Q 1:- Explain E-commerce & E-business.

Ans:- Electronic commerce or e-commerce refers to a wide range of online business activities for products and services. It also pertains to any form of business transaction in which the parties interact electronically rather than by physical exchanges or direct physical contact. E-commerce is usually associated with buying and selling over the Internet, or conducting any transaction involving the transfer of ownership or rights to use goods or services through a computer-mediated network. Though popular, this definition is not comprehensive enough to capture recent developments in this new and revolutionary business phenomenon. A more complete definition is: E-commerce is the use of electronic communications and digital information processing technology in business transactions to create, transform, and redefine relationships for value creation between or among organizations, and between organizations and individuals.

Is e-commerce the same as e-business? While some use e-commerce and e-business interchangeably, they are distinct concepts. In e-commerce, information and communications technology (ICT) is used in interbusiness or inter-organizational transactions (transactions between and among firms/organizations) and in business-to-consumer transactions (transactions between firms/organizations and individuals). In e-business, on the other hand, ICT is used to enhance ones business. It includes any process that a business organization (either a for-profit, governmental or non-profit entity) conducts over a computer-mediated network. A more comprehensive definition of e-business is: The transformation of an organizations processes to deliver additional customer value through the application of technologies, philosophies and computing paradigm of the new economy. Three primary processes are enhanced in e-business: 1. Production processes, which include procurement, ordering and replenishment of stocks; processing of payments; electronic links with suppliers; and production control processes, among others; 2. Customer-focused processes, which include promotional and marketing efforts, selling over the Internet, processing of customers purchase orders and payments, and customer support, among others; and 3. Internal management processes, which include employee services, training, internal information-sharing, video-conferencing, and recruiting. Electronic applications enhance

information flow between production and sales forces to improve sales force productivity. Workgroup communications and electronic publishing of internal business information are likewise made more efficient. E-commerce and e-business The Internet economy is a broader concept than e-commerce and e-business. It includes e-commerce and e-business. The CREC (Center for Research in Electronic Commerce) at the University of Texas has developed a conceptual framework for how the Internet economy works. The framework shows four layers of the Internet economy-the three mentioned above and a fourth called intermediaries (see Table 1). Internet Economy Conceptual Frame

Q 2:- Differentiate traditional commerce Vs E-commerce.

Ans:Definition Traditional commerce Traditional commerce means communicating (ordering, paying) with customer and supplier using different applications in many time-consuming different steps. E-commerce E-commerce means processing of information using one digital application (EDI or Internet) and only a few quick steps. Positioning

Positioning is a plan showing the situation and setting priorities of the company towards other actors of the market. Interactivity Interactivity characterises a system when it is in a steady dynamic process of data interchange between many equal and free access system users at the same time

Differences between traditional and e-commerce In the following table you can see in table form the differences in media used for traditional and e-commerce. Please notice that as far as e-commerce is concerned everything can be done through a server: Action Acquire product information Traditional commerce E-commerce Magazines, flyers, online Web pages catalogs Request item Printed forms, letters E-mail Check catalogs, prices Catalogs On-line catalogs Check product availability and Phone, fax E-mail confirm price Generate order Printed form E-mail, web pages Send /Receive Order Fax, mail E-mail, EDI Prioritize order On-line database Check inventory at warehouse phone,fax On-line database, web pages Schedule delivery Printed form E-mail, On-line database Generate invoice Printed form On-line database Receive product Shipper Shipper (unless it is electronic) Confirm receipt Printed form E-mail Send/Receive Invoice Mail E-mail, EDI Schedule payment Printed form EDI, On-line database Send /Receive Payment Mail EDI

Q 3:- Write down 3 companies having successful in traditional business as well as in E-business. Ans:1. Emblemtek Located in Vankleek Hill, Ontario, Emblemtek was incorporated in Ontario in 1980. The 45-employee company manufactures a diverse array of custom-made garment and linen embellishments, personalization and identification products and distributes these from coast to coast. As a small business trying to not only survive but thrive in an increasingly competitive environment, Emblemtek decided to differentiate them through a strong

focus on customer service: We wanted to set ourselves apart as a company that other companies can rely on. At the end of the day, our price is about the same, we sell ourselves by the quality of our service explained David Black, President of Emblemtek. To achieve outstanding customer service, Emblemtek needed to adopt an enterprise software solution that would seamlessly integrate all aspects of their business. After spending a year in clarifying their business requirements, the company chose to go with SAP. According to David, the software allowed Emblemtek to better manage its workflow from manufacturing to inventory and customer relations management. In fact the software is so user-friendly that his employees are not afraid of the software but have become engaged in making their performance better. For management, the software provides access to information about the finances and operations of the company as it happens. They have become more flexible and responsive to changes in the market: we have become a much better run organization, said David. Before implementing SAP, Emblemtek was using three separate systems to manage its operations, two of which had been developed internally. Sometimes the same information had to be entered in more than one system. This duplicated effort and increased data entry errors. Further, their sales force did not have direct access to customers order history. Features for small businesses to consider when seeking an enterprise solution are access to technical support, options for customization, and the ability to include many processes. For example, by the end of 2009, Emblemtek customers will be able to go online to review their order history and make purchases. So what does this all mean for Emblemtek? According to David, SAP was the right choice for his company. In the three years since they adopted SAP as their enterprise software solution, the firm has been able to nearly double the number of unique items in inventory and improve communication internally as well as with suppliers. As well, the firm has been able to quickly see and adapt to trends. Further, Emblemtek has been able to focus human resources growth in their sales force rather than clerical support. Finally, Emblemtek has increased its revenues by 30% and its customer base by 40%. Im not saying that SAP is solely responsible for our growth and efficiency improvements, but its certainly a major enabler in our success, concluded David.

2. Freshisle Fibers Marian Hester seized a unique opportunity to support sheep farmers on Manitoulin Island by combining her passions: knitting, spinning and computers. In the late 1990s, wool prices drastically dropped and sheep farmers on Manitoulin Island found themselves unable to sell their fleece. Marian knew there was a market for Manitoulin Island yarn and specifically Suffolk wool, so she started spinning, dyeing, and selling it on eBay - the response was overwhelming. Freshisle Fibers was born. Marian then purchased fleece from a few sheep farmers on the Island (including her uncle) and

enlisted the assistance of a woolen mill to help with the washing and processing of the fleece. Marian continued to sell the yarn on eBay, but quickly became dissatisfied with this approach to online selling; Marian wanted greater control over her business and the profits. As a result, Marian developed a simple website that featured samples of the yarn and basic ordering information, including her email address. Marian was not prepared for what ensued - a waiting list of orders too long to handle. Marian knew the time had come for her business to expand Freshisle Fibers required an online shop that provided Marian with the ability to control her inventory. As a result, Marian spent an entire Christmas vacation (she teaches Grade 4 full time) developing the Freshisle Fibers website to better suit her needs. This required a great deal of time, patience, and especially, research. Marian generated a long list of needs or must-haves for her website, including the need for a shopping cart software package that featured inventory control, the ability to use PayPal to conduct monetary transactions, and customer relationship management (CRM) applications for customer registration and monthly newsletters; CubeCart fit all of Marians needs. Marian also uses Dreamweaver and Photoshop to maintain her website, and TypePad Pro to support the Freshisle Fibers blog. Although Marian uses proprietary software to support Freshisle Fibers online presence, she suggests that there are many similar free, straightforward programs available online; the key is to just get out there! Freshisle Fibers also belongs to a number of webrings (a community of websites with similar interests). Marian describes webrings as a form of social networking for similar businesses; webrings also serve as a form of online marketing, as they help customers find websites much more quickly and easily. Freshisle Fibers also has its own Facebook profile. Marian, a self-professed computer-lover, enjoyed the process of developing the Freshisle Fibers website as it provided her with a unique opportunity to apply her computer knowledge and skills within a new environment. Marians passion for computers and knitting/spinning has turned a hobby into an extremely successful and thriving business, serving customers around the world including the United States, Canada, Australia, New Zealand, Denmark, Japan, and Russia (to name only a few). Freshisle Fibers now features a large variety of hand-dyed and painted yarn by Marian, including Suffolk Wool Yarn, Single Ply Mixed Breed Wool Yarn. Freshisle Fibers is also a registered Louet dealer. Marian offers some words of advice for anyone thinking about creating a web presence:

Start small - learn from your mistakes as you grow. Ensure that you have a support network. Dont get down by bad transactions the majority are flawless. Be aware of the upfront costs (both financial and time) do your research. Expect a steep learning curve, especially if youre doing it on your own. Keep your website current and attractive.

3. Native Fabric.com Perry and Annette Poeta first began business in Curve Lake First Nation when they decided to turn their hobbies into a professional enterprise by designing and selling a wide range of clothing at various powwows, conferences and other events. Then, when an Elder from the reserve retired, the Poetas took over her log cabin store and started making Native fabric clothing. In 2002, the Poetas decided to concentrate on their growing webbased mail-order business, www.nativefabric.com, which employs an electronic shopping cart. We do Internet sales of [Native-design] fabric, Poeta says, emphasizing that doing business over the Web is a different approach than selling from a store. Specifically, the Internet enables the company to do business with customers from across the country, including persons from remote First Nation and Inuit communities from the high Arctic to northern Quebec. The websites format also allows the Poetas to interact with customers who do not read or write English very well. Most of www.nativefabric.coms business is done as cash-on-delivery, so people dont need a credit card. Upon receiving an order, the Poetas ship the parcels out via Canada Posts Express Post, with insurance on the contents. Thus, the Poetas and their customers are able to use the Internet to engage in business in a way that meets customer needs but is not complex. Q4. Is e-business essential for a brick n mortar company? Note down your views. Ans. Yes, e-business is essential for a brick n mortar company. Many brick-and-mortar companies are working feverishly to enhance the customer experience. This spring, Toysrus.com Inc. revealed plans to double its staff and expand operations during the next year, including building two new fulfillment centers. J.C. Penney Co. relaunched its plus-size apparel site for women in March, offering a browser tool that lets shoppers create a replica of their body dimensions, which then models clothing choices. And Barnes & Noble Inc. unveiled a "university" in late May, offering its customers a customized site for online learning. On the dot-com front, many pure-play online retailers have felt the heat of increased competition, falling stock prices, and lackluster sales. In the past few months Toysmart.com; upscale E-retailer Foofoo.com; Europe's top site, Boo.com; HealthShop.com; Craftshop.com; ToyTime.com; and Nickelodeon's Red Rocket all closed their virtual doors. Brick-and-mortar companies laid down the vision, put very few SKUs on their sites, and then stepped back a bit. This year, they're adding more SKUs, and big bucks are being spent." Just because the business-to-consumer Internet pure-plays are failing doesn't mean the business-to-consumer market is dead. Shop.org, an online retail trade group in San Jose, Calif., says the business-to-consumer E-commerce market will grow by 85% this year, topping $61 billion. And a recent Commerce Department report says online retail is

strong in many industry categories, including computers, cars, books, sporting goods, and catalog sales. What's significant is that many analysts predicted a sharp drop after the Christmas season-but that didn't happen. This is welcome news for the surviving E-retailers and downright encouraging for brickand-mortar companies stepping up their Web efforts. Brand-name retailers Dress Barn Inc. and Saks Inc. are just two examples of brick-and-mortar companies expanding Web storefronts in the coming months. SaksFifthAvenue.com went live last summer as a static storefront where customers could only request catalogs and get store locations. The upscale clothing retailer, best known for its high-profile store in New York, spent the past several months mapping out its Ecommerce strategy. Saks' big advantage online, says Dykman, is that consumers of luxury clothing items are underserved on the Web. Q5. Explain about internet & evolution of e-Business. Ans. Internet: The Internet is a global system of interconnected computer networks that use the standard Internet Protocol Suite (TCP/IP) to serve billions of users worldwide. It is a network of networks that consists of millions of private, public, academic, business, and government networks, of local to global scope, that are linked by a broad array of electronic, wireless and optical networking technologies. The Internet carries a vast range of information resources and services, such as the inter-linked hypertext documents of the World Wide Web (WWW) and the infrastructure to support electronic mail. Most traditional communications media including telephone, music, film, and television are reshaped or redefined by the Internet, giving birth to new services such as Voice over Internet Protocol (VoIP) and IPTV. Newspaper, book and other print publishing are adapting to Web site technology, or are reshaped into blogging and web feeds. The Internet has enabled or accelerated new forms of human interactions through instant messaging, Internet forums, and social networking. Online shopping has boomed both for major retail outlets and small artisans and traders. Business-to-business and financial services on the Internet affect supply chains across entire industries. The Internet has no centralized governance in either technological implementation or policies for access and usage; each constituent network sets its own standards. Only the overreaching definitions of the two principal name spaces in the Internet, the Internet Protocol address space and the Domain Name System, are directed by a maintainer organization, the Internet Corporation for Assigned Names and Numbers (ICANN). The technical underpinning and standardization of the core protocols (IPv4 and IPv6) is an activity of the Internet Engineering Task Force (IETF), a non-profit organization of loosely affiliated international participants that anyone may associate with by contributing technical expertise.

Evolution of e-Business: In the 1970s there was a growing demand to communicate trading messages electronically between customers and suppliers, in order to reduce costs and to improve customer service. However, the existing supply of technology did not then support this demand. Indeed, technology alone can never meet the communications requirements of business and administration. E.business only fulfils its potential when each business message unfailingly results in the recipient actioning precisely what the sender has asked for. Clearly, it takes more than technology alone to achieve this. Therefore, electronic technology and value chain management improvements need to develop in a mutually supportive manner1. A Value Chain is the overall combination of internal and external resources human, physical, financial and data which require to be marshaled and managed, directly and indirectly, in order to achieve the objectives of any organisation, and especially to optimise its net value and benefit to each participant. This is achieved through enhancing performance, speed, certainty, safety and security of service at low operational, capital and through life costs. In turn, these means can be optimised through the judicious employment of e.business, provided that more simple and standard business processes and data are also used by the value chain participants. For example, until, in the later 1970s and early 1980s, when some more standard value chain processes and business messages were agreed, supported by standard item coding, along with the development of cost-effective communication Networks for electronic data interchange (EDI), e.business supply could not begin to meet well key customer demands. Since then, the demand for e.business has Continued to grow rapidly. But, the supply of technological solutions has grown faster than the ability or willingness of many organizations to utilize these fully and economically. The advent of the Internet has provided many beneficial developments, such as email, e.exchanges, e.catalogues, e.collaboration and other data files, along with the facility to communicate directly with most people and places. Nevertheless, the many technical enhancements have not obviated the need for organizations to simplify and standardize their internal and external value chain processes and data if they are to derive the full potential cost-effective benefits of collaborating electronically. Too often, both public and private organizations are unwilling to alter long-standing ways of doing business in order to gain the benefits from more simple, standard, speedy, certain and low cost value chain processes. Indeed, sometimes they unwisely believe that that the introduction of e.technology will of itself improve the quality of their processes and data. Organizations rarely demand technology. They demand real benefits which the supply of technology can help to support, provided that the appropriate process and data architectures are in place in both senders and recipients of electronic messages. Sound organizations rarely wish to exchange every type of message with everyone. Certainty, security and well specified, sound communication frameworks are as equally important as speed and universality. In this chapter, the evolution of e.business is described. The ever-changing balance between demand and supply is outlined. The conclusion is reached that, while technology provides many solutions to long-standing issues, along with great

opportunities to create and meet new demands, some fundamental business needs for cost-effective processes and security of communication have yet to be met. Furthermore, Value chain management re-development is an essential pre-requisite of the successful application of e.business. Proposals for improvements are therefore also made. Q6. Explain in detail about any website offering e-commerce solutions in the travel industry. Ans. Makemytrip: Enamored by the Internet and frustrated by how hard it was to travel in India Deep Kalra opened MakeMyTrip.com. The siteas you might guess from the namewas like any of the online travel brokers started during the dot com bubble, only it was in India. After the market crash and September 11, Kalras foreign investors reneged on $1 million in funding commitments. Then there was the triple whammy of SARS, which made everyone want to travel in Asia less. He was 31-years-old with a wife and a baby at a time when starting a dot com was insane and in a place where it was downright suicidal. Indeed, many VCs will tell you today that Indiawhere only 50 million people are online and just two million have broadband connections is still not ready for the consumer Web. Indiaa country with few Internet homerunstook longer. But Kalras company is now making $5 million in US dollars of profit this year and doing more than $500 million in gross bookings. Revenues are up 88% during the recession and one-out-of-every-twelve domestic flights in India is booked via MakeMyTrip.com. After airline tickets, the second biggest category is railway ticketsthe site sells 2,500 of them every day. Kalra is busy interviewing a lot of US-trained management types to augment the team. Dont look now, but MakeMyTrip could be Indias next dot com IPO. (Like most well-behaved CEOs, Kalra wouldnt comment on any immediate IPO plans.) Why does travel take off so fast? For starters, its one of the only categories where you buy something thats delivered over email. Forget costsin emerging markets shipping to far-flung areas doesnt always exist. Kalra says etickets may have saved the company. For most, booking online doesnt require a huge change in the way they buy travel. In pre-Internet days in India and the US most people booked travel through a travel agent whod pull up inventory in a computer. The Web just cut out the middleman. (And his fees.) Compare that to online shopping for physical goods, which requires a radical change in behavior. People whove only recently gained a disposable income frequently want the experience of shopping, and the ability to feel, examine and try things on. Malls are still a new thing here, Kalra says. And because a ticket or hotel room is a perishable asset, someone who can move those assets can get a nice cut. Kalra has made more money during the recession by getting better rates from anxious suppliers. Travel wont be the ecommerce exception forever. Indias rush of a middle class with disposable income is evolving fast. When Kalra was growing up no one went on Honeymoons abroad and now most of the kids in his office do. And hotels were verbotenyou visited family and stayed with family. Kalra has a hunch the next local

ecommerce hit could be FlipKart, an online book retailer with a whopping 5 million monthly uniques, profitability and a new round of cash from Accel in the bank. MakeMyTrip still suffers from some local cultural hang-ups. Hotel bookings, for instance, arent doing quite as well. People dont trust unknown brands and only 15% of Indian hotels are known brands. (Personally, I dont think US sites have cracked the hotel problem either. I only book from local recommendations.) Similarly, people dont want to book big vacation packages online, so Kalra has opened 20 physical stores to guide people through the process. And theres the so-called last mile problem. Kalra doesnt plan on addressing it by opening more stores. Instead, hes playing with the idea of a business-to-business product, where existing local travel agents would use a slow-connection optimized version of MakeMyTrip to access more inventory than they can now and sell through the sites existing back-end system. He doesnt want to cram an efficient online option down the throat of a population that knows its local travel agent and likes to go in and chat with them, have a cup of tea and discuss cricket scores. And clearly one deal with a travel agent is a far more efficient way to reach a whole village. Q7. Write down steps in performing an e-commerce transaction by buying a book or CD online? General steps involved for Buying a Book: 1. Login to the E-commerce site 2. Search for the Book that you want to purchase on the site 3. If the book is available the site will show you the option for buying the item 4. Some site offer bulk buying of item i.e. purchasing multiple books or other products that are available on the site. 5. For bulk buying the ecommerce site have option of Cart. Wherein you can select multiple products and add them to the cart (this will show all the items that you wish to buy) 6. Making payment is the next step involved for getting the product 7. Most of the ecommerce site has multiple payment option (Credit card, debit card). They might have contracted with the third party agency for payment like PayPal etc 8. After making payment via Credit card or any other online payment method. The ecommerce site will send you an online receipt to your email address. 9. After the payment is received. The service provides company in our case the ecommerce site will dispatch the product (book) to our registered address.

Q8. Explain hardware requirement for doing an E-business? Ans - Hardware for an E-commerce Site Hardware platform refers to all the underlying computing equipment that the system users to achieve e-commerce functionality Objective to have enough platform capacity to meet peak demand but not so much that you are wasting money

Important to understand the different factors that affect speed, capacity and scalability of a site

Right-Sizing Your Hardware Platform: The Demand Side Demand that customers put on a site the most important factor affecting the speed of a site Factors involved in demand include: Number of simultaneous users in peak periods Nature of customer requests (user profile) Type of content (dynamic versus static Web pages) Required security Number of items in inventory Number of page requests

Right-Sizing Your Hardware Platform: The Supply Side 1. Scalability: refers to the ability of a site to increase in size as demand warrants 2. Ways to scale hardware: Vertically: increase the processing power of individual components

Horizontally: employ multiple computers to share the workload

Improve processing architecture

List the different ways by which you can make a payment online? An e-commerce payment system facilitates the acceptance of electronic payment for online transactions. Also known as a sample of Electronic Data Interchange (EDI), ecommerce payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking. There are numerous different payments systems available for online merchants: These include the 1. Credit Cards and Smart Cards 2. digital wallets 3. e-cash, 4. mobile payment 5. e-checks 6. Payment Service Providers (PSP) Credit Cards and Smart Cards: Over the years, credit cards have become one of the most common forms of payment for e-commerce transactions. In North America almost 90% of online B2C transactions were made with this payment type

1. Turban et al. goes on to explain that it would be difficult for an online retailer to operate without supporting credit and debit cards due to their widespread use. Increased security measures such as the use of the card verification number (CVN) which detects fraud by comparing the verification number printed on the signature strip on the back of the card with the information on file with the cardholder's issuing bank 2. Also online merchants have to comply with stringent rules stipulated by the credit and debit card issuers (Visa and MasterCard) 3. this means that merchants must have security protocol and procedures in place to ensure transactions are more secure

Digital Wallets: A digital wallet (also known as an e-wallet) allows users to make electronic commerce transactions quickly and securely. A digital wallet functions much like a physical wallet. The digital wallet was first conceived as a method of storing various forms of electronic money (e-cash), but with little popularity of such e-cash services, the digital wallet has evolved into a service that provides internet users with a convenient way to store and use online shopping information. E-Cash: Electronic money (also known as e-currency, e-money, electronic cash, electronic currency, digital money, digital cash, digital currency, cyber currency) refers to money or scrip which is only exchanged electronically. Typically, this involves the use of computer networks, the internet and digital stored value systems. Electronic Funds Transfer (EFT), direct deposit, digital gold currency and virtual currency are all examples of electronic money. Also, it is a collective term for financial cryptography and technologies enabling it. Mobile Payment: Mobile payment or known also as Mobile wallet is an alternative payment method. Instead of paying with cash, cheque or credit cards, a consumer can use a mobile phone to pay for a wide range of services and digital or hard goods such as: Music, videos, ringtones, online game subscription or items, wallpapers and other digital goods. Transportation fare (bus, subway or train), parking meters and other services Books, magazines, tickets and other hard goods. There are four primary models for mobile payments: 1. Premium SMS based transactional payments 2. Direct Mobile Billing 3. Mobile web payments (WAP) 4. Contactless NFC (Near Field Communication) E-Checks:

Electronic funds transfer or EFT is the electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions, through computer-based systems. Payment Service Providers (PSP) A payment service provider (PSP) offers merchants online services for accepting electronic payments by a variety of payment methods including credit card, bankbased payments such as direct debit, bank transfer, and real-time bank transfer based on online banking. Some PSPs provide unique services to process other next generation methods (Payment systems) including cash payments, wallets such asPayPal, prepaid cards or vouchers, and even paper or e-check processing. Typically, a PSP can connect to multiple acquiring banks, card, and payment networks. In many cases, the PSP will fully manage these technical connections, relationships with the external network, and bank accounts. This makes the merchant less dependent on financial institutions and free from the task of establishing these connections directly - especially when operating internationally. Furthermore, a full service PSP can offer risk management services for card and bank based payments, transaction payment matching, reporting, fund remittance and fraud protection in addition to multi-currency functionality and services. Q10. Explain server software requirement for doing an E-business. Ans. The selection of the operating system, web server software and the database software depends upon the platform on which your website application has been designed. The development cost of the application is also governed by the price associated with the software licenses and the cost for maintaining the application that has been designed. Regardless of the server we choose, we should be able to manage the server comfortably. Normally web servers run on 2 different platforms, either a Microsoft based platform or a Linux based platform. Windows Operating Systems: If the web application is designed using ASP, .Net and SQL languages, then the natural selection of the operating system is Microsoft windows 2003/2008 server edition, with Internet Information Server (IIS) web server and SQL database. This comes as a package from Microsoft along with a few more applications under the box pack called Small Business Server. A windows server needs to have a higher and sturdier hardware configuration for better performance and uptime. Linux Operating Systems: The other option is to use Linux based operating systems. If the web application is designed using PHP (a scripting language and interpreter called the Hypertext preprocessor) or MySQL, then the preferred operating system is any Linux flavor. The most common is the RedHat version of Linux. RedHat is one of the largest Linux

distributions, has a very large established user base and offers very good and frequent updates, fixes and workarounds which can be automated also. RedHat Linux has been proven to provide stable, flexible and easy to maintain web applications. It also has components pre-installed that make setting up the web server simple and effective. So you can easily install RedHat or Apache as the web server with a PHP version and MySQL as a sturdy database. Operating System comparison: PHP has become popular as a scripting language for the Web, with a LAMP (LinuxApache-MySQL-PHP) architecture for building dynamic, data-driven websites. But Microsofts ASP (Active Server Pages) is still widely used, and its easy integration with SQL server and MySQL, as well as growing support for ASP.Net applications, makes it a popular choice too. IIS is more easily managed via the Graphical User Interface (GUI), both remotely and locally. Web tools are also available to handle configuration and maintenance of this prolific Web server. IIS is controlled mostly through Windows management tools, but Microsoft also offers command-line tools. Apache is sturdy and stable but you will have to manually configure it via text files and it will not have an easy-to-use GUI. Another factor to consider is the ability to add functionality and features to the core Web server. Apache uses modules, whereas IIS uses plug-ins. Most Apache modules are free, and if you have a specific need such as MP3 streaming, youll probably find a module that meets this need. IIS also accommodates third-party software and other suppliers, but youll have to pay for the additional functionality. Finally, remember that you must administer not only the Web server but the operating server too. So, choose an OS-Web combination that best fits your organizations skill set and comfort level.

Q11. Explain E-commerce, its scope and barriers. Ans. E-commerce: In its simplest form ecommerce is the buying and selling of products and services by businesses and consumers over the Internet. Often referred to as simply ecommerce (or e-commerce) the phrase is used to describe business that is conducted over the Internet using any of the applications that rely on the Internet, such as e-mail, instant messaging, shopping carts, Web services, UDDI, FTP, and EDI, among others. Electronic commerce can be between two businesses transmitting funds, goods, services and/or data or between a business and a customer. E-commerce can provide the following benefits over non-electronic commerce:

Reduced costs by reducing labour, reduced paper work, reduced errors in keying in data, reduce post costs Reduced time. Shorter lead times for payment and return on investment in advertising, faster delivery of product

Flexibility with efficiency. The ability to handle complex situations, product ranges and customer profiles without the situation becoming unmanageable. Improve relationships with trading partners. Improved communication between trading partners leads to enhanced long-term relationships. Lock in Customers. The closer you are to your customer and the more you work with them to change from normal business practices to best practice ecommerce the harder it is for a competitor to upset your customer relationship. New Markets. The Internet has the potential to expand your business into wider geographical locations.

Scope of E-commerce: 1. Usage of Internet 2. Exchange of digitized information 3. Technology-enabled transactions 4. Technology-mediated relationships 5. Intra- & inter-organizational activities Companies involved in e-commerce as either buyers or sellers rely on Internet-based technologies and e-commerce applications and services to accomplish marketing, discovery, transaction processing, and product and customer service processes. The Internet, intranets, and extranets provide vital electronic commerce links between the components of a business and its customers, suppliers, and other business partners. This allows companies to engage in three basic categories of electronic commerce applications: Business-to-Consumer (B2C) e-Commerce: In this form of electronic commerce, businesses must develop attractive electronic marketplaces to entice and sell products and services to customers. Companies may offer:

E-commerce websites that provide virtual storefronts and multimedia catalogs. Interactive order processing. Secure electronic payment systems. Online customer support.

Business-to-Business (B2B) e-Commerce: This category of electronic commerce involves both electronic business marketplaces and direct market links between businesses. Companies may offer:

Secure Internet or extranet e-commerce websites for their business customers and suppliers.

Electronic data interchange (EDI) via the Internet or extranets for computer-tocomputer exchange of e-commerce documents with their larger business customers and suppliers. B2B e-commerce portals that provide auction and exchange markets for businesses.

Consumer-to-Consumer (C2C) e-Commerce: Successes of online auctions like e-Bay, allow consumers (and businesses) to buy and sell with each other in an auction process at an auction website.

Online consumer or business auctions are an important e-commerce alternative for B2C or B2B e-commerce. Electronic personal advertising of products or services to buy or sell by consumers at electronic newspaper sites, consumer e-commerce portals, or personal websites is an important form of C2C e-commerce.

Limitations of e-commerce: Technical Limitations 1. Costs of a technological solution. 2. Some protocols are not standardized around the world. 3. Reliability for certain processes. 4. Insufficient telecommunications bandwidth. 5. Software tools are not fixed but constantly evolving. 6. Integrating digital and non-digital sales and production information. 7. Access limitations of dial-up, cable, isdn, wireless. 8. Some vendors require certain software to show features on their pages, which is not common in the standard browser used by the majority. 9. Difficulty in integrating e-commerce infrastructure with current organizational it systems. Non-Technical Limitations. 1. Customer fear of personal information being used wrongly a. Privacy issues 2. Customer expectations unmet 3. Rules and regulations 4. Security and privacy a. Vulnerability to fraud and other crimes 5. Lack of trust and user resistance a. Fear of payment information being unsecure 6. Tactile limitations

7. Legal issues outstanding such as jurisdiction 8. Legal environment has many new and conflicting laws 9. Cultural obstacles 10. Linguistic challenges 11. Limitations of support services 12. Financial cost 13. Sourcing tech support in foreign languages 14. Lack of critical mass in certain market areas for sellers and buyers 15. Accessibility outside of urban/suburban and areas effects universality 16. Higher employee training required to be click and mortar 17. People's resistance to change 18. People not used to faceless / paperless / non-physical transactions.

Q12. Explain how you create an e-biz model for a company. Ans. E-business involves business processes spanning the entire value chain: electronic purchasing and supply chain management, processing orders electronically, handling customer service, and cooperating with business partners. Special technical standards for ebusiness facilitate the exchange of data between companies. E-business software solutions allow the integration of intra and inter firm business processes. E-business can be conducted using the Web, the Internet, intranets, extranets, or some combination of these. Basically, electronic commerce (EC) is the process of buying, transferring, or exchanging products, services, and/or information via computer networks, including the internet. EC can also be beneficial from many perspectives including business process, service, learning, collaborative, community. EC is often confused with e-business. When organizations go online, they have to decide which e-business models best suit their goals. A business model is defined as the organization of product, service and information flows, and the source of revenues and benefits for suppliers and customers. The concept of ebusiness model is the same but used in the online presence. The following is a list of the currently most adopted e-business models such as: E-shops E-commerce E-procurement E-malls E-auctions Virtual Communities Collaboration Platforms Third-party Marketplaces Value-chain Integrators Value-chain Service Providers

 Information Brokerage Telecommunication Customer relationship We can classify e-businesses into the following categories: business-to-business (B2B) business-to-consumer (B2C) business-to-employee (B2E) business-to-government (B2G) government-to-business (G2B) government-to-government (G2G) government-to-citizen (G2C) consumer-to-consumer (C2C) consumer-to-business (C2B) online-to-offline (O2O)

The Business Model: describes how a company functions; how it provides a product or service, and how it produces revenue. indicates how a company will create and adapt to new markets and technologies. has four components: e-business concept, value proposition, sources of revenue, and business activities, resources and capabilities. Shows how a company can be successful provided that all the components work together in a cooperative and supportive fashion. helps management to focus on the whole business, not just on one activity.

Supply Chains : Successful supply chains are vital for manufacturing operations since the timeliness; cost and success of the final product may depend on a component part made by a single supplier.

Value Proposition: The value proposition describes the value that the company will provide to its customers and, sometimes, to others as well. With a value proposition the company attempts to offer better value than competitors so that the buyer will benefit most with this product. A value proposition may include one or more of the following points: Reduced price Speed of delivery and assistance Products that lead to increased efficiency and productivity Access to a large and available inventory that presents options for the buyer

Providing value in an e-business uses the same approach as providing value in any business, although it may require different capabilities. But common to both are the customers who seek out value in a business transaction. The value proposition helps focus the business on the well-being of the customer, where it remains in successful companies. Front-end activities deal directly with the customer while back-end systems include all of the internal support activities that do not deal directly with the customer. Some enterprises have different geographic locations for front-end and back-end office

activities and rely on the integration of the associated computer and network systems for successful corporate operations.

Sources of Revenue: Depending on the business model, several revenue sources may be available to an ebusiness. Many online businesses will have a three or four of these sources. A mix of revenue sources is often referred to as a revenue model but may be mistakenly called a business model. Some of these sources of revenue are: Advertising Affiliation Agent commissions Licensing Sales commissions Sales profits Sponsorship Subscription Syndication Use Fees

E-Business Environment and Strategies:

The rate of change in e-business presents an enormous challenge to managers. Business on the Internet is just beginning, and is evolving through a process of trial and error. Management flexibility is a key for survival and success in e-business. The environment of any organization consists of all of the factors that are beyond its control, but influence it in one way or another. Examples of these factors are shown in the figure, E-Business Environment and Strategies. To counter the potential adverse affects of these factors, the e-business can respond with strategies. An external strategy is an approach to deal with factors in the external business environment such as competitors, markets, and technological developments, which are beyond the company's direct control. This is different from a corporate strategy, which addresses factors under the company's control such as the approach to marketing, sales, and pricing. Other components of the business model such as the value proposition and sources of revenue may also include strategies. The Competitive Environment and Strategies: The competitive environment, sometimes known as the industry environment, results from relationships with other firms. These relationships are with suppliers, customers, producers of substitute products, potential new entrants, competitors, "complementors", and strategic partners. When suppliers are limited, they may keep prices high and reduce the profit of a firm that buys from them. A strategy for the buyer is to find new suppliers, or producers of substitute products. On the other hand, if there are only a few buyers, they can keep prices low, but a strategy for the seller is to find more customers to compete for products in order to raise prices, or to find a more profitable of their industrial capacity. Therefore the Internet serves to increase the knowledge of prices, find producers of substitute inputs, and subsequently cause downward pressure on prices. Potential new entrants to a market may also disrupt prices. Either they enter the market with low prices to gain market share, or they cause the existing firm to lower its prices in order to create a entry barrier to the new firm. Competitors may also cause prices to drop through price wars, but can also contribute to stability in the marketplace. Above are some important considerations which will help to create an e-biz model for a company.

1) Explain How the Digital Certificate Works. a) Public key b) Private key A digital certificate is a digital credential that validates the identity of the certificate's owner, much as a passport does. The identification information that a digital certificate provides is known as the subject distinguished name. A trusted party, called a Certificate Authority (CA), issues digital certificates to users or to organizations. The trust in the CA is the foundation of trust in the certificate as a valid credential. A digital certificate also contains a public key which is part of a public-private key pair. A variety of security functions rely on the use of digital certificates and their associated key pairs. You can use digital certificates to configure Secure Sockets Layer (SSL) sessions to ensure private, secure communication sessions between users and your server applications. You can extend this security by configuring many SSL-enabled applications to require certificates instead of user names and passwords for more secure user authentication. Using the dual-key cryptography algorithm, the Digital Certificates allow users to exchange Public Keys to secure and authenticate each other. There are two main uses for Digital Certificates are for: 1. Secure Email 2. Secure Access And when considering using Digital Certificates you need to consider: 3. The Digital Certificate policy 4. The Registration Authority Function

Communication; Secure Email User A and B exchange Public Keys and use the other persons Public Key to encrypt messages back to each other. Only User A has the Private Key that can decrypt any the messages encrypted with User As matching Public Key.

Secure Access In the case where a web server has a highly secure area and wishes to give restricted and controlled access to the information stored on it, then usernames and passwords do not offer sufficient protection. Replacing this insecure login method with a Digi-ID solves this problem. There are two types of Digi-Acces authentication systems: One-to-One Authentication One-to-Many Authentication

One-to-One Authentication Public keys and Private Keys recognize each other and because the Public Key can be freely distributed, the web server can store all the Public Keys belonging to its list of authorized users and match the Keys for users seeking access. This is called On-to-One authentication. User As Public Key is stored on the web server. When User A attempts to gain access to the server, the server asks User As browsers Certificate Store to confirm that it has the matching Private Key to the Public Key stored on the server. If the match is confirmed, User A is granted access. In simpler deployments, you might only need to identify groups of users in which case the One-to-Many implementation is faster to implement and easier to manage.

One-to-Many Authentication In One-to-Many Authentication, the entire group of users or several subgroups are formed. The server is then configured to seek the Signing Certificate only, in which case, the server doesnt need a copy of each individuals Public Key. This is easier to deploy and manage because the server doesnt require a unique configuration for each Digi-ID that will be used to access it. By its simplicity, the server is configured once and any number of users can access it without any further intervention and still the individual user can be revoked so that access is denied on the individual basis as needed.

Private Key encryption In cryptography, a private or secret key is an encryption/decryption key known only to the party or parties that exchange secret messages. In traditional secret key cryptography, a key would be shared by the communicators so that each could encrypt and decrypt messages. The risk in this system is that if either party loses the key or it is stolen, the system is broken Public key encryption - Public key encryption uses a combination of a private key and a public key. The private key is known only to your computer while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key provided by the originating computer and its own private key.

The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. A public key infrastructure consists of: 1. A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key 2. A registration authority (RA) that acts as the verifier for the certificate 3. authority before a digital certificate is issued to a requestor 4. One or more directories where the certificates (with their public keys) are held 5. A certificate management system

2) Explain any 2 technologies facilitate E-commerce a) Electronic funds transfer (EFT) b) Electronic data interchange (EDI) c) Internet / world wide web (WWW)

A .Electronic funds transfer or EFT is the electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions, through computer-based systems. The term covers a number of different concepts:

Cardholder-initiated transactions, where a cardholder makes use of a payment card Direct deposit payroll payments for a business to its employees, possibly via a payroll service bureau Direct debit payments, sometimes called electronic checks, for which a business debits the consumer's bank accounts for payment for goods or services Electronic bill payment in online banking, which may be delivered by EFT or paper check Transactions involving stored value of electronic money, possibly in a private currency Wire transfer via an international banking network (carries a higher fee in North America) Electronic Benefit Transfer

B. Electronic data interchange (EDI) is the structured transmission of data between organizations by electronic means. It is used to transfer electronic documents or business

data from one computer system to another computer system, i.e. from one trading partner to another trading partner without human intervention.

It is more than mere e-mail; for instance, organizations might replace bills of lading and even cheques with appropriate EDI messages. It also refers specifically to a family of standards. In 1996, the National Institute of Standards and Technology defined electronic data interchange as "the computer-to-computer interchange of strictly formatted messages that represent documents other than monetary instruments. EDI implies a sequence of messages between two parties, either of whom may serve as originator or recipient. The formatted data representing the documents may be transmitted from originator to recipient via telecommunications or physically transported on electronic storage media." It distinguishes mere electronic communication or data exchange, specifying that "in EDI, the usual processing of received messages is by computer only. Human intervention in the processing of a received message is typically intended only for error conditions, for quality review, and for special situations. For example, the transmission of binary or textual data is not EDI as defined here unless the data are treated as one or more data elements of an EDI message and are not normally intended for human interpretation as part of online data processing. EDI can be formally defined as the transfer of structured data, by agreed message standards, from one computer system to another without human intervention.

C.
1.

Internet / world wide web (WWW) The Internet is a worldwide network of computers that use common communication standards and interfaces to provide the physical backbone for a number of interesting applications. 2. One of the most utilized of these Internet applications is the World Wide Web. What sets the Web apart is an easy-to-use interface to a complex network of computers and data.

Internet? The Internet is a massive network of networks, a networking infrastructure. It connects millions of computers together globally, forming a network in which any computer can communicate with any other computer as long as they are both connected to the Internet. Information that travels over the Internet does so via a variety of languages known as protocols. What is The Web (World Wide Web)? The World Wide Web, or simply Web, is a way of accessing information over the medium of the Internet. It is an information-sharing model that is built on top of the

Internet. The Web uses the HTTP protocol, only one of the languages spoken over the Internet, to transmit data. Web services, which use HTTP to allow applications to communicate in order to exchange business logic, use the the Web to share information. The Web also utilizes browsers, such as Internet Explorer or Firefox, to access Web documents called Web pages that are linked to each other via hyperlinks. Web documents also contain graphics, sounds, text and video

Q 15) Explain any 4 Common Internet Services a) E-mail b) Newsgroups c) Mailing lists d) Chats e) FTP f) Telephony Email: Electronic mail is called as Email. Basically it is getting use for make communications between user using electronic media. When we are talk about the electronic media then it means to existing computer network. Now days each an every organization is having own private network present around the globe. To make the communication (formal/informal) they are using Email. Email has become integral part of each organizational as well as personal communication over internet & intranet. Email system works on store and forward mechanism. Email servers accept, forward, deliver and store messages. User either requires email client loaded on this desktop/laptop or can be accessible via web browser. An email message consists of three components, the message envelope, the message header, and the message body. The message header contains control information, including, minimally, an originator's email address and one or more recipient addresses. Usually descriptive information is also added, such as a subject header field and a message submission date/time stamp. E-mail messages are usually encoded in ASCII text. However, you can also send non-text files, such as graphic images and sound files, as attachments sent in binary streams. E-mail was one of the first uses of the Internet and is still the most popular use. E-mail is one of the protocols included with the Transport Control Protocol/Internet Protocol (TCP/IP) suite of protocols. A popular protocol for sending e-mail is Simple Mail Transfer Protocol and a popular protocol for receiving it is POP3. Both Netscape and Microsoft include an email utility with their Web browsers. Online meeting can be schedule via email. FTP: FTP is an acronym for File Transfer Protocol. As the name suggests, FTP is used to transfer files between computers on a network. You can use FTP to exchange files between computer accounts, transfer files between an account and a desktop computer, or access online software archives. Keep in mind, however, that many FTP sites are heavily used and require several attempts before connecting. FTP can be used by following ways

1. Graphical FTP clients Graphical FTP clients simplify file transfers by allowing you to drag and drop file icons between windows. When you open the program, enter the name of the FTP host (e.g., ftp.simsr.edu) and your username and password. If you are logging into an anonymous FTP server, you may not have to enter anything. Two common FTP programs are Cyberduck (for Mac) and WinSCP (for Windows). 2. Web browser You can use a web browser to connect to FTP addresses exactly as you would to connect to HTTP addresses. Using a web browser for FTP transfers makes it easy for you to browse large directories and read and retrieve files. Your web browser will also take care of some of the details of connecting to a site and transferring files. While this method is convenient, web browsers are often slower and less reliable and have fewer features than dedicated FTP clients. To use your web browser to connect to an FTP site such as ftp.simsr.edu, where you normally enter a URL, enter:ftp://username@ftp.simsr.edu/ 3. Command line FTP Windows, Mac OS X, and Linux have built-in command line clients; see What are some common FTP commands? For example, to start FTP, at the command line prompt, enter: ftp ftp.simsr.edu Telephony: Telephony is the technology associated with the electronic transmission of voice, fax, or other information between distant parties using systems historically associated with the telephone, a handheld device containing both a speaker or transmitter and a receiver. With the arrival of computers and the transmittal of digital information over telephone systems and the use of radio to transmit telephone signals, the distinction between telephony and telecommunication has become difficult to make. Internet telephony is the use of the Internet rather than the traditional telephone company infrastructure and rate structure to exchange spoken or other telephone information. Since access to the Internet is available at local phone connection rates, an international or other long-distance call will be much less expensive than through the traditional call arrangement. On the Internet, three new services are now or will soon be available: The ability to make a normal voice phone call (whether or not the person called is immediately available; that is, the phone will ring at the location of the person called) through the Internet at the price of a local call

The ability to send fax transmissions at very low cost (at local call prices) through a gateway point on the Internet in major cities The ability to send voice messages along with text e-mail

Newsgroup: A newsgroup is a discussion about a particular subject consisting of notes written to a central Internet site and redistributed through Usenet, a worldwide network of news discussion groups. Usenet uses the Network News Transfer Protocol (NNTP). Newsgroups are organized into subject hierarchies, with the first few letters of the newsgroup name indicating the major subject category and sub-categories represented by a subtopic name. Many subjects have multiple levels of subtopics. Some major subject categories are: news, rec (recreation), soc (society), sci (science), comp (computers), and so forth (there are many more). Users can post to existing newsgroups, respond to previous posts, and create new newsgroups. Newcomers to newsgroups are requested to learn basic Usenet netiquette and to get familiar with a newsgroup before posting to it. A frequently-asked questions is provided. The rules can be found when you start to enter the Usenet through your browser or an online service. You can subscribe to the postings on a particular newsgroup. Some newsgroups are moderated by a designated person who decides which postings to allow or to remove. Most newsgroups are unmoderated. Q 16) Explain the difference between E-Commerce v/s E-Business Ecommerce allowing your clients to access your website view a virtual catalogue and when they are interested in what you have to offer from products and services they can simply add it to a virtual shopping cart allowing them to pay for it online via the means of electronic transactions to include credit cards and direct debit. eBusiness relates to any commercial activity that is conducted in an electronic format. This includes commercial transactions conducted via the Internet, telephone and fax, electronic banking and payment systems, electronic purchasing and restocking, etc. eBusiness is not limited to certain type of business or technology related products and services. One of the uses of eBusiness is networking allowing sales and marketing activities to take place. Other eBusiness activities include purchasing and logistics, production, educations, design and engineering. The most effective use of eBusiness is when a business combines several of these activities allowing information to flow from sales, to purchasing and production. eBusiness can certainly be used in: Communication, e.g. e-mail, Promotion, e.g. web pages, keeping clients informed about products, services and developments, facilitation of market research via asking clients to participate in online surveys, or providing customer service, Linking, e.g. Internal Linking between departments known as Intranet and External Linking with suppliers known as Extranet, and Creating new business models, e.g. sharing resources with new partners.

Q.17 Advantages from buyers and sellers point of view A: Sellers Increased Sales Opportunities/Work 24x7: Your business can be selling 24 hours a day, 7 days a week, without adding any headcount. Many customers have become accustomed to the convenience of doing business online and expect that it be offered by their preferred reseller partners. With ProSel /IT your customers can decide when, where and how they they do business with you, by utilizing an online sales channel that complements and enhances your sales team's efforts. When presented with flexible buying options, buyers buy more often. Enabling online sales promotes new business and can enhance your company's reputation. Decreased Transaction Costs: The automation of sales transactions and the administration of products, pricing, and customer information can drive the costs out of your business, and help you make better product sourcing decisions. Even a few percentage points saved on back-end costs may often translate into much larger profit gains. ProSel /IT can be custom integrated with other existing reseller systems providing even more time and cost savings potential. Increased Speed and accuracy ProSel /IT effectively builds an electronic bridge between your customers, your sales team, and the manufacturer's and distributor's products your company represents. Your supply chain will be more efficient and convenient resulting in faster quoting and sourcing decisions and more accurate, up-to-date information. Key ProSel /IT Benefits Take your variable business to the next level... ProSel /IT helps IT resellers grow their business with online tools to increase sales and productivity. It is much more than a shopping cart. It's a full e-Business solution with exactly what you need to build your business online, the way you want it to be. It will help insure that your company's e-Business strategy is a success! Your business will enjoy... Increased Sales Productivity A key to increasing business is to keep your sales team actively selling - by providing them with the tools they need to work efficiently. With ProSel /IT they will have product information and availability, customer pricing profiles, and quoting and ordering tools at their fingertips, conveniently organized and accessible via a web browser. This helps keep sales team productivity high, allowing them to spend more time on higher value activities and on building and enhancing customer relationships (utilizing ProSel /IT's built-in Web and email marketing tools!) Increased Business Efficiency ProSel /IT effectively builds an electronic bridge between your customers, your sales team, and the manufacturer's and distributor's products your company represents. Your

supply chain will be more efficient and convenient resulting in faster quoting and sourcing decisions and more accurate, up-to-date information. Increased Customer Satisfaction A customer's day-to-day experience of working with your company has the most impact on their satisfaction and their likelihood of remaining your customer. Conducting sales transactions may be the most common form of interaction a customer will have with your firm, so making that experience more satisfying can result in happier customers and more repeat business! Reduced Administrative Costs and Increased Margins The automation of sales transactions and the administration of products, pricing, and customer information can drive the costs out of your business, and help you make better product sourcing decisions. Even a few percentage points saved on back-end costs may often translate into much larger profit gains. ProSel /IT can be custom integrated with other existing reseller systems providing even more time and cost savings potential. Top-Line Revenue Growth with Multi-Portal e-Commerce Over time, customer business gravitates to those resellers that they have a 'convenient relationship' with. ProSel /IT uses the Internet to give your customers the option to conduct business online, anytime, from anywhere to research products, review contract pricing, prepare quotes and place orders when and how they wish. Besides being great for your relationship, this additional sales channel complements your current sales approach and can translate into higher sales and higher margins too! Personalized E-Commerce is the Future No longer do you have to settle for a one-size-fits-all approach to e-Commerce. With ProSel /IT's versatile Multi-Portal e-Commerce you can quickly and easily create an unlimited number of individualized portals allowing you to provide each client, if so desired, a site to fit their exact, yet unique needs. Whether it is contract pricing, special product bundles, specialized purchasing requirements, unique payment or shipping requirements, ProSel /IT can handle it! Expanded Selling Opportunities - 24 x 7 x 365 Your business can be selling 24 hours a day, 7 days a week, without adding any headcount. Many customers have become accustomed to the convenience of doing business online and expect that it be offered by their preferred reseller partners. With ProSel /IT your customers can decide when, where and how they they do business with you, by utilizing an online sales channel that complements and enhances your sales team's efforts. When presented with flexible buying options, buyers buy more often. Enabling online sales promotes new business and can enhance your company's reputation. Reduced Procurement Costs for your Customers Numerous studies have shown that customers that embrace e-business solutions for obtaining products and services can save between 20 - 60% of their own administrative costs related to their procurement process. Resellers utilizing ProSel /IT can also provide a new 'value-added' service to their customers by helping them save time and cut costs when ordering. A More Secure Competitive Position

The Internet is now the primary initiation point of commerce - of both product research and buying. A 2006 study by Forrester Research found that 54% of buyers research their purchases online, even when they buy through an offline process. And 37% research offline but purchase online. With ProSel /IT, you can focus your client's online activity around your business and eliminate the need for them to look elsewhere. In fact, IT resellers lacking an e-Business strategy may find their customers (and sales team!) steadily migrating to their competitors that are e-Business enabled. What used to be 'bleeding edge' is now a business requirement for many customers and account reps. ProSel /IT can keep your business securely positioned in the competitive IT marketplace. Increased sales The eBusiness Service will support your sales growth by planning and executing online sales strategies that drive on and offline enquiry and applications. The online channel is rapidly becoming the preferred avenue for information gathering and financial product sales. For many consumers, an advanced online presence is a key quality indicator for banking services. Improved member service Members expect to be able to conduct their banking relationship with you online including: uninterrupted access to Internet Banking use of your website to find information about your products & services use of online applications & communications use of member service tools such as product comparisons, product selection wizards and calculators Cost reduction The eBusiness Service assists with member service cost management, here's how: well executed online strategies to expand market reach and penetration supporting the migration of member interactions online streamlining internal communications through user-friendly Intranets and online form systems sharing aggregated product & service costs over nearly three dozen organisations Peace of mind The key result areas outlined above are just a part of the story. Clients of the eBusiness Service get all the benefits of a dedicated, experienced eBusiness team, developing online services, advancing their strategies and providing timely and responsive service. Q.18 Explain the E-Business Models with the help of an example for each. Business to Consumer (B2C) B2C stands for Business to Consumer as the name suggests, it is the model taking businesses and consumers interaction. Online business sells to individuals. The basic concept of this model is to sell the product online to the consumers.

B2c is the indirect trade between the company and consumers. It provides direct selling through online. For example: if you want to sell goods and services to customer so that anybody can purchase any products directly from suppliers website. Directly interact with the customers is the main difference with other business model. As B2B it manages directly relationship with consumers, B2C supply chains normally deal with business that are related to the customer. Example: Amazon.com, eBay.com, etc. Business to Business (B2B) B2B stands for Business to Business. It consists of largest form of Ecommerce. This model defines that Buyer and seller are two different entities. It is similar to manufacturer issuing goods to the retailer or wholesaler. Dell deals computers and other associated accessories online but it is does not make up all those products. So, in govern to deal those products, first step is to purchases them from unlike businesses i.e. the producers of those products. It is one of the cost effective way to sell out product throughout the world Benefits:

Encourage your businesses online Products import and export Determine buyers and suppliers Position trade guides

Example: Chemdex, MetalSite, VerticalNet, SHOP2gether, CATEX, HoustonStreet.com Consumer to Consumer (C2C) Consumer-to-consumer (C2C) e-commerce is concerned with the use of e-commerce by individuals to trade and exchange information with other individuals. There has been a huge growth in consumer to consumer auctions sites such as e-Bay and sites enabling consumers to offer goods and services to other consumers on an individual basis. Example: eBay.com

Business to Government (B2G) Business-to-government (B2G) e-commerce is concerned with the need for business to sell goods or services to governments or government agencies. Such activities include supplying the army, police force, hospitals and schools with products and services. Furthermore, businesses will often compete in an online environment for contracts to provide services to the public on behalf of the government. Such services may include the collection of taxes, and the supply of public services. The table below provides a summary of the different e-commerce categories:

Example: eFederal, iGov.com Consumer to Business (C2B) Consumer-to-business (C2B) is an electronic commerce business model in which consumers (individuals) offer products and services to companies and the companies pay them. This business model is a complete reversal of traditional business model where

companies offer goods and services to consumers (business-to-consumer = B2C). We can see this example in blogs or internet forums where the author offers a link back to an online business facilitating the purchase of some product (like a book on Amazon.com), and the author might receive affiliate revenue from a successful sale. Example: LinkedIN Q - 19 Explain the Major types of Revenue Models. The various models used by web businesses today to generate revenue. Such models include: web catalogue, advertising-supported, advertising-subscription mixed, and feebased. These approaches can work for both business-to-consumer (B2C) and business-tobusiness (B2B) electronic commerce. Many companies create one website to handle both B2C and B2B sales. Some businesses use the same revenue model for both types of sales, despite creating separate sites (or separate pages within one site) for B2C and B2B ecommerce. Revenue models A useful way to think about electronic commerce implementations is to consider how they can generate revenue. However, it is important to remember that not all electronic commerce initiatives have the goal of providing revenue; some are undertaken to reduce costs or improve customer service. Web catalogue revenue models In this revenue model, the seller establishes a brand image, and then uses the strength of that image to sell through printed catalogues mailed to prospective buyers. Buyers place orders by mail or by calling a telephone number provided. This revenue model, which is often called the mail order or catalogue model, has proven to be successful for a wide variety of consumer items, including clothing, computers, electronics, household goods, and gifts. When a company of this type wishes to enter the e-commerce market, they transfer or supplement their catalogue with an online version. When the catalogue model is expanded in this way, it is often called the web catalogue revenue model. Digital content revenue models The web is a new and highly efficient distribution mechanism for firms that own written information words or numbers) or rights to that information. For example, LexisNexis began as a legal research tool, and it has been available as an online product for years. Today, LexisNexis offers a variety of information services, including legal information, corporate information, government information, news, and resources for academic libraries. One of the first academic organizations to make the transition to electronic distribution on the web was (not surprisingly) the Association for Computer Machinery (ACM). The ACM Digital Library offers subscriptions to electronic versions of its journals to its members and to library and institutional subscribers. Academic publishing has always been a difficult business in which to make a profit because the base of potential subscribers is so small. Even the most highly regarded academic journals often

have fewer than 2000 subscribers. To break even, academic journals must often charge each subscriber hundreds or even thousands of dollars per year. Electronic publishing eliminates the high costs of paper, printing, and delivery, and makes dissemination of research results more efficient and less expensive. Advertising-supported revenue models Most television channel output is enabled by an advertising-supported revenue model. Broadcasters provide free programming to an audience along with advertising messages. The advertising revenue is sufficient to support the operations of the network and the creation or purchase of the programs. Many observers of the web in its early growth period believed that the potential for internet advertising was tremendous. Web advertising grew from essentially zero in 1994 to $2 billion in 1998. However, web advertising was flat or declining in the years 2000 through 2002. Since then, web advertising has once again started to grow, but at much slower rates than in the early years of the web. The overall success of online advertising has been hampered by two major problems. First, no consensus has emerged on how to measure and charge for site visitor views. It has been difficult for web advertisers to develop a standard for advertising charges because interaction with the web can be measured in a multiple of complex ways. Interaction with a website may be measured in terms of number of visitors, number of unique visitors, number of click-through, and other attributes of visitor behavior. In addition to the number of visitors or page views, stickiness is a critical element in creating a presence that attracts advertisers. If a website is sticky, people will spend more time on it, visit it often and bookmark it (add it to their list of favorite websites). Advertising-subscription mixed revenue models In an advertising-subscription mixed revenue model, which has been used for many years by traditional print newspapers and magazines, subscribers pay a fee and accept some level of advertising. On websites that use the advertisingsubscription revenue model, subscribers are typically subjected to much less advertising than they are on advertising-supported sites. Firms have had varying levels of success in applying this model and a number of companies have moved to or from this model over their lifetimes. Two of the worlds most distinguished newspapers, The New York Times and The Wall Street Journal, use a mixed advertising-subscription model. The New York Times version is mostly advertising supported, but the newspaper has experimented in recent years with charging fees for access to various parts of its site. In 2005, The New York Times began charging a fee for access to its Op Ed and news columns. The newspaper also charges for access to its premium crossword puzzle pages. The New York Times also provides a searchable archive of articles dating back to 1996 and charges a small fee for viewing any article older than one week. The Wall Street Journals mixed model is weighted more heavily to subscription revenue. The site allows non-subscriber visitors to view the classified ads and certain stories from the newspaper, but most of the content is reserved for subscribers who pay an

annual fee for access to the site. Visitors who already subscribe to the print edition are offered a reduced rate on subscriptions to the online edition. Fee-for-transaction revenue models In the fee-for-transaction revenue model, businesses offer services and charge a fee based on the number or size of transactions they process. Some of these services lend themselves well to operating on the web - companies can offer much of the personal service formerly provided by human agents, as the website can offer visitors similar information they would have previously heard from one of the companys phone operatives. If consumers are willing to enter transaction information into website forms, these sites can provide options and execute transactions much less expensively than traditional transaction service providers. The removal of an intermediary, such as a human agent, from a value chain is called disintermediation. The introduction of a new intermediary, such as a feefor-transaction website, into a value chain is called reinter mediation. Fee-for-service revenue models Companies are offering an increasing variety of services on the web for which they charge a fee. These are neither broker services nor services for which the charge is based on the number or size of transactions processed. The fee is based on the value of the service provided. These fee-for-service revenue models range from games and entertainment to financial advice and the professional services of accountants, lawyers, and physicians. Success on the web depends upon being willing and able to change and develop business structures as both technology and attitudes develop. Many companies have gone through transitions in their revenue models as they learn how to do business successfully on the web. As more people use the web to buy goods and services, and as the behavior of those web users changes, companies often find that they must change their revenue models to meet the needs of those new and changing web users. Q - 20 Explain General E-Business Security Issues a. network security b. public network c. Private computer network d. New methods of attacking networks e. cannot expect to achieve perfect security Network Security Policy Makes a Solution Perfect, As the complexity and amount of threat increases, the menace cannot be fought just with complex solutions that most enterprises dont understand. Network security can be best ensured by following a process, assessing and determining risks, designing a security policy, building a security architecture based on

that policy and then looking for tools that are aligned with the policy. An enterprise must constantly change and monitor the security policy and system in accordance with the changes in the external environment and the business model it follows. Technology Options Integrated Security Devices: On one hand, companies like NetScreen Technologies are delivering highly integrated network security systems integrating various security elements like firewall, IDS, DOS, VPN. On the other hand, networking vendors such as Cisco Systems are integrating security modules into their standard networking products. Having security measures embedded directly into network elements will ensure a certain degree of inherent protection in any communications network. From there, network managers can determine for themselves how to balance their degree of vulnerability with openness, cost, and administrative considerations by activating the security options that make sense for their organizations. Then there are vendors like Avaya, who in order to address the security needs of converged voice and data networks are promoting the concept of converged security that delivers security as an integrated component of multiservice networks. A number of semiconductor vendors are now offering highperformance security processors, capable of handling multi-gigabit streams significantly increasing the options open to both network operators and equipment vendors. Products range from simple security accelerators that are used with external packet processors to fully integrated devices with clear traffic on one side and encrypted traffic on the other. Emulating the Human Immune System: Taking a cue from the human immune systems functioning, some companies have come out with solutions that block and neutralize damaging attacks from viruses, worms, and other form of attacks, while allowing legitimate system behaviour for every application on every server in the network. Take for example Sana Securitys Primary Response application security platform named Sana Profile (SP). SP learns normal application behaviour by observing code paths in running programs. Vulnerabilities, in the form of software bugs, misconfigurations, injected code and other forms of attack, force applications down unexpected code paths. The SP technology immediately identifies these anomalous code paths as being outside of normal application behaviour, and stops them by blocking system call executions. It effectively protects all server applications, including custom applications. And, it continually learns legitimate changes within applications, producing minimal false positives. Single-box Solutions: If an organization is looking at deploying a minimum level of security (and ready to live with some of the risks and threats), it could settle for a box or two having multiple security functions. Even though a single security appliance that would include all the above is still a year or two away, there are, for example, firewall appliances that come bundled with several other security functions like VPN, IDS, antivirus, blocking, management and bandwidth management. Similarly, there are other boxes, which will have other important functions like content inspection. Notwithstanding the fact that an all-in-one security box may not be effective for all enterprises, the approach could still have benefits for some organizations. The single box approach would simplify product selection, product integration, and ongoing support. As most enterprises find it difficult to retain their security staff, single-box solutions are the

best way out as most of them can be easily installed and managed by even nontechnical people. They can be easily managed remotely also. Another important benefit that all-inone box solution could entail is that it could help them overcome the problem of supporting too many different operating systems and heterogeneous platforms. Today, firewall or VPN appliances come with embedded operating systems. As such, users do not need to worry as to which operating system they should use to maximize the performance of the appliance. Functions-oriented approach: If organizations are looking at higher security levels that could involve deployment of several security features, the one-in-all box approach wont work. First, there are no boxes available today, which could have all the key security functions in them. A complete security solution would include elements like proxy servers/firewalls, IDS, virus scanners, VPN clients and VPN routers, PKI, and application software enabled with socket-level security. Of course, no vendor offers all this in one box. Besides, there is still a strong opinion that each device is specifically designed for a specific function, and does the job optimally. Private Network In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks (LANs), when globally routable addresses are not mandatory, or are not available for the intended network applications. Private IP address spaces were originally defined in an effort to delay IPv4 address exhaustion, but they are also a feature of the next generation Internet Protocol, IPv6. These addresses are characterized as private because they are not globally delegated, meaning they are not allocated to any specific organization, and IP packets addressed by them cannot be transmitted onto the public Internet. Anyone may use these addresses without approval from a regional Internet registry (RIR). If such a private network needs to connect to the Internet, it must use either a network address translator (NAT) gateway, or a proxy server. A VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together. A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network instead of by physical wires. The data link layer protocols of the virtual network are said to be tunnelled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features. VPN may have best-effort performance, or may have a defined service level agreement (SLA) between the VPN customer and the VPN service provider. Generally, a VPN has a topology more complex than point-to-point.

The VPN uses "virtual" connections routed through the Internet from the business's private network to the remote site or employee. By using a VPN, businesses ensure security -- anyone intercepting the encrypted data can't read it. VPN was not the first technology to make remote connections. Several years ago, the most common way to connect computers between multiple offices was by using a leased line. Leased lines, such as ISDN (integrated services digital network, 128 Kbps), are private network connections that a telecommunications company could lease to its customers. Leased lines provided a company with a way to expand its private network beyond its immediate geographic area. These connections form a single wide-area network (WAN) for the business. Though leased lines are reliable and secure, the leases are expensive, with costs rising as the distance between offices increases. Methods of Attack As a network administrator, it is important that you understand the nature of potential attacks on computer security. We'll briefly describe the most important types of attacks so that you can better understand precisely what the Linux IP firewall will protect you against. You should do some additional reading to ensure that you are able to protect your network against other types of attacks. Here are some of the more important methods of attack and ways of protecting yourself against them: Unauthorized access This simply means that people who shouldn't use your computer services are able to connect and use them. For example, people outside your company might try to connect to your company accounting machine or to your NFS server. There are various ways to avoid this attack by carefully specifying who can gain access through these services. You can prevent network access to all except the intended users. Exploitation of known weaknesses in programs Some programs and network services were not originally designed with strong security in mind and are inherently vulnerable to attack. The BSD remote services (rlogin, rexec, etc.) are an example. The best way to protect you against this type of attack is to disable

any vulnerable services or find alternatives. With Open Source, it is sometimes possible to repair the weaknesses in the software. Denial of service Denial of service attacks cause the service or program to cease functioning or prevent others from making use of the service or program. These may be performed at the network layer by sending carefully crafted and malicious datagram that cause network connections to fail. They may also be performed at the application layer, where carefully crafted application commands are given to a program that cause it to become extremely busy or stop functioning.Preventing suspicious network traffic from reaching your hosts and preventing suspicious program commands and requests are the best ways of minimizing the risk of a denial of service attack. It's useful to know the details of the attack method, so you should educate yourself about each new attack as it gets publicized. Spoofing This type of attack causes a host or application to mimic the actions of another. Typically the attacker pretends to be an innocent host by following IP addresses in network packets. For example, a well-documented exploit of the BSD rlogin service can use this method to mimic a TCP connection from another host by guessing TCP sequence numbers. To protect against this type of attack, verify the authenticity of datagram and commands. Prevent datagram routing with invalid source addresses. Introduce unpredictability into connection control mechanisms, such as TCP sequence numbers and the allocation of dynamic port addresses. Eavesdropping This is the simplest type of attack. A host is configured to "listen" to and capture data not belonging to it. Carefully written eavesdropping programs can take usernames and passwords from user login network connections. Broadcast networks like Ethernet are especially vulnerable to this type of attack. To protect against this type of threat, avoid use of broadcast network technologies and enforce the use of data encryption. IP firewalling is very useful in preventing or reducing unauthorized access, network layer denial of service, and IP spoofing attacks. Its not very useful in avoiding exploitation of weaknesses in network services or programs and eavesdropping.

3) Explain Transaction Security and also state how to protect data? a) encrypt and decrypt b) secure sockets layer (SSL) protocol c) Move sensitive customer information d) Remove all files and data e) Security When accepting payments online you will be asking your customers to transmit very sensitive information across the Web. By its nature the Internet is not secure. Anything transmitted is sent as plain text and can be read by anyone who intercepts the message at any point during the transmission. Although most users do not understand the technical

aspects of how the Internet works, they do know that their information needs to be protected at all times. Additionally, most merchant account providers will not establish a merchant account for an ecommerce website unless it secures the order form and any other page that captures sensitive customer information. The way to ensure that we protect our customers' information , we need to install an SSL Certificate on our website. SSL stands for Secure Socket Layer which is a protocol for transmitting private documents via the Internet. SSL works by encrypting data that is transferred over the SSL connection. You can recognize a secure page using SSL by the lock icon that appears in the browser. In todays world Internet has touched each and every aspect of life changing the way we work, communicate and live. But the major concern has been about the security and privacy of the data that is being exchanged via Internet especially when you are sending the sensitive information through it. Amongst many ways of securing data, encrypting the sensitive data is the most popular and effective way to have data security. Encryption is translation of data into a secret code called a cipher text. Decryption is the process of decoding data that has been encrypted into a secret format this requires secret code or password. Computer encryption uses the science of cryptography. As the human-based code is too easy for a computer to crack, most of the encryption systems belong to the one of two categories. a) Symmetric-key encryption: In Symmetric-key encryption technique single key is used to encrypt and decrypt the message. b) Public-key encryption: While in public-key (or asymmetric) encryption technique, uses one key (private key) to encrypt a message while another key (public key) to decrypt the message. Public-key encryption uses the combination of a private key and a public key. The private key is kept secret and is only known to the person who encrypts the message, while the public key is freely disseminated which helps to verify the message. To decode an encrypted message, receiver uses the public key of the sender and his own private key. Encryption/Decryption is advisable while carrying out any kind of sensitive transaction, such as a online purchases or the communication of a company sensitive documents between different departments in the organization etc. Encryption of the data ensures its secrecy and/or privacy. E-Lock Digital Signature products and solutions enable users to sign the electronic documents digitally and encrypt them which assures the user of data integrity, confidentiality, security and nonrepudiation of documents and transactions. E-Lock also provides the solutions which are

PKCS#7 compliant and can be integrated with various online applications like etendering, e-banking imparting security to the data transactions online. Secure sockets layer (SSL) protocol Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.TLS and SSL encrypt the segments of network connections above the Transport Layer, using asymmetric cryptography for privacy and a keyed message authentication code for message reliability. Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).

What Happens When a Web Browser Connects to a Secure Web Site A browser attempts to connect to a Web site secured with SSL.

Web servers and Web browsers rely on the Secure Sockets Layer (SSL) protocol to create a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a public key and a private key. The public key is used to

encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a level of encryption is established based on the type of SSL Certificate as well as the client Web browser, operating system and host servers capabilities. That is why SSL Certificates feature a range of encryption levels such as "up to 256-bit". Strong encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That's over a trillion times a trillion times stronger. At current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate. To enable strong encryption for the most site visitors, choose an SSL Certificate that enables at least 128-bit encryption for 99.9% of Web site visitors Always clear all browsing data including stored passwords, Forms, Cookies and Site specific data before online money transaction and when you exit the browser to keep your online information safe. This is especially important while using a public or non-personal computer for financial work. Keep changing your internet banking password frequently. Never stick to a password for a long time. Keep changing your online passwords. This is a tedious hassle but it is better than smarting from a cyber attack later. 4) Explain some of the Risk Management Problems a) Interruptions b) Costs c) Web site. d) copyright, trademark, and patent e) disasters Fourteen Steps to Managing e-Commerce Risk a) Understand the risks and train your staff. Exposure to eCommerce risk depends on your business policies, operational practices, fraud detection and prevention tools, security controls, and the types of products and services that you provide. Everyone in your organization should understand the risks associated with online transactions and be able to implement your established risk management procedures. b) Select the right acquiring bank and merchant services provider. The right acquiring bank and merchant services provider will provide effective risk management support have a complete understanding of eCommerce fraud risk and liability. An adequate customer data protection capabilities is also something you will want to consider when making your selection.

c) Develop essential website content. Your website must include your privacy, shipping, return and refund policies. It must be reliable and to provide customers with easy and simple navigation. d) Concentrate on risk reduction. A properly established sales order process will help you address a number of risk concerns. You should indicate or highlight required transaction fields and verify card and cardholder data that you receive from your customers over the internet. e) Design and implement internal fraud prevention structure. The profitability of your eCommerce store depends on your internal strategies and controls for minimizing fraud. A risk management structure, combined with intelligent transaction controls, will help you avoid fraud-related losses. f) Use fraud-prevention tools. There are a number of fraud-prevention tools to help reduce your risk exposure. The most widely used among them are the Address Verification Service (AVS), the Card Security Codes, Verified by Visa and MasterCard SecureCode. g) Apply fraud screening. When properly implemented, the screening of online card transactions can help you minimize fraud for large-ticket items and for high-risk transactions. h) Protect your merchant account from intrusion. Implementing proactive measures can minimize the risk of criminals gaining access to your shopping cart or payment gateway and making fraudulent fund deposits. i) Create a secure process for routing authorizations. You need to set up a secure and efficient process for submitting authorization requests over the internet, before you can start accepting card payments online. j) Set up a process for handling transaction post-authorizations. You need an effective process in place for dealing with approved and declined authorizations before fulfilling an order. k) Protect cardholder information through PCI compliance. The Payment Card Industry Data Security Standards provide eCommerce merchants with standards, procedures and tools for data protection. You will need reliable encryption capabilities for data transmission and effective internal controls for protecting stored card and cardholder information. You will also need to review your security measures on a regular basis. l) Avoid unnecessary chargebacks. Chargebacks represent extra processing time and costs, hurt your profits and may result in a loss of revenue. By carefully tracking and managing chargebacks, you will be able to take steps to avoid future chargebacks. You will also need to know your representment rights.

m) Monitor chargebacks. Effective chargeback monitoring mechanisms will help you detect excessive chargeback activity, identify the causes, and apply corrective measures to bring chargeback levels down. n) Use collection efforts to minimize losses. A well-designed collection system can help recover unwarranted chargeback losses. Q - 21 Explain the implementation issues for e-commerce Buy Lease Build Digital Certificates Establishing payment systems security Answer :E-Commerce is a generic term used for a range of technologies available which transfer data electronically: fax, e-mail, voice mail, electronic catalogs, electronic funds transfer (EFT),electronic data interchange (EDI), electronic forms two main types: business to consumer (B2C) and business to business (B2B) B2B EDI, used by 95% of the Fortune 1,000 companies, is the most common form of e-commerce today 2. Advantages of E-Commerce o Shorten Procurement cycles through the use of on-line catalogues, ordering and payment o Cut costs on materials through competitive bidding o Gain access to world wide markets at a fraction of traditional costs o Ensure product, marketing information and prices are always up to date o Allow small and medium size businesses to compete with large businesses over a common platform 3. Risks in E-Commerce o Can cause disintermediation which is the process of cutting out the middleman by bypassing traditional retail channels (retail stores and mail-order houses) and selling directly to the customer o Lack of insurance available to cover losses due to hackers destroying files, stealing inventory, trade secrets or injecting viruses into the systems o Requires firms to rethink their business models and ways of interacting with customers o Traditional audit trails change or disappear, making error correction, disaster recovery, and application testing more difficult 4. E-Commerce Implementation Issues o There are several ways to acquire a web presence and obviously the amount of money you want to spend and the in-house talent you have for

developing/maintaining the site are crucial in making the decision whether to Buy, Lease or Build an E-Commerce System o Buy, Lease or Build? o Option 1: o Buy a ready-made system that closely matches your specifications. Standardized set of features Save money and time if it fits business needs May become obsolete as more features become necessary later in development Extra to automate payments, tax and shipping (although easy to install plug-ins into system of the above) o Buy, Lease or Build? o Option 2: o Lease space in a network-based e-commerce solution Inexpensive Include many common features Fast because the business is administered through the Internet Dont need to install software just pick a look, configure some settings, and input product information May not support the features or look you want to convey o Buy, Lease or Build? o Option 3: o Build the system from scratch Exact Solution Requires expertise, time and a sizeable budget Can build features and functions to be unique and competitive in the market space Any programming language can be used to create a commerce program Design databases from scratch and integrate tax, shipping and payment processing modules into the main application Will need Professional Systems Developer(s) o Exploring the Options Further 5. E-Commerce Implementation Issues o Other Issues to consider are: o Digital Certificates o Establishing Payment Systems o Security 6. o Digital Certificate Password-protected, encrypted data file that has been digitally signed by the Certificate Authority Data file consists of a public and private key pair (a pair of numbers that have no association with any identity) Two types: Public-used by individuals/businesses Private-generated by a business entity to control access to information sites and ensure secure communication

Includes Name of Subscriber, e-mail address, public key of subscriber, validity period for certificate, name of issuing CA, certificate serial number

7.
o

Certificate Authority (CA) A Trusted Third Party Reviews information submitted by company requesting a certificate, ensure that it was properly registered and proper paperwork has been filed to operate as a company Issues the certificates in ascending levels of assurance (i.e. Classes 1,2,3, where Class 3 offers most assurance) Provides services for the digital certificate Only a few Internet-wide CAs, including: VeriSign (www.verisign.com) Thawte (www.thawte.com)

8.
o

How the Digital Certificate Works With a Certificate and CA, two authenticated parties exchange their public key certificates, encrypt and digitally sign session data to remove the possibility of eavesdropping or tampering with data. This encryption technology is known as Public Key Cryptography One key encrypts the data and only the other key in the pair can decrypt the data

9.
o o

Establishing a Payment System When using Credit Card Payment over the Web you need to select a Merchant Account Provider (MAP) Determine Company Needs Real-Time or Manual Processing Is software compatible with MAP Understand Merchant Account Costs Internet Discount Rate -fixed percentage taken from every online transaction (usually 2-3%) whichever is higher Transaction Fee -MAP fixed charge per transaction (usually 25-70 cents) 10. o Establishing a Payment System Monthly Fees and minimums -Statement fees, monthly minimums for total charges, excess usage fees, etc. Holdbacks -MAP may reserve a percentage of your transaction receipts to cover contested charges Chargebacks -MAP may apply fees against your account when transactions are successfully contested Research Merchant Account Providers Compare at least 5 price quotes 11. o Establishing a Payment System

Choose a Secure Electronic Payment System Provides consumer with 2 levels of security ensures safe credit card information during authorization and following the completion of the transaction enables consumer to appeal credit card charge if damaged or defective products MAP must support system Most use Secure Electronic Transaction (SET) standard, which contains extra security measures and antifraud technologies Examples: CyberCash, DigiCash, Verifone,CyberSource, OpenMarket 12. o Establishing a Payment System o How Credit Card Transactions are processed Authentication -make sure valid numbers, that is has been issued and is not a stolen card number Authorization -check availability of funds and put a reservation on the funds Settlement -once products are shipped or delivered bank releases the funds reserved and the money will make its way into the businesses account 13. o Online Information Security o Security Sockets Layer (SSL)- encryption technology that scrambles a message so that only the recipient can unscramble it URLs that begin with https:// are using SSL o A company needs to do the following to enable SSL technology: determine what kind of browser visitors/partners are using (some browsers are not SSL savvy, such as older versions of AOL) have a digital certificate to install and configure the SSL on the server

The diversity of e-business models and applications, which vary in size from a small store to a global exchange, requires a variety of development methodologies and approaches. Small storefronts with a few key components can be developed with HTML,Java, or another programming language. They can also be quickly implemented with commercial packages, leased from an application service provider (ASP). Larger or special EC applications can be developed in-house or outsourced (see the opening case). Building medium to large applications requires extensive integration with existing information systems such as corporate databases, intranets, enterprise resource planning (ERP), and other application programs.Therefore, the process of building EC systems may vary. However, in many cases, it follows a fairly standard form. Steps :STEP 1: IDENTIFYING, JUSTIFYING, AND PLANNING EC SYSTEMS STEP 2: CREATING AN EC ARCHITECTURE STEP 3: SELECTING A DEVELOPMENT OPTION STEP 4: INSTALLING, TESTING, CONNECTING, AND DEPLOYING

EC APPLICATIONS STEP 5: OPERATIONS, MAINTENANCE, AND UPDATING DEVELOPMENT OPTIONS FOR EC APPLICATIONS There are three basic options for developing an EC Web site: (1) develop the site inhouse either from scratch or with off-the-shelf components, (2) buy a packaged application designed for a particular type of EC site, or (3) lease the application from a third party. Each of these approaches has its benefits and limitations. IN-HOUSE DEVELOPMENT: INSOURCING The first generation of EC development was accomplished largely through proprietary programming and in-house development Using this approach, the Internet browser serves as the development platform. The programmers write EC systems using a combination of HTML and script languages such as HTX, CGI, IDC, and JavaScript. Databases developed on top of a DBMS usually serve as the information repository to store EC data.While this first generation of EC development has built up valuable experience and achieved industrial momentum, the lack of reusability in current EC applications and the lack of interoperability standards created a great barrier to widespread application of EC. Although in-house developmentinsourcingcan be time-consuming and costly, it may lead to EC applications that better fit an organizations strategy and vision and differentiate it from the competition. Companies that have the resources to develop their e-business application in-house may follow this approach in order to differentiate themselves from the competition, which may be using standard applications that can be bought or leased. The inhouse development of EC applications, however, is a challenging task, as most applications are novel, have users from outside of the organization, and involve multiple organizations. Development Options Three major options exist. Build from scratch. This is a rarely used option that should be considered only for specialized applications for which components are not available. It is expensive and slow, but it may provide the best fit. Build from components. The required applications are often constructed from standard components (e.g., Web servers such as Apache or Microsofts IIS) using Web scripting languages such as PHP, Microsofts Active Server Pages (ASP), JavaServer Pages ( JSP), or ColdFusion. These scripting languages make it easier to integrate application functionality with back-end databases and other back-office systems (e.g., order entry Enterprise application integration. The enterprise application integration (EAI) option is similar to the build from components option, but instead of using components, an entire application is employed. This is an especially attractive option when applications from several business partners need to be integrated. Insourcing is a challenging task that requires specialized IT resources. For this reason, most organizations usually rely on packaged applications or completely outsource the development and maintenance of their EC sites.

BUY THE APPLICATIONS A number of commercial packages provide standard features required by EC applications. This option is also known as a turnkey approach. It involves buying a commercial package, installing it, and starting it up. Buying a commercial package requires much less time and money than in-house development.When selecting a particular package, the package should insourcing In-house development of applications. not only satisfy current needs, it must also be flexible enough to handle future ones; otherwise the package may quickly become obsolete. Additionally, because one package can rarely meet all of an organizations requirements, it is sometimes necessary to acquire multiple packages. In this case, the packages need to be integrated with each other and with other software and data. This option has several major advantages: Many different types of off-the-shelf software packages are available. It saves time and money (compared to in-house development). The company need not hire programmers specifically dedicated to an EC project. The company knows what it is getting before it invests in the product. The company is neither the first nor the only user. The price is usually much lower than for a buy option. The vendor updates the software frequently. This option also has some major disadvantages: Software may not exactly meet the companys needs. Software may be difficult or impossible to modify or it may require huge process changes. The company may experience loss of control over improvements and new versions. Off-the-shelf applications can be difficult to integrate with existing systems. Vendors may drop a product or go out of business. See softwaresearch.us/e-commerce for a directory of vendors for EC turnkey systems. The buy option is especially attractive if the software vendor allows for modifications. However, the option may not be attractive in cases of high obsolescence rates or high software cost. In such cases, one should consider leasing. LEASING Leasing an application package can result in substantial cost and time savings. In those cases where extensive maintenance is required or where the cost of buying is very high, leasing is very advantageous, especially for small to medium enterprises (SMEs). Leasing is also advantageous when a company wants to experiment with a package before making a heavy up-front buy investment, protect its own internal networks, quickly establish a presence in the market, or rely on experts to establish a site over which they can later assume control. Leasing can be done in one of several ways: Lease the application from an outsourcer and then install it on the companys premises. The vendor can help with the installation and frequently will offer to contract the operation and maintenance of the system.Many conventional applications are leased this way. Lease the application from an application service provider (ASP) that hosts the application at its data center. An ASP is an agent or vendor who assembles the software

needed by enterprises and packages themusually with outsourced development, operations, maintenance, and other services. Major ASPs for enterprise EC systems are SAP, Oracle, and IBM. The applications are then accessed via the Internet through a standard Web browser interface A variation of the preceding option is to use utility computing, which is described in detail later on in this chapter. OUTSOURCING AND APPLICATION SERVICE PROVIDERS (ASP) In developing EC applications, outsourcing is a most valuable option, because these systems need to be built quickly and special expertise is needed. EC software delivery from ASPs is another very popular option. Challenges :If a company decides to buy or lease an EC application, the following representative selection criteria need to be considered. Flexibility. Commercial packages need to be modified or adapted to the specific requirements of an application. Therefore, it is important to evaluate the extent to which a package can be adapted and the willingness of the vendor to perform or support the adaptation. Information requirements. The selected package should satisfy the information requirements of the EC application. Information collection, storage, and retrieval capabilities and the database structure should be carefully examined. User friendliness. User friendliness is especially important for B2C, G2C, and some B2B sites. In these cases, if an application is hard for the average visitor or customer to use, then it will have an immediate impact on the bottom line. Hardware and software resources. The computer type and the operating system required by the package must be compatible with the existing platform. The CPU and storage requirements are also important considerations. Installation. The installation effort required to implement the package should also be taken into account. Some packages are complex, and their installation requires extensive consultation. The installation process may also take a considerable amount of time. Maintenance services. Because EC application requirements are constantly changing, continuous maintenance is required. It is important to consider how often the package needs to be upgraded and whether the vendor provides assistance for its maintenance. Vendor quality and track record. It is less risky to acquire an EC package from a vendor that has a good reputation and track record than from one with a less-than-stellar or unknown reputation. The quality of the vendor can be indicated by their related experience in the particular application and their sales and financial records, as well as their responsiveness to clients requests. Vendor support may include online help and customer relationship management (CRM) programs, as well as partner relationship management (PRM) tools.To minimize risk, minor applications should be leased first. Estimating costs. The costs of EC projects are usually difficult to assess and often underestimated. In addition to the obvious costs associated with EC development, it is

also important to factor in the costs of installation, integration, customization, and maintenance. Personnel. Staffing requirements should be planned for in advance to ensure that the organization has the appropriate human resources for systems development (in the case of in-house development), implementation, operation, and maintenance. Currently, it is difficult to recruit and retain IT personnel with appropriate knowledge and experience in EC application development. Special expertise can be acquired from external consultants, but usually at a very high cost. Chapter Eighteen: Building E-Commerce Applications and Infrastructure 17 Technological evolution. Planning ahead for technological evolution facilitates the upgrade of EC applications and enables the organization to adopt innovations more quickly than the competition. It is therefore very important to allow for flexibility in the application design so that the chosen options do not impose major limitations on future choices. Given the rapid pace of IT evolution, it is sometimes preferable to develop EC applications incrementally to take advantage of the latest developments in the technology. Scaling. System scalability refers to how big a system can grow in various dimensions to provide more service. Scalability can be measured in several ways, including the total number of users, the number of simultaneous users, and the transaction volume. These dimensions are not independent, because scaling up the size of the system in one dimension can affect the other dimensions. The growth of scale is facilitated or constrained by the system architecture. Sizing. The required size and performance of an application are also difficult to predict, because the growth of the user population of certain EC applications is hard to anticipate. Overloading the application decreases performance. For regular IT applications, deterioration in performance may affect productivity and user satisfaction; for EC applications, it could result in a major loss of business. Performance.System performance is a critical factor for business success, particularly if the system is used for EC. In addition to convenience, good performance also brings customers and competitive advantages. Performance is measured by two main metrics: latency and throughput. Latency measures the time required to complete an operation such as downloading aWeb page. It is an indicator of the users experience with the system.Throughput measures the number of operations completed in a given period of time. It indicates the capacity or number of users that a system can handle. Throughput and latency are interrelated. An increase in either measure will lead to an increase in the other. Reliability. Reliability is an essential requirement for a successful system. System failures and downtime may lead to public embarrassment.When an EC application fails, business is interrupted and the company loses customers. System reliability can be enhanced through redundancy (i.e., backup systems). Security.Security is one of the most important factors for the adoption and diffusion of EC. Data and information flow in EC, as well as stored data, may include private and/or proprietary information. Thus, a selected package must meet strict security requirements. Systems, communication, and data security must be addressed early in the design of EC

applications and not after their implementation. In addition to technological solutions such as firewalls and encryption, physical and procedural security measures must also be enforced. Q 24: Explain future of e-business.

E-Business

Business Networkwide coupling of Business Processes Information Systems

Future goal automation of connectivity and sweet spot balancing optimisation of approaches

Targets: reduce stores and inventory capital eliminate redundant work diminish/eliminate errors focus on company core competence (externalisation of secundary competencies)

Future e-Business Solutions: Top Down or Bottom(s) Up? - Technological vs. Business Driven Approach to eBusiness

Layered Model

Contracts, Trust, Collaboration Business Models Transaction Models Service Models Conceptualization Communications Data Content
XML/EDI EDI Binary Point-to-Point Message Standard Regional Standard
Ontologies

Business Arrangements Enterprice Cataloques Capability Cataloques (Web) Service Catalogues Metadata Messaging/RPC Protocols Structured Documents

XML/EDI group (1997) a number of companies and governmental organizations

Analysis of the 'failure' of the EDI in gaining wide acceptance 10 points of requirements

Fusion of five - Not only message and it's structure Templates Repositories Agents

Influences: role of repositories Simple API for XML (SAX)

Descendants: ebXML and UDDI XML/EDI Business Top Ten requirements: Reduce the cost of doing business. Reduce cost of entry into eBusiness. Provide an easy to use tool-set. Improve data integrity and accessibility. Provide appropriate security and control. Provide extendable and controllable technology. Integrate with today's systems. Utilize open standards. Provide a successor to X12/EDIFACT and interoperability for XML syntaxes. Globally deployable and maintainable.

 UN/CEFACT, OASIS, various industry consortiums and numerous significant hi-tech companies Electronic Business XML Layered model where various other technologies can be plugged in (SOAP, UDDI, ...) Flexible framework aimed to maximise reuse UMM Universal Modeling Methodology Core Component Repositories: Implementation and Business Two main views: Business Operational View, Functional Service View
Business Process and Information Models (Compliant to the ebXML Meta Model)

Model to XML Conversion

Registration

Registries Registry Service Registry Service Interface Registry Service Interface Interface

Register Collaboration Protocol Profile (CPP)

Retrieval of ebXML Models and Profiles

Register Collaboration Protocol Profile (CPP)

Business Service Interface Internal Business Application

Build

Implementers Derives Collaboration Protocol Agreement (CPA) CPA Governs Payload

Build CPP

Business Service Interface Internal Business Application

Enterprise A

Enterprise B

ebXML Functional Service View

Business Process, Core Components Process Reengineering Components

Registry / Repository
Collaboration Protocol Profile

Process Definition Partner Discovery Electronic Business Collaboration

Process Evolution

Process Management
Business Process Management

Partner Sign-Up
Collaboration Protocol Agreement

Process Execution
Message Service, Business Service Interface

Electronic Plug-In
Business Service Interface

B2B Collaboration Process and ebXML Specifications