04/11/23 1

INFRASTRUCTURE FOR ELECTRONIC COMMERCE

204/11/23

IT TAKES MORE THAN TECHNOLOGY

Regardless of their basic purpose-B2C or B2B-virtually all EC sites rest on the same network structure,communication protocols, web standards, and security systems. This chapter focuses on the basic hardware and software infrastructure underlying the millions of sites used to, sell to service,and chat with both customers and business partners.

304/11/23

Tracking United ParcelService Shipments The Problem

Since 1907 United Parcel Service (UPS) has been in the package distribution business

It is the world’s largest package distribution company, transporting over 3 billion parcels and documents each year in over 200 countries.

UPS provides the means for customers to track their shipments to determine the status and whereabouts of a particular package

404/11/23

Tracking United ParcelService Shipments (cont.)

In the past, this was done primarily over the telephoneCustomers would call UPS with the tracking number of

their shipmentAn operator would look up the status of the shipment in

the UPS database and relay the information to the customer

Servicing these calls cost an estimated $2 per call

504/11/23

Tracking United ParcelService Shipments (cont.) The Solution

UPS created a Web site (ups.com) that enabled customers to:

track their shipments online determine the cost and transit time for delivery of a package schedule a package for pickup locate the nearest drop-off facility

604/11/23

Tracking United ParcelService Shipments (cont.)

These online facilities are accessed from the UPS homepage

The customer clicks the “Tracking” tab at the top of the homepage

This takes the customer to an online form where the customer simply enters the tracking number and then hits the “Track” button

The customer receives precise information about the location of the designated shipment

704/11/23

Tracking United ParcelService Shipments (cont.) The front end of the UPS Web site is simple, but the

back-end processing used to handle a tracking request is more complicated Requests are handed off to one of a handful of Web

servers This server passes the request to the appropriate

application serve

804/11/23

Tracking United ParcelService Shipments (cont.)

The application server passes the request to an IBM AS/400 computer attached to the UPS tracking database (the largest transaction database in the world—20 terabytes of data

The mainframe performs the database search for the status information

Then it is passed back up the line through the various servers to the customer’s browser

904/11/23

Tracking United ParcelService Shipments (cont.) The Results

The UPS site services over 4 million online tracking requests per day

It keeps UPS competitive with other shipping companies that also offer online tracking services and customer information (FedEx)

1004/11/23

Tracking United ParcelService Shipments (cont.)

UPS now offers customers the option of tracking their packages through wireless devices (cell phones, PDAs, and Web-enabled pagers )

Web pages have been modified to support the particular wireless device being used

Specialized servers are used to deliver the pages over the wireless communication networks

1104/11/23

Tracking United ParcelService Shipments (cont.)

UPS (ec.ups.com) offers a set of e-commerce solutions and a technology infrastructure that enables other companies to incorporate UPS’ online:

order entry Shipping tracking capabilities

Example: Amazon.com

1204/11/23

Tracking United ParcelService Shipments (cont.)

The company also offers e-commerce tools and services for managing an enterprises’ overall supply chain

1304/11/23

Tracking United ParcelService Shipments (cont.) What we can learn …

There is more to an EC Web site than meets the eyeBehind the scenes of virtually every e-commerce site, a

number of hardware and software components are supporting these applications

1404/11/23

A Network of Network

The internet is a network of thousands of inter connected networks .Included among the interconnected networks are:

The interconnected backbones that have international reach. A multitude of access/delivery subnetworks are provided by

the local and regional Internet service providers(ISPs). Infact, the request and response are each broken into

packets, and the packets can follow different paths. The paths traversed by the packets are determined by

special computers called routers. The routers have updateable maps of the networks on the internet that enable them to determine the paths for the packets.

1504/11/23

ISP

NAP

ISP ISP

NAP

NAP NAP

ISP

ISP

ISPISPISPISP

ISP

INTERNET NETWORK ARCHITECTURE

1604/11/23

INTERNET PROTOCOL

A protocol is a set of rules that determines how two computers communicate with one another over a network.The protocols around which the internet was designed embody a series of design principles.

Interoperable Layered Simple End –to-End

1704/11/23

TCP/IP The protocol that solves the global internetworking

problem is the Transmission Control Protocol/Internet Protocol(TCP/IP).

The TCP ensures that two computers can communicate with one another in a reliable fashion.Each TCP communication must be acknowledged in a reasonable time, then the sending computer must transmit the data. In order for one computer to send a request or a response to another computer on the internet, the request or response must be divided into packets that are labeled with the addresses of the sending and receiving computers.This is where IP comes into play. The IP formats the packets and assign addresses.

1804/11/23

Application Layer

FTP,HTTP,Telnet,NNTP

Transport Layer

TransmissionControl Protocol

User Data gram

Protocol (UDP)

Internet Protocol

(IP)

Network Interface Layer

Physical Layer

FIG:TCP/IPARCHITECTURE

1904/11/23

DOMAIN NAMES Names like www.microsoft.com, which reference

particular computers on the internet, are called Domain Names. Domain Names are divided into segments separated by periods.

When users wishes to access a particular computer, they usually do so either explicitly or implicitly through the domain name not the numerical address.

The domain name is converted to the associated numerical address by a special server called the domain name server.

2004/11/23

INTERNET CLIENT/SERVER APPLICATION

As the name suggests, in a client/server application there are two major classes of software:

Client software, usually residing on an end user’s desktop and providing navigation and display.

Server software, usually residing on a workstation or server-class machine and providing back-end data access services (where the data can be something simple like a file or complex like a relational database.

2104/11/23

NEW WORLD NETWORK: INTERNET2 AND

NEXT GENERATION INTERNET (NGI) The current data infra structure and protocols – the

intranet – are capable of handling today’s internet traffic but not for so long. Two consortiums, as well as various telecoms and commercial companies like Cisco, are in the process of constructing the new world network. It will be capable of dealing with the next generation of internet applications, which will be multimedia laden.

2204/11/23

NEW WORLD NETWORK: INTERNET2 AND NEXT GENERATION INTERNET (NGI)

Just as the original internet came from efforts sponsored by NSF and DARPA ,it is assumed that the research being done to create both Internet 2 and the NGI will ultimately benefit the public internet. While they will certainly impact the bandwidth among the ISPs,IAPs, and NAPs,it still does not eliminate the barriers across the last mile to business and homes.

2304/11/23

WEB-BASED CLIENT/SERVER The vast majority of EC applications are web based. In

such applications, the clients are called web browsers and the servers are simply called web servers, like other client/server application s,web browsers and servers need a way

To locate each other so they can send requests and responses back and forth and

To communicate with one another . To fulfill these needs, a new addressing scheme –the URL – and a new protocol – the HyperText Transport Protocol (HTTP) – were introduced.

2404/11/23

WEB-BASED CLIENT/SERVER (cont.) HYPERTEXT TRANSPORT PROTOCOL When users navigate from one page to the another by clicking on

hypertext links within a page.when a user does this, a series of actions takes place behind the scenes.First, a connection is made to the web server specified in the URL associated with the link. Next, the browser issues a request to the server, say to “GET” the web page located in the directory specified by the associated URL. The structure of the GET request is simply “GET url”(e.g., “GET www.ge.com”). The server retrieves the specified page and returns it to the browser .

2504/11/23

WEB BROWSER The earliest versions of the web browsers-Mosaic,

Netscape1.0,and Internet Explorer 1.0 – were truly “thin” clients. Their primary function was to display web documents containing text and simple graphics. Today, the two major browsers in the market – Netscape communicator4.0 and Microsoft’s Internet Explorer 5.0 (IE 5.0) – are anything but thin , both offering a suite of functions and features.

2604/11/23

WEB SERVER A web server is not a hardware platform;it is a software

program. In the UNIX world this program is called an http daemon. In the windows NT world the program is known as an http service. The primary function of all of these programs is to service HTTP requests. In addition, they also perform the following functions :

Provide access control on the web server. Providing real time access to databases and other dynamic

data.This is done through various application programming interfaces . Enable management and administration of both the server functions and the contents of the website .

Log transactions that the users make.

2704/11/23

COMMERCIAL WEB SERVER

While there are dozens of web servers on the market, three servers predominate;

Apache server Microsoft’s internet Information Server (IIS) Netscape’s Enterprise Server.

2804/11/23

WEB SERVER USAGE SERVEY Since late 1995, a company called Netcraft (

www.netcraft.com) has been conducting monthly surveys to determine the market share of the various servers (by numbers connected to the internet). This is done by polling known web sites with an HTTP request for the name of the server software.

Table shows the survey results for selected months beginning in January 1996 and ending in January 1999.

2904/11/23

Table: NETCRAFT SURVEY OF WEB SERVER MARKET SHARE (Ns IN Millions)

server january1996 january1997 january1998 january1999

N=74 N=646 N= 1,835 N=4,062

Apache 19.7% 41. 4% 45. 4% 54. 2%

Microsoft IIS 0. 0% 7.7% 20.7% 23. 4%

Netscape 12. 4% 9. 9% 5. 5% 4. 2%

O’Reilly website 3. 8% 2. 3% 2. 2% 1.7%

NCSA 35. 7% 10. 8% 3. 8% 1. 2%

3004/11/23

INTERNET SECURITY CORNERSTONES OF SECURITY: Security is often cited as a major barrier to EC, prospective

buyers, for example, are leery of sending credit card information over the Web. Prospective sellers worry that hackers will compromise their systems.while the need for security breaches. The National Computer Security Association (NCSA) has identified four cornerstones of secure EC, Included are:

Authenticity Privacy. Integrity. Non repudiation.

3104/11/23

ENCRYPTION One way to ensure the confidentiality and privacy of

messages is to make sure that even if they fall into the wrong hands they cannot be read. This is where cryptography comes into play. All cryptography has four basic parts:

Plaintext- the original message in human-readable. Cipher text- the plaintext message after it has been

encrypted into unreadable form. Encryption algorithm- the mathematical formula used to

encrypt the plaintext into cipher text and vice versa. Key- The secret key used to encrypt and decrypt a message.

Different keys produce different cipher text when used with the same algorithm.

3204/11/23

ENCRYPTION Cryptography enables not only text but also binary

information - video, sound,and executable software modules- to be encrypted for secure transmission across the internet.

Synchronous Private Key Encryption

3304/11/23

ENCRYPTION

Public key of recipient Private key of recipient

Public key Encryption

Messagetext

Cipheredtext

Messagetext

encryptiondecryption

Sender Receiver

3404/11/23

ENCRYPTIONSession Public KeyKey of Recipient

Digital Envelope

Session Key Session Key

MessageText

CipheredText

MessageText

EncryptionDecryption

Sender

Session

Key

Receiver

Private Keyof Recipient

Digital Envelope

3504/11/23

DIGITAL SIGNATURES: AUTHENTICITY Digital signatures are based on public key encryption. The

use of a digital signature is illustrated in figure. The basic idea is that messages encrypted with a private key can only be decrypted with a public key.

This phrase is then attached to the message and the combined message is encrypted with the recipient’s public key. Upon recipient, the message is first decrypted with the recipient’s private key. The signature phrase is decrypted with the sender’s public key. If the phrase is successfully decrypted, then the recipient knows that the message could have only been sent by the holder of the sender’s private key. Of course, at this point there is no guarantee that the sender is actually the sender. It could be someone who has stolen the private key. This is where digital certificates come into play.

3604/11/23

MESSAGE TEXT

MESSAGE TEXTCIPHER

TEXTSignature Signature

Private Key of Sender

Public Key of Sender

Encryption Decryption

ReceiverSender

Public Key of Recipient

Private Key

of Recipient

Digital Signature

3704/11/23

DIGITAL CERTIFICATES AND CERTIFICATE AUTHORITIES (CAs)

Digital certificates verify that the holder of a public and private key is who they claim to be. The structure of a digital certificate is governed by the IETF’s X .509 standard.

Digital certificates are issued by third parties called certificate authorities (CAs).

Individuals or companies apply for digital certificates by sending the CA their public key and identifying information.

The CA uses their private key to encrypt the certificate and sends the signed certificate to the applicant.

The sender uses the CA’S public key to decrypt the certificate. In this way the sender can be more confident of the true identity of the recipient .

3804/11/23

DIGITAL CERTIFICATES AND CERTIFICATE AUTHORITIES (CAs)

After decrypting the certificate, the sender uses the embedded public key to encrypt the message. In this way, the only public key that the sender really has to know ahead of time is the CA public key.

3904/11/23

SECURE SOCKET LAYER

Secure socket layer is a protocol that operates at the TCP/IP layer. This means that any application that relies on TCP/ IP SUCH AS THE Web (HTTP) , Use Net newsgroups (NNTP), and e-mail (SMTP) can be secured by SSL. Secure socket layer supports a variety of encryption algorithms and authentication methods . The combination of algorithms and methods is called a cipher suite. When a client contacts a server, the two negotiate a cipher suite, selecting the strongest suite the two have in common.

4004/11/23

SECURE ELECTRONIC TRANSACTION A Cryptographic protocol that is designed to handle the

complete transaction is secure electronic transaction (SET), which was jointly developed by visa.

The SET protocol provides authentication,confidentiality, message integrity, and linkage, and it relies on public and private keys for the consumer and the merchant and supports the following features.

Cardholder registration. Debit card transactions. Credit reversal. Merchant registration. Purchase requests. Payment authorizations. Payment capture. Charge backs. Credits.

4104/11/23

Firewall: ACCESS CONTROL A firewall is a network node consisting of both hardware and software that

isolates a private network. There are two basic types of firewalls: dual-homed gateway and screen-host gateway.

In a dual-homed gateway a special server called the bastion gateway connects a private internal network to the outside internet.

With a screen-host gateway a network router is used to control access to the bastion gateway. The router ensures that all inbound traffic must pass through the bastion gateway. A popular variant of the screened-host is the screened subnet gateway in which the bastion gateway offers access to a small segment of the internal network. The open subnet is known as the demilitarized zone. The idea behind the screened subnet is that there is no way for outside traffic to gain access to any of the other hosts on the internal network.

4204/11/23

LOCAL NETWORK

BASTION HOST

Internet

Proxies

FTP,HTTP, NNTP,Telnet

FIGURE: Bastion Host Gateway

4304/11/23

INTERNET

Web server

Router Router

Bastion host

Local Network

FTP Server

Proxies FTP,HTTP,NN

TP,Telnet

FIGURE: Screened Subnet Gateway

4404/11/23

VIRTUAL PRIVATE NETWORKS Suppose an enterprise wishes to provide mobile or remote

workers with secure access to enterprise data that is normally accessed over a LAN.Traditionally, remote and mobile workers access this data through a bank of modems or a remote access server (RAS) that allows them to dial in over phone lines to the LAN. The chance of caves dropping on the transmission is nil, but it is an expensive way to do business because of the long distance phone charges that are incurred. A less expensive alternative is a virtual private network(VPN).

VPN combines encryption, authentication, and protocol tunneling to provide secure transport of private communications over the public Internet. It is as if the Internet becomes part of a larger enterprise WAN. In this way, transmission costs are drastically reduced because workers can access enterprise data by making a local call into an ISP rather than a long- distance call.

4504/11/23

Selling on the WEB Functional requirements

The TCP/IP, web browsers, commercial web servers, encryption, and firewalls provide an open foundation for creating web site that can easily support marketing and service activities.

They provide an infrastructure for conducting business online.

4604/11/23

Selling on the WEB

Just like their physical counter parts, online store must provide the means: Discover, search for, and compare products for purchase; Select a product to be purchase and determine its total price; Place an order for products; Confirm order, or ensuring that the desire product is available; To pay for products; To verify credit To process order To verify shipment; Provide feedback to the seller

4704/11/23

ELECTRONIC COMMERCE SOLUTIONS: OUTSOURCING VERSUS INSOURCING

Like traditional merchants, web merchants have a number of options for creating and operating their electronic storefronts. There are threes types of providers who offer services for creating and operating an electronic storefront.

4804/11/23

ELECTRONIC COMMERCE SOLUTIONS: OUTSOURCING VERSUS INSOURCING

1. Internet malls: There are 3,000 or more malls on the web, like a real world mall. An internet mall consist of a single storefront entry to a

collection of electronic storefront. Internet malls come in a variety of shapes and size. There are

regional malls like South Florida's (www.sf-mall.com), specially malls like the Golf Mall (www.golf-mall.com), and general purpose malls like Choice Mall (www.choicemall.com) .

4904/11/23

ELECTRONIC COMMERCE SOLUTIONS: OUTSOURCING VERSUS INSOURCING

2. Internet service providers: In addition to providing internet access to companies and

individual users, a large number of ISPs offer host services for EC.

For the most parts of ISPs are focused on operating a secure transaction environment.

This task can be outsourced by third party. A listing of top site designers can be found at

www.internetworld.com . Some of the national ISPs like UUNet have begun offering more

complete EC solution.

5004/11/23

ELECTRONIC COMMERCE SOLUTIONS: OUTSOURCING VERSUS INSOURCING

3. Telecommunication companies:• Increasingly the large telecommunication companies have

expanded their hosting services to include the full range of EC solutions.

• Network service provider NSP, one of the private companies maintaining and servicing the Internet’s high-speed back bones.

• Include among the companies are MCI, sprint, UUNET/MIS, PSINet, and BBN planet

5104/11/23

Electronic Catalogs and merchant servers. Electronic catalogs presentation of information about

products (services) that traditionally were in paper catalogs. However, electronic catalogs include multimedia such as

voice clips. An electronic catalog contain

written descriptions photos of products along with information about various promotions, discounts, payment methods and methods of delivery.

5204/11/23

Electronic Catalogs and merchant servers. Electronic catalogs and merchant server allow businesses to

create simple, straight forward electronic storefronts. For more complex operations, a number of vendors offer EC suite that support most stages of the supply and buying chains.

Electronic commerce suites offer merchants Greater flexibility Specialization Customization Integration in supporting complete front and back-office

functionality.

5304/11/23

Chatting on the web.

Online forum and chat group technologies offer a variety of business opportunities.

Chat groups involving customers and helpline staff are one way of offering enhanced customer services.

Communication centers: Virtual meeting places can be created and fees charged for

participation. One example is Match. COM (www.match.com) , web chat broad

casting system (www.wbs.com) , contain 200 chat rooms.

5404/11/23

Chatting on the web.

Customer services:A number of customer services site now offer online

support where customers can converse with help line staff and other customer.

Most online support center are organized as forums rather than chat groups.

There are some exceptions Merchant (www.intersolv.com/csupport/index.asp) .

5504/11/23

Multimedia delivery. The way in which audio, video and other multimedia content are

being delivered over the internet are Web casting:

Web casting is a term used to describe internet-based broad casting of audio and video content.

One of the leading arena is Real Networks.& Web casting ranges from simple text streams; to periodic

transmission of webcam images; to low quality audio and animation; to high end CD quality audio; and full motion, full screen video.

5604/11/23

Bandwidth

The major barrier to widespread participation in in Web cast is bandwidth.

Bandwidth refers to the speed with which content can be delivered. Most consumer connect to the internet over the telephone through

modems whose speed range from 14.4 kbps to 56 kbps (kilo byte per second).

Most consumer connect to the internet using lower speed modems. Soon this will change as the cable television and telephone

companies battle for the privilege of wiring homes with internet connections.

5704/11/23

Internet telephones:

Internet phones are not a real telephones– they are program that let you talk with other people using the internet.

The main attraction of internet telephones is cost, depending on the type of internet phone connections.

Internet phones comes in three versions---PC-to-PC, PC-to-Phone, and Phone-to-Phone.

5804/11/23

Internet telephones:

With PC-to-PC internet phones call, the caller and recipient are both required to have the same internet phones software on their computers.

PC-to-Phone system only require the caller to have the internet phone software. The recipient answer the call with a regular telephone.

Phone-to-Phone, the caller and the recipient use a regular telephone.