Transcript Architectural Frameworkx - E-Help

CHAPTER - 4
ARCHITECTURAL FRAMEWORK
Framework of E-Commerce
 Requires reliable network infrastructure to move
the information and execute a transaction in a
distributed environment.
 2 key component technologies:
 Publishing Technology:
Creation of digital content
 Distribution Technology:
Universally move the digital contents & transactions information
Publication & Distribution are 2 pillars that
support the creation of distributed EC
Applications.
 Business Service Infrastructure
comprises of directory services; location &
search services & a trust mechanism for
private, secure, reliable & non-repudiable
transactions along with an online financial
settlement mechanism.
Network Infrastructure
 Defense Advance Research Project Agency (DARPA)
changed as ARPANET.
 ARPANET interconnected several universities & research
organizations.
 This leads to several other experimental WAN’s such as
BITNET,CSNET,SPAN(Space Physics Analysis Network) &
HEPNET(High Energy Physics Network)
 The ISO’s 7 Layer OSI(Opens System Interconnect)
model attempted to standardize various networks.
 The adoption of TCP/IP as a network communication
Protocol by the Defense Department of the US Govt.
provided the much needed interconnectivity among
heterogeneous networks.
Network Infrastructure
 TCP/IP, named after its two primary protocols, viz.,
 Transmission Control Protocol(TCP) and
 Internet Protocol(IP),
 Has emerged as a de facto standard of connectivity.
 In TCP/IP networks, it is the internet protocol layer that
holds the architecture together by delivering the IP
packets from end to end in a connectionless format.
 The IP layers behave much like a postal services where
each packet is delivered independent of all other
packets, thus in the process it may deliver packets out
of the sequence in which they were sent.
Network Infrastructure
 The transmission control protocol (TCP) provides a
connection-oriented reliable delivery mechanism.
 It insures that a byte-stream, emanating at one
machine destined for the other machine, is delivered
without any errors, duplication and in the original
sequence.
 UDP is an unreliable connectionless protocol. It is often
used in applications, such as video and audio
streaming, where prompt and constant delivery of data
is more important than the in sequence and reliable
delivery offered by TCP.
Network Infrastructure
 The construction of a reliable network infrastructure
requires two types of hardware transmission media
and components such as routers, switches,
hubs, and bridges.
 The network bandwidth is usually dependent upon the
quality of transmission media.
 The coaxial cables, copper wire, fiber optical
cables, radio, microwave, and satellite based
transmission mechanisms are some modes
utilized for the physical transmission of data.
Network Infrastructure
 Data transmission or the bandwidth has been provided
by telecom companies operating telephone lines, cable
TV systems with coaxial cables, direct broadcast
systems(DBS), wireless network providers, computer
networking providers, satellite transponders, and fiber
optical infrastructure providers.
 Access to the network requires devices that are
referred to as Data Terminal Equipment (DTE). These
DTE devices, such as set-top boxes and personal
computers along with interfacing software for various
networking options and interconnectivity, let users get
on to the network.
Network Infrastructure
 The network infrastructure forms the very basis of the
electronic commerce, playing the role, in many ways,
analogous to road/transport highways in the traditional
commerce. Information, goods and transactions move
between the clients and commerce provider, through
network highways.
Information Distribution
Technology
 Information distribution and messaging technologies
provide a transparent mechanism for transferring
information content over a network infrastructure
layer. It is accomplished through software systems that
implement File Transfer Protocol(FTP), Hypertext
Transfer Protocol(HTTP), and Simple Message Transfer
Protocol(SMTP) for exchanging multimedia contents
consisting of text, graphics, video, and audio data.
 For electronic commerce, challenges exit in providing a
secure, reliable, and portable, workstations, palmtops,
set-top boxes, and wireless communicators.
 The messaging service offered by SMTP servers have
been implemented by the various software programs
that ensure a message composed and dispatched for a
specified destination address is delivered reliably.
 Corporate information lies in heterogeneous systems,
ranging from file systems, relational database
management systems and object database
management systems. The capability of HTTP to
deliver static as well as dynamic information content
including multimedia information in an easy and
transparent manner makes it amenable to create
information sources that can be delivered and
rendered on a distributed geographic area over a wide
variety of client machines.
Networked Multimedia Content
Publishing Technology
 The information distribution protocol, HTTP,
delivers the documents written in the HyperText
Markup Language (HTML), to the client
program. The language offers an easy way for
integrating multimedia content, residing in a
variety of computers connected on the internet.
HTML makes it possible to integrate the
multimedia content in a document form and the
integrated content then can be published using
the HTTP servers. Clients can make requests, for
the published information residing on HTTP
servers. Clients submit requests to servers using
the Hypertext Transfer Protocol.
Networked Multimedia Content
Publishing Technology
 All published documents on the internet can
be uniquely identified and located by a
Uniform Resource Locator (URL) address. The
URL address effectively serves as a unique
name of the published document, worldwide.
 The URL is made up of three parts:
 the protocol name,
 machine name, and
 the name of document on the machine.
Networked Multimedia Content
Publishing Technology
 The machine name part of URL identifies the
machine and protocol name determines the
distribution server that will serve the
document and the rules and format in which
the document will be served. The document
name of the URL points to a specific
document on the machine. Thus, a URL is
capable of addressing as well as locating
documents in the entire universe of internet.
 In addition to HTML, the Extensible Markup
Language (XML) has also emerged as a language
for developing pages for the web, HTML is more
concerned about how a page is formatted and
displayed, while XML describes the actual
content of a page. It simplifies the task of
describing and delivering structured data from
any application, thus, providing users with the
ability to share and search the data in XML
documents, in much the same way as we share
and search data from database and files.
 Microsoft FrontPage, Netscape composer,
Hotdog are few of the several HTML editors
that can be used for writing and composing
HTML documents.
 The actual multimedia content, i.e., the
graphics, video clips, audio clips, and
animated content can be developed by tools
and editors available in the respective areas.
Security and Encryption
 Distributed interactive applications that can
showcase the information sources can be
created using information distribution and
publication technology. Electronic commerce
applications require that the information
sources to be made available online to
geographically
dispersed
clients
and
facilitation of the transactional environment.
 For electronic commerce to be viable, the two
important issues need to be addressed:
 protection of the source of information that is
being made available online, and
 protection of the transaction that travels over the
network.
 Participating
business
in
electronic
commerce have to publish the information
and make it widely available in a network
connected world.
 The second issue of securing the transaction,
carried out over the network, requires
addressing several security and confidently
related issues. The confidentiality or privacy
of the transaction data can be addressed by
using various encryption techniques.
 The shared key as well as the public/private
key pair based encryption techniques can be
used for the purpose.
 In electronic commerce, the transacting
parties are software process acting on behalf
of trading parties, who may not even be
familiar with each other. Thus, the
infrastructure
for
identifying
and
authentication transacting parties is essential
in such an environment.
 The issue of protecting the information available
on the electronic commerce site; privacy; secrecy
and tamper-proofing of information flowing on
the wire and non-repudiation of transactions
executed are all essential for building confidence
among trading parties to take the plunge in
executing electronic commerce transaction.
Encryption technologies based on shared key
mechanisms such as Data Encryption Standard
(DES) or public-private keys such as RSA
algorithms have been utilized for addressing the
issues of authentication, authorization, privacy
and non-repudiation.
 Security
and encryption technologies
available today have been deployed to
develop a public key infrastructure in the
form of certification authorities, to serve the
purpose of authentication and nonrepudiation.
 The validity or trust in digital certificates
depends upon the credentials and legal
standing of the certification authority.
 Security requires various toolkits, firewalls
and encryption products. Certification
authorities, based on the legal framework of
the country, have emerged as the required
role players in building confidence for the
growth of electronic commerce.
Payment services
 Online payment is fundamental to the
acceptance of electronic commerce as a
viable alternative to traditional commerce. It
is the mechanism that facilitates an online
financial exchange between concerned
parties.
 Electronic data interchanges (EDI) for
transactions, banks have been supporting the
electronic payment mechanism through the
Electronic Fund Transfer (EFT) channel.
 The electronic payment mechanism evolved can
be classified into three major categories--prepaid, instant-paid and post-paid.
 The
instant-paid
mechanism
requires
equivalence to govt/central bank backed cash
transactions. None of the electronic payment
systems that have been developed so far offer
the equivalence to or carry a govt/central bank
guarantee like cash. Debit cards come closest to
instant-paid electronic payment systems.
 The various electronic/digital cash mechanism
that have been in vogue are in fact prepaid
payment system.
 In these systems the physical currency is used for
acquiring digital cash that in turn can be spent in
an electronic payment environment.post paid
mechanism are equivalent to credit card and
cheque based transactions.
 E-cash, digicash, netbill, micromint, netfare and
mondex are some examples of payment systems
that fall in the pre-paid category.
 The FSTC electronic cheque, netcheque, and
cyberchque systems are examples of post-paid
electronic payment systems.
 Traditional credit card majors have come up
with Secure Electronic Transaction (SET)
protocol. The protocol provides a secure
mechanism for using standard credit cards,
over the network, for electronic payment
Purposes. Despite the development of secure
transaction mechanism for credit cards, for
reasons of anonymity, privacy, and in case of
small purchases electronic cash payment
mechanisms will remain essential.
BUSINESS SERVICE INFRASTRUCTURE
 Business
service
infrastructure
includes
directories and catalogues. These are essential for
identifying and locating businesses that meet
customer requirements. The directories and
catalogs are akin to Business Directories and
yellow pages used by customers to identify and
locate businesses that are likely to provide the
service or fulfill product demand in traditional
commerce. Search engines and directory service
providers like AltaVista, Google, and Yahoo! Info
space, Lycos, and capitalized on the need by
providing the service.
 Search engines are textual database of web
pages that are usually assembled.
Automatically by the machines. This search
engines can be classified in two categories:
 Those who compile their own searchable database
about the information available on the in internet; and
 Engines, which search the database of multiple search
engines of the former type and then reorganize the
result based on the
meta-data and guiding rules
maintained by them
 Search engine return the relevant URLs for the
keywords or search terms entered by users. With
millions of web pages on the internet, a simple search
for any term or phrase may result in thousands of
URLs, in general, a user is not likely to visit more the
first few pages of the returned results. Thus, and it is
important for web site designers that their URL should
be ranked amongst the top few for the relevant terms
and
keywords.
The
ranking
methodology
differentiates search engines.
PUBLIC POLICY AND LEGAL
INFRASTRUCTURE
 The digital economy riding on the internet
has a global reach. Companies use the World
Wide Web for brand building, promoting sales
of products, offering merchandise for sale,
conducting auction, or for providing product
information are operating in a global
environment.
 The access to network infrastructure and
legal framework, for the protection of
transactions conducted over the network,
play important role in the viability and the
growth of electronic commerce.
 To provide a legal framework for electronic
commerce transactions, the general
assembly of the United Nations adopted a
Model Law on Electronic Commerce in 1997.
 The Information Technology Act 2000, based on
the Model Law, forms the legal framework
electronic commerce in India. The IT Act holds
the office of the Controller of Certification
Authorities (CCA) responsible for issuing licenses
to and for regulating the Certification
Authorities in India.
 The internet based electronic commerce
pervades national boundaries and legal
jurisdiction, thus the enactment of national laws
alone in isolation is not sufficient. Instead, global
frameworks that can interoperate with
transnational certificate authorities is a
requirement.