E-Commerce Notes

Unit-1
Lecture-1
Introduction to Commerce
• Commerce is basically an economic activity involving trading or the buying and selling of
goods.
As we enter the electronic age, an obvious question is whether these commercial
transactions and business functions can be carried out electronically.
Called as electronic commerce (e-commerce).
E-Commerce
• “E-Commerce or Electronic Commerce, a subset of E-Business, is the purchasing, selling
and exchanging of goods and services over computer networks (such as Internet)
through which transactions are performed”.
• “E-Commerce can be defined as a modern business methodology that addresses the
needs of organizations, merchants and consumers to cut costs while improving the
quality of goods and services and increasing the speed of service delivery by using
Internet”.
• E-Commerce takes place between companies, between companies and their customers,
or between companies and public administration.
Difference between Traditional Commerce and E-commerce
 E-Business
• “E-Business is the conduct of business on the Internet, not only buying and selling but
also servicing customers and collaborating with business partners”.
• E-Business means connecting critical business systems directly to customers, vendors
and suppliers- via the Internet, Extranet and Intranets.
E-Business enables organizations to accomplish the following goals:-
• Reach new markets.
• Create new products or services.
• Build customer loyalty
• Make the best use of existing and emerging technologies.
• Achieve market leadership and competitive advantage.
• Enrich human capital.
 Advantages of E-Commerce to Customers
• Reduced Prices:- Costs of products are reduced since the stages along the value chain
are decreased ie distributing through a retail store.
• 24-Hour Access:- Online businesses never sleep
• Global Marketplace:- Consumers can stop anywhere in the world.
• More Choices:- Provides consumers with more choices.
Advantages of E-Commerce to Businesses
• Increased potential market share:- The internet enables businesses to have access to
international markets thereby increasing their market share. Companies can also
achieve greater economies of scale.
• Low cost Advertising:- Advertising on the internet costs less than advertising on print
or television
• Low barriers to Entries:- Anyone can start up a company on the internet.
• Strategic Benefits:- The Strategic benefits of making a business e-commerce enabled
is that it helps reduce the delivery time, labour cost and the cost incurred in document
preparation, data entry, error detection etc.
Disadvantages of E-Commerce
• Hidden Costs:- Although buying online is convenient, the cost of this convenience is not
always clear at the front end. For e.g. on-line purchases are often accompanied by high
shipping and re-stocking fees, a lack of warranty
• Lack of Security:-
For e.g. Consumers are growing increasingly worried about providing credit card
information over the Internet.
• Lack of Privacy:- Customers also worry about the privacy implications of data gathered
by organizations of all types and sizes. Even at the simplest data level, sales information
i
• Network Unreliability:-
⮚ Equipment failure in the network connection provider.
⮚ Accidental problems caused by nature-such as lightning, floods, earthquakes that affect
communication lines.
⮚ Long response time due to increased network traffic or inadequate bandwidth.
• Low Service Levels:-
⮚ Timely and low-cost shipping delivery to customers.
Scope of E-Commerce
•
• Electronic Markets:-
An electronic market is the use of information and communication technology so that
the purchaser can compare the prices of the offerings and make a purchase decision
e.g. Airline Booking System
• Electronic Data Interchange:-
⮚ It provides a standardized system for coding trade transactions so that they can be
communicated from one computer to another without the need for printed orders e.g.
EDI is used in the large supermarket chains for transactions with their suppliers.
• Internet Commerce:-
⮚ Information and communications technologies can be used to advertise & make sales of
wide range of goods & services.
⮚ This application is both for business to business & business to consumer transactions.e.g.
The purchase of goods that are then delivered by post or the booking of tickets that can
be picked up by the clients

Unit-1
Lecture-2
Types of E-Commerce/ E-Commerce Market Models
• There are five types of E-Commerce:-
⮚ Business To Business (B2B)
⮚ Business To Consumer (B2C)
⮚ Consumer To Business (C2B)
⮚ Consumer To Consumer (C2C)
⮚ Business To Government (B2G)
(B2B):- An E-Commerce company can be dealing with suppliers or distributers or
agents. For e.g. manufacturers and wholesalers are B2B Companies. With the help of
B2B E-commerce, companies are able to improve the efficiency of several common
business functions, including supplier management, inventory
management and payment management.
 (B2C):- Business to Customer or B2C refers to E-Commerce activities that are focused
on consumers rather than on businesses. B2C company such as Amazon.com.
(C2B):-In this type of E-Commerce, consumers get a choice of a wide variety of
commodities and services, along with the opportunity to specify the range of prices
they can afford or are willing to pay for a particular item, service

(C2C):- Customers are also a part of the business and C2C enables customers to
directly deal with each other.
(B2G):- This type of E-Commerce is used by the government departments to directly
reach to the citizens by setting up the websites.

History of E-CommerceIn the 1960s, very early on in the history of Ecommerce, its
purpose was to exchange long distance electronic data. such as banks and military
departments, who used it for command control communication purposes such as
Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT). The growth and
acceptance of credit cards, automated teller machines (ATM) n 1982 Transmission
Control Protocol and Internet Protocol known as TCP & IP was developed. Beginning in
the 1990s, electronic commerce would include enterprise resource planning systems
(ERP), data mining and data warehousing
-Commerce Applications
E-Marketing:-
❖E-Marketing also known as Internet Marketing, Online Marketing, Web Marketing. nternet
marketing is associated with several business models i.e., B2C, B2B, C2C.
E-Advertising:-
❖It is also known as online advertising it is a form of promotion that uses internet and World
Wide Web to deliver marketing messages to attracts customers.Example: Banner ads,
Social network advertising,
E-Banking:-
❖Means any user with a personal computer and browser can get connected to his
banksSERVICES THROUGH E-BANKING:⮚ Bill Payment Service⮚ Fund
Transfer⮚ Investing through Internet Banking⮚ Shopping
E-Learning:-
❖E-Learning comprises all forms of electronically supported learning and teaching Content
is delivered via. The internet, intranet/extranet, audio, or video tape, satellite TV. E-
Learning is naturally suited to distance and flexible learning,
Mobile Commerce:-
❖Mobile Commerce also known as M-Commerce, is the ability to conduct, commerce as a
mobile device, such as mobile phone.
Online Shopping:-
❖Online shopping is the process whereby consumers directly buy goods
Entertainment:-
❖The conventional media that have been used for entertainment are
1. Books/magazines.2. Radio.3. Television/films.
The trade cycle varies depending on:-
⮚ The nature of the organization (or individuals) involved.
⮚ The nature and type of goods or services being exchanged.
⮚ The frequency of trade between the partners to the exchange process.
Three generic trade cycles can be identified:-
1. Regular, repeat transactions between commercial trading partners (Repeat Trade
Cycle).eg Electronic Data Interchange:-
2. Irregular Transactions between commercial trading partners where execution and
settlement are separated (Credit Transactions) Electronic Markets:-
3. Irregular transactions in once-off trading relationships where execution and settlement
are typically combined (Cash Transactions) Internet Commerce:-
tools & Technologies for E-Commerce
• Electronic data interchange EDI is the computer-to-computer exchange of structured
business information in a standard electronic format.
• Bar codes are used for automatic product identification by a computer Specific characters
(e.g. numbers 0-9) are assigned unique patterns,
• Electronic mail
• Internet
• World Wide Web is a collection of documents written and encoded with the Hypertext
Markup Language (HTML)
• Product data exchange refers to any data that is needed to describe a product.
Sometimes that data is in graphical form, as in the case of pictures, drawings and CAD
files.
Tools & Technologies for E-Commerce
• Electronic data interchange (EDI), • Bar codes• Electronic mail• Internet
• World Wide Web• Product data exchange• Electronic forms
• Electronic Data Interchange (EDI)
❖EDI is the computer-to-computer exchange of structured business information in a
standard electronic format.
Codes
❖Bar codes are used for automatic product identification by a computer. They are a
rectangular pattern of lines of varying widths and spaces. Specific characters (e.g.
numbers 0-9) are assigned unique patterns,
• World Wide Web
❖The World Wide Web is a collection of documents written and encoded with the Hypertext
Markup Language (HTML).
• Product Data Exchange
❖Product data refers to any data that is needed to describe a product. Sometimes that data
is in graphical form, as in the case of pictures, drawings and CAD files. In other cases
the data may be character based (numbers and letters), as in the case of specifications,
bills of material, manufacturing instructions, engineering change notices and test results.
• Electronic Forms
❖Electronic form is a technology that combines the familiarity of paper forms with the power
of storing information in digital form. Imagine an ordinary paper form, a piece of paper
with lines, boxes, check-off lists, and places for signatures.
Electronic Data Interchange (EDI)
• Electronic data interchange (EDI) is the process used by organizations in order to
transmit the data between organizations by electronic means. It is used to transfer
electronic documents or business data from one computer system to another computer
system, i.e. from one trading partner to another trading partner without human
intervention.

• Here, are two major parties i.e. Customer & Merchant,

• Customer firstly order for the required product. Trading party then give confirmation,
Delivery note, Invoice & Acknowledgements for the product status. At the end, customer
pays for the product.
Main Features of EDI:
• EDI’s use structured formatted messages that are based on agreed standards - in this
way the messages can be read by any system that understands the rules they are
governed by. However, this is not always as simple as it seems, as there are also the
provision of EDI translation software packages.
• Required to set up an interface between the company computer and the EDI
sent/received document.
• EDI provides a relatively fast delivery of electronic documents from sender to receiver.
• EDI provides direct communication between applications, rather than between
computers.
• EDI includes data management and networking capabilities, data processing, the
efficient capture of data into electronic form, the processing and retention of data,
controlled access to it, and efficient and reliable data transmission between remote sites.
Benefits of EDI:
• Reduced paperwork: • Cost cutting Reduced Errors: Faster Response: Improved
funds transmission: Improved Shipping Service:
EDI System
 Difference between EDI & Email:
• EDI sounds similar to electronic mail (email), but is actually quite different. While email
allow for free unstructured test messages to be sent from one computer to another (or
multiple) computers, EDI supports structured business messages to be transmitted
between partners. Previously these would have been hard copy documents or printed
business documents. So rather than having documents pass from person to person, they
go from computer to computer.
Components of EDI
1. Application service
2. Translation service
3. Communication service
Communication service

1. Application Services :-
It provides the link between application and EDI.

2. Translation service:-Converts the outgoing documents from an internal format file to an agreed
external format. Translates internal document from external format to EDI internal format file.
3. Communication service:-The communication service sends and receives transmission files to
and from the trading partners either directly or by using party service called a valued added network
(VAN).

File Types
EDI creates following files as a document passes through the system:
1. Internal format file (IFF):-
It contains single document for single trading partner.
2. External format file (EFF):-
EDIFACT
 • Electronic Data Interchange for Administration, Commerce, and Transport is the
international set of EDI standards• Became a UN standard in 1987
• Maintenance and further development is the responsibility of the United Nations Centre
for Trade Facilitation and Electronic Business (UN/CEFACT)• Includes syntax rules
and implementation guidelines, message design guidelines, data elements, code sets,
and other definitions• Used for business-to-business (B2B) communication rather than
business-to-consumer (B2C)• Allows multi-country and multi-industry exchange
The four pillars of EDIFACT

United Nations/Electronic Data Interchange For Administration, Commerce and

Transport (UN/EDIFACT) is the international EDI standard developed under the United
Nations.
EDI Layered Architecture

EDI Semantic layer:-

⮚ Describes the business application
⮚ Procurement example,Requests for quotes Price quotes Purchase orders Acknowledgments, Invoices
⮚ Specific to company & software used
EDI Standard Layer:-
⮚ Specifies business form structure so that information can be exchanged it also influence the content at application layer. ⮚
The most competing standards are:
• American National Standards Institute(ANSI)X12
• EDIFACT developed by UN/ECE, Working Party for the Facilitation of International Trade Procedures
EDI Transport Layer:-
⮚ It corresponds with non electronic activity of sending business from one company to another company.⮚ It can send via
postal service, registered and certified mail & email etc.⮚ Generally, EDI transport layer chooses email as the carrier service.
EDI Physical Layer:-
⮚ It describes physical devices which are involved in transaction.⮚ Dial-up lines, Internet, Value-Added Networks
 EDI IMPLEMENTATION
• The First Technical element of the EDI system is the EDI software. It is a complete suite of software for creating,
transmitting, receiving, managing and tracking EDI documents. and can convert invoices, returns, change notices,
statements, purchase orders, and title catalogues into the EDI format.
• If pens & things is to send an order from its production control system to packaging solutions it needs to code that order
into the agreed EDI standard &’squirt’ it into the chosen VADS. To pickup the order at the other end, packaging solutions
has a similar need to extract the data from the network & to decode the data from EDI message into its order processing
system. The coding/Decoding of EDI messages & interfacing with VADS in normally achieved using EDI software as
shown in Fig.
Sending an order using EDI software

EDI Enabled Procurement Process

PROCUREMENT
⚫ Procurement is the process whereby companies purchase goods and services from various suppliers. These include everything
from indirect goods like light bulbs, uniforms, toilet paper, and office supplies, to the direct goods used for manufacturing
products.⚫ Procurement also involves the purchase of temporary labor, energy, vehicle leases, and more. Companies
negotiate discount contracts for some goods and services, and buy others on the spot. Procurement can be an important part
of a company's overall strategy for reducing costs.
⚫ Historically, the individuals or departments responsible for purchasing a company's goods and services relied on various
methods for doing so. The most basic included placing orders via telephone, fax, or mail.
E-PROCUREMENT
⚫ Electronic procurement methods, generally referred to as e-procurement, potentially enable the procurement process to
unfold in a faster, more efficient manner, and with fewer errors. These methods include electronic data interchange (EDI),
online marketplaces or e-marketplaces, EDI deals more with the way information is communicated during procurement than
it does with the act of linking buyers and suppliers.
⚫ By definition, EDI is the electronic exchange of business information—purchase orders, invoices, bills of lading, inventory
data, and various types of confirmations—between organizations or trading partners in standardized formats.
⚫ EDI also is used within individual organizations to transfer data between different divisions or departments, such as finance,
purchasing, and shipping. Two characteristics set EDI apart from other ways of exchanging information.
⚫ First, EDI only involves business-to-business transactions; individual consumers do not directly use EDI to purchase goods
or services.
⚫ Secondly, EDI involves transactions between computers or databases, not individuals. Therefore, individuals sending e-mail
messages or sharing files over a network does not constitute EDI.
⚫ EDI can occur point-to-point, where organizations communicate directly with one another over a private network; via the
Internet (also known as open EDI); and most commonly, via value-added networks (VANs), which function like telephone
lines by allowing for the transfer of information.
⚫ In the early 2000s, although many companies still relied on VANs, the Internet was playing a larger role in EDI. It is possible
for companies to translate the files used during EDI and send them to another company's computer system over the Internet,
via e-mail, or file transfer protocol (FTP).
⚫ Because it is an open network and access is not terribly expensive, using the Internet for EDI can be more cost effective for
companies with limited means.
⚫ It has the potential to provide them with access to large companies who continue to rely on large, traditional EDI systems.
⚫ The low cost associated with open EDI also means that more companies are likely to participate. This is important because
the level of value for participants often increases along with their number.
E-procurement tools and applications:
Some e-procurement tools and applications include:
⚫ Electronic systems to support traditional procurement
⚫ EDI (electronic data interchange)
⚫ ERP systems
⚫ Internet as a support or complement to traditional procurement
⚫ Electronic mail (e-mail)
⚫ Web enabled EDI
⚫ Extensible markup language (XML)
⚫ World wide web (www)
⚫ Internet tools and platforms that replace traditional procurement
EDI (Electronic Data Interchange)
⚫ EDI is an application whereby electronic messages can be exchanged between computer programs of two separate
organizations. Some features of EDI include:
⚫ Messages are exchanged in groups, known as batches.
⚫ Messages can automatically be sent, transmitted and stored between computers without retyping or keying data.
⚫ EDI has to be implemented by each pair of organizations (sender and receiver) who wish to use it. This means that the
implementation costs of EDI are relatively high.
⚫ EDI is mostly used where the messages exchanged concern such matters as orders, confirmations, transport information and
invoicing.

⚫ EDI traditionally runs on so-called, “Value Added Networks”, which are closed networks (unlike open networks like the
Internet).
The figure below illustrates the categories of electronic communication exchange between people and computers:-
 Security Issues in E-Commerce TransactionsSecure Electronic
Transaction (SET)
❖Secure Electronic Transaction (SET) is an open protocol which has the potential to
emerge as a dominant force in the security of electronic transactions.
❖Jointly developed by Visa and MasterCard, in conjunction with leading computer vendors
such as IBM, Microsoft, Netscape RSA, and GTE.
❖SET is an open standard protocol for protecting the privacy and ensuring the authenticity
of electronic transactions.

Functions of SET
▪ Provide confidentiality of payment and ordering information.
▪ Ensure the integrity of all transmitted data.
▪ Provide authentication that a card holder is a legitimate user of a credit card account.
▪ Provide authentication that a merchant can accept credit card transactions through its
relationship with a financial institution.
▪ Ensure the use of best security practices and system design techniques to protect all
legitimate parties in an electronic commerce transaction.
▪ Create a protocol that neither depends on transport security mechanisms nor prevents
their use.
▪ Facilitate and encourage interoperability among software & network providers.
Participants in the SET system
 Scope of SET
1. Motivated by the large amount of unsecured credit-card based transactions on the
Internet.
2. Network payments treated in a similar way to Mail Order/Telephone Order (MOTO)
transactions.
3. SET applies only to the ‘front end’ of payment no need to change the ‘back end’.
4. SET only addresses Payment - other protocols for shopping, payment method selection
etc. will be developed by others.

Secure Socket Layer (SSL)

❖ SSL is a protocol developed by Netscape for transmitting private documents via the
Internet.
❖ SSL uses cryptographic system that uses two keys to encrypt data a public key known to
everyone and a private or secret key known only to the recipient of the message.
❖ The SSL provides end-to-end secure data transmission between the web server and the
web client.
❖ It is sandwiched between the TCP/IP and the application layer.
❖ Unlike TCP/IP that offers only reliable packet transfer, SSL ensures secure packet
transfer.
How SSL works?
The SSL performs two functions-it authenticates the websites and ensures secure data
transmission between the web server and the client.
It achieves this either by using symmetric encryption or asymmetric encryption.
In symmetric encryption, a key called the private key is used both for encrypting and
decrypting the data. For symmetric encryption to work, the sender & receiver should
share the private key. This is possible only when the sender & receiver know each other.
In asymmetric encryption, two separate keys are used to encrypt & decrypt data. The
public key is shared with the other person and the private key is known only to the person
who decrypts the data. So, the private key will remain a secret while the public key will
be known to both the parties.
 Types of Cryptography:-
⮚ Private Key Cryptography
⮚ Public Key Cryptography
Private Key Cryptography
In private-key cryptography, the sender and receiver agree beforehand on a secret
private key. Private-key methods are efficient and difficult to break. However, one major
drawback is that the key must be exchanged between the sender and recipient
beforehand, raising the issue of how to protect the secrecy of the key.
Public Key Cryptography
In public-key cryptography, two separate keys are used to encrypt & decrypt data. The
public key is shared with the other person and the private key is known only to the person
who decrypts the data. Public-key cryptography depends upon the notion of one-way
functions: a one way function is a function that is easy to apply,

Digital Signature
A digital signature is an electronic signature that can be used to authenticate the identity
of the sender of a message or the signer of a document, and possibly to ensure that the
original content of the message or document that has been sent is unchanged.
❖ A digital signature authenticates electronic documents in a similar manner a handwritten
signature authenticates printed documents.❖ A digital signature is issued by a
Certification Authority (CA) and is signed with the CA’s private key.
❖⮚ The signer who signs the document.
⮚ The verifier who receives the signed document & verifies the signature.
❖ A digital signature typically contains the Owner’s public key, the Owner’s name, Expiration
date of the public key, the name of the issuer (the CA that issued the Digital ID), Serial
no. of the digital signature and the digital signature of the issuer.
❖ Digital signatures are based on a combination of public key encryption and one way hash
function that converts a message of any length into a fixed length message digest known
as hash function. The value of hash function is unique for the hashed data. Any change
in the data, even deleting or altering a single character, results in a different value. The
encrypted hash, along with other information, such as hashing algorithm is known as
digital signature.

Virtual Private Network

⮚ A Virtual private network (VPN) extends a private network across a public network, such
as the internet.
⮚ This is done by establishing a virtual point-to-point connection through the use of
dedicated connections, encryption or a combination of the two.
⮚ VPN allows employees to securely access their company’s intranet while travelling
outside the office.
⮚ VPN technology is also used by ordinary Internet users to connect to proxy servers for
the purpose of protecting one’s identity.
 Types of VPN:
⮚ Remote Access VPN:- Remote access VPNs allow employees to access their company’s
intranet from home or while travelling outside the office.
⮚ Site-to-Site VPN:- Site-to-Site VPN allow employees in geographically disparate offices
to share on cohesive virtual network.
VPN systems may be classified by:-∙ The protocols used to tunnel the traffic.∙ The
tunnel’s termination point location. ∙ Whether they offer site-to-site or remote access
connectivity. The level of security provided.
VPN Architecture
∙ Service provider independent VPN:- In a, a VPN enabled client(such as a desktop or
laptop) initiates the tunnel through the public network to the central site. To access the
computer network, the client first establishes a PPP (Point-to-Point protocol) session to
a local Internet Service Provider (ISP) for internet access. The client then connects
across the Internet to the central site and establishes a tunnel to carry the data traffic.
the client can travel with the same ease as carrying a laptop.
∙ Service provider dependent VPN:- With a service provider dependent VPN model, the
corporation enters into an agreement with a service provider such as an ISP. The
corporation user dials into a local POP with a PPP client, and the tunnel session is
initiated at the POP. This arrangement can be combined with quality of service
agreements to guarantee a level of VPN performance,
VPN Security
❖To prevent disclosure of private information, VPNs typically allow only authenticated
remote access and make use of encryption techniques. VPN provides security by the
use of tunneling products and through security procedures such as encryption.
❖VPNs ensure privacy by providing a private tunnel through the internet for remote access
to the network. For full VPN security, your VPN must be enhanced with a reliable user
authentication mechanism, protecting end points of the VPN.
❖ Strong user authentication with a VPN provides true secure remote access for today’s
mobile workforce.
 difference between Computer Virus and Computer Worm
Sno. Computer Virus Computer Worm
1. It cannot be controlled remotely. It can be controlled remotely.
2. It deletes, modifies the files and It only monopolies the CPU &
also change the location of file. memory.
3. It is slower than worm Worm is faster than virus.
4. The virus is the program code The worm is code that replicate
that attaches itself to application itself in order to consume
program and when application resources to bring it down.
program run it runs along with it.

Intranet Intranet Software enables an organization to securely share it's information or

operations with it's members. It enables the efficient use and more importantly reuse of an
organization's gathered business knowledge and intelligence, which increases productivity
and knowledge transfer in any organization. Increasingly, extranets are also coming into use,
where external partners, customers can also interact with an organization. E.g. ERP software
that provides a centralized repository of information for massive amount of transaction and

details generated daily.

considerations in Intranet Deployment:

1. Collections of web links
2. Company news and department newsletters
3. Organization charts
4. Manuals, documentation, policies
5. Basic collaboration tools (groupware)
6. Directory services (gateway to phone and other staff contact info)
7. Human resources information
8. Threaded discussions on current company topics/issues
9. Web–based email access
10. Web–based discussion list management and participation
11. Access to company databases — sales, inventory, pricing
12. Calendaring (company–wide events calendar)
13. Scheduling (meetings, personal scheduling)
14. Document management
15. Search engine of company documents
16. Employee time logging
17. Employee expense reporting
18. Forms to help automate other business processes
Intranet Application Case Studies:with ROI Analysis:
The need for accountability and for clear measures of success is increasingly demanded
for all corporate expenditures, including intranets. If you are responsible for an intranet,
you need to know how build a business case and develop a return on investment (ROI)
strategy.Intranet ROI Intranets and corporate portals are expensive endeavors.
Firewall
❖Firewall is software or hardware based network security system that controls the incoming
and outgoing network traffic by analyzing the data packets and determining whether they
should be allowed through or not, based on a rule set.
❖A firewall establishes a human barrier between a trusted, secure internal network &
another network that is not assumed to be secure and trusted.
types of Firewall
Network Layer or Packet Filters Firewalls
Network layer firewalls, also called packet filters, operate at a relatively low level of the
TCP/IP protocol stack, not allowing packets to pass through the firewall unless they
match the established rule set.
Application Layer Firewalls
Application layer firewalls work on the application level of the TCP/IP stack, and may
intercept all packets traveling to or from an application. They block other packets (usually
dropping them without acknowledgement to the sender).
On inspecting all packets for proper content, firewalls can restrict or prevent outright the
spread of networked computer worms and Trojans.
Proxy Firewalls
Proxy firewalls offer more security than other types of firewalls. Unlike application layer
firewalls which allow or block network packets from passing to and from a protected
network, traffic does not flow through proxy. Instead computers establish a connection
to the proxy which serves as an intermediary and initiate a network connection on behalf
of the request. This prevents direct connections between systems on either side of the
firewall and makes it harder for an attacker to discover where the network is, because
they will never receive packets created directly by their target system.
Unified Threat Management
A product category called unified threat management (UTM) has emerged. These device
promise integration, convenience & protection from pretty much every threat out there
and are especially valuable to small & medium-sized businesses.
Unified Threat Management is a firewall appliance that not only guards against intrusion
but performs content filtering, spam filtering, intrusion detection & anti-virus duties
traditionally handled by multiple systems. These devices are assigned to combat all
levels of malicious activity on the computer network.
 Electronic Payment Systems
Electronic Payment is a financial exchange that takes place online between buyers and
sellers. The content of this exchange is usually some form of digital financial instrument
commerce:Types of Electronic Payment System
Electronic Tokens Real Time: (or Pre-paid tokens) - DigiCash, Debit CardsPost
Paid Tokens Electronic cheques, Credit cards etc.
Credit Cards types of Credit Cards Standard Credit Card: Premium Credit
Cards: Charge Cards: Limited Purpose Card: Secured Credit Card: Prepaid Credit
CardBusiness credit card:

1. Issue a credit card to a potential card holder.

2. The cardholder shows the card to a merchant whenever he/she needs to pay for a
product or services.
3. The merchant then asks for approval from the brand company, and the transaction is
paid by the credit. The merchant keeps a sales slip.
4. The merchant sells the slip to the acquiring bank and pays a fee for the service. This is
called the capturing process.
5. The acquiring bank requests the brand to clear for the credit amount and gets paid.
Then the brand asks for clearance to the issuer bank.
6. The amount is transferred from issuer to brand. The same amount is deducted from the
cardholder’s account in the issuing bank.
1. Smart CardsA smart card is a plastic card about the size of a credit card, with an
embedded microchip that can be loaded with data.
2. Electronic Cheques
3. Electronic or Digital CashA system that allows a person to pay for goods or
services by transmitting a number from one computer to another.
4. Debit CardsA debit card is a plastic payment card that provides the cardholder
electronic access to his or her bank account at a financial institution.
5. Electronic Wallet/PurseThey might also have their driver’s license, health card,
loyalty card(s) and other ID documents stored on the phone.
6. Advantages of Electronic Payment System
EXTRANET: Extranet is an extended intranet that connects multiple intranets through a
secured tunneling internet Just as intranets provide increased internal collaboration,
extranets provide increased efficiencies between your company and its customers
and/or suppliers. Extranets are expected to be a platform of choice of more than 80 %
of B2B
Planning Extranet
● If you are considering introducing an intranet or extranet into your business, you should
ensure that it is flexible enough to meet not only your immediate requirements, but also your
needs as your business grows. Extranets combine the privacy and security of intranets with the
global reach of the internet, granting access to outside business partners, suppliers, and
costumers to a controlled portion of the enterprise network. Extranets are becoming the major
platforms for B2B ECWhat kind of company information do you need on your intranet? For
example, company policies, news, forms and corporate branding.
● Do you need to make all of your production and sales information available to your
partners via your extranet, or will discrete sub-sections be sufficient?
● Web server hardware and software. The size of the server will depend on the
number of potential users and whether or not you will need a lot of bandwidth to support
audiovisual content, eg video feeds.
● Computers connected via a local area network - a closed, private network.
● Firewall software and hardware, which will prevent unauthorized access from
outside your organization.
● A content management system to add and update intranet content.

Extranets generally have the following features:

⮚ The use of Internet technologies and standards. These include the standardized
techniques for transmitting and sharing information and the methods for encrypting and
storing information, otherwise known as the Internet Protocol, or IP.
⮚ The use of Web browsers. Users access extranet information using a web browser like
Microsoft Internet Explorer, Netscape Navigator or, more recently, Mozilla’s Firefox.
 Browser software uses relatively small amounts of memory and resources on a
computer. The great thing about browsers is that an application written for a browser can
be read on almost any computer without regard to operating system or manufacturer.
That makes an application developed for a browser a snap to deploy. A browser on a
user’s machine is all the software he or she needs to take full advantage of the extranet
application. No messy and confounding installation disks; fewer clogged hard drives.
⮚ Security. By their very nature, Extranets are embroiled in concerns about security. To
protect the privacy of the information that is being transmitted, most Extranets use either
secure communication lines or proven security and encryption technologies that have
been developed for the Internet.
⮚ Central Server/Repository. Extranets usually have a central server where documents or
data reside. Members can access this information from any computer that has Internet
access
Advantages/Benefits of Extranet
Ease of set-up, use and maintenance, Scalability: Versatility: Security:
With commerce-enabled extranets, companies are now able to establish and maintain
one-to-one relationships with each of their customers, members, staff or others at very
low cost through the Web, Information entered by the user (registration form, on-line
surveys, etc.) can be compiled with statistics and other information that is captured
automatically by the system (searches performed, products purchased, time spent in
each site area, etc.) to provide the company a complete picture for each and every visitor
of the system.

Managerial Issues Find the business opportunities by utilizing the

intranet and extranet: Analyze whether the connectivity requirement suits the
intranet and extranet, Plan the most secure economical choice for implementation