EC and the Virtual Corporation

1
EC and the Virtual Corporation Session 3
2
Session Outline

• Administrivia
• Paper
• Access
• Review
• Network Economy - Free PCs
• Legal Issues - Cyber Squatting Bill passed
  Senate - Umbro Case
• Network Infrastructure
• TCP/IP
• HTTP
• Internet Applications Architecture
• Virtual Private Networks
• Introduction to Security

3
A Framework for Electronic Commerce
What value is a model?
A model is only valuable when it helps us to
explain (and maybe predict) reality
4
A Model for E-business
Internal
Business Partners
Supply Chain Mgt
Enterprise Resource Planning
External
Knowledge Applications
Enterprise App Integration
Management Control
Administration Control
Customer Relationship Mgt
Selling Chain Mgt
How does this model explain Dells success?
Figure 4.11 page 103
Customers, Resellers
5
Why has the Internet Emerged as a
Business Platform?
You should be able to make this case
6
What business models do we find on the Internet?
7
Emerging Internet Models
Business-Consumer
Business-Business
Product Based
www.amazon.com www.mercata.com
www.officemax.com www.boeing.com
Physical
www.Estamps.com www.bluemountainarts.com
www.wsj.com www.photodisc.com
Digital
Service Based
www.peapod.com www.etrade.com
www.fedex.com www.expedia.com
Traditional
www.roboshopper.com www.ebates.com
www.netseminar.com www.yesmail.com
Digital
8
Approaching the Web
Use this model as a reference when you read Kodak
Processes
Fulfillment Settlement Workflow
Transactions
Database Queries Payments Funds Transfers
Interactivity
Increasing Functionality
Registration Games Forms
Publishing
Advertising Marketing Information
Time or Maturity
David Kosiur, Understanding Electronic
Commerce, p. 107, Microsoft Press 1997
9
Understanding the Infrastructure
10
The BIG Picture
11
Telephony 101
The Internet is built on top of the Public
Switched Telephone Network Also called an overlay
network
LEC View
Last Mile
Local Loop
Local Loop Slowest portion of the network
12
Telephony 101
Hierarchy of Central Offices
Total Network is PSTN
IXC View
Digital COs now the norm
Circuit Switching
The Internet is a Packet Switched Network
13
Transmission Media
Acceptable for Voice - analog signaling Unshielded
Twisted Pair Millions of miles in place Not
optimal for data communications
Copper Wire
Copper wire inside shielded cable Capable of
handling very high frequencies Dozens of 6 MHz
channels on single cable
Coaxial Cable
14
Transmission Media
Media of Choice Uses frequencies a million times
higher Speeds as high as 9.6 gbps Now being used
with cable
Fiber
Wireless
Microwave, synchronous, low-orbit Iridium,
Globalstar - LEO Eliminates need for wire
infrastructure Complete mobility
15
Internet End-End
Difficult to buy a machine that cant exploit the
features of the Internet
What about Network PCs? NY Times article on Sun
8/31/99
http//navigators.com/internet_architecture.html R
uss Haynal
16
Internet End-End
Access Options
Dial up Access 56 Kbps ISDN 128 Kbps T1
Circuit 1.54 Mbps ADSL 3-6 Mbps Ethernet 10
Mbps Satellite 10-100 Mbps Cable
Modem 30-40Mbps T3 Circuit 45 Mbps Fiber
OC-192 9953.28 Mbps
17
Internet End-End
18
Internet End-End
Usually located in a CO
19
Internet End-End
This provides you access to the services of the
ISP
20
Internet End-End
This is the Internet Backbone UUNET Worldcom
(MCI)
SONET Synchronous Optical Network Expected to
be the standard for next 2 decades Hierarchical
scheme OC - 192 fastest 9953.28 Mbps Equal to
5376 x 24 voice circuits
21
Internet End-End
22
Internet End-End
Step 1 Client and Server establish tcp/ip
connection
Step 2 Client issues a request which includes a
URL
Step 3 Server issues a response
Step 4 Server terminates the connection
23
Internet End-End
Data Communications on the Internet uses TCP/IP
which is a Packet Switched Protocol
Data not sent in real time Stored in computer
until packet available Only then is the packet
sent Extremely efficient Freight Train Analogy
Packet Switching
24
Internet End-End
How do we move data from one machine to another
on the Internet?
OSI 7-Layer Model
25
Why Layers?
We only have to worry about adjoining
layers when we program
User Interactions
Unreliable
Reliable
Provides data flow
Every device has an IP address
How should data get to its destination - point by
point?
Puts the data on the wire
26
Sockets and Ports

• A socket is a combination of an IP address and a
  port
• 147.26.222.4523
• http//www.fecrc.ctc.com80
• A Port is an address of an application - Many
  ports are
• designed for well known applications
• FTP Port 21
• Telnet Port 23
• SSL Port 443
• HTTP Port 80
• Ports below 1024 are reserved for these type of
  apps
• Applications listen on ports for instructions

Once weve found a machine - how do we identify
a particular service?
27
TCP/IP
TCP/IP deals with the Network and Transport Layers
28
HTTP

• Hypertext Transfer Protocol
• Request/Response protocol for the web
• Stateless or connectionless (1 operation)
• Determines document format automatically

29
HTTP - 4 Step Transaction
Step 1 Client and Server establish tcp/ip
connection
Step 2 Client issues a request which includes a
URL
Step 3 Server issues a response
Step 4 Server terminates the connection
30
URLs
Actual Syntax is http//lthostgtltportgt/ltpathgt?lts
earch_partgt
URLs not unique to the web - used in ftp, gopher,
and other applications
31
URL Example
Specifies hyptertext transfer protocol. (Method
Web browser uses to read pages on Web)
Look in this directory
http//www.fecrc.ctc.com/et/schedule.html
Connect to this computer
Get this document
32
HTML

• Hypertext Markup Language - developed by Tim
  Berners-Lee at CERN
• Simple document formatting language
• Embedding of control codes tags that browser
  interpret
• HTML 1.0 circa 1989
• HTML with additional features circa 1993
  tables, imagemaps
• Netscape extensions 19941995 colors, frames,
  plugins
• HTML 3.2 1997
• HTML 4.0

33
Four Basic HTML Tags
lthtmlgt lt/htmlgt
ltheadgt lt/headgt
lttitlegt lt/titlegt
ltbodygt lt/bodygt
34
HTML Tag Syntax
End of tag marker
The beginning of the tag
lt
gt
Meta
name"keywords" content"electronic commerce, ec"
Attributes that modify the behavior of a tag
The tag identifier
35
HTML
HTML has become extremely versatile
ltInputgt Forms control ltIMGgt Insert
Images ltEmbedgt Word docs and files ltAppletgt JAVA
applets ltTablegt Tables for formatting ltScriptgt
For program control ltAgt Linking
36
Internet Application Architecture
We wish to move beyond static web pages to
providing dynamic content based on user input
CGI Limitations Scalability Issues
Spawns new process for each event
Common Gateway Interface (CGI)
Script must format and return results with HTML
37
Internet Application Architecture
A language that offers much promise is
JAVA Developed by Sun - not just for the
web Object Oriented like C Create Applets
that run inside a browser Applets loaded from
the web server
38
Internet Application Architecture
Compiled code that is platform neutral Compiler
creates bytecodes Bytecode interpreted by JVM on
any platform Key benefit over CGI?
Moves processing from server to client
39
Internet Application Architecture
Javascript

• Interpreted language
• Embedded into html pages
• Executes when an event is triggered button,
  mouseover
• Supported by Netscape and IE
• Not related to Java at all
• Moves processing from Server to Client
• Not the all purpose tool that JAVA can be

40
Internet Application Architecture
Third party development tools

• Examples Cold Fusion, Net Objects, Net Magic
• Offer a more complete development environment
• Require software components on the web server
• Offer faster development life-cycle
• Strength is in integration with database products

41
Virtual Private Networks
Key selling point for a VPN is COST
42
Introduction to Security
Business Transaction
Internal Threat
Firewall
Firewall
Internet
3rd Party Threat
External Threat
43
Internal Threats

• Physical break-ins
• Unattended computers
• Privileged Individuals
• SYSOPs or SYSADMINs
• Internet Service or Access Providers
• Disgruntled employees
• Backdoors / Trapdoors

Nearly half of all computer crimes committed by
employees! -Computer Security Institute/FBI
Study 1998
44
External Threats

• Hackers
• Crackers
• Espionage
• Software bugs
• Viruses
• Worms
• Holes

• Logic bombs
• Trojan horses
• Forgery
• Impersonation
• Piggybacking
• Software bugs or application faults

45
End-to-End Threats

• Spoofing
• Sniffing
• Misrouting
• Interception
• Eavesdropping
• Data Theft
• Breach of privacy

46
Why is Security such a Problem?
TCP/IP was not developed with security in
mind It was developed to enable open sharing of
data
47
TCP/IP - Good News/Bad News

• Good News - It Works!

• Bad News - It Works!

48
Four Security Objectives

• Mutual authentication
• Message privacy
• Message integrity
• Non-repudiation

49
Mutual Authentication
Each party to a transaction is certain of the
identity of the other parties involved in the
transaction
50
Message Privacy
Transactions and messages are completely
confidential and known only to those for whom
they are intended
51
Message Integrity
All parties to a transaction must be certain
that messages do not change during transmission
52
Non-Repudiation
No party to a transaction can subsequently deny
that the transaction took place
53
Security Principles

• Mutual authentication
• Message privacy
• Message integrity
• Non-repudiation

If our solutions implement these principles - we
can conduct reasonably secure commerce over the
Internet
54
Internet Security Tools and Techniques
55
Security Tools and Techniques

• Anti-Virus Software
• Cryptography
• Digital Signatures
• Digital Certificates
• Web Security
• Firewalls
• Browser Preferences
• Secure E-Mail