2. Learning Objectives
• What is e-commerce and e-business?
• Why organisations need to develop e-business
models?
• What are different e-business models?
• What are different e-business technologies?
• How secure is the technology?
• What are the Legal complexities of e-business
models?
3. E-Commerce
• Electronic commerce (E-commerce) can be defined as
any business transaction conducted using electronic
means.
• E-commerce is usually associated with buying and
selling over the Internet, or through a computer-
mediated network.
• A more complete definition is: E-commerce is the use
of electronic communications and digital information
processing technology in business transactions to
create, transform, and redefine relationships for value
creation between or among organizations, and
between organizations and individuals.
4. E-Business
• E-Business does not mean only buying or
selling products on-line, it will lead to
significant changes in the way products are
customized, distributed and exchanged and
the way consumers search and bargain for the
products and services and consume them.
• E-business focus more on enhancement of the
Customer process, production process and
employee processes.
5. Goal of E-Business
• The goal of any E-Business solution is to create
value, which can be created in the following
manner:
– Increased Profitability
– More Satisfied Customer
– Increased Employee Motivation
– Better Supplier Relationships
6. Categories of E-Business Solutions
• Business-to-Business (B2B)
• Business-to-Consumer (B2C)
• Consumer-to-Consumer (C2C)
• Consumer-to-Business (C2B)
• Mobile Commerce
7. Building E-Business Models
• Market Opportunity Analysis
• Value Proposition
• Online Strategy
• Resource Management
• Source of Revenue
8. Revenue Models
• There are many revenue models that exists on
the internet, but some of the most popular
ones are:
– Advertising
– Affiliation
– Licensing
– Sales
– Subscription
10. M-Commerce
• M-commerce allows integration of the traditional
e-business models on the mobile networks.
• Number of applications of m-commerce includes:
– Mobile Ticketing
– Mobile Coupons
– Mobile Content
– Local Services
– Mobile Banking
– Mobile Marketing
11. E-Business Security
• There are two broader levels of threats that are
common. One is the network level of threat and
the other is the data level threat.
• Network Level threat deals with the security of
the complete network, including the LANs,
WANs, Internet, Intranet and Extranets. Enforces
that only the right users or the authorized users
are accessing the network.
• Data Level threat in which one needs to ensure
the security of data when it is on the move from
one computer to another.
12. E-Business Security
Network level
• Ensuring only the right people are accessing
the network
• Password, encrypted smart cards, firewalls
Data Level
• Ensuring the privacy & confidentiality of data
• Data encryption
Data Pipeline/Grid
12
13. Network Security
Hacking
hacker is an individual who intends to gain
unauthorized access to a computer system
cracker is the term typically used within the
hacking community to demote a hacker with
criminal intent
Three type of hackers - white, black and grey hat
hackers.
Firewalls
Proxy Servers
13
14. Common Security Attacks
• Interruption, in terms of delay, denial of receipt or denial of
service
• Snooping or Interception - Unauthorized party gaining access
to information by browsing through files.
• Spoofing or Masquerading - Spurious information is inserted
into the system or network by making it appears as if it is from a legitimate entity
• Non-Repudiation - False denial that an entity created something
• Modification or alteration - Unauthorized party changes
information in transit or information stored for subsequent access
• Malicious code / Applet (MalWare) - Malicious code or
Applets includes a variety of threats such as viruses, worms and Trojan horses.
14
15. Data Level Security Concerns
– Authenticity - the sender (either client or server) of a
message - who he/she is or it claims to be
– Privacy - the contents of a message are secret and only
known to the sender and receiver
– Integrity - the contents of a message are not modified
(intentionally or accidentally) during transmission
– Non-repudiation - the sender of a message cannot deny that
he, she or it actually sent the message
– Confidentiality - refers to the ability to ensure that messages
and data are available only to those who are authorized to
view them
– Availability - refers to the ability to ensure that an e-
commerce site continues to function as intended
15
16. Cryptography
• Cryptography is a means of providing
information security. Cryptography is the study
of mathematical techniques related to aspects
of information security such as confidentiality,
integrity, authentication, and non-repudiation
which form the main goals of cryptography.
• Cryptographic techniques :
– Symmetric-key Cryptography
– Public-key Cryptography
– Digital Signature
– Digital Certificate
16
17. Secure Socket Layer (SSL)
• A protocol that operates at the TCP/IP layer
• Encrypts communications between browsers and
servers
• Supports a variety of encryption algorithms and
authentication methods
• Secure negotiated session is a client-server
session in which the URL of the requested
document, along with the contents, the contents
of forms, and the cookies exchanged, are
encrypted.
• Session key is a unique symmetric encryption key
chosen for a single secure session
17
18. E-Business – A Competitive Tool
• Improved customer service gives customers tangible
benefits, i.e. faster delivery times, and a better
understanding of needs.
• An increase in business opportunities is another one of the
greatest benefits of E-Business; that can result in improved
brand image and enhance a company's stock market
valuation.
• Greater efficiency enables shorter product development
cycles and enhanced inventory turnover, thus freeing up
capital by receiving payment earlier in the purchase process.
• Greater profitability: as companies exist to make money, by
utilizing the E-Business methodologies explained, companies
could improve overall effectiveness and directly increase
profitability.
19. Summary
• E-business is a method of doing business using technology.
• Electronic commerce (E-commerce) can be defined as any business transaction conducted
using electronic means. E-commerce is usually associated with buying and selling over the
Internet, or through a computer-mediated network.
• Whereas, E-Business does not mean only buying or selling products on-line, it will lead to
significant changes in the way products are customized, distributed and exchanged and the
way consumers search and bargain for the products and services and consume them.
• The major categories of e-business solutions that have been implemented by the different
organization worldwide are: Business-to-business (B2B); Business-to-Consumer (B2C);
Consumer-to-consumer (C2C) and Consumer-to-Business (C2B).
• Mobile Commerce (M-Commerce) is the buying and selling of goods and services through
wireless technology, such as, handheld devices such as cellular telephones and personal
digital assistants (PDAs).
• M-commerce is quite popular in financial services including mobile banking. Customers are
using their mobile phones to access their accounts and pay their bills. Customer is also using
this for utility services, information services and entertainment.
• The E-Business model is like any business model, which describes how an organiszation
functions, how it offer its products or services, how it generates revenue, and how it will
create and adapt to new markets and technologies. It has five traditional components
market opportunity analysis, value proposition, on-line strategy, resource management and
sources of revenue.
• The models that were discussed in the chapter include, broker model, auction brokers,
reverse auction, advertising model, portals, info-mediaries, merchant models, e-
procurement and community models.
20. Summary
• An organisation that is implementing e-business models needs to secure their models from
multiple levels of threats – from hackers, insiders, pirates and thieves. One of the biggest
potential security problems in an E-Business is of human, rather than electronic, origin.
• There are two broader levels of threats that are common. One is the network level of threat
and the other is the data level threat.
• In a network level threat, one needs to ensure the security of the complete network,
including the LANs, WANs, Internet, Intranet and Extranets. This will enforce that only the
right users or the authorized users are accessing the network. The basic threat is from the
Hackers who try to hack the network to get an unauthorized access.
• In data level threat one needs to ensure the security of data when it is on the move from
one computer to another. Here the basic threat is either from the hackers or even from the
insiders.
• Hacker is an individual who intends to gain unauthorized access to a computer system,
whereas Cracker is the term typically used within the hacking community to demote a
hacker with criminal intent. There are three types of hackers, white-hat, grey-hat and black-
hat hackers. Hackers use different kind of techniques that may include Denial of Service,
Spoofing, Sniffing and password cracking.
• A firewall is hardware or software solution that insulates a private network from a public
network using carefully established controls on the types of request they will route through
to the private network for processing and fulfillment.
• The another level of security threat is the data level security. Data when is communicated
between two parties for business purpose needs to meet the challenge like confidentiality,
authenticity, integrity, non-repudiation, privacy, authorization and validation.