Sie sind auf Seite 1von 2

E-Commerce 3.

Platform as a Service (PaaS) - provides computing


Few IT Terms platform (operating system, programming language
 Network - the communication media, devices and execution environment, database service, web server)
software that connect 2 or more computer systems or and hardware to host the application
devices. Network is classified according to the physical
distance between nodes on the network and the
communication service it provides:
o Personal Area Network (PAN) - wireless network that
connects IT devices close to you
o Local Area Network (LAN) - w/in a small area
o Metropolitan Area Network (MAN) - geographical
area that spans a campus or city
o Wide Area Network (WAN) - large geographical
regions

 Internet - global system of interconnected computer


networks that use the internet protocol suite to link Cloud computing may be public or private (a single-tenant
devices worldwide. cloud).
Issues in implementing Cloud:
 Extranet - password-controlled network for private users
1. Existing investments
 Intranet - internal corporate Network
2. Legacy systems
3. Commodity asset
Summary Visualization - multiple virtual computers in one physical
Type User User ID and Password needed? computer.
Internet anyone No E-Commerce Risks
Intranet employees Yes Threat - any action that could damage an asset
Extranet Business partners Yes Vulnerability - any weakness that makes it possible for a threat
to cause harm to a computer or network
 Packet - a small amount of data sent over the network. INTRANET
 Each packet carries the information that will help it get to  Intercepting Communication
its destination -- the sender's IP address, the intended o Sniffing - using a Packet Sniffer, a software program
receiver's IP address that enables a computer to monitor and capture
 carry the data in the protocols that the Internet uses: network traffic
Transmission Control Protocol/Internet Protocol (TCP/IP)  Privileged employees with access to the Corporate
E-Commerce Database
 conducting business activities electronically over  Reluctance to prosecute
computer networks
 electronic dissemination of information INTERNET
1. Business to Business (B2B) Consumers:
2. Business to Employees (B2E)
o Theft of confidential data
3. Business to Consumer (B2C)
 Data breach
4. Consumer to Consumer (C2C)
 Identity Theft
5. Business to Government (B2G)
 Cookies - a small piece of data sent from a
website and stored on the user's computer by
Benefits Costs
the user's web browser while the user is browsing
Marketing Financial Costs
Business:
Reduced Operating Costs Need for Internal Control systems
Streamlined Operations Potential for Customer Distrust o IP Spoofing - a form as masquerading a person,
Enhanced Product/Service Severe Consequence for technology program or computer to gain access to some
Delivery breakdowns resource by manipulating IP packets
o Denial of Service (DOS) Attack - assault on a Web
Levels of business activity in the Internet: server by overwhelming a server or network to the
Information Level - display information in the internet point that it is unusable (Network congestion) so
Transaction Level - engaging with trade partners over the authorized users cannot access
internet (ex. the accepting and/or placing orders)  Distributed DOS (DDOS) Attack - use intermediary
Distribution level - selling & delivering DIGITAL products (Ex. hosts to conduct a DOS attack
subscription, software products/upgrades, music & videos)  Zombie - infected intermediary host
Cloud computing and Visualization  Botnet - collection of compromised
Cloud computing - computing environment in which software computers
and storage are provided as an internet service & accessed  SYN Flood Attack - exploits part of the
with a web browser normal TCP three-way handshake to consume
3 Types: resources on the targeted server and render it
1. Infrastructure as a Service (IaaS) - outsource unresponsive
equipment, but also provides housing, running and  Smurf Attack - a system is flooded with
maintenance spoofed ping messages. This creates high
2. Software as a Service (SaaS) - provides users access to computer network traffic on the victim’s
software remotely via Web network, which often renders it unresponsive.
 Ping is a network diagnostic tool
used primarily to test the
connectivity between two nodes or
devices.
Security Measures:
 Encryption - convert data into a secret code for storage
in database and transmission over network
Encryption ciphers fall into two general categories:
symmetric (private) key and asymmetric (public) key
symmetric (private) key - uses same key to encrypt and
decryp
 Digital Authentication
o Digital Signature - based on public key
cryptography, also known as asymmetric
cryptography
o Digital Certificate - an electronic document that
contains the digital signature of the certificate-issuing
authority, binds together a public key with an identity
and can be used to verify a public key belongs to a
particular person or entity
 Firewall - program or dedicated hardware device that
inspects network traffic passing through it and
denies/permits traffic based on a set of rules to be
determined at configuration
 Seals of Assurance - offered by trusted 3rd party
organizations which are displayed on website
homepages

Das könnte Ihnen auch gefallen