1a) Write a block diagram depicting an E-commerce architecture and explain.

Electronic commerce depends on the unspoken assumption that computers cooperate efficiently for seamless information sharing. Unfortunately, this assumption of interoperability has not been supported by the realities of practical computing. The Web community of developers and users is tackling these complex problems. Figure shows a block diagram depicting the numerous pieces that constitute a Web architecture. The architecture is made up of three primary entities: client browser, Web server, and third-party services. The client browser usually interacts with the WWW server, which acts as an intermediary in the interaction with third-party services. The client browser resides on th e users PC or workstation and provides an interface to the various types of content. The browser has to be smart enough to understand what file it is downloading and what browser extension it needs to activate to display the file. Browsers are also capable of manipulating local files. Web server functions can be categorized into information retrieval, data and transaction management, and security. b) Explain in detail the e-commerce architecture. The electronic commerce application architecture consists of six layers of functionality or services: 1) Applications Services: The application services layer of e-commerce will be comprised of existing and hope applications built on the native architecture. \\ 2) Brokerage services, data or transaction management: The information brokerage and management layer provides service integration through the concept of information brokerages, the development of which is necessitated by the increasing information resource fragmentation. \\ 3) Interface and support layers: Interface and support services, will provide interfaces for electronic commerce applications such as interactive catalogs and will support directory services job needed for information search and access. \\ 4) Secure messaging, security, and electronic document interchange: The importance of the fourth layer, secured messaging, is clear. Messaging is the software that sits between the network infrastructure and the clients or e-commerce applications, masking the peculiarities of the environment. 5) Middleware and structured document interchange: Middleware is a relatively new concept. With the growth of networks, client-server technology, and all other forms of communicating between / among unlike platforms, 6) Network infrastructure and basic communications services: Transparency implies that users should be unaware that they are accessing multiple systems. c) Explain EDI business application layer with a diagram. The first step in the EDI process creates a document in this case, an invoice in a softwareapplication. This software application then sends the document to an EDI translator, which automaticallyreformats the invoice into the agreed- on EDI standard. If these two pieces of software are fromdifferent vendors, it is very 1. important that the document preparation application seamlessly integrate withthe EDI translation software. If both the EDI translator and business application are on the same type of computer, the data willmove faster and more easily from one to another. The translator creates and wraps the document in anelectronic envelope EDI package that has a mailbox ID for the companys trading partners. The EDIwrapper software can be a module to the translator, a programming tool to write a different communicationsprotocols, or a separate application. d) Compare push and pull based supply chains. The business terms push and pull originated in the marketing and selling world.but are also applicable in the world of electronic content and supply chain management. The push/pull relationship is that between a product or piece of information and who is moving it. A customer "pulls" things towards themselves, while a producer "pushes" things toward customers. With a push-based supply chain, products are pushed through the channel, from the production side up to the retailer. The manufacturer sets production at a level in accord with historical ordering patterns from retailers. It takes longer for a push-based supply chain to respond to changes in demand, which can result in overstocking or bottlenecks and delays, unacceptable service levels and product obsolescence. In a pull-based supply chain, procurement, production and distribution are demand driven so that they are coordinated with actual customer orders, rather than forecast demand. 96.Name of few operations performed by e-commerce? 1)Transactions between a supplier/a shopkeeper and a buyer or between two companies over a public network like the service provider network (like ISP). With suitable encryption of data and security for transaction, entire operation of selling/buying and settlement of accounts can be automated. 2)Transactions with the trading partners or between the officers of the company located at different locations. 3)Information gathering needed for market research. 4)Information processing for decision making at different levels of management. 5)Information manipulation for operations and supply chain management. 6)Maintenance of records needed for legal purposes, including taxation, legal suits etc. 95. Explain the three broad phases of consumers perspective?(repeated)The business process model from a consumers perspective consists of seven activities that can be grouped into three phases: pre-purchase phase, purchase consummation, and post-purchase interaction. Pre-purchase Preparative: The pre-purchase preparation phase includes search and discovery for a set of products in the larger information space capable of meeting customer requirements and products selection from the smaller set of products based on attribute comparison. 2)Purchase Consummation:The purchase consummation phase includes mercantile protocols that specify the flow of information and documents associated with purchasing and negotiation with purchasing and negotiation with merchants for suitable terms, such as price, availability, and delivery dates; and electronic payment.Post-purchase interaction: The post-

purchase interaction phase includes customer service and support to address customer complaints, product returns, and product defects. 80. What is non-repudiation? List the four basic goals of electronic security. A person cannot deny after having sent / received a message. Non-repudiation of origin -The ability to identify who sent the information originally versus which intermediary forwarded it. Nonrepudiation of receipt-The ability to identify that the information was received by the final addressed destination in a manner that cannot be repudiated. The information has been opened and interpreted to some degree. Nonrepudiation of delivery - The ability to identify whether the information was delivered to an appropriate in a manner if cannot repudiate. Computer security has several fundamental goals. They are following: 1. Privacy: Keep private documents private, using encryption, passwords, and access-control systems. 2. Integrity: Data and applications should be safe from modification without the owners consent. 3. Authentication: Ensure that the people using the computer are the authorized users of that system. 4. Availability: The end system (host) and data should be available when needed by the authorized user. 81. What is meant by integrity of data ? Explain the encryption Algorithm onwhich SSL depends. Data integrity is data that has a complete or whole structure. All characteristics of the data including business rules, rules for how pieces of data relate, dates, definitions and lineage must be correct for data to be complete. Per the discipline of data architecture, when functions are performed on the data the functions must ensure integrity. Examples of functions are transforming the data, storing the history, storing the definitions (Metadata) and storing the lineage of the data as it moves from one place to another. The most important aspect of data integrity per the data architecture discipline is to expose the data, the functions and the data's characteristics. Data that has integrity is identically maintained during any operation (such as transfer, storage or retrieval). Put simply in business terms, data integrity is the assurance that data is consistent, certified and can be reconciled. In terms of a database data integrity refers to the process of ensuring that a database remains an accurate reflection of the universe of discourse it is modelling or representing. In other words there is a close correspondence between the facts stored in the database and the real world it models [A Web server that utilizes security protocols like SSLto encrypt and decrypt data, messages, and online payment gateways to accept credit cards, to protect them against fraud, false identification, or third party tampering. Purchasing from a secure Web server ensures that a user's credit card information, or personal information can be encrypted with a secret code that is difficult to break. Popular security protocols include SSL, SHTTP, SSH2, SFTP, PCT, and IPSec. b) Explain Mercantile models from the merchants perspective. Ans:- i) Order planning and Order generation: - Order planning leads intoorder generation. Orders are generated by broadcast ads, sending personalized e-mail to the customer, or creating web pages.Cost Estimation and Pricing: - Pricing is the bridge between customer needs and company capabilities. Pricing at the individual order level depends on understanding, the value to the customer that is generated by each order, and instituting a system that enables the company to price each order based on its valued and cost. Order Receipt and Entry:- In this step customer enter his order about services and products that he want to buy. This department is staffed by very experienced employees. Order Selection and Prioritization: - In this phase CSRs decide that which orders to accept and which to decline and set priorities because some orders are better for business. Order Scheduling: - It means slotting the selected order into an actual production or operational sequence. This is very difficult because the different functional departments like-sales, marketing, customer service etc may have conflicting their goals. Order fulfillment and Delivery: -- This is very complex phase where the actual provision of the product or service is made. Order Billing and Account/Payment Management:- Post-sales Service:- It play important role in companys profit equation. Depending upon the specific of the busin ess, it can include element as physical installation of a product, repair and maintenance. Because of the information conveyed and intimacy involved, post sales services can affect customer satisfaction and company profit. What are the three types electronic tokens? Explain.Ans: i)Cash or real-time: Transactions are settled with the exchange of electronic currency.ii)Debit or prepaid: User pay in advance for the privilege of getting information. Exsmart card, and electronic purses iii)Credit or postpaid: The server authenticate the customers and verify with the bank that funds are adequate before purchase. . Draw the layered architecture of EDI.EDI consists of following layers:- i) Semantic or Application Layer:- It describes the business application that is driving EDI. The information seen at the EDI semantic layer must be translated from a company specific form to a universal form so that it can be sent to various trading partners, who could be using a variety of software applications at their end.Standard or Translation Layer:- It consists of some compatible EDI document translation software such as X12, FACT. When a trading partner sends a document, EDI translator converts the proprietary format into standard format by the processing system. When another trading partner receives this document then EDI translator again changes the standard format into proprietary format so that both companies read easily the documents of each other. Transport Layer:This layer provide carrier such as E-mail, HTTP, MIME, FTP, TELNET etc to send information or document from one company to another company. Physical Layer:- It consists of physical means such as Dial-up lines, Internet, I-way, and modem this makes a network through which an e-mail can be send to the destination List the various issues in e-payment system.Ans: Steps involved in designing electronic payment system: i) Privacy:- A user expects to trust in a secure system

2to ensure own privacy.Security:- A secure system verifies the identity of two party transaction through user authentication and reserves flexibility to restrict information through access control. Database integration:- It means joining all types of databases together and allow customers to access any of them to keep the data update and error free, Intuitive interface:- The payment interface should be easy to use. Brokers:- In e-payment system, banker play the role of brokers. It facilitates the financial transaction electronically their account holder. Pricing:Pricing should be subsidiary. It should be used to encourage users to shift from one form of payment to another such as cash to bank payments, and paper based to e-cash. Standard:- Standards enable interoperability, giving users the ability to buy and receive information, without regarding the bank which is managing their money. What do you mean by value added networks (VANS) ? Explain.Ans: A VAN is a communications network that exchange EDI messages among trading partners. It also provides other services, including holding messages in electronic mailboxes interfacing with other VANs and supporting many telecommunications modes and transfer protocols.Business can exchange data either by connecting to each other directly or by hooking into a VAN. VAN can safeguard the transaction network by allowing companies to automatically and securely exchange purchase order, invoices, and payments. When a company sends an EDI transaction, it arrives at a message storehouse on the VAN to await pickup by the destination company.A VANs electronic mailbox is a software feature into which a user depositsEDI transactions and then retrieves those messages when convenient. It works much like residential personal mailboxes, and it allows everyone involved to be flexible and cost- effective.The disadvantage of VANs for EDI is that they are slow and high priced, charging by the number of characters transmitted. With connect time and mailbox charges factored in, companies incur charges of many thousands of dollars Give the characteristics of supply chain management.Ans: Characteristics of SCM: i) An ability to source raw material or finished goods from anywhere in the world.//A centralized, global business and management strategy with flawless local execution.// On-line, real-time distributed information processing to the desktop, providing total supply chain information visibility. //The ability to manage information across industries and enterprises.// The seamless integration of all supply chain processes including third-party suppliers, information systems, cost accounting etc.// The development and implementation of accounting models such as activity based costing that link cost to performance are used as tools for cost reduction. //A reconfiguration of the supply chain organization into high performance team. 10. List the six layers of E-Commerce architecture and what are the four types of purchases?Ans: Following are the six layer of E-commerce:-Application Service:- The application service layer of E-commerce will be comprised of existing and future applications built on the innate architecture. This application can be distinguished between customer-to-business, business-tobusiness, and intra organization. Information Brokerage and Management:- This layer provides service integration through the notion of information brokerages, the development of information resource fragmentation. This layer is used to represent an intermediary who provides price, fast service, or profit maximization for a client. It also addresses the issue of adding value to the information that is retrieved. Interface and Support Service:- It will provide interfaces for electronic commerce application such as interactive catalogs and will support directory services- function necessary for information search and access. Secure Messaging and Structured Document Interchange Service:- Messaging is the software that sits between the network infrastructure and the clients or ecommerce application.This service offers solutions for communicating nonformatted data-letters, memos, and reports as well as formatted data such purchase orders, shipping notice, and invoices. It supports delayed and immediate message delivery and processing and not associated with any communication protocol.Middleware services:- Middleware is the ultimate mediator between diverse software programs that enables them talk to one another. It is the computing shift from application centric to data centric. Transparency:Transparency implies that users should be unaware that they are accessing multiple systems. It is essential for dealing with higher-level issues then physical media and interconnection that the underlying network infrastructure is in charge of.There are four types of purchases:--a) Specifically planned purchases b) Generally planned purchases c) Reminder purchase d) Entirely unplanned purchases. The disadvantage of VANs for EDI is that they are slow and high priced, charging by the number of characters transmitted. With connect time and mailbox charges factored in, companies incur charges of many thousands of dollars.Following are the main costs of VAN:--i)Account Starts-UP Costs:Opening an account with a VAN incurs start-up costs. The start-up cost vary depending on the EDI readiness of the organization and trading partner, the number of trading partners, line attachment options, and software application options.Usage or Variable Costs:- VANs charge session fee based on the of their services. If a user agrees to cover all of the costs, the VAN can charge twice for each transaction. 1) when the user sends or receives, and 2) when a trading partner sends or receives. Some VANs allow users to bundle several transaction set into a single envelop while other open the interchange and charge for each transaction set in the envelope. Other support and software cost are hidden. Interconnect Costs:- It charges by VANs when a company exchanges EDI data with a trading partner that subscribes to a different VAN. Most VANs offer interconnects, but they charge monthly fees for using them. If no transaction are sent, there is only the monthly charge for the mailbox and interconnect fee. What is the main difference between horizontal and vertical organization?

What are the two main categories of SCM?Ans: Horizontal organization:The structure of a horizontal organization is two-tiered a core group of senior management responsible for strategic decisions and policies, and a stratum of employees in process teams. The objective of a horizontal structure is to change the staffs focus from coordinating and reporting to improving flow managements and work quality and increasing value for customers.In horizontal organization, information is processed at each local level by process teams. Process team can resolve problems quickly, and in this way permit the company to operate with flexibility in changing environment.The principle goal of this organization is to facilitate the smooth transition of intermediate products and services through its various functions to the customer.Vertical Organization:- This is a multilayered organization. It allows gaps to exist between employees from different departments. The lower the level in the hierarchy, the larger the gap. These gaps expand with geographic dispersion and corporate growth.The vertical approach to corporate management poses two problems to smooth operations. First, it creates boundaries that discourage employee in different department. Second, department goals are typically set in a way that could cause friction among departments The drawback of this organization is its failure to provide an environment that fosters understanding and cooperation between departmentsThe two main categories of SCM are: - i) push based supply chain ii) pull based supply chain . What are the two approaches of virtual organization and what are the primary elements of SCM?Ans: Two approaches of virtual organization: - i) Downward networking:- It is initiated by a large, vertically integrated company seeking to reduce its overhead by outsourcing. Outsourcing breaks down the companys vertical structure. It has two purposes: To reduce costs associated with fixed assets and to maintain a focus on key operations.ii) Literal: - This approach is observed in small, specialized firms that, in the interest of seeking strategic alliances, from partnerships along a value added chain. Each such core firm can benefit by modeling the adaptively and responsiveness of a small, specialized company and the scale economies of a large and integrated firm.Primary elements of SCM: - a) Logistics and distribution:- Logistics is a relatively new discipline that deals with the integration of materials management and physical distribution. Logistics and SCM are sometimes interchanged.Integrated marketing and distribution: - In e-commerce, the order process could be initiated by marketing information systems such as point-of-sale systems. Today, aids of technology integrated the customer directly and react to change in demand by modifying the supply chain. Agile manufacturing: Consumers and manufactures are stressing quality and speed. One of the most influential visions of production goes by the name of agile manufacturing . What is IP spoofing and Telnet? Explain the basic principle of Kerberos. Ans: IP spoofing: It is technique that can lead to root access on a system. It is the tool that intruders often use to take over open terminal and login connections after they get root access. Intruders create packet with spoofed source IP address. There are two type of IP spoofing: User in the middle attack, Source routing attack.Telnet:- It enables user to log on to remote computers. Telnet does little to detect and protect against unauthorized access. It is generally supported either by using an application gateway or by configuring a router.Basic Principle of Kerberos: i) Both one-way and two-way authentication are supported.//Authentication should be achieved without transmitting unencrypted passwords over a network.//Clear text passwords entered by client users should be retained in memory for shortest time//.Each authentication should have a finite lifetime. //Network authentication should be nearly unnoticed by users. //No unencrypted password should be stored in the KDC. //Authentication should be limited to the length of the users current login sessions. Explain four objectives of SET and what are the seven major business requirements addressed by SET ?Ans: Objectives of SET: i) Motivation:- The primary motivation for the bankcard association to provide specification for secure payments are:- a) To have the bankcard community take a leadership position in establishing secure payment.b) To respect and preserve the relationship among merchant, Acquirer and cardholder, Issuer.Payment security:It focusing on providing authentication of cardholders, merchants and acquirers. It preserves the integrity of payment data and defines the algorithms and protocols necessary for these security services. Interoperability:- It clearly define the detailed information to ensure that application developed by one vendor will interoperate with application developed by other vendors. It creates and supports an open payment card standard and also defines exportable technology throughout, in order to encourage globally interoperable software. Market acceptance:- This allows for bolt-on implementation of the protocol to existing client applications and minimize change to the relationship between acquirers and merchant, and cardholders and issuers. It achieves global acceptance, via ease of implementation and minimal impact on merchant and cardholder and user. Major Business Requirements: i) It provides confidentiality of payment information and order information that is transmitted along with the payment information.ii) It ensures integrity for all transmitted data.//It facilitates and encourages interoperability across software and network providers.//It provides authentication that a cardholder is a legitimate user of a branded payment card account. It ensures the use of the best security practice and system 29. Explain public key and secret key cryptography techniques.Ans: There are two types of cryptography:- i) secret-key cryptography:- In secret key cryptography, the same key is used to encrypt and decrypt the messages. So the sender and receiver must share that secret key. This type of cryptography is impractical for exchanging messages with a large group of previously unknown correspondents over a public network. Thewell known cryptography algorithm is the Data Encryption Standard (DES), which is used by financial institutions to

3encrypt PINs.ii) Public key cryptography:- In this, two keys are uses, one for encrypt and other for decrypt the messages. So each user has two keys a public key is distributed to all because it is used to encrypt the message and a private key only known by user that is used to decrypt the message. These two keys are mathematically related such that data encrypted with either key only be decrypted using the other. It is also known as asymmetric cryptography. The well known public key encryption algorithm is Rivest, Shamir and Adleman (RSA). What is spoofing ? Explain with the help of an example.Ans: Spoofing is also known as IP spoofing. It is technique that can lead to root access on a system. It is the tool that intruders often use to take over open terminal and login connections after they get root access. Intruders create packet with spoofed source IP address.There are two type of IP spoofing:-- i) User in the middle attack means the attacker is able to send you packet and when you reply they intercept that packet.ii) Source routing attack means attacker exploit the IP headers source routing option to dictate about the route of packets.Ex- Creating a duplicate website with copying or using the IP address of original website. DescribeVAN pricing system consists of following:-i)Account Starts-UP Costs:- Opening an account with a VAN incurs start-up costs. The start-up cost vary depending on the EDI readiness of the organization and trading partner, the number of trading partners, line attachment options, and software application options.Usage or Variable Costs:- VANs charge session fee based on the of their services. If a user agrees to cover all of the costs, the VAN can charge twice for each transaction. 1) when the user sends or receives, and 2) when a trading partner sends or receives. Some VANs allow users to bundle several transaction set into a single envelop while other open the interchange and charge for each transaction set in the envelope. Other support and software cost are hidden. Interconnect Costs:- It charges by VANs when a company exchanges EDI data with a trading partner that subscribes to a different VAN. Most VANs offer interconnects, but they charge monthly fees for using them. If no transaction are sent, there is only the monthly charge for the mailbox and interconnect fee. ) What is SCM? Explain the primary elements of SCM.Ans: SCM- SCM stands for Supply Chain Management. It is an integrating process based on the flawless delivery of basic and customized services. SCM optimizes information and product flows from the receipt of the order, to purchase of raw materials, to delivery and consumption of finished goods. It plays an important role in the management of processes that cut across functional and departmental boundaries. Primary elements of SCM: - a) Logistics and distribution:- Logistics is a relatively new discipline that deals with the integration of materials management and physical distribution. Logistics and SCM are sometimes interchanged because SCM as an umbrella that incorporates the logistics function.Integrated marketing and distribution: - In e-commerce, the order process could be initiated by marketing information systems such as point-of-sale systems. Today, aids of technology integrated the customer directly and react to change in demand by modifying the supply chain. Agile manufacturing: - Consumers and manufactures are stressing quality and speed. One of the most influential visions of production goes by the name of agile manufacturing. What are the normal constraints put on e-cash?Ans: The normal constraints puts on e-cash are: -- i) The time over which a given electronic money is valid. //Limit of amount that can be stored on and transferred by e-money. //The number of exchanges that can take place before money needs to be redepositing with a bank. //The number of transaction that can be made during a given period of time Some desirable characteristics of e-commerce are following:-Global reach: An e-commerce website is accessible to a global audience. Only an Internet connection is required to connect to an e-commerce website. Therefore, billions of users who browse the Internet have access to the products and services displayed on an e-commerce website. Instant availability: An e-commerce website is available 24 hours a day and 365 days a year. However, in traditional way of conducting commerce, customers can purchase the products only during working hours. Systematic communication: An e-commerce website displays the information of the products it is selling in a systematic and organized manner. For example, if you are looking for information about a book on a website, you can get additional information such as the contents of the book, the reviews of the book, and the authors views etc on the book. Reduced paperwork: Earlier when a business organization exported its products overseas, it was required to fill in several pages of information, which was not only time-consuming but also frustrating. However, with the evolution of e-commerce where limited information is required, which is transferred electronically, the paperwork has reduced significantly.Easier entry into new markets: E-commerce enables new business houses to easily enter into new geographical areas and start selling. For this, the business house doesnt need to set up branch offices at all geographic locations. Business organizations can now present corporate data online. Lower transaction cost: The overall cost involved is less because most of the transactions take place online. In addition, customer service can be provided over e-mail. When a business house plans to go online, it needs to invest money in setting the infrastructure that includes creating and maintaining a website. What are the two basic types of physical data security? Name two types of threats to data.Ans: Security implies safety, including assurance of data integrity, freedom from unauthorized access or snooping or wiretapping, and disruption of service.There are two basic type of data security:- i) Data Integrity:It means protecting information from an unauthorized change.Data Availability:It means guaranteeing that outsiders cannot prevent legitimate data access by saturating a network.Following are two threats to data:- i) Active threat:- It involves some modification of the data stream or the creation of a false stream in documents or files or information. It is difficult to ultimately prevent active

attacks because this would require physical protections of all hosts and or communications facilities all the time. It grouped into three categories: messagestream modification, denial of message of service, and masquerade ii) Passive threat:- It involves monitoring the transmission data of an organization. The goal of attack is to obtain information that is being transmitted. This is difficult to detect because it does not involve alteration of the data. But it is feasible to prevent this attack from being successful.It is grouped into two categories: release of message contents, traffic analysis. What is EFT ? List any four components of EDI implementation.Ans: EFT stands for Electronic Fund Transfer. It is the way of automatic transfer of funds among banks and other organizations.Following are the four components of EDI implementation layer:--a)Common EDI standards:- It dictates syntax and standardize on the business language. It basically specifies transaction setscomplete sets of business documents.b) Translation software:- It sends messages between trading partners, integrates data into and from existing computer application, and translate among EDI message standards.Trading partners:- These are a firms customers and suppliers with whom business is conducted. EDI (Value-Added Network services) VANs:- A VAN is a third party service provider that manages data communications networks for business that exchange electronic data with other businesses. Banks:- It facilitate payment and remittance. List the OMCs (Order Management Cycle) generic steps.Ans: OMC has eight generic steps which grouped in three phases:--Phase 1. Presales Interaction: //Customer inquiry and order planning and generation. //Cost estimation and pricing of product. Phase 2. Product service production and delivery://Order receipt and entry. //Order Selection and Prioritization. //Order Scheduling.// Order fulfillment and delivery. Phase 3. Post Sales Interaction://Order billing and account/payment management.//Customer service and support. What are the desirable characteristics of E-marketing?Ans: Characteristics of E-marketing: -- i) Critical mass of buyers and sellers:- The trick is getting a critical mass of corporations and consumers to use electronic mechanisms. The emarketing is the place where customers go to find the product and services they need.ii)Opportunity for independent evaluation and for customer dialogue and discussion:- In the market place users not only buy and sell the products or services, they also compare notes on product who has the best and whose prices are less.Negotiation and bargaining:- Buyers and sellers need to be able to haggle over conditions of mutual satisfaction, including money, terms and conditions, delivery dates, and evaluation criteria. New product and service;- In a market place consumer can make request for products and services offered currently rather they also say about those product that belongs to their requirement and expectation. They can also ask for modification, upgradation of products and services. Seamless interface:- The biggest barrier to electronic trade is having all the pieces work together so that information can flow seamlessly from one source to another. This requires standardization Recourse for disgruntled buyers:-- A viable marketing must have a recognized mechanism for resolving disputes among buyer and seller. Market should include a provision for resolving disagreements by returning the product or through arbitrage in other cases. Explain different categories of operations come under e-commerce.Ans: Operations come under e-commerce: -- i) Transactions between a supplier and a buyer or between two companies over a public network such as ISP.Transaction with the trading partners or between the officers of the company located at different location. //Information gathering needed for market research. //Information processing for decision making at different levels of management. //Maintenance of records needed for legal purpose, including taxation, legal suits. //Transaction for information distributions to different retailers, customers including advertising, sales and marketing. //Information manipulation for operations and supply chain management. What are EDI and electronic fund transfer? Ans: EDI stands for Electronic Data Interchange. This is the inter-process communication of business information in standard electronic form. Using EDI, trading partners establish computer-to-computer links that enable them to exchange information electronically.EFT is the process of fund transforming through internet. These both EDI and EFT are technologies that is used to exchanging the information during the e-transaction. Explain secure socket layer (SSL).Ans: It is a security protocol that provides privacy over the internet. The protocol allows client/server application to communicate in a way that data transmission cannot be disclosed. This is an application independent protocol. SSL employs RSA cryptographic technique to implement data encryption. What is the need for seamless connections? Define a Software Agent .Ans: Seamless connection: - The biggest barrier to electronic trade is having all the pieces work together so that information can flow seamlessly from one source to another. This requires standardization.Software Agent: -Software agents are encapsulation of user instructions that perform all kinds of tasks in electronic marketplaces spread across networks. It is used to implement information brokerages. It will take a while to solve the problems of inter-agent communication, interoperable agents, and other headaches that come with distributed computing and networking 8. What are the categories of consumers? Ans: categories of consumer: -- i) Impulsive buyers:- They purchase products quickly.Patient buyers:- They purchase product after making some comparisons.Analytical buyers:-They do substantial research before making the decision to purchase products or services. 9. How does digital signature works? List any two tangible benefits of EDI.Ans: Digital signature works by providing two keys, one with the public and

4other privately with the layer. The signature is coded with both.Tangible benefits of EDI: -- i) It is a cost and time saving system.ii) It improves problem resolution and customer services.ii) It expand customer/supplier base. 10. What is Supply Chain Management? Define virtual organization.Ans: SCM is an integrating process based on the flawless delivery of basic and customized services. It plays an important role in the management of processes that cut across functional and departmental boundaries.Virtual organization:- It is a organization closely coupled upstream with its suppliers and downstream with its customers. This is a multilayered organization. It allows gaps to exist between employees from different departments. Explain different operations carried out in e-commerce.Ans: Operations came under e-commerce: -- i) Transactions between a supplier and a buyer or between two companies over a public network such as ISP.Transaction with the trading partners or between the officers of the company located at different location. //Information gathering needed for market research. //Information processing for decision making at different levels of management. //Maintenance of records needed for legal purpose, including taxation, legal suits. //Transaction for information distributions to different retailers, customers including advertising, sales and marketing Explain the three stages of e-commerce architecture on web?Ans: Stages of e-commerce architecture on the web:- a) Client browser :- It resides on the users PC or workstation and provides an interface to the various type of content. It easily understands that what file it is downloading and what browser extension it needs to display the file.//Web server: - It retrieves information and data, manage transaction and security. //The third party services: - It could be other web server that makes up the digital library, information processing tool, and electronic payment system. What is E-Commerce? List the various activities carried out in ECommerce.Ans: E-Commerce -The process of buying and selling of products and services through web or internet is termed as e-commerce.Activities came under e-commerce:-- i) Transactions between a supplier and a buyer or between two companies over a public network such as ISP.//Transaction with the trading partners or between the officers of the company located at different location. //Information gathering needed for market research. //Information processing for decision making at different levels of management. //Maintenance of records needed for legal purpose, including taxation, legal suits. //Transaction for information distributions to different retailers, customers including advertising, sales and marketing. 18. List the different layers of EDI implementation.Ans: i) Business Application Layer- This layer creates a document send it to an EDI translator layer.ii) Translator layer- It describe the relationship between the data elements in the business application and the EDI standards. iii) Internal format conversation iv) EDI envelop for document messaging 19. What are software agents?Ans: -- Software agents are encapsulation of user instructions that perform all kinds of tasks in electronic marketplaces spread across networks. It is used to implement information brokerages. It will take a while to solve the problems of inter-agent communication, interoperable agents, and other headaches that come with distributed computing and networking. 20.What is firewall? What are the three types of firewall? Ans: Firewall is a security device that allows limited access out of and into one network from internet. It is a piece of hardware that is connected to a network to protect it from agents. It only permits approved traffic in and out of ones local site. It operates at the application, network, and transport layers of Protocol stack.There are three type of firewalls:- i) Packet filter ii) Application-level gateway iii) Proxy server Explain secure electronic payment protocol.Ans: SEPP is a joint development of IBM, Netscape, GTE, Cyber cash, and MasterCard. It is an open, vendorneutral, nonproprietary, license free protocol for secure on-line transaction. It addresses following business requirements:-- i) To enable confidentiality of payment information.ii) To ensure integrity of all payment data transmitted. iii) To provide authentication that a cardholder is the legitimate owner of a card account. iv) To provide authentication that a merchant can accept MasterCard, branded card payments with an acquiring member financial institution.SEPP is the electronic equivalent of the paper charge slip, signature and submission process. It takes input from the negotiation process and cause the payment to happen via three way communications among the cardholder, merchant, and acquirer.The SEPP system is composed of a collection of elements involved in ecommerce such as Card holder, Merchant, Acquirer, Certificate management system, and Banknet. What are the normal constraints put on e-cash?Ans: The normal constraints puts on e-cash are: -- i) The time over which a given electronic money is valid.//The number of exchanges that can take place before money needs to be redepositing with a bank. //The number of transaction that can be made during a given period of time. 21.b) What is e-cash give the properties of e-cash ?Ans: E Cash:- Electronic cash is a new concept in on-line payment system. It combines computerized convenience with security and privacy that improve on paper cash. It is an attractive alternative way for payment over the internet.Properties of E-Cash: i) It must have a monetary value. It must be backed by a bank-authorized credit, or a bank certified cashiers check.//E-Cash must be interoperable means it is exchangeable as payment for other e-cash, paper cash, deposits in banking accounts etc. //E-cash must be storable and retrievable. The cash could be stored on a remote computers memory and easily transported into standard or special purpose devices. //E-Cash should not be easy to copy or tamper with while being exchanged. This includes preventing or detecting duplication and double

spending. Detection is essential in order to audit whether prevention is working. What is electronic purse? Explain. If an EDI network fails to deliver the message who is responsible for that?Ans: Electronic Purse: -- It is a type smart card. Electronic purse is a wallet sized smart cards embedded with programmable microchips that store sums of money for people to use instead of cash. Electronic purse is also known as electronic money and Debit card.Working of Electronic purse:- When the purse is loaded with money, at an ATM or through the use of an expensive telephone. It can be used to pay. For example:- If you want to buy a candy in a vending machine equipped with a card reader. First, insert the card in the vending machine, the vending machine verifies that card is authentic and there is enough money to buy a candy. If yes, the machine deducts the cost of candy from the balance on the card and adds it to an e-cash box. The remaining balance is displayed on the card.When the balance on an electronic purse is depleted, the purse can be recharge with more money.If an EDI network fails to deliver the message, who is responsible for that is not decided as yet. What is the purpose of Kerberos?Ans: Purpose of Kerberos:- It is designed for following purposes:--i)To provide both one-way and two-way authentication. //Authentication should be achieved without transmitting unencrypted passwords over a network. //Clear text passwords entered by client users should be retained in memory for shortest time. //Each authentication should have a finite lifetime. //Network authentication should be nearly unnoticed by users. //Minimal effort should be required to modify existing application that formerly used other, less secure authentication schemes. //Authentication should be limited to the length of the users current login sessions. Explain the secure socket layer in detail.Ans: SSL is a security protocol developed by Netscape communications. It provides privacy over the internet. This protocol allows client/server applications to communicate in a way thats why data transmission cant be disclosed or altered.SSL uses three -part process. First, information is encrypted to prevent unauthorized disclosure. Second, the information is authenticated to make sure that the information is beingsent and received by the correct party. Third, it provides message integrity to prevent the information from being altered during interchanges between the source and sink.SSL depends on RSA encryption for exchange of the session key and client/server authentication and for various other cryptographic algorithms.The strength of SSL is that it is application independent. SSL provides channel security through encryption and reliability through a message integrity check. To implement the SSL a merchant to use the Netscape server and the buyer to use Netscape browser software. QExplain digital signature technique. 5 If digital signatures are to replace handwritten signatures, they must have the same legal status as handwritten signatures. The digital signature provides a means for a third party to verify that the notarized object is authentic. Digital signatures should have greater legal authority than handwritten signatures. If the contract was signed by digital signatures, however, a third party can verify that not one byte of the contract has been altered. QMention some hacking techniques. Some Hacking Techniques:Stolen access: Involves the use of another users ID or password without permission to gain access to the internet. Stolen resources: Search for processors to store stolen software and data bases. Internet virus: Virus designed to traverse through the network, passing through multiple processors and either sending information back to the originator or doing damage to the processors it passes though. Email Impostures: Sending email while falsifying from field Email passes through at least two nodes to be received, email. Email snooping: passes through these nodes, and is stored transiently, it is susceptible to people tithe systemaccess, unless secured.Sniffing: If a hacker has gained access to a host, the hacker may set up sniffing programs to observe traffic storing information (IDs/passwords) that can be used to compromise other systems. Spoofing: Assuming someone elses identity, whether it is a login ID, an IP address a server, or an e-commerce merchant. Async attacks: While programs are idle in host memory, a hacker may have the opportunity to access the rograms data. Trojan horses: Viruses concealed within a software package injected into a host. May be destructive or perform some covert activity designed to send data back to the hacker. 47. Name three broad phases of consumers perspective and give categories of consumers. Pre-purchase Preparative: The pre-purchase preparation phase includes search and discovery for a set of products in the larger information space capable of meeting customer requirements and products selection from the smaller set of products based on attribute comparison. PurchaseConsummation: The purchase consummation phase includes mercantile protocols that pecify the flow of information and documents associated with purchasing and negotiation with purchasing and negotiation with merchants for suitable terms, such as price, availability, and delivery dates; and electronic payment mechanisms that integrate payment into the purchasing process. Post-purchase interaction: The post-purchase interaction phase includes customer service and support to address customer complaints, product returns, and product defects. Purchase deliberation is defined as the elapsed time between a consumers first thinking about buying and the actual purchase c) Viruses and worms. A virus is a program that can affect other programs by modifying them, the modified program includes a copy of the virus program, which can then go into another programs. A warm is a program that makes use of networking software to replicate itself and move from system to system. The worm performs some activity on each system it gains access to, such as consuming processor resources or depositing viruses.Countering the threat of viruses: The best solution for the threat of viruses is prevention: do not allow a virus to get into the system in the first place. In general, this goal is impossible to

achieve, although prevention can reduce the number of successful viral attacks. The next best approach is to do the following: Detection: After the infection has occurred, determine that it has occurred and locate the virus. Purging: Remove the virus from all infected systems so that the disease cannot spread further. Recovery: Recover any lost data or programs.Because of the variety of viruses, there is no universal remedy. A number of programs provide someprotection, and the security manager should be advised to contact several vendors and assess their products. b) Secret-key cryptography. Secret Key cryptography, also known as symmetric cryptography, uses the same key to encrypt anddecrypt the message. Therefore, the sender and recipient of a message must share a secret, namely the key. A well known secret-key cryptography algorithm is the Data Encryption Standard(DES), which is used byfinancial institutions to encrypt PINs. Public Key cryptography, also known as asymmetric cryptography, uses two keys: one key to encrypt the message and the other key to decrypt the message. The two keys are mathematically related such that data encrypted with either key can only be decrypted using the other. Each user has two keys: a public key and a private key. a) Kinds of shopping. Variety of experiencesThere are many ways that cardholders will shop. This section describes two ways. The SET protocolsupports each of these shopping experiences and should support others as they are defined.On-line cataloguesThe growth of electronic commerce can largely be attributed to the popularity of the World Wide Web. Merchants can tap into this popularity by creating virtual storefronts on the Web that contain on-line catalogues. These catalogues can be quickly updated as merchants product offerings change or to reflect seasonal promotions.Cardholders can visit these Web pages selecting items for inclusion on an order. Once the cardholder finishes shopping, the merchants Web server can send a completed order form for t he cardholder to review and approve. Once the cardholder approves the order and chooses to use a payment card, the SET protocol provides the mechanisms for the card holder to securely transmit payment instructions as well as for the merchant to obtain authorization and receive payment for the order. Electronic cataloguesMerchants may distribute catalogues on electronic media such as diskettes or CD-ROM. This approach allows the cardholder to browse through merchandise off-line. With an on-line catalogue, the merchant has to be concerned about bandwidth and may choose to include fewer graphics or reduce the resolution of the graphics. By providing an off-line catalogue, such constraints are significantly reduced.