NCCT

Ce ntre

fo r A dvanced Te chnolo gy
-- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -- -- --- --- -- --- -

SOFTWARE DEVELOPMENT * EMBEDDED SYSTEMS

#109, 2nd Floor, Bombay Flats, Nungambakkam High Road, Nungambakkam, Chennai - 600 034. Phone - 044 - 2823 5816, 98412 32310 E-Mail: ncct@eth.net, esskayn@eth.net, URL: ncctchennai.com

Dedicated to Commitments, Committed to Technologies

WEB TECH NOLO GIE S AN D TR EN DS

Where Technology and Solutions Meet

NC CT

INTRODUCTION
The purpose is to make a technical presentation on

E-Commerce, Web Technologies, Trends and Applications
NCCT

About NCCT
 NCCT is a leading IT organization backed by a strong R & D, concentrating on Software Applications, Web related Products, Electronics product development.  The major activities of NCCT include Hardware Design, Development, Implementation and related activities
NCCT

IN TRODU CTI ON Three landmark events changed the world of COMMERCE forever
In 1769…through Watts’ development of the steam engine - COMMERCE GOT POWER! In 1858…through the laying of the Transatlantic cable - COMMERCE GOT CONNECTED! In 1985…through the assignment of the first .com name on the Internet

COMMERCE GOT SMART!

Over 100 years ago a technology convergence fueled a new economy

STEAM POWER

MECHANICAL ENGINEERING

MATERIAL SCIENCES

The resulting Industrial Economy defined the business landscape for the 20th century

Tod ay, a no th er te ch no log y conv erg en ce is fue ling a new e co no my For Business: Greater competitive
Tech nol og ie s Cont Computi ng intensity, new entrants and value ent Communicati Technologi Techno logi e on propositions. es s

For Government: New demands, new
services, new partners, organizational transformation and a revolutionary decentralization of power and decision making Th e re su lting eEc on omy is de fining the busi ness land sc ap e for th e 21 st ce ntury

Th e e Ec onomy creates the context fo r a dramatic change in the wa y b usin ess is conducte d

In the 21st century… eCommerce … the conduct eEnterprises will conduct of business among eCommerce eEnterprises and consumers with an alignment of people, in the eEconomy eCommerce processes and technology with eCommerce
which global commerce is conducted. enlightened strategic intent.

eEconomy

eEconomy … the broad business environment in

eEnterpris e

eEnterprise … a business or
government enterprise with the capability to exchange value (money, goods, services and information) electronically.

WHAT IS THE INTERNET?
• • • The internet is a collection of wires, protocols and hardware that allows the electronic transmission of data over TCP/IP Any data can be transferred over the net, e.g., email, faxes, video, voice & web pages Technically www (web) and the net are not the same. The web is an application for the net

INTERNET ARCHITECTURE
• A collection of networks, 2 networks can only be connected by a computer that is connected to both of them. This machine is a router. Routers use the destination network address not the destination host address when routing a packet. The amount of info a router needs to store is proportional to the # of nets not hosts.

• •

HOW THE INTERNET WORKS
CHARACTERISTICS THAT ALLOW SHARED ACCESS OF DATA IN A NETWORK
• Unique identification of each computer on the network - Internet is a
network of millions of computers and thousands of networks intertwined together. Thus it was important that each computer can be uniquely identified by assigning a specific Internet Protocol(IP) address. e.g.,198.108.95.145

• Human-friendly addressing - Domain Name System(DNS) gave each
computer on the network an address comprising an easily recognizable letters and words instead of an IP address; e.g., www.yahoo.com

• Packet Switching - To remedy delays associated with unequally sized data
transfers, instead of transferring files in their entirety, whole files are broken up into data packets before being transferred over the network.

• Routing - Routers are dedicated, special-purpose computers which serve
as an intermediary between networks. They route packets efficiently through networks. Routers are building blocks of the internet.

HOW THE INTERNET WORKS
CHARACTERISTICS THAT ALLOW SHARED ACCESS OF DATA IN A NETWORK
• Reliability and Transmission control Protocol - IP software handles
packet deliveries and TCP handles safe delivery of packages. • Standardization - Without the TCP/IP standardization, there would have been many negative tradeoffs, such as inflexibility and increased functional and switching costs.

NETWORKING SOFTWARE
• • • • • The two most well-known pieces of internetworking software are the TCP and IP IP software set rules of data transfer over the network TCP software ensures the safe and reliable transfer of data With open system nature of TCP/IP development, software development and computer companies could more easily build TCP/IP compliant software and hardware TCP/IP standard network protocol laid the groundwork that enabled the deep internetworking that made internet possible

WEB SITE BASICS
• WEB SERVER
– Software, Hardware, Network

• CONTENT
– Keeping it current

• DESIGN • IDENTITY
NCCT

PIECING TOGETHER A WEB SITE

ADVANTAGES OF USING WEB
• • •

INTERACTION & AUTOMATION Automated content
– CGI, Servlets, etc., Persistent data interface, cookies Interactive components – Allow the users to respond Push technology – Mailing lists, Channels

SEARCH & STRUCTURE
• • • Search facility for site Site maps - auto-generated Site templates/structure – CGI, Imagemaps, Stylesheets

ADVANTAGES OF USING WEB COMMERCE & ADVERTISING
• Commerce server – Shopping carts, Stateful sessions – Security/Encryption, Payment • Ad Servers • Marketing – attract customer attention, build customer loyalty • Direct Sales – global, 7x24 • Advertising Revenue • Reduced Support Costs

ELECTRO NIC CO MM ERCE
• Commerce is fundamentally based on Trust

(E- CO MMERCE)

• Commerce refers to all the activities the purchase and sales of goods or services. – Marketing, sales, payment, fulfillment, customer service • Electronic commerce is doing commerce with the use of computers, networks and commerce-enabled software (more than just online shopping) • E-Commerce involves the translation of protocols, that have evolved over the millenia, into the Electronic environment

E-COMMERCE BRIEF HISTORY
• 1970s: Electronic Funds Transfer (EFT)
– Used by the banking industry to exchange account information over secured networks

• Late 1970s and early 1980s: Electronic Data Interchange (EDI) for e-commerce within companies
– Used by businesses to transmit data from one business to another

• 1990s: the World Wide Web on the Internet provides easy-to-use technology for information publishing and dissemination
– Cheaper to do business (economies of scale) – Enable diverse business activities (economies of scope)

ECOMMERCE INFRASTRUCTURE
• INFORMATION SUPERHIGHWAY INFRASTRUCTURE – Internet, LAN, WAN, routers, etc. – telecom, cable TV, wireless, etc. THE WORLD WIDE WEB - WWW, MESSAGING AND INFORMATION DISTRIBUTION INFRASTRUCTURE – Part of the Internet and allows users to share information with an easy-to-use interface – HTML, XML, e-mail, HTTP, Web browsers, etc. COMMON BUSINESS INFRASTRUCTURE – Security, authentication, electronic payment, directories, catalogs, etc. WEB ARCHITECTURE – Client/server model – N-tier architecture; e.g., web servers, application servers, database servers, scalability

• •

THE MAIN ELEMENTS OF E-COMMERCE
• Consumer shopping on the Web, called B2C (business to consumer) • Transactions conducted between businesses on the Web, call B2B (business to business) • Transactions and business processes that support selling and purchasing activities on the Web
– Supplier, inventory, distribution, payment management – Financial management, purchasing products and information

WEB-BASED E-COMMERCE ARCHITECTURE
Tier 1 Tier 2 Tier 3 Tier N

DMS

CLIENT

WEB SERVER

APPLICATION SERVER

DATABASE SERVER

NCCT

ADVAN TAG ES OF ELECTR ONIC CO MMERCE
• Increased sales
– Reach narrow market segments in geographically dispersed locations – Create virtual communities

• Decreased costs
– Handling of sales inquiries – Providing price quotes – Determining product availability

• Being in the space

THE PROCESS OF E-COMMERCE
• • • ATTRACT CUSTOMERS – Advertising, marketing INTERACT WITH CUSTOMERS – Catalog, negotiation HANDLE AND MANAGE ORDERS – Order capture – Payment – Transaction – Fulfillment (physical good, service good, digital good) REACT TO CUSTOMER INQUIRIES – Customer service – Order tracking

ELECTRONIC COMMERCE
• BUSINESS-TO-CONSUMER (B2C) • BUSINESS-TO-BUSINESS (B2B) • CONSUMER-TO-CONSUMER (C2C): Individuals use Web for private sales or exchange *
NCCT

ELECTRONIC COMMERCE BUSINESS - TO - CONSUMER
• WEB SITES: Provide information on products, services, prices, orders • CUSTOMER-CENTERED RETAILING: Closer, yet more cost-effective relationship with customers • INFORMATION BROKERS: Comparison shops to customer’s requirements, reintermediation

ELECTRONIC COMMERCE BU SI NESS- TO -BU SI NESS
• Automation of purchase, sale transactions from business to business • Provides alternative sources • ELECTRONIC HUBS: online marketplaces, point-topoint connections, integrated information • EXCHANGES: commercial on-line market, many buyers, sellers • Potential for integrating product information • Provides service, value

Consumer to Consumer (C2C)
Commercial web site (e.g., bazee.com) gets small %
Customer(s) Pay electronically or via plastic Places items for sale on web site

seller

Send item(s) to customer(s) Via Courier

Bus in ess to C on sume r (B2C)
Electronic catalog on company web site or host

Customer(s) Credit card Debit card E-check Ships goods

online off line

company

Order Proc’g/ Whse.
3rd party processor

Processes payment
In-house processing

directly or via 3rd party shipper

Business to Business (B2B)
Manufacturer’s catalog on company Web Site or host / Auction (B2B) Web site (buyer’s or 3rd party)

buyer
Orders and pays electronically / Accepts bid and pays electronically

seller (manufacturer)
Processes electronically Schedules order/ships Observes credit terms Settles payment ----------------------Could be 3rd party (OS) or in-house system or both

goods delivered E-check, Check, Credit card, Pcard, EFT

Transaction Flow - Buying Scenario
End of business day settlement Auth Auth Mastercard Pay Merchant Website Payment Gateway Card Details Bank Switch American Express
Sh

Visa

Customer Browser • Customer shops • Clicks on Pay • Enters Card details

en ipm

Shop

t

ATM

POS

Bank Host

E-COMMERCE SERVICES
• Personalization Membership • Merchandising Database • Merchandise Search • Shopping Cart • Shipping & Handling • Tax Services • Payment Solutions • Site Security • Order Processing • Chat & Mail and

NCCT

E-COMMERCE APPLICATIONS MODULAR SOLUTIONS
• • • • • • • • Financial Accounting & Costing (FI&CO) Supply / Vendor Chain Management (SCM) Customer Relationship Management (CRM) Chat & Mail Customer Care/Call Center Human Resource Management & Payroll (HRM) Inventory & Logistics (I&L) Advertisement Management (AM) • • • • • • • • • Security & Protection Solutions (S&P) Industry Vertical Solutions (IV) Connectivity Solutions (CS) Video on demand Remote banking Procurement and purchasing Online marketing and advertisement Home shopping Auctions

FUNCTIONAL APPLICATIONS
• FINANCE & ACCOUNTING
– – – – GENERAL LEDGER REPORTING PROJECT COSTING ANNUAL REPORTS BUDGETING

SALES & MARKETING
– – – – – COMPETITOR ANALYSIS PRICE UPDATES PROMOTIONAL CAMPAIGNS SALES PRESENTATIONS SALES CONTRACTS

HUMAN RESOURCES
– – – – – CORPORATE POLICIES EMPLOYEE SAVINGS PLANS BENEFITS ENROLLMENT ON-LINE TRAINING JOB POSTING

MANUFACTURING & PRODUCTION
– – – – – QUALITY MEASUREMENTS MAINTENANCE SCHEDULES DESIGN SPECIFICATIONS MACHINE OUTPUT ORDER TRACKING

E-COMMERCE TECHNOLOGIES
• Internet • Mobile technologies • Web architecture • Component programming • Data exchange • Multimedia • Search engines • Data mining • Intelligent agents • Access security • Cryptographic security • SSL, SET • Watermarking • Payment systems

NCCT

SYSTEM DESIGN ISSUES
• GOOD ARCHITECTURAL PROPERTIES
– Functional separation – Performance (load balancing, web caching) – Secure – Reliable – Available – Scalable

CREATING AND MANAGING CONTENT
• • • • • What the customer see Static vs. dynamic content Different faces for different users Tools for creating content Multimedia presentation • • • Integration with other media Data interchange HTML, XML (Extensible Markup Language)

Projects @ NCCT
SAMPLE PROJECTS @ NCCT E-SECURE TRANSACTIONS
WIRELSS HEART BEAT RATE MONITOR WITH WAP MESSENGER

E-SECURE - BUSINESS CONCEPT
Server’s public key

Server

The e-secure key to securing information Matching security needs to business

• •

What?: Provide security information and consultation to assess corporate security risks and implementation. Why?: way to provide security assessment and project mgmt between multiple corps and the customer and news links; Corp: save in loss of data and provide security to customers to build customer confidence How?: Security Engine: rank existing security; allows customers to assess existing level of security with evaluation and Q&A Differentiators: (1) customized security needs programs via Internet; (2) provides incentives: alternatives in security via cost reports balance

• •

BUSINESS MODEL–CONSULTING & PARTNERSHIPS

E-S ECURE

Security Seekers

Adds value
Builds security knowledge, management And partnerships with security companies

Security Providers
System integrators

Banking & Financial institutions

E-Secure
Security Need Engine, Streaming video training Project management Profit 35%online pm, 10% on site pm, 5% Streaming presentations

Service providers & manufacturers

Security companies

Government & educational institutions

Capital, Space, Admin. Support, Sales, Marketing,

Corporations with Security solutions

a level of security management integration and confidence to the seek

INTRODUCTION
 Security System  Algorithms
• SECURITY - The man who looks for security, even in the mind, is like a man who would chop off his limbs in order to have artificial ones which will give him no pain or trouble. • Henry Miller (1891–1980), Sexus, ch. 14 (1949).

NCCT

FUNDAMENTAL ISSUES
• Secure communication over insecure channel • Privacy • Agreement/Commitment • Right to access • Security • Protocols • Encryption • Zero Knowledge Proof • Digital signature, digital time stamp • Identification/ authentication • Firewall • SSL, SET

Enabling Technologies
• Protocols – SET (Secure Electronic Transactions- S-HTTP) – SSL (Secure Sockets Layer- HTTPS)

Protocols & Practices

• Practices – Dual Signatures – Digital Signatures – Certificate Trust Train

Secure Socket La yer
• SSL is a standard that encrypts data sent between you and a web server • When connecting, the client requests a certificate from the server. This is sent, which confirms that you really are talking to the server that you think you are

SSL

YOU

Web Server

Data contained in packets is encrypted; no one but you and the web server can read the traffic

SET COMPONENTS
• Wallet - performs cardholders’ authentication • Merchant Server - authenticates merchant
and its accepted payment brand

• Payment Gateway - processes payments and
authorizations

• Certificate Authority - manages certificates
for wallets and merchants; allows for branding

Enabling Technologies
FE ATURE SET SSL
Secure Transmission of Data Identify Authorized Purchasers Verify Validity of Account Identify Legitimate of Payment Brand for Merchants Track Sales Slips and Totals Yes Yes No No Yes Yes Yes Yes No No

Set vs. SSL

CRYPTOGRAPHY
• Cryptographic software transforms plain text messages into something no one without a key or secret knowledge can easily read • The most basic form of this is simple substitutions; one letter is replaced by another letter wherever it appears • But this is very easy to break, so more sophisticated algorithms are used to encrypt messages • Cryptography: Techniques, Protocols, and Applications using the existence of difficult problems • Cryptanalysis: How to compromise cryptographic protocols and techniques

DIGITAL SIGNATURES
• • This is used to confirm that data has not been changed by anyone other than the person who created and signed it. Example: Suja sends a document to Prema. Kumar intercepts the message during transmission and changes it. Prema receives a doctored document. Or Kumar could send a message to Prema and claim it was from Suja. To prevent this we can use digital signatures. Generally this is done by using a hash function to generate a “fingerprint” of the data. Any change to the data will change the fingerprint. The “fingerprint” is encrypted using the sender’s private key and attached to the document The receiver can decrypt the “fingerprint” using the sender’s public key, then see if it matches the fingerprint of the received document This ensures that the data has not changed since the sender signed it, and confirms that the sender signed it (since only he has the private key.)

• • •

FIREWALLS
• What is a firewall?
– A firewall is any mechanism that acts to restrict access to a network according to a set of defined rules. – Function as “front doors” to a network.

• There are 2 Basic approaches to implementing rule sets on your firewall – Block all and Allow – Allow all and Block

PUBLIC KEY CRYPTOGRAPHY
• Most systems on the internet use public key cryptography. • This uses two keys: a public key, which is available to anyone; and a private key, which is secret and known only to the user • The most popular variation on this concept is RSA (Rivest-Shamir-Adleman), named for the three who invented it

RSA
• RSA works by using a mathematical function that is (comparatively) easy to compute while encrypting, but very difficult to reverse without knowing the private key. See handout for gory details. RSA works by selecting two large prime numbers and doing some semifancy math. One of the prime numbers and the product of the two prime numbers is the public key; the other prime number and their product is the private key The security of the system depends on it being difficult to efficiently factor large numbers. There’s been a lot of research in the area by a lot of smart people, and no one has come up with an algorithmically good solution. The only engineering solution is to throw more resources at brute force approaches, but this is not very practical for large key sizes, since the computations required increase exponentially with key size. •

EXAMPLES MODERN APPLICATIONS
• Electronic Commerce – Online Banking, Online Shopping • Internet Security – Secure emails, Remote access of applications • The military – secure communication • The internet – secure communication, authentication, on-line shopping, emails • Election

SECURE COMMUNICATION
Insecure Channel Sender M C = E(M) C
Hacker

Receiver M = D(C) M

Encryption

Decryption

SENDING ENCRYPTED MESSAGES
• To send to someone, the message is encrypted with the public key. • It can only be decrypted by the private key.
Web Site Plain Text

Message

Encrypted Text Public Key

I N T E R N E T

Private Key

Pro jects @ NCC T
Redefinin g t he Le arnin g

Experience the learning with the latest new tools and technologies… Specialization, Design, Development and Implementation with Projects

Project Specialization Concept
• NCCT, in consultation with Export-Software Division, offers Live Software Applications, System, Electronics related Projects to experience the learning with the latest new tools and technologies • NCCT believes in specialized Hardware Design, development training and implementation with an emphasis on development principles and standards • NCCT plays a dual positive role by satisfying your academic requirements as well as giving the necessary training in electronics and embedded product development

Pr ojects @ NCCT

Proj ects @ N CC T
WE ARE OFFERING PROJECTS FOR THE FOLLOWING DISCIPLINES
• COMPUTER SCIENCE AND ENGINEERING • INFORMATION TECHNOLOGY • ELECTRONICS AND COMMUNICATION ENGINEERING • ELECTRICAL AND ELECTRONICS ENGINEERING • ELECTRONICS AND INSTRUMENTATION • MECHANICAL AND MECHATRONICS

Proj ects @ N CC T
PRO JE CTS IN TH E AREAS OF
• System Software Development • Application Software Development, Porting • Networking & Communication related • Data Mining, Neural Networks, Fuzzy Logic, AI based • Bio Medical related • Web & Internet related • Embedded Systems - Microcontrollers, VLSI, DSP, RTOS • WAP, Web enabled Internet Applications • UNIX \ LINUX based Projects

Placements @ NCCT
NCCT has an enormous placement wing, which enrolls all candidates in its placement bank, and will keep in constant touch with various IT related industries in India / Abroad, who are in need of computer trained quality manpower Each candidate goes through complete pre-placement session before placement made by NCCT The placement division also helps students in getting projects and organize guest lectures, group discussions, soft learning skills, mock interviews, personality development skills, easy learning skills, technical discussions, student meetings, etc., For every student we communicate the IT organizations, with the following documents * Curriculum highlighting the skills * A brief write up of the software knowledge acquired at NCCT, syllabus taught at NCCT * Projects and Specialization work done at NCCT * Additional skills learnt

Software Applications

THE F OLLO WING S KIL L S ET IS SECURE
C, C++, Visual C++, ASP, XML, EJB Embedded Systems, PLC VLSI, ULSI, DSP, Bio Informatics & Technology WAP, Remote Computing, Wireless Communications, VoIP, Bluetooth in Embedded, LINUX based applications UNIX, C

Embedded Technologies Other Areas Emerging Technologies Ever green technologies

NCCT

NC CT
Quality is Our Responsibility

Dedicated to Commitments and Committed to

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.