Ecommerce Essay Research Paper ECommerce Electronic Commerce

Ecommerce Essay, Research Paper

E-Commerce Electronic Commerce is defined by Webster’s Dictionary as using computer networks to conduct business, including buying and selling online, electronic funds transfer, business communications, and using computers to access business information resources. The Electronic Commerce Association describes electronic commerce as ‘doing business electronically’. More precisely we could describe electronic commerce as involving the exchange of information using a combination of structured messages (EDI), unstructured messages (e-mail and documents), data access and direct support for business processes across the value chain. The Internet is only a small fraction of e-commerce applications. Intranets, Electronic Data Interchange (EDI) and Enterprise Resource Planning (ERP) systems all contribute to business to business marketing, operations and financial services (Wareham, 2000). The Internet was designed to be used by government and academic users, but now it is rapidly becoming commercialized. It has on-line “shops”, even electronic “shopping malls”. Customers, browsing at their computers, can view products, read descriptions, and sometimes even try samples. They could pay by credit card, transmitting the necessary data by modem; but intercepting messages on the Internet is trivially easy for a smart hacker, so sending a credit-card number in an unscrambled message is inviting trouble. It would be relatively safe to send a credit card number encrypted with a hard-to-break code. That would require either a general adoption across the Internet of standard encoding protocols, or the making of prior arrangements between buyers and sellers. Both consumers and merchants could see a windfall if these problems are solved. For merchants, a secure and easily divisible supply of electronic money will motivate more Internet surfers to become on-line shoppers. Electronic money will also make it easier for smaller businesses to achieve a level of automation already enjoyed by many large corporations whose Electronic Data Interchange heritage means streams of electronic bits now flow instead of cash in back-end financial processes (E-commerce, 1999). We need to resolve four key technology issues before consumers and merchants anoint electric money with the same real and perceived values as our tangible bills and coins. These four key areas are security, authentication, anonymity, and divisibility. Commercial R&D departments and university labs are developing measures to address security for both Internet and private-network transactions. The answer to securing sensitive information, like credit-card numbers, is to encrypt the data before you send it out. MIT’s Kerberos is one of the best-known-private-key encryption technologies. It creates an encrypted data packet, called a ticket, which securely identifies the user. To make a purchase, you generate the ticket during a series of coded messages you exchange with a Kerberos server, whom sits between your computer system and the one you are communicating with. These latter two systems share a secret key with the Kerberos server to protect information from prying eyes and to assure that your data has not been altered during the transmission. But this technology has a potentially weak link: Breach the server, and the watchdog rolls over and plays dead. An alternative to private-key cryptography is a public-key system that directly connects consumers and merchants. Businesses need two keys in public-key encryption: one to encrypt the other to decrypt the message. (Smith, 2000). Everyone who expects to receive a message publishes a key. To send digital cash to someone, you look up the public key and use the algorithm to encrypt the payment. The recipient then uses the private half of the key pair for decryption. Although encryption fortifies our electronic transaction against thieves, there is a cost: The processing overhead of encryption/decryption makes high-volume, low-volume payments prohibitively expensive. Processing time for a reasonably safe digital signature conspires against keeping costs per transaction low. Depending on key length, an average machine can only sign between twenty and fifty messages per second. One way to factor out the overhead is to use a trustee organization, one that collects batches of small transaction before passing them on to the credit-card organization for processing. Encryption may help make the electric money more secure, but we also need guarantees that no one alters the data–most notably the denomination of the currency–at either end of the transaction. One form of verification is a secure hash algorithm, which represent a large file of multiple megabytes with a relatively short number consisting of a few hundred bits. We use the surrogate file–whose smaller size saves computing time–to verify the integrity of a larger block of data (E-Commerce, 1999). Hash algorithms work similarly to the checksums used in communications protocols: The sender adds up all the bytes in a data packet and appends the sum to the packet. The recipient performs the same calculation and compares the two sums to make sure everything arrived correctly. One possible implementation of secure hash functions is in a zero-knowledge-proof system, which relies on challenge/response protocols. The server poses a question, and the system seeking access offers an answer. If the answer checks out, access is grant