Interorganisational/ Global information systems:An interorganisation information systems(IOS) involves information flow among two or more organisations.

Its major objective is efficient processing of transactions, such as transmitting orders, bills and payments.

A major characteristic of an IOS is that the customer-supplier relationship is determined in advance, with the expectation that it will be ongoing.

Types of Interorganisational systems:1.Global systems:- Information systems connecting two or more companies in two or more countries.

2.Electronic data interchange:- The electronic movement of business documents between business partners.

3.Electronic funds transfer:- The transfer of money using telecommunication networks.

4.Extranets:- Extended intranets that link business partners. 5.Shared database:- Databases that can be shared by trading partners , often used to reduce time in communicating information between parties as well as arranging cooperative activities. 6. Integrated messaging:-Delivery of electronic mail and fax documents through a single transmission system that can combine e-mail and e-business documents.

Global information systems:InterOrganisational systems that operate in two or more countries are called as Global information systems. Types of Global information systems are:1. Multinational companies:- are those that operate in several countries. Example McDonald, Coca cola , IBM etc. 2. International companies:- are those that do business with other companies in different countries. Ex. Suzuki works with maruti udyog limited in india. 3. Virtual global companies :- are joint ventures whose business partners are located in different countries. The partners form a company for the specific purpose of producing a product or service. Such companies can be temporary, with one time mission or may be permanent.

ELECTRONIC DATA INTERCHANGE

Barriers to implementation:1.Accompanying Business process change. 2.The cost of time and money in the initial set up. 3.Perception of the nature of EDI.

Electronic commerce or e-commerce describes the buying, selling and exchanging of products, services and information via computer networks primarily the internet.

Types of E-Commerce: Businesses to businesses:- Two or more businesses make transactions or collaborate electronically. Collaborative commerce ( c-commerce):- In this type, business partners collaborate electronically. Such collaboration frequently occurs between and among business partners along the supply chain. Business to consumers (B2C):- In this case the sellers are organizations, the buyers are individuals. Consumers to businesses(C2B):-In this case consumers make a known particular need for a product or service, and organisations compete to provide the product or service to consumers.

Consumer to Consumer(C2C):- In this case an individual sells products to other individuals.

Intrabusiness (intraorganisational) commerce:- In this case, an organisation uses EC internally to improve its operations.

Government to citizens:- In this case, the government provides services to its citizens via EC technologies. Governments can do business with other governments(G2G0 as well as with businesses(G2B)

Mobile commerce (M- commerce):- When e-commerce is done in a wireless environment, such as using cell phones to access the internet, we call it as m-commerce.

Benefits of E-commerce:In Organisations:Expands a company s marketplace to national and international markets. Enables companies to procure material and services from other companies, rapidly and at less cost. Sortens or even eliminates marketing distribution channels, making products cheaper and vendors profits higher. Allows lower inventories by facilitating pull-type supply chain management. Lower telecommunications costs because the internet is much cheaper than value added networks. Enables very specialised niche markets.

M-Commerce (mobile commerce) refers to the conduct of e-commerce via wireless devices.

Advantages of m-commerce:-

Two main characteristics are driving interest in m-commerce.

1. Mobility

2. Reachability

Computer Security:Computer security focuses on the security attacks, sexurity mechanisms and security services.

1.Security attacks:- comprise of all actions that breaches the computer security.

2.Security mechanism:- are the tools that include the algorithms, protocols or devices, that are designed to detect, prevent or recover from a security attack.

3.Security services:- are the services that are provided by a system for a specific kind of protection to the system resources.

Security threat and security attack:A threat is a potential violation of security and causes harm. A threat can be a malicious program, a national disaster or a thief.

Vulnerability is a weakness of system that is left unprotected.

Threat is a possible danger that might exploit vulnerability; that actions that cause it to occur are the security attacks.

Passive attack:The aim of a passive attack is to get information from the system but it does not affect the system resources.

Passive attacks may analyse the traffic to find the nature of communication that

is taking place, or , release the contents of the message to a person other than the

intended receiver of the message.

Passive attacks are difficult ot detect because they do not involve any alteration

of the data.

An active attack tries to alter the system resources or affect its operations.

Active attack may modify the data or create a false data.

An active attack may be a masquerade( an entity pretends to be someone else),

replay ( capture events and replay them), modification of messages, and denial of

service.

Malicious Software:- is a software code included into the system with a purpose to harm the system.

Malicious users use different methods to break into the systems.

The software that is intentionally included into a system with the intention to harm the system is called malicious software.

Viruses, Trojan horse and worms are examples of malicious programs.

Java scripts and Java applets written with the purpose of attacking, are also malicious programs.

Virus:Virus is a software program that is destructive in nature. Viruses harm the computer in many ways:Corrupt or delete data or files on the computer Change the functionality of software applications Use e-mail program to spread itself to other computers Erase everything on the hard disk Degrade performance of the system by utilising resources such as memory or disk space.

Worm:A worm is a self replicating software that uses network and security holes to replicate itself.

A copy of the worm scans the network for another machine that has a specific security hole.

It copies itself to the new machine using the security hole, and then starts replicating from there, as well.

A worm does not modify a program like a virus, however, it replicates so much that it consumes the resources of the computer and makes it slow.

Trojan horse:-

Trojan horse is destructive program that masquerade as useful programs.

Trojan horses contain programs that corrupt software applications.

They can also damage files and can contain viruses that destroy and corrupt data and programs.

Trojan horse does not replicate themselves like viruses.

Hacking:-

Hacking is the act of intruding into someone else s computer or network.

A hacker is someone who does hacking.

Packet sniffing, e-mail hacking and password cracking are used to get the username and password of the system to gain unauthorised access to the system.

These methods gather the information when the data is being transmitted over the network.

Password cracking:-

Cracking of password is used by hackers to gain access to systems. The password is generally stored in the system in an encrypted form. Utilities like password cracker is used to crack the encrypted passwords.

Password cracker is an application that tries to obtain a password by repeatedly generating and comparing encrypted passwords or by authenticating multiple times to an authentication source.

E- mail hacking:-The e-mail transmitted over the network contains the e-mail header and the content. If this header and the content are sent without encryption, the hackers may read or alter the messages in transit.

Hackers may also change the header or modify the sender s name or redirect the messages to some other users . Hackers use packet replay to retransmit message packets over a network. Packet replay may cause serious security threats to programs that require authentication sequences.

A hacker may replay the packets containing authentication data to gain access to the resources of a computer.

Crptography:Cryptography is the science of writing information in a hidden or secret form and is an ancient art. Some of the terms commonly used in cryptography:1.Plaintext :- is the original message that is an input, i.e. unencrypted data. 2.Cipher and code:- Cipher is a bit- by- bit or character- by- character transformation without regard to the meaning of the message. Code:- code replaces one word with another word or symbol. 3.Cipher text:- It is the coded message or the encrypted data. 4.Encryption:- It is the process of converting plaintext to cipher text, using an encryption algorithm. 5.Decryption:- It is the reverse of encryption i.e. converting cipher text to plain text, using a decryption algorithm.

Cryptography schemes constitute a pair of algorithms which creates the encryption and decryption and a key.

Keys:- is a secret parameter (String of bits) for a specific message exchange context. The three cryptographic schemes are as follows:Secret key cryptography :- Uses a single key for both encryption and decryption. Public key cryptography:- uses one key for encryption and another for decryption. Hash Function:- Uses a mathematical transformation to irreversibly encrypt information.

Public key cryptography:- Facilitates secure communication over a non-secure communication channel without having to share a secret key. Public key cryptography uses two keys- one public key and one private key. The public key can be shared freely and may be known publicly. The private key is never revealed to anyone and is kept secret. The two keys are mathematically related although knowledge of one key does not allow someone to easily determine the other key. A pair of keys is required for encryption and decryption ; Public key cryptography is also called asymmetric encryption. Rivest, shamir and Adleman (RSA) is the first and the most common public key cryptography algorithm.

Digital Signature:-A Digital signature is used to sign a document. Digital signature are easy for user to produce, but difficult for anyone to forge. Digital signature can be permanently tied to the content of the message being signed and then cannot be moved from one document to another, as such an attempt will be detectable. Digital signature employs two keys- Public key and private key . The digital signature scheme typically consists of three key algorithms:Key generation algorithm- the algorithm outputs private key and a corresponding public key. Signing algorithm- It takes message + private key , as input and outputs a digital signature. Signature verifying algorithm:- It takes, message + public key +digital signature, as input, and accepts or rejects digital signature.

The digital signature accomplish the effects desired of a signature for many legal purposes.

Signer Authentication:- The digital signature cannot be forged, unless the signer loses control of the private key.

Message Authentication:- The digital signature verification reveals any tampering, since the comparison of the hash results shows whether the message is the same as when signed.

Efficiency :-The digital signatures yield a high degree of assurance without adding much to the resources required for processing.

Firewall related terminology:Gateway:- The computer that helps to establish a connection between two networks is called Gateway. A firewall gateway is used for exchanging information between a local network and the Internet.

Proxy servers:- A Proxy server masks the local network s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application level gateway are some of the examples of proxy servers.

Screening Routers:-They are special types of Router with filters, which are used along the firewall.Screening routers check the incoming and outgoing traffic based on the IP address and prots.

Users identification and Authentication:Identification is the process whereby a system recognizes a valid user s identity. Authentication is the process of verifying the claimed identity of a user.

Authentication mechanisms:-

Username and password

Smart card

Biometrics- Finger prints, Iris/ Retina scan.