| Electronic Business (e-commerce) | |
|
Electronic business consists of performing business transactions electronically. It is based on the processing and electronic transfer of data, including text, images and video. Electronic business includes a wide range of activities, such as e-commerce for goods and services, on-line supply of digital contents, electronic transfer of funds, electronic purchase and sale of shares, electronic lading, auctions, designs and joint projects, provision of on-line services (on-line sourcing), public contracting, direct selling to the consumer and after-sales services. On the other hand, at the same time it covers products (e.g., consumer goods, specialised medical equipment) and services (e.g., legal, financial and information services), traditional activities (e.g., health care, education) and new activities (e.g., virtual shopping centres). |
|
|
|
|
|
It is believed that the term Information Highways was coined by Al Gore, an American Senator who later became the Vice-President. He was referring to a fast electronic network that would link up schools, institutes, Universities and other agencies in his country. What is true is that he was not referring to the Internet, but the similarities between the latter and the Information Highways are obvious. In some way. the Internet is now being used by schools, institutes, etc... as an electronic information network. The difference is that Internet mainly uses the existing telephone networks, networks with copper cable. The phrase high speed was a password point in Al Gore’s view. To reach it, it would require creating a completely new infrastructure with optic fibre cables, not just in the USA, but all over the world. They are already working on it, but it will still take years to complete the project. Meanwhile, if you want to get the most out of the
Internet, you’ll have to invest in the best equipment that you can to do
so. |
|
|
|
|
|
Authenticity : that is to say, guaranteeing that the two parties involved in a transaction are really who they say they are. This point is vitally important for the users who access a server, who must be sure about the legitimacy of the latter. Integrity: The message received by one of the parties must be identical to the one sent by the other. Said in other words, there must not be any alterations in the information sent, along its route through the network, whether they be accidental or intentional. Confidentiality: The messages sent may only be read by the addressee. This means that no person in the network can interfere or interpret these messages. Impossibility of denying to have made a transaction. Neither of the parties can deny that he/she has sent or received the pertinent messages. Thus, if a deal is struck through the network and one of the parties does not comply with that agreed to, the other one could take the corresponding legal action. The messages must have the same validity as if they were written down on paper and signed. |
|
|
|
|
|
The Safe Server is used to guarantee the confidentiality of the operations. Only if the clients have a compatible browser such as Netscape , or Microsoft Internet Explorer can they access this type of security.
|
|
|
|
|
|
A safe server is a server using html pages (World Wide Web type Service) that establishes a connection with the client, so that the information travels through Internet encrypted by means algorithms that ensure that it is only intelligible for the server and the browser that accesses the Web page. A safe server is the platform required that allows you to establish it on services that mean the transfer of information for which the confidentiality must be protected. It is an essential requirement for establishing services for electronic banking or of electronic business.
|
|
|
|
|
|
It is simple to find out whether we have connected to a
safe server. In the first place, the URL address begins by https://
instead of http:// (sometimes this address is accessed without the user
doing anything, since a password is keyed in that has it incorporated, or
else intentionally when you want to access a server in the secure mode).
Furthermore, in most browsers we receive a message stating that the secure
connection has been established. So, for example with the Netscape browser you are presented with the following messages:
|
|
|
|
|
|
A secure server works in the following way: A client accesses the secure Web address through the corresponding URL, such as for example, https://www.telefonica-data.com Once the connection has been established, the browser requests a secure connection. If the server that is accessed is a secure server, it will answer yes to the request by sending you an RSA type electronic certificate. After receiving this certificate, the browser will unpack it with the password from the certification authority, already integrated in the software, thus obtaining the password in accordance with the RSA algorithm. Finally, the client generates a password for asymmetrical encrypting in accordance with the IDEA algorithm and it is sent encrypted to the server (with your public password). From then onwards, both the client and the server can establish secure communications based on this symmetrical password, that both, and only they know. The symmetrical passwords are generated by chance in each session, hence there is no possibility that they may be known by any possible hackers.
|
|
|
|
|
 |
Security on Internet |
|
The idea of communicating with your business partners through Internet is attractive, but at the end of the day what is important for you is to be able to control what happens.
For individual users who connect to the Internet through an ISP, the question is, what do you want to protect?. If the connection is simply for accessing Web pages of the public type, security is not the main thing. If you send and receive messages by e-mail, the connection to the ISP will be just as safe as a normal telephone call.
Security is important depending what is in the message and what you want to happen if someone intercepts it. If this is an important factor, you can choose which programs encode the message. These programs work well providing that the addressee has the same program for decoding the message.
Most of the Companies that offer to sell products by Internet offer a secure transaction service that prevents the release of the data for your credit card. NEVERTHELESS, before purchasing a product, check with your supplier to make sure that it really offers this service. If that is not so, use an alternative method payment for sending the Company your personal data.
Commercial users cannot logically forget the question of security, especially if they have their own Web server and it forms part of a larger internal network. The appropriate precautions must be taken to prevent your server from being the gateway to the your organisation’s private network.
|
|
|
|
|
|
There are two aspects as far as security is concerned. One is making sure that everything that is sent through Internet (e-mail messages, documents, data of a financial nature) cannot be intercepted or used by external staff. To do this you require encoding.
The other thing is to make sure that the external staff cannot gain access to places that are strictly private belonging to your network.
You should focus on this question in unbalanced manner. You could close off the whole network, but that would mean making life more difficult for your own employees in the Company and any external partner or supplier that really might need to access information. Imagine what could happen with the travelling salesmen or those who work from home if they could not connect to your Intranet.
|
|
|
|
|
|
Yes, of course. But you would have to load the information in the host computer manually. Furthermore, whoever accesses this Web server from the public Internet would be stuck there, without being able to go any further. This configuration is good for Web sites that are only meant for the general public: those that carry information about the product, the Company background, numbers and public contact addresses, etc..
But this configuration would not be of any use for the travelling workers, for those who work from home, or for external suppliers. Furthermore, it would not be accessible from the your organisation’s Intranet.
In any case, experience shows that the systems with an independent configuration do not remain independent for very long. It is not very practical to load the information manually and, it represents a very poor advance in the application of Information Technology.
The most practical and safest method for connecting to Internet is through a protective barrier (a firewall).
|
|
|
|
|
|
This word comes from the car industry. In modern cars there is a barrier between the engine and the interior for the passengers that prevents fire from spreading towards the vulnerable areas.
In the computer industry, a protective barrier carries out a similar function by separating the vulnerable components. It is located between your network and the Web server, or between the latter and the public Internet.
A protective barrier is the result of the combination of hardware and software, and acts as an electronic guard. One well-known multinational Company has a Web server with so much traffic, as well as a network that is essential for its operations, that its system is made up by several servers. Hence, they check what and who is trying to enter and leave the network, taking note of each connection and finding the point of origin.
This is an extreme example of a protective barrier. Nevertheless, it demonstrates the type of security that can eventually be built around a system. When a Company depends on it, it gives you confidence.
|
|
|
|
|
|
A protective barrier does much more than simply protect your network from possible intruders. It can also provide vital information about the activity of the system. To sum up :
|
|
|
|
|
|
|
|
|
|
|
|
How many gateways or connections do you want to have Internet? Do you want to divide your internal network into different sealed compartments by protecting each one with a protective barrier?
The answer depends almost entirely on your configuration and your needs. A good example is that of a Company that some years ago enjoyed a gateway that handled all its overall traffic for Internet. With the increase in the activity, apart from the need to speed up the yield in some zones of the globe, it found that it had to establish multiple gates. Therefore, requiring multiple barriers.
|
|
|
|
|
|
All barriers offer a significant level of protection against possible unauthorised intrusions by hackers. However, nobody should think that significant means 100% security.
Monitoring should be carried out for the protective barriers, checking the historic files for the computers and making modifications to the line using the manufacturer’s recommendations. A protective barrier needs staff with experience so that they can be properly run.
And Virus? By themselves protective barriers cannot stop any virus that might have been incrusted in e-mail messages. If there are products on the market that can check there are no virus in the incoming messages.
Despite this, if your gateway handles a large number of e-mail messages, unacceptable delays will be caused as a result of the exhaustive check for virus. As happens with all subjects of security, the decision will always turn out to be a compromise between the cost, the risk and business needs.
|
|
|
|
|
|
There are over 150 different types of protective barriers on the market nowadays. Their tasks are essentially the same: they stop each call, they check it and only let it through if it meets certain pre-established requirements.
As happens with everything, depending on what you pay, the quality will be the same. Finally, let’s highlight the fact that the first protective barrier for Internet appeared in 1986 and that it was developed by Digital Equipment.
|
|
|
|
|
|
It is no more dangerous to purchase something through Internet with a credit card than buying it by telephone, or by mail, after seeing an announcement in the newspaper.
The risks are the same. There is no guarantee that the Company and the products really exist. And you have no way of preventing the information given (your name, credit card number, etc..) from being used for other purposes.
In the case of software, the main problem is receiving a virus or any other type of malicious code. Finally, in the same way that the banks and large stores attract thieves, those sites that enjoy sufficient commercial success on the Internet have become clear targets for the electronic criminal.
Good operators of commercial sites on Internet take precautions against theft. But that does not guarantee that it cannot happen, though it does help to cut down the risk.
If you are going to purchase something, the best thing is always to buy software (or other products) from a reputable Company. If you buy and sell, we recommend that you use some kind of encoding.
|
|
|
|
|
|
By using encoding. The data for a transfer are defined again in a mathematical process or algorithm. This is a secret code. The party receiving the data needs the right algorithm to decipher it.
The strength of the code is determined by the number of bits in the password used for decoding the data. If the right algorithm is used, a password of 2048-bits is deemed to be totally impossible to break.
|
|
|
|
|
|
There are several security standards. Some of the best ones have already been agreed upon by independent organizations:WC3, CERT and ESF are just some of them.
For example, in 1990 the largest forum in the world for security was set up, the European Security Forum (ESF). Members of the ESF are the 100 most influential European Companies, which continuously develop security guides and best working practices.
|
|
|
|
|
|
The Intranets that use public networks such as Internet are called virtual private networks or VPNs.
The main advantage of a virtual private network is that sits cost is low.
In order to provide a secure environment in a VPN, the tunnel concept is used. Once again, encoding ensures that the Intranet-Intranet connection is secure, although it is made through the public Internet.
|
|
|
|
|
|
A few years ago, only a handful of people had heard the word Internet. And even less people understood what it meant. Nowadays is an everyday word, and a large number of people know that the Internet is an astounding international network of computers that carries an amazing amount of information. Information that sometimes is for business, sometimes for governments and sometimes personal.
The great difference and, the reason why Internet is so popular, is that any computer that meets a number of norms may connect to it, without mattering which make it is. The rules have been developed over the years, but the great problem with Internet is that a short time ago it was difficult to find what you were looking for. At the beginning of the 90s, the solution was found with the advent of the WWW, that made it possible for practically anyone to be able to use and understand the Internet.
The term Intranet is very new. People also talk about "Internal Webs" and virtual private networks. They all mean the same. An Intranet applies the rules for Internet and from the Web to the internal network for a Company or an organisation. It means that the bases for the clients have the same look, as well as the files for contracts, the information on the products, etc., which means that it is easier to use for the employees. Since they use Internet standards for e-mail messages, they can offer savings in comparison with proprietary e-mail systems.
But using Internet technology does not mean that an Intranet is open to people who do not belong to your organisation.
Whilst the employees can access Internet on a global scale, apart from being able to do so with internal information, there are safety measures such as protective barriers (firewalls) that can be included so that only authorised people or groups can access a Company’s internal network. |
What is Electronic
Business
The password in
the bottom left corner, that usually appears split up is seen in full.