Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Web Design

Infrastructure for EC Sistem e - Business

advertisement 
Infrastructure for EC
Sistem e-Business
(MG-652)
Jurusan Manajemen
Agenda
•
•
•
•
•
•
•
•
•
•
Learning Objectives
A Network of Networks
Internet Protocols
Web-Based Client/Server
Internet Security
Selling on the Web
Chatting on the Web
Multimedia Delivery
Analyzing Web Visits
Managerial Issues
05 September 2002
Chandra Wibowo W.
2
TCP / IP
Network of Networks
Domain Names
Internet Client / Server
Applications
Internet Protocols
Internet2 and
Next Generation Internet
Web-Based
Client Server
Cornerstones of Security
Hypertext Transport Protocol
Web Browsers
Web Servers
Encryption
Digital Signatures
Digital Certificates and
Certificate Authorities
Secure Socket Layer
Internet
Security
Infrastructure
for
eBusiness
Functional Requirements
Outsorcing vs Insourcing
Selling on the Web
Electronic Catalogs and
Merchant Servers
Electronic Commerce Suites
Secure Electronic
Transactions
Webcasting
Firewall
Virtual Private Networks
Multimedia Delivery
Bandwidth Requirements for
Streaming Audio and Video
Intenet Telephones
Chatting on the Web
05 September 2002
Analyzing Web Visits
Chandra Wibowo W.
3
Learning Objectives
•
•
•
•
•
•
Describe the protocols underlying Internet client/server
application.
Compare the functions and structures of Web browsers and
servers.
Discuss the security requirements of Internet and EC applications
and how these requirements are fulfilled by various hardware and
software systems.
Describe the functional requirements for online selling and what
the specialized services and servers are that perform these
functions.
Describe the business functions that Web chats can fulfill and list
some of the commercially available systems that support chat.
Understand the ways in which audio, video, and other multimedia
content are being delivered over the Internet and to what
business uses this content is being applied.
05 September 2002
Chandra Wibowo W.
4
A Network of Networks
•
•
The Internet is a network of thousands of interconnected networks.
Included among the interconnected networks are:
•
The backbones are run by the network service providers (NSPs), including
companies like MCI, Sprint, UUNET/MIS, PSINet, and BBN Planet. Each
backbone can handle over 300 terabytes per month.
The delivery subnetworks are provided by the local and regional Internet
Service Providers (ISPs). The ISPs exchange data with the NSPs at the
network access points (NAPs).
See figure 11.4 Internet Network Architecture
The paths traversed by the packets are determined by special computers
called routers. The routers have updateable maps of the networks on the
Internet that enable them to determine the paths for the packets. Cisco
(www.cisco.com) is the premier provider of high-speed routers.
•
•
•
1. The interconnected backbones that have international reach.
2. A multitude of access/delivery subnetworks.
3. Thousands of private and institutional networks connecting various organizational
servers and containing much of the information of interest.
05 September 2002
Chandra Wibowo W.
5
Internet Network
Architecture
ISP
ISP
ISP
ISP
NAP
NAP
ISP
ISP
NAP
NAP
ISP
ISP
ISP
ISP
05 September 2002
Chandra Wibowo W.
6
Internet Protocols
• The problem of internetworking is how to
build a set of protocols that can handle
communications between any two (or more)
computers, using any type of operating
system, and connected using any kind of
physical medium.
• A protocol is a set of rules that
determines how two computers
communicate with one another over a
network.
05 September 2002
Chandra Wibowo W.
7
The protocols around which the Internet was designed embody
a series of design principles:
• Interoperable – the system supports computers and
software from different vendors. Æ Not required to buy
specific systems.
• Layered – the collection of Internet protocols works in
layers with each layer building on the layers at lower levels.
See figure 11.5.
• Simple – each of the layers in the architecture provides
only a few functions or operations. Æ Application
programmers are hidden.
• End to end – the Internet is based on “end-to-end”
protocols. This means that the interpretation of the data
happens at the application layer (i.e., the sending and
receiving side) and not at the network layers. Æ It is much
like the post office.
05 September 2002
Chandra Wibowo W.
8
TCP / IP Architecture
Application Layer
FTP, HTTP, Telnet, NNTP
Transport Layer
Transmission Control Protocol
(TCP)
User Datagram Protocol (UDP)
Internet Protocol (IP)
Network Interface Layer
Physical Layer
05 September 2002
Chandra Wibowo W.
9
TCP/IP
•
•
•
•
•
The protocol that solves the global internetworking problem is the
Transmission Control Protocol/Internet Protocol (TCP/IP). This
mean that any computer or system connected to the Internet run
TCP/IP. TCP/IP is two protocols – TCP and IP – not one.
The request or response on the Internet must be divided into
packets that are labeled with the addresses of the sending and
receiving computers. Æ This is where IP comes into play. The IP
formats the packets and assigns addresses.
The current version of IP is version 4 (IPv4) Æ 32 bits.
The next generation Internet Protocols (IPng) is version 6 (IPv6)
Æ 128 bits.
See table 11.1 Internet Client/Server Applications.
05 September 2002
Chandra Wibowo W.
10
Internet Client / Server
Architecture
Application
Protocol
Purpose
E-mail
Simple Mail Transport Protocol
(SMTP),
Post Office Protocol version 3
(POP3),
Multipurpose Internet Mail
Extensions (MIME)
Allows the transmission of text
messages and binary attachments
across the Internet
File Transfer
File Transfer Protocol (FTP)
Enables files to be uploaded and
downloaded across the internet
Chat
Internet Relay Chat Protocol (IRC)
Provides a way for users to talk to one
another in real time over the
internet. The real time chat groups
are called channels
UseNet
Newsgrou
ps
Network News Transfer Protocol
(NNTP)
Dicussion forums where users can
asynchronously post messages and
read messagess posted by others
World Wide
Web
(WWW)
HyperText Transport Protocol
(HTTP)
Offers access to hypertext documents,
executable programs and other
internet resources
05 September 2002
Chandra Wibowo W.
11
Web-Based
Client/Server
•
The World-Wide-Web (WWW) has come to dominate the traffic
on the Internet. Æ The majority of EC applications are Web
based.
1. The clients are called Web browsers.
2. The servers are called Web servers.
•
Web browsers and servers need a way:
•
•
To fulfill these needs, we use the URL and the HTTP.
URL: Universal Resource Locators are ubiquitous, appearing on the
Web, in print, on billboards, on television, and anywhere else a
company can advertise. Æ “www.?????.com
HTTP: HyperText Transfer Protocol. Users navigate from one
page to the another by clicking on hypertext links within a page.
•
1. To locate each other so they can send requests and responses back and
forth.
2. To communicate with one another.
05 September 2002
Chandra Wibowo W.
12
WEB BROWSERS
•
The two major browsers in the market
are:
1. Netscape Communicator 4.77 and 6.01.
2. Microsoft Internet Explorer 5.0 (IE5.0),
IE5.5, and IE6.0.
•
The problem is that IE only works with
Windows and Macintosh, while Netscape
is open to most of the major platforms.
05 September 2002
Chandra Wibowo W.
13
WEB SERVERS
•
A Web server is not a hardware platform; it is a software program.
•
The primary function of all these programs is to service HTTP requests
are:
–
–
UNIX Æ http daemon.
Windows NT Æ http service.
–
–
Provide access control.
Run scripts and external programs to either add functionality to Web documents
or provide real-time access to databases and other dynamic data.
Enable management and administration of both the server functions and the
contents of the Web site.
Log transactions that the users make.
–
•
–
Web servers can be distinguished by:
–
–
–
–
Platforms – Unix platform, Windows NT, and others.
Performance – various servers, speed, etc.
Security – filtering IP address, encrypted data exchange, etc.
Commerce – support online selling and buying (like shopping cart and catalog
services).
05 September 2002
Chandra Wibowo W.
14
COMMERCIAL WEB
SERVERS
• Apache – www.apache.com this server runs
on Windows NT.
• Microsoft Internet Information Server –
Windows NT and ASP (Active Server
Pages). IIS is easy to install and
administer.
• Netscape Enterprise Server – runs on
both Unix and Windows NT. The ease of
installation and maintenance rivals IIS.
05 September 2002
Chandra Wibowo W.
15
WEB SERVER
USAGE SURVEY
• Netcraft (www.netcraft.com) has
been conducting monthly survey to
determine the market share of the
various servers (by numbers
connected to the Internet). Æ See
table 11.3 Netcraft Survey.
05 September 2002
Chandra Wibowo W.
16
Internet Security
CORNERSTONES OF SECURITY
The National Computer Security Association (NCSA) has
identified four cornerstones of secure EC, included are:
• Authenticity – Is the sender (either client or server of a
message who they claim to be?
• Privacy – Are the contents of a message secret and only
known to the sender and receiver?
• Integrity – Have the contents of a message been modified
(intentionally or accidentally) during transmission?
• Nonrepudiation – Can the sender of a message deny that
they actually sent the message? Æ The key to
nonrepudiation is a “signature” that makes it difficult to
dispute.
05 September 2002
Chandra Wibowo W.
17
ENCRYPTION
•
•
One way to ensure the confidentially and privacy of messages is to
make sure that even if they fall into the wrongs hands they cannot
be read. Æ Cryptography comes into play.
All cryptography has four basic parts:
•
•
•
See figure 11.6 Synchronous Private Key Encryption.
See figure 11.7 Public Key Encryption.
See figure 11.8 Digital Envelope.
1. Plaintext – the original message in human-readable form.
2. Ciphertext –the plaintext message after it has been encrypted into
unreadable form.
3. Encryption algorithm – the mathematical formula used to encrypt the
plaintext into ciphertext and vice versa.
4. Key – the secret key used to encrypt and decrypt a message.
Different keys produce different ciphertext when used with the same
algorithm.
05 September 2002
Chandra Wibowo W.
18
Synchronous Private
Key Encryption
Private Key
Message
Text
Encryption
Private Key
Ciphered
Text
Sender
05 September 2002
Decryption
Message
Text
R e c e ive r
Chandra Wibowo W.
19
Public Key Encryption
Public key of
Recipient
Message
Text
Encryption
Private Key of
Recipient
Ciphered
Text
Decryption
Sender
05 September 2002
Message
Text
R e c e ive r
Chandra Wibowo W.
20
Digital Envelope
Session
Key
Public key of
Recipient
Private key of
Recipient
Session
Key
Digital Envelope
Session Key
Message
Text
Encryption
Session Key
Ciphered
Text
Decryption
Sender
05 September 2002
Message
Text
Receiver
Chandra Wibowo W.
21
DIGITAL SIGNATURES:
AUTHENTICITY AND
NONDENIAL
• How can you ensure that a message is actually
coming from the person you think sent it?
• Similarly, how can you ensure that a person has no
way of denying he/she sent a particular message?
• One part of the answer is a digital signature –
the network equivalent of a personal signature
that cannot be forged. Digital signatures are
based on public key encryption.
• See figure 11.9 Digital Signature.
05 September 2002
Chandra Wibowo W.
22
Digital Signature
Public key of
Recipient
Message
Text
Encryption
Private Key of
Recipient
Ciphered
Text
Decryption
Message
Text
Signature
S ig n atu re
Sender
Receiver
Private Key of
Sender
05 September 2002
Public Key of
Sender
Chandra Wibowo W.
23
DIGITAL CERTIFICATES
AND CERTIFICATE
AUTHORITIES (CAs)
• If you have to know someone’s public key
to send them a message, where does it
come from and how can you be sure of
their actual identity. Æ Digital
Certificates verify that the holder of
public and private key is who they claim to
be.
• Digital certificates are issued by third
parties called certificate authorities
(CAs). Æ VeriSign (www.verisign.com).
05 September 2002
Chandra Wibowo W.
24
SECURE SOCKET LAYER
• SSL encrypts communications
between browsers and servers.
• S-HTTP Æ alternative protocol.
• SSL is a protocol that operates at
the TCP/IP layer. Æ SSL version 3.
05 September 2002
Chandra Wibowo W.
25
SECURE ELECTRONIC
TRANSACTIONS
• The SSL is not designed to handle any of the
steps beyond the transmission of the card
number.
• A cryptographic protocol that is designed to
handle complete transaction is SET, Æ jointly
developed by VISA, Mastercard, Netscape, and
Microsoft.
• The SET protocol provides authentication,
confidentiality, message integrity, and linkage,
and it relies on public and private keys for the
consumer and the merchant.
05 September 2002
Chandra Wibowo W.
26
FIREWALLS: ACCESS
CONTROL
• A firewall is a network node consisting of both hardware
and software that isolates a private network from a public
network.
• The are two basic types of firewalls:
1. Dual homed gateway – a special server (bastion gateway)
connects a private internal network to the outside Internet.
The gateway server has two network cards, so that data
packets reaching one card are not relayed to the other card.
Special software (proxies) run on the gateway server and pass
repackaged packets from one network to the other. There is a
proxy for each Internet service. See figure 11.10 Bastion Host
Gateway.
2. Screen host gateway – a network router is used to control
access to the bastion gateway. The router ensures that all
inbound traffic must pass through the bastion gateway. See
figure 11.11 Screened Subnet Gateway.
• Firewall systems can be created from scratch.
05 September 2002
Chandra Wibowo W.
27
VIRTUAL PRIVATE
NETWORKS
• An expensive alternative is a Virtual
Private Network (VPN).
• A VPN combines encryption,
authentication, and protocol tunneling to
provide secure transport of private
communications over the public Internet.
See table 11.4 VPN products and providers.
05 September 2002
Chandra Wibowo W.
28
Selling on the Web
•
FUNCTIONAL REQUIREMENTS
•
eCOMMERCE SOLUTIONS: OUTSOURCING vs INSOURCING
•
ELECTRONIC CATALOGS and MERCHANT SERVERS
•
eCOMMERCE SUITES
The TCP/IP, Web browsers, commercial Web servers, and firewalls
provide an open foundation for creating Web sites that can easily
support marketing and service activities.
Smaller or medium-sized companies with few IT staff and smaller
budgets are best served by outside contractors.
Electronic catalogs are the virtual equivalents of traditional product
catalogs. See figure 11.12. Merchant Server Architecture.
eCommerce suites offer merchants greater flexibility, specialization,
customization, and integration in supporting complete front- and backoffice functionality. See figure 11.13. Open Market EC Server
Architecture.
05 September 2002
Chandra Wibowo W.
29
Merchant Server
Architecture
Store HTML
Pages
3 rd Party
Applications
Merchant
Server
Internet
W eb Browser
Financial
Network
W eb Server
Database
Catalog Order
05 September 2002
Chandra Wibowo W.
30
Open Market eBusiness
Server Architecture
In te r n e t
W eb B row s er
C a ta lo g
A p p lic a tio n
C a ta lo g
D a ta b a s e
C u s to m e r
M a n a g e m e n t,
R e g is tr a tio n
P r o f ile s , S e r vic e
C u s to m e r
D a ta b a s e
O r d e r C a p tu r e ,
C o m p le tio n
O rd er
D a ta b a s e
W e b S e r ve r
F u lf illm e n t
S ys te m s
P a ym e n t
P r o c e s s in g ( S E T
& P u rc h as e
O rd er)
P a ym e n t
D a ta b a s e
F in a n c ia l
N e tw o r k
05 September 2002
Chandra Wibowo W.
31
Chatting on the Web
Online forums and chat groups are now being used for a variety
of purposes in EC.
• Communication centers – businesses whose primary service
is a virtual meeting place where communications can take
place among the participants.
• Customer service – a number of customer service sites now
offer online support where customers can converse with
help-line staff and other customers.
• Community discussion – several EC sites provide forums and
chat services with a marketing eye toward developing a
community of loyal users, followers, and advocates.
05 September 2002
Chandra Wibowo W.
32
Multimedia Delivery
Provide multimedia content and information for additional interactive
services.
• WEB CHASTING
•
•
Webcasting is a term used to describe Internet-based broadcasting of
audio and video content.
BANDWIDTH REQUIREMENTS for STREAMING AUDIO and
VIDEO
Bandwidth refers to the speed with which content can be delivered.
INTERNET TELEPHONES
Internet phones are not real telephones – they are programs that let you
talk with other people using the Internet. Æ The main attraction of
Internet telephones is cost.
Internet phones come in three versions:
1. PC-to-PC
2. PC-to-Phone
3. Phone-to-Phone
05 September 2002
Chandra Wibowo W.
33
Analyzing Web Visits
• Both B2C and B2B Web sites require a
through understanding of the usage
patterns of their sites – the who, what,
where, and when.
• Every time a user accesses a Web server,
the server logs the transaction in a special
access log file.
05 September 2002
Chandra Wibowo W.
34
Managerial Issues
1.
2.
3.
4.
5.
It is the business that count – When one thinks of the
Web, one immediately thinks of the technology.
In house or outsource – large scale companies should be
built in-house. Small companies should using the
outsourcing services.
Analyzing the data – One advantage of online marketing
and selling is that an automatic record is made of
everyone who visits your Web site.
Security – Hackers, Virus, etc.
Evolving – the web is still in its infancy. The underlying
standards, protocols, and governance continue to undergo
rapid change.
05 September 2002
Chandra Wibowo W.
35
Related documents
Database I Trigger
Database I Trigger
Running head: PERFORMANCE MEASUREMENT
Running head: PERFORMANCE MEASUREMENT
Intranets and Customer Asset Management Sistem e
Intranets and Customer Asset Management Sistem e
Database I, 4th Trigger
Database I, 4th Trigger
ANJAR TRI WIBOWO
ANJAR TRI WIBOWO
Database I Trigger
Database I Trigger
Database I, 3rd Trigger
Database I, 3rd Trigger
Advertisement in e-Business Advertisement in e
Advertisement in e-Business Advertisement in e
Download
advertisement