CHAPTER THREE

3. Commerce and WWW

3.1.

ARCHITECTURAL FRAMEWORK FOR E-COMMERCE

Architectural framework of e-commerce means the synthesizing of various existing resources

like DBMS, data repository, computer languages, software agent-based transactions, monitors or
communication protocols to facilitate the integration of data and software for better applications.
The architectural framework for e-commerce consists of six layers of functionality or services as
follows:
1. Application services.
2. Brokerage services, data or transaction management.
3. Interface and support layers.
4. Secure messaging, security and electronic document interchange.
5. Middleware and structured document interchange, and
6. Network infrastructure and the basic communication services.
1. Applications
In the application layer services of e-commerce, it is decidedthat what type of e-commerce
application is going to be implemented. Thereare three types of distinguished e-commerce
applications i.e., consumer to businessapplication, business-to-business application, intraorganizational applicationand etc..
2. Information Brokerage and Management Layer
This layer is rapidly becomingnecessary in dealing with the voluminous amounts of information
on the networks.This layer works as an intermediary who provides service integration
betweencustomers and information providers, given some constraint such as low price,fast
services or profit maximization for a client. For example, a person wantsto go to USA from
1

India. The person checks the sites of various airlines for thelow-price ticket with the best
available service. For this he must know the URLsof all the sites. Secondly, to search the
services and the best prices, he also hasto feed the details of the journey again and again on
different sites. If there isa site that can work as information broker and can arrange the ticket as
per theneed of the person, it will save the lot of time and efforts of the person. This isjust one
example of how information brokerages can add value.Another aspect of the brokerage function
is the support for data managementand traditional transaction services. Brokerages may provide
tools to accomplishmore sophisticated, time-delayed updates or future-compensating
transactions.
3. Interface and Support Services
The third layer of the architectural frameworkis interface layer. This layer provides interface for
e-commerce applications.Interactive catalogs and directory support services are the examples of
thislayer.
Interactive catalogs are the customized interface to customer applications suchas home shopping.
Interactive catalogs are very similar to the paper-basedcatalog. The only difference between the
interactive catalog and paper-basedcatalog is that the first one has the additional features such as
use of graphicsand video to make the advertising more attractive.
Directory services have the functions necessary for information search andaccess. The directories
attempt to organize the enormous amount of informationand transactions generated to facilitate
e-commerce.
The main difference between the interactive catalogs and directory services isthat the interactive
catalogs deal with people while directory support servicesinteract directly with software
applications.
4. Secure Messaging Layer
In any business, electronic messaging is an importantissue. The commonly used messaging
systems like phone, fax and courier serviceshave certain problems like in the case of phone if the
phone line is dead orsomehow the number is wrong, you are not able to deliver the urgent
messages.In the case of courier service, if you want to deliver the messages instantly, itis not
2

possible as it will take some time depending on the distance between thesource and destination
places. The solution for such type of problems is electronicmessaging services like e-mail,
enhanced fax and EDI.
The electronic messaging has changed the way the business operates. Themajor advantage of the
electronic messaging is the ability to access the rightinformation at the right time across diverse
work groups.The main constraints of the electronic messaging are security, privacy,
andconfidentiality through data encryption and authentication techniques.
5. Middleware services
The enormous growth of networks, client server technologyand all other forms of
communicating between/among unlike platforms is thereason for the invention of middleware
services. The middleware services areused to integrate the diversified software programs and
make them talk to oneanother.
6. Network Infrastructure
We know that the effective and efficient linkagebetween the customer and the supplier is a
precondition for e-commerce. Forthis a network infrastructure is required. The early models for
networkedcomputers

were

the

local

and long

distance

telephone

companies. The

telephonecompany lines were used for the connection among the computers. As soon asthe
computer connection was established, the data traveled along that singlepath. Telephone
company switching equipment (both mechanical and computerized)selected specific telephone
lines, or circuits, that were connected to create thesingle path between the caller and the receiver.
This centrally-controlled, singleconnectionmodel is known as circuit switching.
However, circuit switching does not act well for sending data across a large network.In order to
implement circuit switching, point-to-point connections for each pair of senders/receivers has to
be established which is both expensive and difficult to manage. Thereis one more technique that
is used by the Internet. It is called a packet switchingnetwork. In a packet switching network,
files and messages are broken down into packetsthat are labeled electronically with codes that
indicate both their origin and destination.Packets travel from computer to computer along the
network until they reach theirdestination. The destination computer collects the packets and
3

reassembles the originaldata from the pieces in each packet. In packet switching, as the packet
passes throughvarious computers on its line the computers determine the best way to move the
packetforward to its destination.
E-COMMERCE TECHNOLOGIES

What technologies are necessary for e-commerce? The short answer is that mostinformation
technologies and Internet technologies are involved in e-commerce systems
The Internet, intranets, and extranets are the network infrastructure or foundation of ecommerce.
Customers must be provided with a range of secure information, marketing, transaction,
processing, and payment services.
Trading and business partners rely on Internet and extranets to exchange information and
accomplish secure transactions; including electronic data interchange (EDI) and other supply
chain and financial systems and databases.
Company employees depend on a variety of Internet and intranet resources to communicate
and collaborate in support of their EC work activities.
Information system professionals and end users can use a variety of software tools to develop
and manage the content and operations of the websites and other EC resources of a company.

Web technology
Client ware:Browser, viewer, player, client computing
Server ware:Web server, scripting, page construction, image manipulation, transaction
protection
Network ware:Router, gateway, hub, firewall, leased lines
Middle ware:Database, data warehouse

THE WEB SECURITY ISSUESAND WEB SECURITY PROTOCOLS

In the aftermath of the tragic events of September 11, 2001, individuals, companies, and
governments have all focused attention on the issues of safety and security. Much of that
4

attention has fallen on the Internet, as it has emerged as a vital information and economic link
throughout the world.
The continued success of the Internet is, in many ways, dependent upon the trust that individuals,
businesses, and governments place in it. For that trust to exist, user information transmitted over
computer networks must be safe from thieves, hackers, and others who would gain access to and
make use of sensitive information without permission.
Consumers have repeatedly shown they will not conclude commercial transactions over the
Internet, unless they are confident of the security and privacy of their personal information.
Recent surveys by GartnerG2 suggest that 75% of U.S. Internet users fear going online for this
reason, and that 70% of those who are already online harbor concerns about privacy that keep
them from transacting commerce on the Internet. Yet, even as concerns about these vital issues
proliferate, no single solution can suffice.
Consider privacy, where consumer expectations vary considerably, based on a number of factors.
Privacy expectations for a voluntary, online commercial transaction are very different from those
that accompany a demand by a government entity.
The key difference is choice. When an individual is required by law to submit his Social Security
number or tax return to a government entity, that information should receive greater protection
than that disclosed in a private business transaction. In the latter case, an individual is free to
choose the online entity whose privacy polices match his needs. When consumers vote with
their feet, businesses quickly take notice.
For e-commerce to flourish, businesses also need to provide personalized products and services
so that consumers get what they want without suffering information overload. Knowing this,
successful e-business marketers must gather information about the wants and needs of their
customers in the same way as traditional marketers. Policymakers also must remember that
online trust encompasses two distinct concepts: security, so that an individuals private
information will not be obtained through illegal hacking, and confidence that the private
information collected for one transaction will not be used in ways the information provider did
not anticipate or expect.

Protecting Security of Information

The first and best line of defense against unwarranted intrusions into personal privacy is for
individuals to employ e-commerce technology to protect them. Industry-developed and supplied
encryption technologies and firewalls, for example, provide individuals with substantial tools to
guard against unwarranted intrusions.
Encryption is technology, in either hardware or software form, which scrambles e-mail,
database information, and other computer data to keep them private. Using a sophisticated
mathematical formula, modern encryption technology makes it possible to protect sensitive
information with an electronic lock that bars thieves, hackers, and industrial spies.
In light of the recent tragic events of 9-11, security in all its forms (including security against
cyber intrusion and attack) is more important than ever. Strong encryption technology plays a
key role in such security, helping individuals, businesses, and governments protect sensitive or
personal information against willful or malicious theft. Not surprisingly, then, nations have
increasingly adopted policies that encourage the widespread availability of encryption tools for
consumers. At the same time, they have successfully worked to permit law enforcement to access
encrypted communications in certain critical instances, while rejecting calls for encryption
products to be undermined through the building of back-door government keys.
A firewall is essentially a filter that controls access from the Internet into a computer network,
blocking the entry of communications or files that are unauthorized or potentially harmful. By
controlling Internet traffic in a network, firewalls protect individuals and organizations against
unwanted intrusions, without slowing down the efficiency of the computer or networks
operations. They also limit intrusions to one part of a network from causing damage to other
parts, thereby helping to prevent large-scale system shutdowns brought on by cyber attacks. Not
surprisingly, then, firewalls have become a key component of computer systems today, and their
architecture comprises some of the most state-of-the-art e-commerce technology available in
todays marketplace.
But, computer security, or cyber security, is more than encryption, and it requires more than a
onetime fix. It is an ongoing process requiring the adoption of strong security policies, the
deployment of proven cyber security software and appliances-such as antivirus, firewalls,
6

intrusion detection, public key infrastructure (PKI), and vulnerability management, as well as
encryption-and, in the case of larger organizations, the existence of trained security
professionals. These professionals, in turn, must be continually retrained in order to ensure that
they are able to address and combat the evolving nature of cyber threats.
Strong security tools alone, however, cannot protect users against threats in each and every
instance. Dedicated hackers and criminals will always seek new ways of circumventing even the
most effective security technologies. That is why it is critical that strong laws be put in place to
deter such activities. In particular, where needed, laws should make it illegal to defeat, hack, or
interfere with computer security measures, and penalties for these crimes should be substantial.
As is the case with copyright laws, however, strong words in a statute are not enough. Effective
antihacking and computer security laws must:

Provide deterrent civil and criminal penalties

Be backed by vigorous enforcement by governments (including through adequate funding

of such enforcement).

Allow private parties to pursue fast and inexpensive remedies when their cyber security
has been illegally breached

Although the government should create a strong legal framework against cyber crime, it should
not intervene in the marketplace and pick e-commerce technology winners by prescribing
arbitrary standards in the security field. Such intervention would do little more than freeze
technological development and limit consumer choice. Instead, the development and deployment
of security tools should be determined by technological advances, marketplace forces, and
individual needs, and should be free of regulation.