website that has a product for sale, music downloads. </li></ul><ul><li>- In this model, online businesses sell to individual consumers. </li></ul><ul><li>- E.g. Online Books. (i.e. any online transaction) </li></ul>E-business
  3. 3. <ul><li>C2C (Customer to Customer) : </li></ul><ul><ul><li>- Any website where people are brought together to buy, sell, or trade. </li></ul></ul><ul><ul><li>- It facilitates the online transaction of goods or services between two people. </li></ul></ul><ul><li>C2B (Customer to Business) : </li></ul><ul><li>- Here the Customer deal with the business organization. </li></ul><ul><li>- Customer download the information of various product, Seeing </li></ul><ul><li>manuals/ drawings/ pictures/ images. </li></ul><ul><li> - E.g. Mobile Phone. </li></ul>E-business
  4. 4. Computer Crime and Cyberterrorism <ul><li>A computer crime is any illegal action where the data is accessed through computers or internet without any permission. </li></ul><ul><li>Computer crime or Cyber crime is a form of crime where the Internet or computers are used to commit crime. Issues surrounding this type of crime have become high-profile, particularly hacking, copyright breach (breaking the contract), child pornography (representation of sexual activity), murder, theft. </li></ul><ul><li>The characteristics of the computer crime are: </li></ul><ul><li>- Illegal behavior that is punishable by the law. </li></ul><ul><li>- specific way for committing crime using computer. </li></ul><ul><li>- special object for protection, security of computer’s data. </li></ul><ul><li>Illegal activities are carried out with the use of computer. Computer crime includes criminal breach, theft of computerized data, and the use of an on-line system to commit a fraud. </li></ul><ul><li>The computer can be a target of a crime or an instrument of a crime. </li></ul>
  5. 5. <ul><li>Computers As Target of Crime : </li></ul><ul><li> - Breaching the confidentiality of protected computerized data. </li></ul><ul><li> - Accessing a computer system without authority. </li></ul><ul><li> - Accessing a protected computerized data to become fraud. </li></ul><ul><li>- Accessing a protected computerized data and causing damage. </li></ul><ul><li>- Knowingly transmitting a program, program code, or command that </li></ul><ul><li>causes damage to a protected computer. </li></ul><ul><li>- These crimes are committed by a selected group of criminals . </li></ul><ul><li> - These crimes requires the technical knowledge. </li></ul><ul><li>Computers As Instrument (tool) of Crime : </li></ul><ul><li> - Unauthorized copying of software or copyrighted property, such as </li></ul><ul><li>articles, books, music and video. </li></ul><ul><li> - Illegally accessing e-mail and voice mail. </li></ul><ul><li> - Transmitting or processing child pornography using a computer. </li></ul><ul><li> - These crimes are committed by individual. </li></ul><ul><li>- These crimes generally involve less technical expertise. </li></ul>Computer Crime and Cyberterrorism
  6. 6. <ul><li>Cyber crime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music files, stealing millions of dollars from online bank accounts. </li></ul><ul><li>Cyber crime includes any criminal act dealing with computers and networks </li></ul><ul><li>(called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. For example, credit card account theft is considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet. </li></ul><ul><li>Hence, the computer will be looked at as either a target or tool. </li></ul>Computer Crime and Cyberterrorism
  7. 7. <ul><li>Phishing : </li></ul><ul><li>Phishing is similar to fishing in a lake, but instead of trying to capture fish, phishes attempt to steal your personal information. </li></ul><ul><li>- They sending e-mail messages that comes from legitimate (legal) websites </li></ul><ul><li>to ask users for confidential personal data. </li></ul><ul><li>- The e-mails instructs that your information needs to be updated or </li></ul><ul><li>validated and ask for your username and password, after clicking a link </li></ul><ul><li>included in the e-mail. Some e-mails will ask that you enter even more </li></ul><ul><li>information, such as your full name, address, phone number,social security </li></ul><ul><li>number, and credit card number. However, if you visit the fake website and </li></ul><ul><li>just enter your username and password, the phisher may be able to gain </li></ul><ul><li>access to more information by just logging in to you account. </li></ul>Computer Crime and Cyberterrorism
  8. 8. Computer Forensics <ul><li>Computer forensics is a scientific collection, examination, authentication (verification), preservation and analysis of data held or retrieved from computer storage in such a way that the information can be used as evidence in a court of law. </li></ul><ul><li>It deals with the following problems : </li></ul><ul><li> - Recovering deleted, encrypted or damaged file (data) from the computer </li></ul><ul><li>system. </li></ul><ul><li> - Securely storing and handling recovered electronic data. </li></ul><ul><li> - Presenting the information to a court of law. </li></ul><ul><li>Electronic evidence exist on computer storage in the form of computer files. </li></ul><ul><li>for eg. : 1) If the files has been deleted on computer storage, it can recover </li></ul><ul><li>through various techniques. Computer forensics experts try to </li></ul><ul><li>recover such hidden files (data). </li></ul><ul><li>2) Recovering thousands of deleted emails. </li></ul>
  9. 9. Computer Forensics <ul><li>How Computer forensics are used ? </li></ul><ul><ul><li>Child pornography Case </li></ul></ul><ul><ul><li>Homicides (murder) Case </li></ul></ul><ul><ul><li>Embezzlement (fraud) </li></ul></ul><ul><ul><li>Divorce </li></ul></ul><ul><ul><li>Breach of contract </li></ul></ul>
  10. 10. Information Lifecycle Management <ul><li>The process of managing information growth, storage, and retrieval based on its value to the organization. It is referred as Information Lifecycle Management (ILM) or Data Lifecycle Management (DLM). </li></ul><ul><li>ILM is a comprehensive approach to managing the flow of an information (data) of the system. </li></ul><ul><li>( I nformation  L ifecycle  M anagement) : An umbrella term for a comprehensive storage management program within an organization. It is called as “Data </li></ul><ul><li>Lifecycle Management&quot; (DLM). </li></ul>
  11. 11. <ul><li>In general, there are three stages in the information lifecycle: </li></ul><ul><li>- The creation of the data : </li></ul><ul><li>information comes into the organization either by created by </li></ul><ul><li>one or more individuals or being obtained through e-mails, faxes, </li></ul><ul><li> phone calls etc. </li></ul><ul><li>- The publication of the data : </li></ul><ul><li>some information needs to be published, either in print form or on </li></ul><ul><li>a company’s intranet or a public Web site. </li></ul><ul><li>- The removal of the data : </li></ul><ul><li>some information must be archived for later use, and some </li></ul><ul><li>information can be discarded once it has served its purpose or is </li></ul><ul><li>no longer valuable to the organization. </li></ul>Information Lifecycle Management
  12. 12. <ul><li>Create (Allocate) :  The file must be created in the correct type. </li></ul><ul><li>Backup   (Recovery): The file must be backed up according to predefined policies. </li></ul><ul><li>The policies may also dictate where the backups will be kept. </li></ul><ul><li>Backups may be a combination of mirrored copies, and snapshot copies. </li></ul><ul><li> Backups are usually recorded in a database to make recovery easy. </li></ul><ul><li>Restore :  If the file becomes corrupt, it must be possible to restore it from backup. </li></ul><ul><li>Migrate :  When the file is first created, it usually needs to be kept on fast access disk as it is </li></ul><ul><li>used frequently. After a while, the file becomes stale (out of date), and can be moved </li></ul><ul><li>to less expensive storage with a slower access speed (i.e. migration of data). </li></ul><ul><li>Migration is the process of moving a file up and down the storage pyramid, so it is </li></ul><ul><li>kept in the correct place for its current value. However, the file must be accessible at </li></ul><ul><li>all times. </li></ul><ul><li>Recall :   When a migrated file is needed again, it may be automatically retrieved back to fast </li></ul><ul><li>storage. </li></ul><ul><li>Disaster Recovery   : In a disaster, the file must be recoverable to different hardware in a </li></ul><ul><li>different site. Of course, disaster recovery involves a lot more than just retrieving </li></ul><ul><li>data. Hopefully, this will just involve creating a copy of the data at regular intervals, </li></ul><ul><li>to test out the disaster recovery process (for testing purpose). </li></ul>Information Lifecycle Management
  13. 13. Information Lifecycle Management
  14. 14. <ul><li>Archive :  An Archive is usually a copy of an application and retained for several years. </li></ul><ul><li>Retrieve :  If the archived file is required again, we can retrieve it. </li></ul><ul><li>Delete   : The file should be retained for as long as it is needed, then deleted. This will be governed by legal requirements. The backups must be deleted too, but the latest backup may be kept for a while. </li></ul>Information Lifecycle Management
  15. 15. Information Security <ul><li>Most of this information is collected, processed and stored on computers and transmitted across networks to other computers. If this information destroy into the wrong hands, it could lead to lost business, law suits or even bankruptcy (unable to pay one’s debt) of the business. Because of this issues, information security is required. </li></ul><ul><li>Information security means protecting information and information systems from unauthorized user access. This is called as information security, computer security or information assurance. </li></ul><ul><li>Information Security include network security, application and database security, security testing, business continuity planning, digital forensic science and biometric techniques (fingerprints, eyes, voice, etc.) </li></ul><ul><li>Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered. </li></ul>
  16. 16. Information Security
  17. 17. <ul><li>There are six elements of Information Security : </li></ul><ul><li>Confidential : Keep the information secret </li></ul><ul><li>- Whether the information is related to the computer systems, information </li></ul><ul><li>technology, information and communication technology, or a simple means of </li></ul><ul><li>communication, the first element is maintaining the confidentiality of the matter.  </li></ul><ul><li>- for eg. : 1) Confidentiality of username and password. </li></ul><ul><li>- No data or information shall be disclosed to any person within or outside the </li></ul><ul><li>organization, other than the persons who are authorized to use that data. </li></ul><ul><li>Integrity: Maintaining honesty </li></ul><ul><li>  </li></ul><ul><li>- Integrity in information security is related to data integrity. </li></ul><ul><li>- Information (Data) Integrity splits a close relationship with the data </li></ul><ul><li>preservation. </li></ul><ul><li>- No data/information or programs shall be allowed to be modified by anyone </li></ul><ul><li>without proper authority. </li></ul>
  18. 18. <ul><li>Availability: Ease of use </li></ul><ul><li>  </li></ul><ul><li>- With confidentiality and integrity, the factor availability is also required to maintain </li></ul><ul><li>the security of information. </li></ul><ul><li>- All Information Systems including hardware, communication networks, </li></ul><ul><li>software applications and the data, they hold shall be available to users at all </li></ul><ul><li>times to carry out business activities. </li></ul><ul><li>Possession or Control : </li></ul><ul><li>- for eg. : A thief were to steal a sealed envelope containing a bank debit </li></ul><ul><li>card and its personal identification number. The victim (destroyed </li></ul><ul><li>thing) of the theft would legally be concerned that (s)he could do so </li></ul><ul><li>at any time without the control of the owner. That situation </li></ul><ul><li>illustrates a loss of control or possession or ownership of </li></ul><ul><li>information. </li></ul>
  19. 19. <ul><li>Authenticity : Accuracy </li></ul><ul><ul><li>- For electronic information, a digital signature could be used to verify the authorship </li></ul></ul><ul><ul><li>of a digital document (could also be used to verify the integrity of the document). </li></ul></ul><ul><li>Utility : Usefulness </li></ul><ul><ul><li>- For example, suppose someone encrypted data on disk to prevent unauthorized </li></ul></ul><ul><ul><li>access and then lost the decryption key: that would be a breach of utility. The data </li></ul></ul><ul><ul><li>would be confidential, controlled, integral, authentic, and available. </li></ul></ul>
  20. 20. THANK YOU