Chapter 11 Infrastructure forElectronic Commerce      © Prentice Hall, 2000   1
Learning ObjectivesDescribe the protocols underlying Internet client/serverapplicationsCompare the functions and structure...
Learning Objectives (cont.)Describe the business functions that Web chat can fulfilland list some of the commercially avai...
A Network of Networks = Internet   Internet is a network of hundreds of   thousands interconnected networks   Network Serv...
Internet Network Architecture                        ISP                                  ISP          0                  ...
Internet ProtocolsProtocols - A set of rules that determine how twocomputers communicate with one another over a network  ...
TCP/IP Architecture                                  Application Layer                              FTP, HTTP, Telnet, NNT...
TCP/IPSolves the global internetworking problemTransmission Control Protocol (TCP)  Ensures that 2 computers can communica...
Domain NamesReference particular computers on theInternetDivided into segments separated by periods  For example, in the c...
Internet Client/Server ApplicationsApplication                   Protocol                             PurposeE-mail       ...
New World Network: Internet2Two consortiums are in the process ofconstructing the ‘new world network’  The University Corp...
New World Network: Next     Generation InternetNext Generation Internet (NGI)  Government initiated and sponsored  Started...
Web-based Client/ServerWeb browsers servers need as way to:  Locate each other so they can send requests and  responses ba...
Web-based Client/Server (cont.)Hypertext Transport Protocol (HTTP)  A new protocol  Lightweight, stateless protocol that b...
Web Browsers (1999 Generation)IE 4.6 suite of components consists of thebrowser along with the following tools:    Outlook...
Web Servers: A Software Program  http daemon in Unix; http service in Windows NT  Functions:    service HTTP requests    p...
Internet SecurityCornerstones of Security  Authenticity     the sender (either client or server) of a message is who     h...
Encryption   Private Key Encryption (Symmetrical Key Encryption)     Data Encryption Standard (DES) is the most widely use...
Encryption (cont.)   Public Key Encryption (Asymmetrical Key Encryption)          Public Key of                     Privat...
Encryption (cont.) Digital Envelope — combination of symmetrical and public key encryption            Public key of       ...
Encryption (cont.)    Digital Signatures : Authenticity and Non-Denial            Public Key of                       Priv...
Digital Certificates and       Certifying AuthoritiesDigital Certificates  Verify the holder of a public and private key i...
Secure Socket Layer (SSL)A protocol that operates at the TCP/IPlayerEncrypts communications betweenbrowsers and serversSup...
Secure Electronic Transactions (SET)  A cryptographic protocol to handle the  complete transaction  Provides authenticatio...
Access ControlPassword Protection  Passwords are notoriously susceptible to  compromise    Users have a habit of sharing t...
FirewallsA network node consisting of both hardware and softwarethat isolates a private network from a public networkMake ...
Screened Subnet Firewall                                 Web Server                                                    Bas...
Virtual Private Networks (VPN)A VPN combines encryption, authentication,and protocol tunneling to provide securetransport ...
Virtual Private Networks (VPN)                            (cont.)Real challenge of a VPN  To ensure the confidentiality an...
Selling on the WebFunction Requirements for an Electronic Storefront  Search for, discover, and compare products for purch...
Selling on the Web (cont.)Electronic storefront must contain:  A merchant system or storefront that provides the  merchant...
Outsourcing Vs. InsourcingInsourcing— build and run the electronic storefront inhouse   Large companies wanting:     • to ...
Electronic Catalogs and Merchant              ServersThe virtual equivalents of traditional product catalogsCommonly inclu...
Electronic Catalogs and Merchant                  Servers (cont.)                                                  Store  ...
Electronic Catalogs and Merchant          Servers (cont.)Two of the best known products in this category  iCat Electronic ...
Electronic Catalogs and Merchant           Servers (cont.)Microsoft’s Site Server Commerce Edition  Features of this produ...
Electronic Commerce Suites          Offer merchants greater flexibility, specialization,          customization and integr...
Open Market (www.openmarket.com)   One of the market leaders in the electronic   commerce software segment   Provides a co...
Chatting on the WebVaried uses of the forums and chat groups  Communication Centers    a virtual meeting place where commu...
Multimedia DeliveryWebcasting— describes Internet-based broadcasting ofaudio and video content  Types of Webcasts     Text...
WebcastingWorks in a straightforward wayExamples of companies offering both Webcastservers and players  RealNetworks ( www...
Bandwidth Requirements for       Streaming Audio and Video      Bandwidth [1 mbps = 1 million kbps]         the speed with...
Internet TelephonesInternet phones  programs that let you talk with other people using the  Internet  the added cost to th...
Analyzing Web VisitsAccess logs file  Text file, example :www.somewhere.com - [18/Aug/1998:12:00:00 +0000] “Get /a htm HTT...
Managerial IssuesNow or later— the question is no longer “Will” but“When”It’s the business issues that count— to succeed, ...
Upcoming SlideShare
Loading in …5
×

Ecommerce Chap 11

1,004 views

Published on

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,004
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ecommerce Chap 11

  1. 1. Chapter 11 Infrastructure forElectronic Commerce © Prentice Hall, 2000 1
  2. 2. Learning ObjectivesDescribe the protocols underlying Internet client/serverapplicationsCompare the functions and structures of Web browsers andserversDiscuss the security requirements of Internet and e-commerce applications, and how are these requirementsfulfilled by various hardware and software systemsDescribe the functional requirements for online selling andwhat are the specialized services and servers that performthese functions © Prentice Hall, 2000 2
  3. 3. Learning Objectives (cont.)Describe the business functions that Web chat can fulfilland list some of the commercially available systems thatsupport chatUnderstand the ways in which audio, video and othermultimedia content are being delivered over the Internetand to what business uses this content is being applied © Prentice Hall, 2000 3
  4. 4. A Network of Networks = Internet Internet is a network of hundreds of thousands interconnected networks Network Service Providers (NSPs) runs the backbones Internet Service Providers (ISPs) provide the delivery subnetworks © Prentice Hall, 2000 4
  5. 5. Internet Network Architecture ISP ISP 0 ISP ISP NAP NAP ISP ISP NAP NAP ISP ISP ISP ISP 5© Prentice Hall, 2000 © Prentice Hall, 2000 5 Backbone
  6. 6. Internet ProtocolsProtocols - A set of rules that determine how twocomputers communicate with one another over a network The protocols embody a series of design principles Interoperable— the system supports computers and software from different vendors. For e-commerce this means that the customers or businesses are not required to buy specific systems in order to conduct business. Layered— the collection of Internet protocols work in layers with each layer building on the layers at lower levels. Simple— each of the layers in the architecture provides only a few functions or operations. This means that application programmers are hidden from the complexities of the underlying hardware. End-to-End— the Internet is based on “end-to-end” protocols. This means that the interpretation of the data happens at the application layer and not at the network layers. It’s much like the post office. © Prentice Hall, 2000 6
  7. 7. TCP/IP Architecture Application Layer FTP, HTTP, Telnet, NNTP Transport Layer Transmission User Control Protocol Datagram Protocol (TCP) (UDP) Internet Protocol (IP) Network Interface Layer Physical Layer© Prentice Hall, 2000 © Prentice Hall, 2000 7
  8. 8. TCP/IPSolves the global internetworking problemTransmission Control Protocol (TCP) Ensures that 2 computers can communicate with one another in a reliable fashionInternet Protocol (IP) Formats the packets and assigns addresses packets are labeled with the addresses of the sending and receiving computers 1999 version is version 4 (IPv4) Version 6 (IPv6) has just begun to be adopted © Prentice Hall, 2000 8
  9. 9. Domain NamesReference particular computers on theInternetDivided into segments separated by periods For example, in the case of “www.microsoft.com” “www” is the specific computer “com” is the top level domain “microsoft” is the subdomain Internet Assigned Numbers Authority (IANA) controls the domain name system Network Solutions, Inc. (NSI) issues and administers domain names for most of the top level domains 9 © Prentice Hall, 2000
  10. 10. Internet Client/Server ApplicationsApplication Protocol PurposeE-mail Simple Mail Transport Protocol (SMTP) Allows the transmission of text Post Office Protocol version 3 (POP3) messages and binary Multipurpose Internet Mail Extensions (MIME) attachments across the Internet.File File Transfer Protocol (TP) Enables files to be uploaded and downloadedTransfer across the Internet.Chat Internet Relay Chat Protocol (IRC) Provides a way for users to talk to one another in real- time over the Internet. The real-time chat groups are called channels.UseNet Network News Transfer Protocol (NNTP) Discussion forums where users can asynchronously postNewsgroups messages and read messages posted by others.World Wide Hypertext Transport Protocol (HTTP) Offers access to hypertext documents, executableWeb (Web) programs, and other © Prentice Hall, 2000 10 Internet resources.
  11. 11. New World Network: Internet2Two consortiums are in the process ofconstructing the ‘new world network’ The University Corporation for Advanced Internet Development (UCAID) www.ucaid.edu Building a leading edge research network called Internet2 Based on a series of interconnected gigapops • interconnected by the National Science Foundation’s very high performance Backbone Network (vBNS) infrastructure Goals of Internet2 • to connect universities so that a 30 volume encyclopedia could be transmitted in less than second • to support applications like distance learning, digital libraries, video teleconferencing, teleimmersion and collaborative tools, and virtual laboratories © Prentice Hall, 2000 11
  12. 12. New World Network: Next Generation InternetNext Generation Internet (NGI) Government initiated and sponsored Started by the Clinton Administration, this initiative includes government research agencies, such as: • the Defense Advanced Research Projects Agency (DARPA) • the Department of Energy • the National Science Foundation (NSF) • the National Aeronautics and Space Administration (NASA) • the National Institute of Standards and Technology Aim of the NGI • to support next generation applications like health care, national security, energy research, biomedical research, and environmental monitoring © Prentice Hall, 2000 12
  13. 13. Web-based Client/ServerWeb browsers servers need as way to: Locate each other so they can send requests and responses back and forth Communicate with one anotherUniform Resource Locators (URLs) A new addressing scheme Ubiquitous, appearing on the web, in print, on billboards, on TV and anywhere else a company can advertise Default syntax - www.Anywhere.Com Complete syntax - access-method://server-name[:port]/directory/file 13 © Prentice Hall, 2000
  14. 14. Web-based Client/Server (cont.)Hypertext Transport Protocol (HTTP) A new protocol Lightweight, stateless protocol that browsers and servers use to converse with one another Statelessness - every request that a browser makes opens a new connection that is immediately closed after the document is returned represents a substantial problem for e-commerce applications an individual user is likely to have a series of interactions with the application MIME (Multipurpose Internet Mail Extension) describes the contents of the document in the case of an HTML page the header is “Content-type: text/html” © Prentice Hall, 2000 14
  15. 15. Web Browsers (1999 Generation)IE 4.6 suite of components consists of thebrowser along with the following tools: Outlook Express for e-mail reading FrontPage Express for authoring of HTML Web pages Net Meeting for collaboration Netscape Navigator 4.6 suite consists of the browser plus the following components: Messenger for e-mail reading Composer for authoring HTML Web pages Collabora for news offerings Calendar for personal and group scheduling Netcaster for push delivery of Web pages © Prentice Hall, 2000 15
  16. 16. Web Servers: A Software Program http daemon in Unix; http service in Windows NT Functions: service HTTP requests provide access control, determining who can access particular directories or files on the Web server run scripts and external programs to either add functionality to the Web documents or provide real-time access to database and other dynamic data enable management and administration of both the server functions and the contents of the Web site log transactions that the user makes Distinguished by : platforms, performance, security, and commerce 16 © Prentice Hall, 2000
  17. 17. Internet SecurityCornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to the sender and receiver Integrity the contents of a message are not modified (intentionally or accidentally) during transmission Non-repudiation the sender of a message cannot deny that he, she or it actually sent the message © Prentice Hall, 2000 17
  18. 18. Encryption Private Key Encryption (Symmetrical Key Encryption) Data Encryption Standard (DES) is the most widely used symmetrical encryption algorithm Private Key Private KeyMessage Ciphered Message Text Text Text Encryption DecryptionSender Receiver 18 © Prentice Hall, 2000
  19. 19. Encryption (cont.) Public Key Encryption (Asymmetrical Key Encryption) Public Key of Private Key of Recipient RecipientMessage Ciphered Message Text Text Text Encryption DecryptionSender Receiver © Prentice Hall, 2000 19
  20. 20. Encryption (cont.) Digital Envelope — combination of symmetrical and public key encryption Public key of Public key ofSession Key Recipient Recipient Session Key Digital Envelop Session Key Session KeyMessage Ciphered Message Text Encryption Text Decryption Text Sender © Prentice Hall, 2000 Receiver 20
  21. 21. Encryption (cont.) Digital Signatures : Authenticity and Non-Denial Public Key of Private Key of Recipient RecipientMessage Message Text Ciphered Text TextSignature Encryption Decryption SignatureSender Private Key Public Key Receiver of Sender of Sender © Prentice Hall, 2000 21
  22. 22. Digital Certificates and Certifying AuthoritiesDigital Certificates Verify the holder of a public and private key is who he, she or it claims to beCertifying Authorities (CA) Issue digital certificates Verify the information and creates a certificate that contains the applicant’s public key along with identifying information Uses their private key to encrypt the certificate and sends the signed certificate to the applicant © Prentice Hall, 2000 22
  23. 23. Secure Socket Layer (SSL)A protocol that operates at the TCP/IPlayerEncrypts communications betweenbrowsers and serversSupports a variety of encryptionalgorithms and authentication methodsEncrypts credit card numbers that are sentfrom a consumer’s browser to amerchants’ Web site © Prentice Hall, 2000 23
  24. 24. Secure Electronic Transactions (SET) A cryptographic protocol to handle the complete transaction Provides authentication, confidentiality, message integrity, and linkage Supporting features Cardholder registration Chargebacks Merchant registration Credits Purchase requests Credit reversal Payment authorizations Debit card transactions Payment capture © Prentice Hall, 2000 24
  25. 25. Access ControlPassword Protection Passwords are notoriously susceptible to compromise Users have a habit of sharing their passwords with others, writing them down where others can see them, and choosing passwords that are easily guessed. Browser transmits the passwords in a form that is easily intercepted and decoded. By making sure that even if the passwords are compromised the intruder only has restricted access to the rest of the network; which is one of the roles of a firewall. © Prentice Hall, 2000 25
  26. 26. FirewallsA network node consisting of both hardware and softwarethat isolates a private network from a public networkMake sure that even if the passwords are compromised theintruder only has restricted access to the rest of the networkTwo types Dual-homed gateway bastion gateway connects a private internal network to outside Internet proxies (software programs) run on the gateway server and pass repackaged packets from one network to the other Screen-host gateway screened subnet gateway in which the bastion gateway offers access to a small segment of the internal network demilitarized zone is the open subnet © Prentice Hall, 2000 26
  27. 27. Screened Subnet Firewall Web Server Bastion Host Router Router Local Internet Network Proxies: FTP, HTTP, NNTP, Telnet© Prentice Hall, 2000 FTP Server 2000 © Prentice Hall, 27
  28. 28. Virtual Private Networks (VPN)A VPN combines encryption, authentication,and protocol tunneling to provide securetransport of private communications over thepublic Internet. It’s as if the Internetbecomes part of a larger enterprise widearea network (WAN). In this way,transmission costs are drastically reducedbecause workers can access enterprise databy making a local call into an ISP rather thanusing a long distance phone call. © Prentice Hall, 2000 28
  29. 29. Virtual Private Networks (VPN) (cont.)Real challenge of a VPN To ensure the confidentiality and integrity of the data transmitted over the InternetProtocol tunneling Support multi-protocol networking To encrypt and encapsulate the data being transmitted Types of protocol — being used to carry out protocol tunneling protocols are aimed primarily at site-to-site VPNs (e.g. IPV6) protocols are used to support VPNs that provide employees, customers, and others with dial-up access via an ISP (e.g. Microsoft’s Point-to-Point Tunneling Protocol (PPTP)) © Prentice Hall, 2000 29
  30. 30. Selling on the WebFunction Requirements for an Electronic Storefront Search for, discover, and compare products for purchase Select a product to be purchased and negotiate or determine its total price Place an order for desired products Have their order confirmed, ensuring that the desired product is available Pay for the ordered products (usually through some form of credit) Verify their credit and approve their purchase Have orders processed Verify that the product has been shipped Request post-sales support or provide feedback to the seller © Prentice Hall, 2000 30
  31. 31. Selling on the Web (cont.)Electronic storefront must contain: A merchant system or storefront that provides the merchant’s catalog with products, prices and promotions A transaction system for processing orders and payments and other aspects of the transaction A payment gateway that routes payments through existing financial systems primarily for the purpose of credit card authorization and settlement © Prentice Hall, 2000 31
  32. 32. Outsourcing Vs. InsourcingInsourcing— build and run the electronic storefront inhouse Large companies wanting: • to “experiment” with e-commerce without a great investment • to protect their own internal networks • to rely on experts to establish their sitesOutsourcing— contract with an outside firm Smaller or medium sized companies with few IT staff and smaller budgets Three types of providers • Internet Malls— offers cross-selling from one store to another and provides a common payment structure • Internet Service Providers— focused on operating a secure transaction environment; not on store content • Telecommunication Companies— includes the full range of e-commerce solutions © Prentice Hall, 2000 32
  33. 33. Electronic Catalogs and Merchant ServersThe virtual equivalents of traditional product catalogsCommonly include: Templates or wizards for creating a storefront and catalog pages with pictures describing products for sale Electronic shopping carts that enable consumers to gather items of interest until they are ready for checkout Web-based order forms for making secure purchases (either through a SSL or a SET) Database for maintaining product descriptions and pricing, as well as customer orders Integration with third party software for calculating taxes and shipping costs and for handling distribution and fulfillment © Prentice Hall, 2000 33
  34. 34. Electronic Catalogs and Merchant Servers (cont.) Store HTML Pages 3rd Party Applications Merchant Internet Server Financial Network Web Web Browser Server Database Catalog Order© Prentice Hall, 2000 Merchant Server Architecture © Prentice Hall, 2000 34
  35. 35. Electronic Catalogs and Merchant Servers (cont.)Two of the best known products in this category iCat Electronic Commerce Suite Standard edition includes: • Catalog templates • Shopping carts • Cross selling • Product searching • Secure payment processing Professional edition provides support for: • High-end databases • Integration with ISAPI and Netscapes NSAPI • Options for third-party plug-ins for searching, user tracking, sale pricing, discounting, etc. © Prentice Hall, 2000 35
  36. 36. Electronic Catalogs and Merchant Servers (cont.)Microsoft’s Site Server Commerce Edition Features of this product are: • Commerce Sample Sites providing templates for complete applications • Microsoft’s Wallet supporting a variety of digital currencies • Site Builder Wizard for stores with multi-level departments • Commerce Server Software Development Kit (SDK) for developing custom-order processing • Order processing pipeline for managing orders according to specified business rules • Microsoft’s Wallet Software Development Kit (SDK) for supporting a variety of digital payment schemes • Promotion and Cross-selling Manager for administering a range of specialized promotions, discounts,cross-selling opportunities • Integration with Microsoft’s Web site development (e.g. Visual InterDev) and administrative tools (e.g. NT Security Support) © Prentice Hall, 2000 36
  37. 37. Electronic Commerce Suites Offer merchants greater flexibility, specialization, customization and integration in supporting complete front and back-office functionality Catalog Catalog Application Database Customer Management, Customer Registration, Database Profiles, Service Order Database Internet Order Capture, Fulfillment Completion Web SystemsBrowser Web Payment Payment Server Processing Database (SET & Purchase Order) Financial Network Open Market E-Commerce Server Architecture37 © Prentice Hall, 2000
  38. 38. Open Market (www.openmarket.com) One of the market leaders in the electronic commerce software segment Provides a compete set of end-to-end transaction services including: Analysis and Profiling Demand Generation Order Management Fulfillment Payment Self-Service Customer Service Reporting © Prentice Hall, 2000 38
  39. 39. Chatting on the WebVaried uses of the forums and chat groups Communication Centers a virtual meeting place where communications can take place among the participants Customer Service offer online support where customers can converse with help-line staff and receive advice Community Discussion provide forums and chat services with a marketing eye toward developing a community of loyal users, followers and advocates © Prentice Hall, 2000 39
  40. 40. Multimedia DeliveryWebcasting— describes Internet-based broadcasting ofaudio and video content Types of Webcasts Text Streams— Text-only wordcasts and datacasts • to deliver constant news and stock price updates Ambient Webcasts— Video content • is captured from a Webcam and delivered as single-frame updates that are transmitted at periodic intervals Streaming Audio— Web equivalent of radio • to deliver everything from talk radio to sports broadcasts to music previews to archived music and radio shows Streaming Video • to deliver videoconferences where high quality images are not required and there is not much movement among participants © Prentice Hall, 2000 40
  41. 41. WebcastingWorks in a straightforward wayExamples of companies offering both Webcastservers and players RealNetworks ( www.real.com ) Liquid Audio ( www.liquidaudio.com ) Xingtech with its streamworks technology ( www.xingtech.com ) Apple with its QuickTime system ( quicktime.apple.com ) Microsoft with its Netshow software ( www.microsoft.com/windows/windowsmedia )Multicasting stream a Webcast from a central server to other media servers which are distributed to different locations when a listener or viewer clicks on a Webcast link they are automatically routed to the closest server © Prentice Hall, 2000 41
  42. 42. Bandwidth Requirements for Streaming Audio and Video Bandwidth [1 mbps = 1 million kbps] the speed with which content can be delivered 14.4 kbps to 56 kbps for connecting to the Internet over the telephone through modems 128 kbps for connecting to the Internet over ISDN telephone lines 1 - 1.5 mbps for connecting to the Internet over digital subscriber line (DSL) 10 mbps for downloading over cable wiresTo download a standard Web page, say around 400,000 kilobits; 56 kbps modem takes about 7 seconds Cable modem takes about 0.04 seconds © Prentice Hall, 2000 42
  43. 43. Internet TelephonesInternet phones programs that let you talk with other people using the Internet the added cost to the end user is at best zero and at worst a substantially lower total charge than a standard telephone call PC-to-PC; PC-to-phone; and phone-to-phone vendors who dominate the Internet telephone market space • VocalTec ( www.vocaltec.com ) • IDT ( www.met2phone.com ) • Delta Three ( www.deltathree.com ) © Prentice Hall, 2000 43
  44. 44. Analyzing Web VisitsAccess logs file Text file, example :www.somewhere.com - [18/Aug/1998:12:00:00 +0000] “Get /a htm HTTP/1.0” 200 15000 Telling you which pages are most popular, which times are most popular, which geographical regions make the most requests, and other interesting tidbits that help site administrators maintain and refine their sitesSoftware for analyzing access log files (FREE) net.Analysis form net.Genesis ( www.netgen.com ) Insight form Accrue ( www.accrue.com ) Web Trends Log Analyzer from Web Trends Corporation ( www.egsoftware.com ) 44 © Prentice Hall, 2000
  45. 45. Managerial IssuesNow or later— the question is no longer “Will” but“When”It’s the business issues that count— to succeed, abusiness must understand how to meet the needs of theironline customersIn-house or outsource— mainly depends on thecompany sizeAnalyzing the data— automatic record of everyone whovisits your Web siteSecurity— management takes every precaution to ensurethe security of their sites and their communications with sitevisitorsEvolving Web— rapid change of the underlyingstandards, protocols and governance © Prentice Hall, 2000 45

×