ONLINE PAYMENT SYSTEMS
What you should know:
B2C vs. B2B
Payment Methods
- cash, cheque, debit card, credit card
Online Payments
- Bank EFT - electronic funds transfer
- Credit Card: >85% worldwide, >95% in the US, only 5% of all credit card transactions, accounts for 50% of all credit card fraud
- Scrip: Flooz, Beenz - cannot exchange for cash, but can use it to buy merchandise online
Consumer Concerns
- Privacy & Security
- Independence - having the ability to use whatever payment method i choose
- Portability - what to be able to access it everywhere, not just on my home computer
- Convenience -
- Phishing - bank or other trusted authority giving you money, you've got a third party trying to pretend or portray themselves as that trusted authority, log in to your account - the link they give you is never the exact link for your bank
Monday, March 31, 2008
Wednesday, March 26, 2008
Chapter 11: Key Concept
PAYMENT SYSTEMS FOR ECOMMERCE
Key Concept
This chapter focuses on the variety of forms of payment that are available online and the advantages and disadvantages of some different options. Electronic cash is used a lot online and there are advantages and disadvantages for it as well. Electronic wallets are also used in e-commerce, along with stored-value cards. This chapter explains how transactions work online and what is more beneficial.
Key Concept
This chapter focuses on the variety of forms of payment that are available online and the advantages and disadvantages of some different options. Electronic cash is used a lot online and there are advantages and disadvantages for it as well. Electronic wallets are also used in e-commerce, along with stored-value cards. This chapter explains how transactions work online and what is more beneficial.
Payment Cards
- credit cards, debit cards, charge cards
- credit card: VIsa, Mastercard - spending limit based on users credit history
- card not present transactions: online and telephone purchases
- debit card: removes $$ from cardholder's bank
- charge card: American Express, no spending limit
- single-use cards: valid for only one transaction
Advantages and Disadvantages
A:
- provide fraud protection
- worldwide acceptance
D:
- charge merchants per-transaction fees and monthly processing fees
Payment Acceptance and Processing
Opened and Closed Loop Systems
- closed: card issuer pays merchangts that accept the dard directly and does not use intermediary (bank)
- open loop: third party processes a transaction
- credit card associations: visa, m/c, operated by banks who are members in associations
- custoemr issuing banks: issue credit cards to individual consumers, responsible for establishing customer credit limits
Merchant Accounts
- merchant bank: bank that does business with sellers that want to accept payment cards
Processing Payment Cards Online
- payment processing service providers: software that handles payment card processing automatically
- automated clearing house: services connect to this and a credit card authorization company
Electronic Cash
- any value storage and exchange system created by private entity that doesn't use paper documents or coins, serve as a substitute for govn't issued physical currency
Micropayments and Small Payments
- internet payments for items costing from a few cents to approx a dollar
- small payments: less than $10
Advanatages:
- more efficient
- costs less than processing credit card transactions
- additional costs are nearly zero
Disadvantages
- no audit trail
- money laundering: convert money that they have obtained illegally into cash that they can spend without having it identified as proceeds of illegal activity
- susceptible to forgery
_ not a global commercial success
Providing Security for Electronic Cash
- anonymous electronic cash: cannot be traced back to the person who spent it
- cryptographic algorithms create tamperproof electronic cash that can be traved back to its origins
Electronic Cash Systems
- interoperable software: runs transparently on variety of hardware configurations and on diff software systems
CheckFree: largest online billing processor, provide online payment processing services to large corporations and individual internet users
Clickshare: aimed at magazine and newspaper publishers
Paypal: earns profit on the float: money deposited in paypal accounts and not used immediately
Electronic Wallets
- holds credit card numbers, electronic cash, owner identification, and owner contact info and provides that info at an electronic commerce site's checkout counter
- stores customers info on remote server belonging to particular merchant
- client-side electronic wallet: stores consumers info on his or her own computer - not portable
Microsoft . NET Passport
- server-side e-wallet operated by microsoft
Yahoo Wallet
- completing order forms automatically with identifying info and credit card payment info
Stored-Value Cards
- elaborate smart card with a microchip or plastic card with magnetic strip that records the currency balance - smart card can store larger amounts of info and includes processor ship on card
Magnetic Strip Cards
- hold value that can be recharged by inserting them into the appropriate machines, inserting cuurency into the machine, withdrawing the card, strip stores increased cash value
Smart Cards:
- stored-value card that is plastic with an embedded microchip that can store info, can store 100 x's the amount of info that a magnetic strip can store
- safer than conventional credit cards, info is encrypted
Sunday, March 23, 2008
Chapter 10: Key Concept
ELECTRONIC COMMERCE SECURITY
Online Security Issues:
Computer Security: protection of assets from unauthorized access, use, alteration, or destruction.
- physical security: tangible protection devices, alarms, guards, fireproof doors, security fences, safes or vaults, bombproof buildings
- logical security: protection of assets using nonphysical means
- threat: any act or object that poses danger to computer assets
Managing Risk
- Countermeasures: general name for procedure, physical or logical, that recognizes, reduces or eliminates threat Fig 10-1
- eavesdropper: person or device that can listen in on and copy internet transmissions
- crackers/hackers: people who write programs or manipulate technologies to obtain unauthorized access to computers and networks
Computer Security Classifications
- secrecy: protecing against unauthorized data disclosure and ensuring the authenticity of tha data source
- integrity: preventing unauthorized data modifidcation
- necessity: preventing data delays or denials
Security Policy and Integrated Security
- security policy: written statement describing which assets to protect and why they are being protected, who is responsible, which behvaiours are acceptable
Security for Client Computers
Cookies
- stateless connection: each transmission of info is independent
- small text files that web servers place on web client computers to identify returning visitors
- session cookies: exist until the web client ends the connection
- persistent cookies: remina on the client computerindefinitely
- cookie blockers: prevent cookie storage selectively
Web Bugs:
- tiny graphic that third-party web site places on another site's web page
Active Content:
- programs that are embedded transparently in web pages and cause action to occur
- zombie: trojon horse that tkaes over another computer for the purpose of launching attacks on other computers (MSN messages)
Java Script
- scripting language developed by netscape to enable web page designers to build active content
ActiveX Controls
- object that contains programs and properties that web designers place on web pages to perform particular tasks
Graphics and Plug-ins
- programs that enhance capabilities of browsers, handle content that crowser cannot handle
Viruses, Worms, and Antivirus software
- virus: software attaches itself to another program and causes damage when host program is activated
- worm: virus that replicates itself on the computers that it infects
- macro virus: coded as small program and embedded in a file
- antivirus software: detects viruses and worms and either deletes them or isolates them on client comp[ueter so they cannot run
Digital Certificates:
- attachment to an email msg or program embedded in web page that verifies that sender of web site is who or what it claims to be
- signed: DC is a signed message or code
- key: simple # that is used with the encryption algorithm to lock the characters of msg being protected so they are undecipherable without the key
Steganography:
- process of hiding info within another piece of info
Communication Channel Security
Secrecy Threats
- privacy: protection of inidivdual rights to nondisclosure
- sniffer programs: provide means to record info that passes through a compueter or router that is handling internet traffic
Integrity threats
- active wiretapping: when unauthorized party can alter msg stream of info
- masquerading/spoofing: pretending to be someone you are not, or representing a web site as original when it is fake
Necessity Threats:
- distrupt normal compueter processing, or deny processing entirely
Threats to wireless networks
- wardrivers: find an open network and may place a chalk mark on the building so that other attackers will know that an easily entered wirless network is nearby (warchalking)
Encryption Solution
- coding of info by using mathematically based program and a secret key to produce string of characters that is unintelligible (see class notes)
Online Security Issues:
Computer Security: protection of assets from unauthorized access, use, alteration, or destruction.
- physical security: tangible protection devices, alarms, guards, fireproof doors, security fences, safes or vaults, bombproof buildings
- logical security: protection of assets using nonphysical means
- threat: any act or object that poses danger to computer assets
Managing Risk
- Countermeasures: general name for procedure, physical or logical, that recognizes, reduces or eliminates threat Fig 10-1
- eavesdropper: person or device that can listen in on and copy internet transmissions
- crackers/hackers: people who write programs or manipulate technologies to obtain unauthorized access to computers and networks
Computer Security Classifications
- secrecy: protecing against unauthorized data disclosure and ensuring the authenticity of tha data source
- integrity: preventing unauthorized data modifidcation
- necessity: preventing data delays or denials
Security Policy and Integrated Security
- security policy: written statement describing which assets to protect and why they are being protected, who is responsible, which behvaiours are acceptable
Security for Client Computers
Cookies
- stateless connection: each transmission of info is independent
- small text files that web servers place on web client computers to identify returning visitors
- session cookies: exist until the web client ends the connection
- persistent cookies: remina on the client computerindefinitely
- cookie blockers: prevent cookie storage selectively
Web Bugs:
- tiny graphic that third-party web site places on another site's web page
Active Content:
- programs that are embedded transparently in web pages and cause action to occur
- zombie: trojon horse that tkaes over another computer for the purpose of launching attacks on other computers (MSN messages)
Java Script
- scripting language developed by netscape to enable web page designers to build active content
ActiveX Controls
- object that contains programs and properties that web designers place on web pages to perform particular tasks
Graphics and Plug-ins
- programs that enhance capabilities of browsers, handle content that crowser cannot handle
Viruses, Worms, and Antivirus software
- virus: software attaches itself to another program and causes damage when host program is activated
- worm: virus that replicates itself on the computers that it infects
- macro virus: coded as small program and embedded in a file
- antivirus software: detects viruses and worms and either deletes them or isolates them on client comp[ueter so they cannot run
Digital Certificates:
- attachment to an email msg or program embedded in web page that verifies that sender of web site is who or what it claims to be
- signed: DC is a signed message or code
- key: simple # that is used with the encryption algorithm to lock the characters of msg being protected so they are undecipherable without the key
Steganography:
- process of hiding info within another piece of info
Communication Channel Security
Secrecy Threats
- privacy: protection of inidivdual rights to nondisclosure
- sniffer programs: provide means to record info that passes through a compueter or router that is handling internet traffic
Integrity threats
- active wiretapping: when unauthorized party can alter msg stream of info
- masquerading/spoofing: pretending to be someone you are not, or representing a web site as original when it is fake
Necessity Threats:
- distrupt normal compueter processing, or deny processing entirely
Threats to wireless networks
- wardrivers: find an open network and may place a chalk mark on the building so that other attackers will know that an easily entered wirless network is nearby (warchalking)
Encryption Solution
- coding of info by using mathematically based program and a secret key to produce string of characters that is unintelligible (see class notes)
Monday, March 17, 2008
Chapter 10: Class Notes
E-Commerce Security
SECURITY ISSUES:
Types of Security:
- Physical Security: protecting your assets with physical systems (firewalls)
- Logical Security: intangible - the router you use to access the internet,
Minimum Level of Requirement: elements of security plan
- Privacy/secrecy: no unathorized disclosure of info...if hosting a site, you need plans around these areas ie: privacy policy
- Data integrity: no unathorized modification
- Availability/necessity: making sure your system is alwasy accessible - no data or message delays
- Key Management: secure encryption keys; how you manage all passwords and code numbers you need to access information
- Nonrepudiation: you know who is on the other end of the computer; end-to-end proof of identity
- Authenticity: digital signatures and certificates
Security Policy
- addresses:
- physical security
- network security
- access authorizations: administrator who can change things, user can only look at things
- virus protection:
- disaster recovery: if something goes wrong
- example: network security library
Risk Management
- figure 10-1
- countermeasures: how to eliminate a threat after it has happened
- eavesdroppers: sniffing programs; on the internet everywhere
- crackers/hackers: crackers hack in to systems for illegal purposes; hacker hacks into systems and are usually paid by a company...white hat: good black hat: bad
- firewalls: trusted network: behind a firewall untrusted network: outside of the firewall
CLIENT-SIDE SECURITY: you with web browsers surfing to ecomm site
Cookies: little files that webserver stores on your hard disk w/out you knowing; cannot do anything, it is just a text file
Types: session (temporary): cookie that is stored in the temporary folder of your browser; persistent (permanent): always stored on harddrive and allows someone to have your info handy, negative is that they are also used by ad agencies and trackers (ppl trying to collect info about what sites you visited); web bugs: type of cookie that are left behind on your system, instead of using a text file these guys use a little invisible graphic
Uses:
- online ordering systems
- site personalization
- website tracking
- user IDs
Active content:
- activex controls
- java applets
- javascript
- trojan horse
- viruses: destroy your computer system, worms, & zombies: launches off your system to destroy others
- graphics and plug-ins
SAFE WEB SURFING
anonymity: allow user to be anonymous
anti-virus
spam
spyware
spyware
miscellaneous
ENCRYPTION
Types
- symmetric: you use the same password to encrypt and decrypt
- asymmetric: public key: published out to the world, private key: key you use to decode something, digital signature:
- figure 10.10 Encryption
Email: Pretty Good Privacy (PGP)
Digital Certificates: use the idea of keys, when you see the https it means that they have a SSL license
Disks and Folders: consumer software products to protect files, photos, folders.... Truecrypt: allows you to create a hidden disk on your harddrive
Voice-over IP: when you talk into your computer microphone it encrypts it, is done right away
SECURITY ISSUES:
Types of Security:
- Physical Security: protecting your assets with physical systems (firewalls)
- Logical Security: intangible - the router you use to access the internet,
Minimum Level of Requirement: elements of security plan
- Privacy/secrecy: no unathorized disclosure of info...if hosting a site, you need plans around these areas ie: privacy policy
- Data integrity: no unathorized modification
- Availability/necessity: making sure your system is alwasy accessible - no data or message delays
- Key Management: secure encryption keys; how you manage all passwords and code numbers you need to access information
- Nonrepudiation: you know who is on the other end of the computer; end-to-end proof of identity
- Authenticity: digital signatures and certificates
Security Policy
- addresses:
- physical security
- network security
- access authorizations: administrator who can change things, user can only look at things
- virus protection:
- disaster recovery: if something goes wrong
- example: network security library
Risk Management
- figure 10-1
- countermeasures: how to eliminate a threat after it has happened
- eavesdroppers: sniffing programs; on the internet everywhere
- crackers/hackers: crackers hack in to systems for illegal purposes; hacker hacks into systems and are usually paid by a company...white hat: good black hat: bad
- firewalls: trusted network: behind a firewall untrusted network: outside of the firewall
CLIENT-SIDE SECURITY: you with web browsers surfing to ecomm site
Cookies: little files that webserver stores on your hard disk w/out you knowing; cannot do anything, it is just a text file
Types: session (temporary): cookie that is stored in the temporary folder of your browser; persistent (permanent): always stored on harddrive and allows someone to have your info handy, negative is that they are also used by ad agencies and trackers (ppl trying to collect info about what sites you visited); web bugs: type of cookie that are left behind on your system, instead of using a text file these guys use a little invisible graphic
Uses:
- online ordering systems
- site personalization
- website tracking
- user IDs
Active content:
- activex controls
- java applets
- javascript
- trojan horse
- viruses: destroy your computer system, worms, & zombies: launches off your system to destroy others
- graphics and plug-ins
SAFE WEB SURFING
anonymity: allow user to be anonymous
anti-virus
spam
spyware
spyware
miscellaneous
ENCRYPTION
Types
- symmetric: you use the same password to encrypt and decrypt
- asymmetric: public key: published out to the world, private key: key you use to decode something, digital signature:
- figure 10.10 Encryption
Email: Pretty Good Privacy (PGP)
Digital Certificates: use the idea of keys, when you see the https it means that they have a SSL license
Disks and Folders: consumer software products to protect files, photos, folders.... Truecrypt: allows you to create a hidden disk on your harddrive
Voice-over IP: when you talk into your computer microphone it encrypts it, is done right away
Wednesday, March 12, 2008
Chapter 9: Key Concept
ELECTRONIC COMMERCE SOFTWARE
Key Concept: This chapter focuses on the software for small, midsize, and larger businesses and the functions provided by each type. The software is chosen on the company's size, objectives, and budget.
Web Hosting Alternatives
- self-hosting: companies incorporate electronic cemmerce components and run servers in-house
- commerce service providers: a web host service that also provides commerce hosting services on its computer
- managed service providers: web site hosing service firm, synonymous with ASP and CSP
- shared hosting: web hosting arrangement in which the hosting company provides web space on a server computer that also hoses other web sites
- dedicated hosting: web hosting option in which the hosting company provides exlusive use of a specific server computer that is owned and administered by the hosting company
- co-location: internet service arrangement in which the service provider rents a physical space to the client to install its own server hardware
- scalable: system's ability to be adapted to meet changing requirements
Basic Functions of Electronic Commerce Software
ecommerce solution must as least provide:
- catalog display
- shopping cart capabilities
- transaction processing
additional software componenets can include:
- middleware that integrates ecommerce system with existing company info systems
- enterprise application integration
- web services
- integration with enterprise resource planning software
- supply chain management software
- customer relationship management software
- content management software
- knowledge management software
ECommerce Software For Small and Midsize Companies
Basic Commerce Service Providers
- CSPs offer free or low-cost electronic commerce software for ecommerce sites, then kept on CSPs server
Mall Style Commerce Service Providers
- internet connection, web site creation toosl, little or no banner adveritisng clutter
- charge monthly fee
Electronic Commerce Software for Midsize to Large Businesses
Web Site Development Tools
- Dreamweaver, Microsoft FrontPage, Intershop Enfinity MultiSite, WebSphere Commerce Professional Edition, Commerce Server 2002
ECommerce Software for Large Businesses
Enterprise-Class ECommerce Software
Customer Relationship Management Software
Supply Chain Management Software
Content Management Software
Knowledge Management Software
Key Concept: This chapter focuses on the software for small, midsize, and larger businesses and the functions provided by each type. The software is chosen on the company's size, objectives, and budget.
Web Hosting Alternatives
- self-hosting: companies incorporate electronic cemmerce components and run servers in-house
- commerce service providers: a web host service that also provides commerce hosting services on its computer
- managed service providers: web site hosing service firm, synonymous with ASP and CSP
- shared hosting: web hosting arrangement in which the hosting company provides web space on a server computer that also hoses other web sites
- dedicated hosting: web hosting option in which the hosting company provides exlusive use of a specific server computer that is owned and administered by the hosting company
- co-location: internet service arrangement in which the service provider rents a physical space to the client to install its own server hardware
- scalable: system's ability to be adapted to meet changing requirements
Basic Functions of Electronic Commerce Software
ecommerce solution must as least provide:
- catalog display
- shopping cart capabilities
- transaction processing
additional software componenets can include:
- middleware that integrates ecommerce system with existing company info systems
- enterprise application integration
- web services
- integration with enterprise resource planning software
- supply chain management software
- customer relationship management software
- content management software
- knowledge management software
ECommerce Software For Small and Midsize Companies
Basic Commerce Service Providers
- CSPs offer free or low-cost electronic commerce software for ecommerce sites, then kept on CSPs server
Mall Style Commerce Service Providers
- internet connection, web site creation toosl, little or no banner adveritisng clutter
- charge monthly fee
Electronic Commerce Software for Midsize to Large Businesses
Web Site Development Tools
- Dreamweaver, Microsoft FrontPage, Intershop Enfinity MultiSite, WebSphere Commerce Professional Edition, Commerce Server 2002
ECommerce Software for Large Businesses
Enterprise-Class ECommerce Software
Customer Relationship Management Software
Supply Chain Management Software
Content Management Software
Knowledge Management Software
Chapter 8: Key Concept
WEB SERVER HARDWARE AND SOFTWARE
Key Concept:
This chapter focuses on what happens when a client computer requests a web page. There are different operating systems and different servers that are involved in this process. Web server hardware is important aspect of an online business site.
Web Server Basics
Types of Web Sites:
- Development sites: evaluate different web designs with little initial investment
- Intranets: corporate networks
- Extranets: allow authorized parties outside the company to access certain parts of info stored
- Transaction-processing sites: B2B, available 24/7
- Content-delivery sites: news, histories, summaries, other digital information
Dynamic Content
- dynamic page: content is shaped by program in response to user requests
- static page: unchanging page retrieved from disk
- dynamic content: constructed in response to web clients request
- server-side scripting: programs running on web server create web pages before sending them back to requesting web clients
- dynamic page-generation technologies: active server pages (ASP), JavaServer Pages (JSP), Hypertext preprocessor (PHP)
Various meaning of server
- server: any computer used to provide files or make programs available to other computers connected to it through network
Two-Tier Client/Server Architecture
- messages are created and read only by the client and the server computers
- request message: message that web client sends to request file or files from web server
- request line: contains a comment, name of target resource, protocol name, version number
- request headers: info about types of files that client will accept
- entity body: sometimes used to pass bulk info to server
Three-tier and N-Tier Client/Server Architectures
- allow additional processing to occur before the web server responds to client's request
- third tier often includes databases and related software applications
Software for Web Servers
Operating Systems for Web Servers
- open-source software: developed by community of programmers who make the software available for download at no cost
Web Server Software:
- Apache, Microsoft Internet Information Server (IIS), Sun Java System Web Server
Electronic Mail (E-Mail)
E-mail Benefits: attachments frequently most important part of message
E-mail drawbacks: amount of emails in one day, viruses
Spam: spam is beginning to level off, antispam efforts and software projects help limit the annoyance and cost of spam
Solutions to the Spam Problems:
- individual user antispam tactics
- basic content filtering
- challenge-response content filtering
- advanced content filtering
- legal solutions
- technical solutions
Web Site and Internet Utility Programs
Finger and Ping Utilities:
- finger: program that runs on UNIX operating systems and allows user to obtain some info about other network users
- ping: packet internet groper: tests the connectivity between two computers connected to the internet computers, # of computers
Tracert and Other Route-Tracing Programs
- tracer: sends data packets to every computer on the path between one computer and another computer and clocks the packets round-trip times
Teinet and FTP Utilities:
- teinet: allows users to log on to a computer that is connected to the internet
- telnet protocal: set of rules
- file transfer protocol: part of TCP/IP that defines the formats used to transfer files between TCP/IP connected computers
Link-Checking Utilities: examines each page on site and reports on any URLs that are broken, seem broken, incorrect; orphan file: file on site that is not linked to any page
Remote Server Administration: web site administrator can control web site from any internet-connected computer
Web Server Hardware
Server Computers: have more memory, larger hard disk drives, faster processors, usually more expensive
Web Server Performance Evaluation:
- benchmarking: testing that is used to compare the performance of hardware and software
- throughput: number of HTTP requests that particular hardware and software combo can process in a unit of time
- response time: amount of time a server requires to process one request
Web Server Hardware Architectures
- server farms: large collection of servers
- centralized architecture: use few very large and fast computers
- distributed architecture: decentralized architecture
- load-balancing switch: piece of network hardware that monitors the workloads of servers attached to it and assigns incoming web traffic to the server that has the most available capacity at that instant in time
Key Concept:
This chapter focuses on what happens when a client computer requests a web page. There are different operating systems and different servers that are involved in this process. Web server hardware is important aspect of an online business site.
Web Server Basics
Types of Web Sites:
- Development sites: evaluate different web designs with little initial investment
- Intranets: corporate networks
- Extranets: allow authorized parties outside the company to access certain parts of info stored
- Transaction-processing sites: B2B, available 24/7
- Content-delivery sites: news, histories, summaries, other digital information
Dynamic Content
- dynamic page: content is shaped by program in response to user requests
- static page: unchanging page retrieved from disk
- dynamic content: constructed in response to web clients request
- server-side scripting: programs running on web server create web pages before sending them back to requesting web clients
- dynamic page-generation technologies: active server pages (ASP), JavaServer Pages (JSP), Hypertext preprocessor (PHP)
Various meaning of server
- server: any computer used to provide files or make programs available to other computers connected to it through network
Two-Tier Client/Server Architecture
- messages are created and read only by the client and the server computers
- request message: message that web client sends to request file or files from web server
- request line: contains a comment, name of target resource, protocol name, version number
- request headers: info about types of files that client will accept
- entity body: sometimes used to pass bulk info to server
Three-tier and N-Tier Client/Server Architectures
- allow additional processing to occur before the web server responds to client's request
- third tier often includes databases and related software applications
Software for Web Servers
Operating Systems for Web Servers
- open-source software: developed by community of programmers who make the software available for download at no cost
Web Server Software:
- Apache, Microsoft Internet Information Server (IIS), Sun Java System Web Server
Electronic Mail (E-Mail)
E-mail Benefits: attachments frequently most important part of message
E-mail drawbacks: amount of emails in one day, viruses
Spam: spam is beginning to level off, antispam efforts and software projects help limit the annoyance and cost of spam
Solutions to the Spam Problems:
- individual user antispam tactics
- basic content filtering
- challenge-response content filtering
- advanced content filtering
- legal solutions
- technical solutions
Web Site and Internet Utility Programs
Finger and Ping Utilities:
- finger: program that runs on UNIX operating systems and allows user to obtain some info about other network users
- ping: packet internet groper: tests the connectivity between two computers connected to the internet computers, # of computers
Tracert and Other Route-Tracing Programs
- tracer: sends data packets to every computer on the path between one computer and another computer and clocks the packets round-trip times
Teinet and FTP Utilities:
- teinet: allows users to log on to a computer that is connected to the internet
- telnet protocal: set of rules
- file transfer protocol: part of TCP/IP that defines the formats used to transfer files between TCP/IP connected computers
Link-Checking Utilities: examines each page on site and reports on any URLs that are broken, seem broken, incorrect; orphan file: file on site that is not linked to any page
Remote Server Administration: web site administrator can control web site from any internet-connected computer
Web Server Hardware
Server Computers: have more memory, larger hard disk drives, faster processors, usually more expensive
Web Server Performance Evaluation:
- benchmarking: testing that is used to compare the performance of hardware and software
- throughput: number of HTTP requests that particular hardware and software combo can process in a unit of time
- response time: amount of time a server requires to process one request
Web Server Hardware Architectures
- server farms: large collection of servers
- centralized architecture: use few very large and fast computers
- distributed architecture: decentralized architecture
- load-balancing switch: piece of network hardware that monitors the workloads of servers attached to it and assigns incoming web traffic to the server that has the most available capacity at that instant in time
Monday, March 10, 2008
Chapter 8 & 9: Class Notes
Web Server Tools: software programs to run a web server on home computer
- AMPP: MAMPP (macintosh), WAMPP (windows), XAMPP (distribution of apache server directly from aphace - truest form) ~ A= Apache (server to host from, runs on a system called unex/Lynex, 1/2 the price of Internet Information Server; ASP: microsoft server; M= My SQL Database, P= PHP, P = Pearl
- EasyPHP: used frequently
- HFS: http file server; allows users to share info: USB key
- Server2Go: full XAMP server, made to work off USB key
- Microsoft IIS (internet information server = created on windows computer)
My Local Web:
- http://localhost/
- http://127.0.0.1/ = localhost
- http:192.168.1.??? - home network
Web Design Tools
Free:
- Nvu
- KompoZer: best option
- Net Objects
- BlockNote.Net
- AMPP: MAMPP (macintosh), WAMPP (windows), XAMPP (distribution of apache server directly from aphace - truest form) ~ A= Apache (server to host from, runs on a system called unex/Lynex, 1/2 the price of Internet Information Server; ASP: microsoft server; M= My SQL Database, P= PHP, P = Pearl
- EasyPHP: used frequently
- HFS: http file server; allows users to share info: USB key
- Server2Go: full XAMP server, made to work off USB key
- Microsoft IIS (internet information server = created on windows computer)
My Local Web:
- http://localhost/
- http://127.0.0.1/ = localhost
- http:192.168.1.??? - home network
Web Design Tools
Free:
- Nvu
- KompoZer: best option
- Net Objects
- BlockNote.Net
Commercial:
- Adobe Dreamweaver
- Microsoft Expression Web
Content Management Systems (CMS): stores data in a database, the browser sends the request and the server is resonsible for building the page and sending it to the content user. if you create the pages you are actually storing all the info in one database forlder versus saving each page separate.
Local: serves static pages, when somebody goes to your website, they are pulling down a static page that isn't changing depending on the user, have to be on my computer to edit database
- CityDesk:FREE
- CMS Encore
- BlogJet (blogging): html editors
- ecto (bloggin)
- Windows Live Writer
Web-Based: make all changes on the website, database is stored on the web server; all work the same
- Drupal
- Joomia
Web Hosting
- Okanaganhosting.com
- BlueGenesis Canada
- Oak Park Solutions
- WebServe Canada
- TopHosts.com
Tuesday, March 4, 2008
Chapter 12: Planning for Electronic Commerce
Planning Electronic Commerce Initiatives
Identifying Objectives:
- increasing sales in existing markets, opening new markets, serving existing customers better, identifying new vendors, coordinating more efficiently with existing vendors, recruiting employees more effectively
Linking Objectives to Business Strategies:
- downstream of upstream strategies (reducing costs or generating value by working with suppliers)
- opportunities inspire businesses to undertake activities like: building brands, enhancing existing marketing programs, selling products and services, selling advertising, developing a better understanding of customer needs, improving after-sale service and support, purchasing products and services, managing supply chains, operating auctions, building vitural communities and web portals
Measuring Benefits:
- revenue, units, customer satisfaction surveys, time, number of visitors, number of return visits
Managing Costs
- Total Cost of ownership: costs of hardware, software, design work outsourced, salaries and benefits for employees
- Change management: process of helping employees cope with changes
- opportunity costs: cost of not undertaking initiative
- web site costs: anywhere from $100,000 to $15 million and up
Comparing Benefits to Costs
- capital projects/investments: equipment, personnel
- if benefits exceed costs of project by comfortable margin, company invests in the project
Return on Investment (ROI)
- measure the amount of income that will be provided by a specific current expenditure
- provide quantitative expression of comfortable benefit-to-cost margin for specific company
Strategies for Developing E-Commerce Web Sites
Internal Development vs Outsourcing
- internal team: people with enough knowledge about internet and technologies to know what kinds of things are possible, creative thinker who are interested in expanding the company
- early outsourcing: outsource initial site design and development - then company employees are trained in the new technology before taking over the operation of the site
- late outsourcing: company's info system professionals do initial design and development, implement the system and operate the system until it becomes stable part of the business operation
- partial outsourcing: company identifies specific portions of the project that can be completely designed, developed, implemented and operated by another firm that specializes in a particular function
Selecting a Hosting Service
- functionality, reliability, bandwidth and server scalability, security, backup and disaster recovery, cost
New Methods for Implementing Partial Outsourcing
- incubator: company that offers start-up companies physical location with offices, accounting and legal assistance, computers, internet connections at very low monthly cost
- fast venturing: existing company wants to launch an e-commerce initiative joins external equity partners and operational partners that can offer the experience and skills needed to develop and scale up the project
Managing E-Commerce Implementations
Project Management
- collection of formal techniques for planning and controlling the activities undertaken to achieve a specific goal
- project mgmt software: microsoft project, give managers array of built-in tools for managing resources and schedules
Project Portfolio Management
- each project is monitored as if it were an investment in financial portfolio
Staffing for e-commerce
- project manager: specific training or skills in tracking costs and accomplishment of specific objectives in a project
- account manager: keeps track of multiple web sites in use by project or keeps track of projects that will combine to create a larger web site
- applications specialists: maintain accounting, human resources, logistics software
- web programmers: design and write the underlying code for dynamic database-driven web pages
- web graphics designer: trained in art, layout, and composition and who also understands how web pages are constructed
- content creators: write original content and content managers purchase existing material and adapt if for use on the site
- call center: company that handles incoming customer telephone calls and emails for other companies
- systems administrator: responsible for system's reliable and secure operation
- network operations: staff functions include load estimation and load monitoring, resolving network problems as they arise, designing and implementing fault-resistant technologies, managing network operations that are outsourced to service providers
- database administration: support activities such as transaction processing, order entry inquiry
Identifying Objectives:
- increasing sales in existing markets, opening new markets, serving existing customers better, identifying new vendors, coordinating more efficiently with existing vendors, recruiting employees more effectively
Linking Objectives to Business Strategies:
- downstream of upstream strategies (reducing costs or generating value by working with suppliers)
- opportunities inspire businesses to undertake activities like: building brands, enhancing existing marketing programs, selling products and services, selling advertising, developing a better understanding of customer needs, improving after-sale service and support, purchasing products and services, managing supply chains, operating auctions, building vitural communities and web portals
Measuring Benefits:
- revenue, units, customer satisfaction surveys, time, number of visitors, number of return visits
Managing Costs
- Total Cost of ownership: costs of hardware, software, design work outsourced, salaries and benefits for employees
- Change management: process of helping employees cope with changes
- opportunity costs: cost of not undertaking initiative
- web site costs: anywhere from $100,000 to $15 million and up
Comparing Benefits to Costs
- capital projects/investments: equipment, personnel
- if benefits exceed costs of project by comfortable margin, company invests in the project
Return on Investment (ROI)
- measure the amount of income that will be provided by a specific current expenditure
- provide quantitative expression of comfortable benefit-to-cost margin for specific company
Strategies for Developing E-Commerce Web Sites
Internal Development vs Outsourcing
- internal team: people with enough knowledge about internet and technologies to know what kinds of things are possible, creative thinker who are interested in expanding the company
- early outsourcing: outsource initial site design and development - then company employees are trained in the new technology before taking over the operation of the site
- late outsourcing: company's info system professionals do initial design and development, implement the system and operate the system until it becomes stable part of the business operation
- partial outsourcing: company identifies specific portions of the project that can be completely designed, developed, implemented and operated by another firm that specializes in a particular function
Selecting a Hosting Service
- functionality, reliability, bandwidth and server scalability, security, backup and disaster recovery, cost
New Methods for Implementing Partial Outsourcing
- incubator: company that offers start-up companies physical location with offices, accounting and legal assistance, computers, internet connections at very low monthly cost
- fast venturing: existing company wants to launch an e-commerce initiative joins external equity partners and operational partners that can offer the experience and skills needed to develop and scale up the project
Managing E-Commerce Implementations
Project Management
- collection of formal techniques for planning and controlling the activities undertaken to achieve a specific goal
- project mgmt software: microsoft project, give managers array of built-in tools for managing resources and schedules
Project Portfolio Management
- each project is monitored as if it were an investment in financial portfolio
Staffing for e-commerce
- project manager: specific training or skills in tracking costs and accomplishment of specific objectives in a project
- account manager: keeps track of multiple web sites in use by project or keeps track of projects that will combine to create a larger web site
- applications specialists: maintain accounting, human resources, logistics software
- web programmers: design and write the underlying code for dynamic database-driven web pages
- web graphics designer: trained in art, layout, and composition and who also understands how web pages are constructed
- content creators: write original content and content managers purchase existing material and adapt if for use on the site
- call center: company that handles incoming customer telephone calls and emails for other companies
- systems administrator: responsible for system's reliable and secure operation
- network operations: staff functions include load estimation and load monitoring, resolving network problems as they arise, designing and implementing fault-resistant technologies, managing network operations that are outsourced to service providers
- database administration: support activities such as transaction processing, order entry inquiry
Monday, March 3, 2008
Chapter 12: Class Notes
SMART Objectives: (final exam question) for designing e-commerce website (transaction oriented)
- to sell products and services (into existing market or creating a new market)
- providing information / education to consumers
- reach widespread target market
- reduce costs - no brick and mortar, transactional costs (make the customers do the work), reduce intermediary costs (supply chain / just-in-time inventory), reducing aftersales support
- recruiting employees
- source new vendor relationships
- selling advertising
- sell memberships &/or subscriptions
- provide info to shareholders/stakeholders
- build brand identity/image
- create an outlet/ clearance area/ auction
- providing portals and web communities (stickiness)
How we measure whether we've met the objectives:
- specific, measureable, accurate/attainable, relavent to ore competency, timely (has some sort of milestone or date attached)
Ways to measure / indicators:
- units & revenue ($)
- using website statistics: hits (tells you every time you load a page - least info) / page views (if consumer comes to website, how many web pages did they view in your site ) / time spent on a page
- IP address (tells you the location of the computer of the viewer)
- saving and reducing costs: saving on investment, cost per transaction (#) (staffing of call centre, programmers time in developing the shopping cart), cost comparisons, wait time / customer satisfaction surveys
- number of qualified applications, # of inquiries
- # of qualified vendors / inquiries
- revenue / website statistics (traffic) so we can charge cost per thousand / click
- unit (# of subscriptions) / revenue
- # of inquiries about stock from shareholders / count downloads of information from site
- customer survey / inquiries
- # of auction items / $ value of items going out , registrants , active participants in auction
- # of registered users / # of posts
Managing Costs:
- Investing in a web business
- Small business ($10K to $50K)
- Entry-Level ($100K to $1M0
- Mid-Level ($2M to $5M)
- Large Site ($15M and up)
- maintenance costs between 50% and 200%
- Total cost of ownership - you are using or accounting for everything
- hardware & software
- programming & design: getting web designer (who know html and css) but also knows how to program the site to be interactive
- Maintenance & Support: having someone monitoring it / updating / security
- Training and documentation: who is updating, what do they need to know
- opportunity costs
- how much revenue is lost by not having website
- return on investment (ROI)
- requires quantification fo costs & benefits
- predicts benefits and returns (not hard numbers)
- emphasizes short-run versus long0run benefits
System Development Life Cycle (SDLC) - how do we get it done, manager with business-knowhow (business analyst) takes project through these stages - linear process
1. Plan
- critical success factors (CSFs)
- Project scope (SoW statement of work boundary)
- project plan (schedule/resources) -dictating whos doing what
2. Analysis
- business (user) requirements - paypal, etc
- functional specification document - output of this stage
3. Design
- hardware/software architecture - needed to do it
- technical specification document - output of this stage
4. Develop
- in-source (inhouse with own IT ppl); out-source (give it to another company); self-source (diff departments create different parts within their system)
- early sourcing; late sourcing (when do we actual get help?); partial-sourcing
5. Test
- componentl interface; system testing - is it working?
- user acceptance and usability testing - does it meet the functional specifications, does it work like my users need it to work?, if cusomters go to site, is it easy for them to put in credit card number.....etc etc
6. Implement
- selecting a hosting service (functionality; reliability; security, backup and disaster recovery, bandwidth and server scalability, operating and maintenance costs)
- training and cosumentation
- policies and procedures
7. Maintain
- establish help desk and FAQs
- user and technical support procedures
Project Management: being aware of system life cycle and assigning jobs to people
Software Tools
1. Identifying Dependencies - i cant start my phase until you finish yours
2. Create the Schedule:
3. Manage the Resources: making sure ppl do what they need to do
4. Evaluate the risks: what is the risk is somebody falls out of completing task on time
Subscribe to:
Posts (Atom)