450 likes | 710 Views
Commerce Server Software Development Kit (SDK) for developing custom-order processing ... Evolving Web rapid change of the underlying standards, protocols and governance ...
E N D
Slide 1:Chapter 11Infrastructure forElectronic Commerce
Slide 2:Learning Objectives Describe the protocols underlying Internet client/server applications
Compare the functions and structures of Web browsers and servers
Discuss the security requirements of Internet and e-commerce applications, and how are these requirements fulfilled by various hardware and software systems
Describe the functional requirements for online selling and what are the specialized services and servers that perform these functions
Slide 3:Learning Objectives (cont.)
Slide 4:A Network of Networks = Internet Internet is a network of hundreds of thousands interconnected networks
Network Service Providers (NSPs)
runs the backbones
Internet Service Providers (ISPs)
provide the delivery subnetworks
Slide 5:Internet Network Architecture
Slide 6:Internet Protocols Protocols - A set of rules that determine how two computers communicate with one another over a network
The protocols embody a series of design principles
Interoperable— the system supports computers and software from different vendors. For e-commerce this means that the customers or businesses are not required to buy specific systems in order to conduct business.
Layered— the collection of Internet protocols work in layers with each layer building on the layers at lower levels.
Simple— each of the layers in the architecture provides only a few functions or operations. This means that application programmers are hidden from the complexities of the underlying hardware.
End-to-End— the Internet is based on “end-to-end” protocols. This means that the interpretation of the data happens at the application layer and not at the network layers. It’s much like the post office.
Slide 7:TCP/IP Architecture
Slide 8:TCP/IP Solves the global internetworking problem
Transmission Control Protocol (TCP)
Ensures that 2 computers can communicate with one another in a reliable fashion
Internet Protocol (IP)
Formats the packets and assigns addresses
packets are labeled with the addresses of the sending and receiving computers
1999 version is version 4 (IPv4)
Version 6 (IPv6) has just begun to be adopted
Slide 9:Domain Names Reference particular computers on the Internet
Divided into segments separated by periods
For example, in the case of “www.microsoft.com”
“www” is the specific computer
“com” is the top level domain
“microsoft” is the subdomain
Internet Assigned Numbers Authority (IANA)
controls the domain name system
Network Solutions, Inc. (NSI)
issues and administers domain names for most of the top level domains
Slide 10:Internet Client/Server Applications
Slide 11:New World Network: Internet2 Two consortiums are in the process of constructing the ‘new world network’
The University Corporation for Advanced Internet Development (UCAID) www.ucaid.edu
Building a leading edge research network called Internet2
Based on a series of interconnected gigapops
interconnected by the National Science Foundation’s very high performance Backbone Network (vBNS) infrastructure
Goals of Internet2
to connect universities so that a 30 volume encyclopedia could be transmitted in less than second
to support applications like distance learning, digital libraries, video teleconferencing, teleimmersion and collaborative tools, and virtual laboratories
Slide 12:New World Network: Next Generation Internet Next Generation Internet (NGI)
Government initiated and sponsored
Started by the Clinton Administration, this initiative includes government research agencies, such as:
the Defense Advanced Research Projects Agency (DARPA)
the Department of Energy
the National Science Foundation (NSF)
the National Aeronautics and Space Administration (NASA)
the National Institute of Standards and Technology
Aim of the NGI
to support next generation applications like health care, national security, energy research, biomedical research, and environmental monitoring
Slide 13:Web-based Client/Server Web browsers servers need as way to:
Locate each other so they can send requests and responses back and forth
Communicate with one another
Uniform Resource Locators (URLs)
A new addressing scheme
Ubiquitous, appearing on the web, in print, on billboards, on TV and anywhere else a company can advertise
Default syntax - www.Anywhere.Com
Complete syntax - access-method://server-name[:port]/directory/file
Slide 14:Web-based Client/Server (cont.) Hypertext Transport Protocol (HTTP)
A new protocol
Lightweight, stateless protocol that browsers and servers use to converse with one another
Statelessness - every request that a browser makes opens a new connection that is immediately closed after the document is returned
represents a substantial problem for e-commerce applications
an individual user is likely to have a series of interactions with the application
MIME (Multipurpose Internet Mail Extension)
describes the contents of the document
in the case of an HTML page the header is “Content-type: text/html”
Slide 15:Web Browsers (1999 Generation)
IE 4.6 suite of components consists of the browser along with the following tools:
Outlook Express for e-mail reading
FrontPage Express for authoring of HTML Web pages
Net Meeting for collaboration
Netscape Navigator 4.6 suite consists of the browser plus the following components:
Messenger for e-mail reading
Composer for authoring HTML Web pages
Collabora for news offerings
Calendar for personal and group scheduling
Netcaster for push delivery of Web pages
Slide 16:Web Servers: A Software Program
http daemon in Unix; http service in Windows NT
Functions:
service HTTP requests
provide access control, determining who can access particular directories or files on the Web server
run scripts and external programs to either add functionality to the Web documents or provide real-time access to database and other dynamic data
enable management and administration of both the server functions and the contents of the Web site
log transactions that the user makes
Distinguished by :
platforms, performance, security, and commerce
Slide 17:Internet Security Cornerstones of Security
Authenticity
the sender (either client or server) of a message is who he, she or it claims to be
Privacy
the contents of a message are secret and only known to the sender and receiver
Integrity
the contents of a message are not modified (intentionally or accidentally) during transmission
Non-repudiation
the sender of a message cannot deny that he, she or it actually sent the message
Slide 20:Encryption (cont.) Digital Envelope — combination of symmetrical and public key encryption
Slide 22:Digital Certificates andCertifying Authorities Digital Certificates
Verify the holder of a public and private key is who he, she or it claims to be
Certifying Authorities (CA)
Issue digital certificates
Verify the information and creates a certificate that contains the applicant’s public key along with identifying information
Uses their private key to encrypt the certificate and sends the signed certificate to the applicant
Slide 23:Secure Socket Layer (SSL) A protocol that operates at the TCP/IP layer
Encrypts communications between browsers and servers
Supports a variety of encryption algorithms and authentication methods
Encrypts credit card numbers that are sent from a consumer’s browser to a merchants’ Web site
Slide 24:Secure Electronic Transactions (SET) A cryptographic protocol to handle the complete transaction
Provides authentication, confidentiality, message integrity, and linkage
Supporting features
Cardholder registration
Merchant registration
Purchase requests
Payment authorizations
Payment capture
Slide 25:Access Control Password Protection
Passwords are notoriously susceptible to compromise
Users have a habit of sharing their passwords with others, writing them down where others can see them, and choosing passwords that are easily guessed.
Browser transmits the passwords in a form that is easily intercepted and decoded. By making sure that even if the passwords are compromised the intruder only has restricted access to the rest of the network; which is one of the roles of a firewall.
Slide 26:Firewalls A network node consisting of both hardware and software that isolates a private network from a public network
Make sure that even if the passwords are compromised the intruder only has restricted access to the rest of the network
Two types
Dual-homed gateway
bastion gateway connects a private internal network to outside Internet
proxies (software programs) run on the gateway server and pass repackaged packets from one network to the other
Screen-host gateway
screened subnet gateway in which the bastion gateway offers access to a small segment of the internal network
demilitarized zone is the open subnet
Slide 27:Screened Subnet Firewall
Slide 28:Virtual Private Networks (VPN) A VPN combines encryption, authentication, and protocol tunneling to provide secure transport of private communications over the public Internet. It’s as if the Internet becomes part of a larger enterprise wide area network (WAN). In this way, transmission costs are drastically reduced because workers can access enterprise data by making a local call into an ISP rather than using a long distance phone call.
Slide 29:Virtual Private Networks (VPN) (cont.) Real challenge of a VPN
To ensure the confidentiality and integrity of the data transmitted over the Internet
Protocol tunneling
Support multi-protocol networking
To encrypt and encapsulate the data being transmitted
Types of protocol — being used to carry out protocol tunneling
protocols are aimed primarily at site-to-site VPNs (e.g. IPV6)
protocols are used to support VPNs that provide employees, customers, and others with dial-up access via an ISP (e.g. Microsoft’s Point-to-Point Tunneling Protocol (PPTP))
Slide 30:Selling on the Web Function Requirements for an Electronic Storefront
Search for, discover, and compare products for purchase
Select a product to be purchased and negotiate or determine its total price
Place an order for desired products
Have their order confirmed, ensuring that the desired product is available
Pay for the ordered products (usually through some form of credit)
Verify their credit and approve their purchase
Have orders processed
Verify that the product has been shipped
Request post-sales support or provide feedback to the seller
Slide 31:Selling on the Web (cont.) Electronic storefront must contain:
A merchant system or storefront that provides the merchant’s catalog with products, prices and promotions
A transaction system for processing orders and payments and other aspects of the transaction
A payment gateway that routes payments through existing financial systems primarily for the purpose of credit card authorization and settlement
Slide 32:Outsourcing Vs. Insourcing
Insourcing— build and run the electronic storefront inhouse
Large companies wanting:
to “experiment” with e-commerce without a great investment
to protect their own internal networks
to rely on experts to establish their sites
Outsourcing— contract with an outside firm
Smaller or medium sized companies with few IT staff and smaller budgets
Three types of providers
Internet Malls— offers cross-selling from one store to another and provides a common payment structure
Internet Service Providers— focused on operating a secure transaction environment; not on store content
Telecommunication Companies— includes the full range of e-commerce solutions
Slide 33:Electronic Catalogs and Merchant Servers
The virtual equivalents of traditional product catalogs
Commonly include:
Templates or wizards for creating a storefront and catalog pages with pictures describing products for sale
Electronic shopping carts that enable consumers to gather items of interest until they are ready for checkout
Web-based order forms for making secure purchases (either through a SSL or a SET)
Database for maintaining product descriptions and pricing, as well as customer orders
Integration with third party software for calculating taxes and shipping costs and for handling distribution and fulfillment
Slide 34:Electronic Catalogs and MerchantServers (cont.)
Slide 35:Electronic Catalogs and MerchantServers (cont.) Two of the best known products in this category
iCat Electronic Commerce Suite
Standard edition includes:
Catalog templates
Shopping carts
Product searching
Professional edition provides support for:
High-end databases
Integration with ISAPI and Netscape's NSAPI
Options for third-party plug-ins for searching, user tracking, sale pricing, discounting, etc.
Slide 36:Electronic Catalogs and MerchantServers (cont.) Microsoft’s Site Server Commerce Edition
Features of this product are:
Commerce Sample Sites providing templates for complete applications
Microsoft’s Wallet supporting a variety of digital currencies
Site Builder Wizard for stores with multi-level departments
Commerce Server Software Development Kit (SDK) for developing custom-order processing
Order processing pipeline for managing orders according to specified business rules
Microsoft’s Wallet Software Development Kit (SDK) for supporting a variety of digital payment schemes
Promotion and Cross-selling Manager for administering a range of specialized promotions, discounts,cross-selling opportunities
Integration with Microsoft’s Web site development (e.g. Visual InterDev) and administrative tools (e.g. NT Security Support)
Slide 37:Electronic Commerce Suites
Offer merchants greater flexibility, specialization, customization and integration in supporting complete front and back-office functionality
Slide 38:Open Market (www.openmarket.com)
One of the market leaders in the electronic commerce software segment
Provides a compete set of end-to-end transaction services including:
Analysis and Profiling
Demand Generation
Order Management
Fulfillment
Payment
Self-Service
Customer Service
Reporting
Slide 39:Chatting on the Web Varied uses of the forums and chat groups
Communication Centers
a virtual meeting place where communications can take place among the participants
Customer Service
offer online support where customers can converse with help-line staff and receive advice
Community Discussion
provide forums and chat services with a marketing eye toward developing a community of loyal users, followers and advocates
Slide 40:Multimedia Delivery Webcasting— describes Internet-based broadcasting of audio and video content
Types of Webcasts
Text Streams— Text-only wordcasts and datacasts
to deliver constant news and stock price updates
Ambient Webcasts— Video content
is captured from a Webcam and delivered as single-frame updates that are transmitted at periodic intervals
Streaming Audio— Web equivalent of radio
to deliver everything from talk radio to sports broadcasts to music previews to archived music and radio shows
Streaming Video
to deliver videoconferences where high quality images are not required and there is not much movement among participants
Slide 41:Webcasting
Works in a straightforward way
Examples of companies offering both Webcast servers and players
RealNetworks ( www.real.com )
Liquid Audio ( www.liquidaudio.com )
Xingtech with its streamworks technology ( www.xingtech.com )
Apple with its QuickTime system ( quicktime.apple.com )
Microsoft with its Netshow software (www.microsoft.com/windows/windowsmedia )
Multicasting
stream a Webcast from a central server to other media servers which are distributed to different locations
when a listener or viewer clicks on a Webcast link they are automatically routed to the closest server
Slide 42:Bandwidth Requirements for Streaming Audio and Video
Bandwidth [1 mbps = 1 million kbps]
the speed with which content can be delivered
14.4 kbps to 56 kbps for connecting to the Internet over the telephone through modems
128 kbps for connecting to the Internet over ISDN telephone lines
1 - 1.5 mbps for connecting to the Internet over digital subscriber line (DSL)
10 mbps for downloading over cable wires
Slide 43:Internet Telephones
Internet phones
programs that let you talk with other people using the Internet
the added cost to the end user is at best zero and at worst a substantially lower total charge than a standard telephone call
PC-to-PC; PC-to-phone; and phone-to-phone
vendors who dominate the Internet telephone market space
VocalTec ( www.vocaltec.com )
IDT ( www.met2phone.com )
Delta Three ( www.deltathree.com )
Slide 44:Analyzing Web Visits Access logs file
Text file, example :
www.somewhere.com - [18/Aug/1998:12:00:00 +0000] “Get /a htm HTTP/1.0” 200 15000
Telling you which pages are most popular, which times are most popular, which geographical regions make the most requests, and other interesting tidbits that help site administrators maintain and refine their sites
Software for analyzing access log files (FREE)
net.Analysis form net.Genesis ( www.netgen.com )
Insight form Accrue ( www.accrue.com )
Web Trends Log Analyzer from Web Trends Corporation ( www.egsoftware.com )
Slide 45:Managerial Issues Now or later— the question is no longer “Will” but “When”
It’s the business issues that count— to succeed, a business must understand how to meet the needs of their online customers
In-house or outsource— mainly depends on the company size
Analyzing the data— automatic record of everyone who visits your Web site
Security— management takes every precaution to ensure the security of their sites and their communications with site visitors
Evolving Web— rapid change of the underlying standards, protocols and governance