UNIT – I

INTRODUCTION
Meaning of E-Commerce
The term "electronic commerce" has evolved from its meagre notion of electronic
shopping to mean all aspects of business and market processes enabled by the Int
ernet
and the World Wide Web technologies.
Electronic Commerce as Online Selling
Narrowly defined electronic commerce means doing business online or selling and
buying products and services through Web storefronts. Products being traded may
be
physical products such as used cars or services (e.g. arranging trips, online me
dical
consultation, and remote education). Increasingly, they include digital products
such as
news, audio and video database, software and all types of knowledge-based produc
ts. It
appears then electronic commerce is similar to catalogue shopping or home shoppi
ng on
cable TV.
Electronic Commerce as a Market
Electronic commerce is not limited to buying and selling products online. For ex
ample,
a neighbourhood store can open a Web store and find the world in its doorstep. B
ut,
along with customers, it will also find its suppliers, accountants, payment serv
ices,
government agencies and competitors online. This online or digital partner's dem
and
changes in the way doing business from production to consumption, and they will
affect
companies who might think they are not part of electronic commerce. Along with o
nline
selling, electronic commerce will lead to significant changes in the way product
s are
customised, distributed and exchanged and the way consumer's search and bargain
for
products and services and consume them.
In short, the electronic commerce revolution is in its effects on processes. Pro
cessoriented definition of electronic commerce offers a broader view of what electro
nic
commerce is. Within-business processes (e.g. manufacturing, inventory, corporate
financial management, operation), and business-to-business processes (e.g. suppl
ychain management, bidding) are affected by the same technology and network. Even
government functions, education, social and political processes undergo changes.
Internet and other computer network technologies
Computers and networks are nothing new. They have existed and business applicati
ons
such as LAN and EDI are well established long before the World Wide Web took ove
r.
Then, why is there the sudden talk of the Digital Age and the advance of electro
nic
commerce? Two things make the Internet quite different from any other existing
communications media. Unlike broadcasting media, the Internet (1) allows two-way
communications and (2) is built around open standards. A two-way communication
means targeting audience and the possibility of feedback. Broadcasting sends out
messages to "no one in particular" and without knowing quite who has got the mes

sage.
(What do Nielson and a horde of market research firms do for their living?) An o
pen
standard (e.g. TCP/IP) means interoperability and the advantage of a large marke
t and
the possibility of integrating one product or process with another.
Both of these characteristics are being challenged. (1) To the WebTV generation,
the
digital future looks like another version of the passive one-way broadcasting. T
he "new
media" sums up how publishers and media companies view the digital medium. Peopl
es
are so accustomed to "receiving random messages" that they often forget the fact
that
broadcasting was a 20th century phenomenon. Even "interactive television" envisi
oned
by today’s media is a way of providing a more lively entertainment, offering more
information "related to existing contents" (e.g. detailed information about char
acters,
plots, and commercials shown on TV). Multi-channel, digital TV broadcasting may
very
well be a model for future entertainment, but it needs to be remembered that it
is only
one application of the digital communications network. (2) The commercialisation
of
the Internet is forcing businesses to differentiate their products from others b
y making
products incompatible. Unlike the public Internet where standards were open, fir
ms
attempt to capture and dominate the market with their proprietary products. In s
uch an
environment, TCP/IP would have had a very slim chance of becoming a standard and
opening up the digital, networked economy. Whether markets driven by private
interests can bring about a better result (e.g., more efficient, technologically
superior,
etc.) is still a concern left for arguments.
Perhaps telephone networks are quite similar to the Internet (and indeed most In
ternet
traffic goes through telephone networks). But unlike telephones, the Internet s
user
interface (computer) is much more sophisticated and flexible. Because of its beg
inning
as a public research network, the Internet has no pricing regime of telephone
companies. The world-wide connection, then, may be considered to have been an
accent. When usage-based, long-distance charges are implemented, the Internet ma
y
look quite similar to the telephone network.
Intranet and Extranet
Intranets and extranets have become a vogue. Intranets arid extranets share the
common protocol (TCP/IP) and Web technologies with the Internet. Intranet is a c
losed,
business-wide network, but it uses open standards such as TCP/IP instead of
proprietary protocols traditionally used for LANs (local area networks, usually
hardwired) and WANs (wide area networks, usually LANs connected by cable, telephone
and
wireless networks). Extranet is a private WAN running on public protocols. That
is, an
extranet is a virtual private network among private parties based on open networ
k and

protocols. To assure security and privacy, an extranet relies on secured channel
using
tunnelling protocols and digital ID. In a way, extranet is a private street buil
t on public
land (although costs may be borne by private parties).
Electronic marketplace
Electronic markets ordinarily refer to online trading and auction, for example,
online
stock trading markets, online auction for computers and other goods. The electro
nic
marketplace refers to the emerging market economy where producers, intermediarie
s
and consumers interact electronically or digitally in some way. The electronic
marketplace is a virtual representative of physical markets. The economic activi
ties
undertaken by this electronic marketplace collectively represent the digital eco
nomy.
Electronic commerce, broadly defined, is concerned with the electronic marketpla
ce.
The electronic marketplace resembles physical markets in many aspects. As in phy
sical
markets, components of the digital economy include:
· players (market agents such as firms, suppliers, brokers, shops and consumers)
· products (goods and services) and
· processes (supply, production, marketing, competition, distribution,
consumption, etc.)
The difference is that, in the electronic marketplace, at least some of these co
mponents
are electronic, digital, virtual or online (whichever term may prefer). For exam
ple, a
digital player is someone with an e-mail or a Web page. Purely "physical" seller
s may be
selling a digital product, e.g. digital CD-ROM. One that sells physical products
at a
physical store may offer product information online (thereby allowing consumers
to
"search” online), while production, ordering, payment and delivery are done
conventionally. Currently, the emphasis is on the core of the electronic market
place
where everything (i.e. all value chains or business activities) is online. But,
if any aspect
of the business or consumption dwells upon the digital process, Businessmen are
already part of the electronic marketplace. That is, almost all of them are alre
ady players
in the electronic marketplace.
E-Commerce Concepts
Every now and then, a technology or idea comes along that is so profound, so pow
erful,
so universal that its impact changes everything.... Network computing (read e-bu
siness)
will transform every institution in the world. It will create winners and losers
. It will
change the way we do business, the way we teach our children, communicate and
interact as individuals. Says Lou Gerstner, Chairman, IBM - “At the heart of this
revolution is the explosion of the Internet connecting millions of computers and
people
all over the world together in one giant, virtual handshake”. The Internet is
fundamentally a new economy that will displace and rebuild the existing economy.
The
Web allows businesses to save time on product design order and delivery, trackin

ebusiness is more than e-commerce. It is right here and becoming bigger every day and starting us right in the face. Electronic Business or e-business. which a re meant to offer information but not for online shopping.. news. is the integration of the Web wit h Information Technology (IT). As companies adopt this technique some jobs such as travel agents. Most companies in India today have static Web sites. Culturally. There are also plans to build a high-speed n etwork backbone capable of servicing millions of users expected to go to the Net in Ind ia. as the case may be. an Intranet is set up in parallel and gradually more and more auto mated processes are brought on to it.. One typical approach companies take is to begin several activities (on the e-bus iness journey) in parallel and integrate them as they go along. A web year is just 3 months sufficient to provide significant changes and progress. b ut time as well. Cy ber laws bills are to be approved soon. the Internet is revolutionising the business world. just as commerce is a subset of business. This cycle is dominated by transactions between a company and consumers at large. billing. must give this revolution a hard look an d decide how to proactively act.com site where we can place ord ers for books.. music etc. This is not a straitjacket approach and every company must choose its priorities and move with rapidity. production plan ning. this is a very big first step as people start feel ing comfortable with shopping online and actually start enjoying the convenience. large or small. N et transactions. India s best known and p erhaps the first electronic shopping mall is the Rediff. This is a sort of culmination of the big journ ey and a company reaching this stage would enjoy tremendous operational efficiency as wel l as competitive advantage e-business is not a fad. shipping etc. Not only is the world shrinking. so to say. Every company in India. entertainment etc.g sales and getting customer feedback. Apart from more prevalent applications such as e-ma il. For instance. Trade among nations is one the threshold of a fundamental transformation as a re sult of . E-commerce is the final act. The next step would be to link the two so that a n ecommerce transaction is treated like any other physical transaction and sets of signals in corresponding processes such as sales order processing. It is not in the distant future. stockbrokers and retails could become scarce. simply put. while th ey are busy setting up a Website and upgrading it from static one to one that allows. of the goods of services being fulfilled for the agreed consideration.

allowing traditiona l business transactions to be conducted electronically. As busines ses became more complex and global. with double-digit grow th rates in many emerging economies. What is E-Commerce? The major buzzword in business today is E-commerce. The ability of the In ternet to bring together distant parts of the world in a global electronic market place and information exchange offers far reaching benefits to developing and industrialis ed economies alike. Till recently the Internet w as primarily used as a means of accessing and disseminating information. which can have profound implications on an individual country ability to participate in the global electronic market place. There are some 37-million Internet hosts world-wide. regions. Today. . Researchers have forecasted that this figure could rise to as much as US$ 400 bi llion by 2002. a need was felt for a bigger faster and convenie nt access to consumers (and other businesses) spread across the world. there are an estimated 148 million Internet users. nearly every capital city of Africa enjoys some l evel of Internet penetration across. The dramatic growth in electronic commerce is being drive n by the marketing and cost reduction benefit that many businesses are realizing thro ugh this new medium. for example. The overall level of electronic commerce. Connectivity has significantly improved in many parts of the developing world. Direct electronic interaction between two computer applications (applicationtoapplication) or between a person using a computer (typically a web browser) and another application (typically a web server) 2. It enables the online buyi ng and selling of goods and services via the communication capabilities of private and public computer networks including the Internet. was estimated at US$ 8 to 9 billion in 1997. the tech-gurus leveraging the power and reach of the Internet brought fort h the concept of E-commerce. sellers and other trading partners. flexible and secure transaction. The whole electronic commerce business is predicated on the fact that people will find it convenient and there will be a f ast.advances in information and telecommunications technology. as businesses and consumers throughout the world expand their online commercial activities. facilitating a dramatic increase in the volume of trade and economic information available online. It is the use of electronic information technologies to c onduct business transactions among buyers. That is how and when. or business transaction conducted via the Internet and private commercial networks. E-commerce combines business and electronic infrastructures. The interaction involves the completion of a specific transaction or part of a transaction. E-commerce considered having the following attributes: 1.

We can look at electronic commerce in two ways: as a buyer/seller transaction an d a producer/consumer type transaction. There has been a paradigm shift in the way technology is viewed in business worl d today. are under relentless pressure to cut costs and stay competitive. Today. which can lead to a better decision making for the cus tomer. It connects a ll internal . and tracks transactions. For example in Online tradin g.3. Producer/Consumer Transaction We can also view E-commerce as a production process that converts digital inputs into a value-added output through a set of intermediaries. This wi ll give more refined information. processes. Internal integration is equally important as external integration. The economic forces motivating the shift to E-commerce are both internal as well as external. When buyer/seller transactions occur in the electroni c market place information is accessed. They are looking for economic efficiencies and hence are attracted towards E-commerce which offers many efficiencies such as low cost technological infrastructure. The transaction crosses enterprise boundaries. External integration connects the vast network of suppliers. which organis es. value can be added by providing meaningful information like trend analysis. Companies are seeing Ecommerce as a technology supported strategic action. Forces Aiding E-Commerce Various forces are fuelling the growth and interest in E-commerce. low cost of customer ser vice. sect or wise company information etc. arranged and sold in different ways. customers and other entities into a single large community with the ability to communicate acr oss any platform. Buyer/Seller Transaction Transactions are exchanges that occur when one economic entity sells a product o r service to another entity. Ecommerce also involves payment mechanisms for customers to make electronic payments and funds transfers. instead of giving the raw data (stock quotes). The classic example in the automobile industry where just In Time (JIT ) manufacturing methods which forced companies like Ford. time compressions etc. low cost and accurate electronic relationship with suppliers. technology is seen as a major driver of corporate strategy and business re-engineering. either between two businesses (B2B) or between a business and a consumer (B2C). General motors to rely o n Electronic Data Interchange (EDI) to interact with their suppliers underlines th e importance of external integration. This is aiding the growth of E-commerce. low cost of global information sharing. To manage these transactions E-commerce incorporates transaction management. The traditional view of Information Technology as an operational tool is changing. absorbed. They are as f ollows: 1. routes. Economic Forces Companies the world over..

converted. This is the main idea behind the emergence of the browser indust ry and explains the sudden rise of Netscape Communications. In order to b e competitive. to target mic rosegments or target audiences and to improve post-sales customer satisfaction by creating new channels of customer service and support. It is also an era where brand equity (the premium attached to a brand) is evaporating. efficiently in large volume with out any loss in quality. establish close relationships with customers and develop customer loyalty. 3. Convergence has two dimensions . Convergence of Transmission Convergence transmission compresses and stores digitized information so that it . compress ed. Content convergence also he lps companies to use networked databases and electronic publishing to improve indivi dual and corporate decision-making and information processing. Marketing and Customer Interaction Forces Companies want to employ E-commerce to provide marketing channels. encrypted. and transmitted quickly. searched. Convergence of content has also given rise to a new set of information publishin g and browsing tools.functions in the organisation and helps the flow of information in a seamless ma nner. Convergence of Content Regardless of its original form. communication and computing to work in close cooperation. Technology and Digital Convergence The advent of Digital technology has made it possible to convert characters. 5. This has profound implications fo r content-based industries like newspapers. entertainment. The emergence of digit al technology and multimedia has resulted in "digital convergence". companies want to supply their target customers with product and servic e information in greater detail than that provided in a television or print advert isement. 2. that permits instantaneous retrieval and electronic transmission. So companies are realizing the need for investing in E-co mmerce. companies will have to rely on technology to develop low cost custo mer prospecting methods. sou nd. replicated and transmitted at a very low cost. The purchasing climate and the products are also changing quickly.COM. pictures and video into a single bit of stream that can be manipulated. T his has forced the previously disparate industries like publishing. which promises to provide them the above-mentioned business methods. (the meteoric ris e of AMAZON. convergence of content ensures that digitized information can be processed. enhanced. In an era where products clutter. 4. Traditional concepts of differentiation will not hold in this new business environment. magazines and books. a virtual bookstore has forced many traditional brick and mortar bookstores like BARNES and NOBLE to set up digital bookshops). stored. It also ensures that critical data is stored digitally.convergence of content and convergence of transmission technology.

All these and the rest are indicato rs in the direction that e-business is culturally and technologically transforming you r . an elusive dream! However the emerge nce of new technologies like Asynchronous Transfer Mode (ATM) has made this possible. Manufacturing. c able system etc). distribution.. that there. wireless. The Internet is being applied very creatively for almost any type of business an d comes with many an in-built service and thus enables your products and services to rea ch out to the remotest of places on account of sheer reach. Quantum achievements have been recorded by companies who do customer relationship management on the Net. This has paved the way for a huge multimedia applications market. sales. Also worth yo ur while is the thought. both Indian and international. purchase and every other aspect of the operating cycle is being taken care of electronically. Convergence of transmission is the convergence of communication equipment that provides the pipeline to transmit voice. have unleashed an imposing range of ebusiness products and services to the end user and which guarantee state-of-theart technologies and solutions that would ultimately catapult business ideas to dizz y heights within an amazingly low turnaround item. It is in this very context that soon. But while the best amongst us are still growing and re-learning the fundamentals. Only the most creative and ingenious of the lot will surge ahead in the era of electronic commerce.. receivables. Transmission convergence makes it easier to connect computers. computers etc. the long-term benefits which accrue to the business is recouped many times over. and video o ver the same line. we should be witnessing a mixed blitz of threats and opportunities for corporate India. image. Corporate. And this is just the beginning. vendor manag ement. which was still a few years ago. is room for a number of players. data. Convergence of transmission is also facilitated partly by the blurring of lines among information access devices-telephones. The trillions of dollars of revenue estimates thrown up business analysts may no t be totally unfounded. high-speed periph erals and consumer electronic devices. It also gives an easier access to networks and helps in the creation of a new low cost delivery channels and also new customer segments. Notwithstanding the "initial thrust cost" to institutionalize an e-business. Why E-Commerce Business scenarios have engaged phenomenally in this decade where traditional business practices and procedures have been incredibly transformed by virtue of the invasion of electronic commerce.can be transmitted over the existing transmission systems (telephone lines. television. e-business still remains a quant um leap and seems only Utopian till it really starts giving to those dividends that we h ad in mind when we embraced it.

sales packe ts. saving them time and company money. it has t he onerous . There are no headaches. they bec ome more self-reliant. When customers have an alternative to the phone. one will need a foundation built on scalable. If there is a necessity. and they review their loyalties every time they go online. it makes business partners also happier. India is a good referen ce in question. which on the low-end can be done completely in-ho use in no time. The first step in the develop ment of a website is designing the page. There are 10 compelling reasons for an immediate switchover to e-commerce: 1. Internet and e-business being at its nascent st age here would take time to register into our minds and should remain like a square peg i n round hole until the revolution sweeps the ground off our feet. one can outsource for designing the page at a moderate cost with high options. dealers or distributors. To server your customers better using the web. technical specifications. Introducing a product through Internet or e-mail not only saves tim es and shopping cost but allows a customer to preview the product in full colour and in multiple formats before ordering for the product online. There are any numbers of free web-publishing programs available on the Internet through which creating a webpage is as easy as using a word-processing program. the product line and how to reach the sales staff. The second step is to post the page. Easy I nitiation The starting point for most business is to develop a website that contains basic information about the company including a description about the nature of busine ss.business and is making the latter ship-shape to face the new millennium. If a business organisation sends out printed materials such as brochures.and make business more competitive. price quotations. etc to its prospective customers. which makes it easier for people to do business. On a very candid note. This can be made more efficient and more convenient by shifting customer service proc esses to the Web. Traditional ways of doing business may not however change dramatically in some c ases as some edifices may show signs of resistance to change. new pro duct information. Web-based customer service not only makes customers happier. reliable and secure products along with the expertise it put it all to gether. product updates. catalogues. Fast and cheap The globalization of trade has created the necessity to introduce a product in t he worldwide market. Web-enabled applications are automating business processes and shifting the prio rities of companies large and small. they are more informed . World-wide customers have evolved and are more demanding. 2. which can be done b y many online services and Internet service providers. Now business owners can focus on customer service and use Web technology to serve the customers .

the number of Web browsers is likely to double or triple in the next millennium. Quick feedback Product information can be placed online through tracking software to determine what new products customers seek. T . Thi s makes it important to large and niche businesses to begin establishing their presence on the web. Also. Though the Interne t access is not universal. 6. Through the Internet is always changing an d evolving there are sites in the local content that can given a hyperlink to dome stic websites. With the entire range of products displayed online. Global audience There are approximately 119 million web users as of today. he can create a virtual brand office in the target . Refi ned customer ser vi ce In a competitive economy it is a Herculean task to have sales representatives av ailable round the clock at a moderate cost. but owing to this nat ural equilibrium on the Net. 3. Because of the natural equilibrium that exits on the Internet. 4. 5. service providers are cropping up all over the world. Matching the competiti on According to a survey of small businesses that have gone online. Because of the two-way communica tion.responsibility of updating them. Customers can access information whenever they want. The fi rst promise of Web-based customer service is self-service. one can target potential buyers in a specific mark et. An exporter may be small. The moment the webpage is up. a feedback on these products can be obtained from the customers through e-mail sent via Internet. either region-wise or customer-wise. the i mpact of a large company and a small one on the market can be similar the difference will b e in the commitment of each organisation. 7. But a webpage can be accessed no matter where one is located.mar ket. I nter net as a str ategi c tool Internet facilitated e-commerce will bring opportunities for businesses like nev er before. the customer has a chance to review not only the product that was the source of his initial interest but other products as well. I nter net cheaper than a phone call Sending a mail or making a phone call may be difficult from some parts of the wo rld. According to a foreca st. one in three ha ve owing to exports. This is equivalent to taking out banner advertisements in local publications. A business with a strong presence on the Web can use the site as a customer-service kiosk and cut down its sales workforce to a considerable extent. 8. businesses can get vital product information for suitable alternations in their marketing strategies for the web. This is costly and time consuming.

Electronic commerce can be defined more broadly as inter-organisational electron ic systems that facilitate many kinds of communications involved in commercial transaction including customers. rapid segmentation of the market and rapid changes in the external environment that cr eates deeper global repercussions. and increase product ivity. 10. improve customer satisfaction. rapid turnarounds. E-Commerce Characteristics Business environment no longer an extension of the past. Global competiti on With more and more businesses entering the Web exports market every day. Email has already become the cheapest way to communication. Business executives must formulate strategies and take action on changes that no one yet fully understand s in all their ramifications. A buyer can get the details of various suppliers through the Web and choose the on e that can supply a quality product at a lesser price.he cost of making a long distance phones call in some places for extended duration can be prohibitively high. Business to busi ness li nk By using Electronic Data Interchange (EDI) suppliers can be linked to producers and producers to sellers. "rapid" must be an operative word: rapid innovation. To have a profitable firm today and in the future. That is what el ectronic commerce is the critical action tool for competitive business strategies in inte rnational trade. business partners. I n fact a growing number of medium and large size organisations want their supplier s and distributors want to be EDI capable including government agencies. where the busine ss executives will have harder time than the consumers. costing less than even a phone call. It is clear that: . Since the Net is becoming highly competitive. rapid other fulfillment. government organisations and financial institutions. exporte rs are facing the problem of making their product fit enough for global competition . It is broader and more descriptive term for EDI. access charges are bound to come down. suppliers. rapid adoption of technology. 9. This makes it possible for a company to obtain a complete picture of supply and demand and save time and money by shortening the ordering cycle. Rapid action is not that difficult to take with the right tools. Some of these situations come from rapid changes in technology: rapid market situation rapid competition. but a whole new set of situations we must learn to live with and master. It is now well recognised that cross border business must be done electronically if people and goods were to move freely across borders. Electronic commerce electronically links businesses with their trading partners to help realise business objectives. It is going to go on being an unpredictable market.

physical dista nce do not matter much. If introduced in a planned manner. as business and administrative processes get harmonized. The smaller Indian firms can now hope to surmount these barriers and be an integ ral part of the global linkages through the harnessing the full potential of electro nic commerce to facilitate international trade. large physical distance 3. Indian firms are sometimes disadvantaged in comparison with multinational firms. Similarly. 1. "closing the loop" electronically with a growing and changing population of participants in the commercial. in international trade. A pro-active approach to implementing electronic commerce would mean improved bottom line (due to increased volume of business and sales as well as reduction in costs due to more efficient use of personnel). Finall y. data gets transferred at near the speed of light. Therefore. differing business and administrative practices. processes and systems within the enterprise · Electronic commerce creates value by productively. Preparedness for E-Business . Hence it is realistic to conclude that Electronic Commerce: · is a business strategy · uses technology to achieve business goals · improves external business relationships · is an evolution in the way companies interact · provides information to facilitate delivery of goods and services · supports change initiatives and reinforces business process re-engineering. the need to keep track of hundreds of practices is no longer a consideration. language and culture 2. strengthened customer relations through quality and quantity of timely information. electronic commerce technologies can signific antly reduce many of the barriers to trade identified earlier for the businesses. A list of some important barriers would include. business facilitation based on electronic commerce offers the best hope for the Indian firms into the next century. strategic ad vantage (through time savings. reduction in errors and consequent litigation. with EDI. the possibilities for misinterpretation that arise through culture and language is diminished. drastic reduction in transaction time a nd costs and improved quality of information on goods in the logistic chain. They face barriers that the larger multinational firms can easily cross.· Electronic commerce primarily addresses inter organisational and trading community activities · Electronic commerce supports internal operations. and most important of all. access to business information 4. Sinc e traders will be using transactions that are internationally accepted and in a transparen t manner. more time for quality support) links with suppliers contributing to the creating of strategic alliances.

Given the large difference in the wages of skilled workers between developed and developing countries. The be auty of the Internet is that. and can you ensure secure transaction to your customers? Legal compliance: Can you comply with national and international laws governing ecommerce? Are you liable for collecting taxes on merchandise sold online? No repudiation: Are you capturing enough information over your Web site in a for m that you can take to court to enforce an agreement. and tec hnical transcription. Emerging Role of E-commerce Today. if you become successful will you have the techniques and equipment to handle a potential over load? Distribution: Do you have distribution channels and partners in place to service customers anywhere? Organisation: Do you have the people. India has the world s second largest pool of English speaking scientific manpower. The most significant development in Information technology in recent times has b .to an internet business s ite is one of the key reasons that may e-business efforts fail. hotel and airline reservations.even existing customers . it opens up developed country markets f or skilled labour without requiring the movement of natural persons. this pool has become the source of exports wort h as much as $4 billion annually. indexing and abstracting services. Starting with simple data entry services. technical online support. mailing list. for many services. medical records management. and skills in place to opera te the system effectively? Supply-chain: Is your supply-chain strong and competent enough to delivery in qu ickmanufacturing environment? Manageability: Do you have strong and integrated IT back-end to provide informat ion and forecast future needs? Marketing: How will you bring customers to your site? A failure to plan and budg et for a means to attract customers . To take advantage of this fact India has long sought a re laxation of restrictions on the entry of temporary workers in developed countries. we now su pply sophisticated back office services including electronic publishing. website desi gn and management. Privacy and security: Do you have a privacy policy? Is your internal data secure d. organisation. management. Manufacturing: Are manufacturing processes agile and capable enough to respond to demands and allow for mass customization? Capacity: Do you have the equipment and facilities necessary to be available to your customers and business partners via the Internet? In particular. the potential gain from increased movement of natural pers ons between them is large.An enterprise should consider and take care of following before plunging into ebusiness. Aided by the Internet.

Sing apore charges extra money for non-EDI transactions. Cyberspace is an economic area where the market can function untrammelled. The port of Singapore. In future. These are computer. the Internet today has evolved into a new medium fo r commerce. there is need for a regulatory framework that reduces individual risk and encour ages entrepreneurship in e-commerce.e. One is that of the Internet emerging as a medium for promoting commerce involvin g goods and services by bringing the business ad the consumers 1 together. acknowledges electronic cash and tackles various forms of the panoply of electronic crime. connectivity and cost. i. as . The basic principle of EDI was to help speed up transactions involving processing of forms especially between business enterpris es and the regulating agencies of the government.een the explosive growth of the Internet. connectivity and the e-comm erce. It has led to an era of electronic commerce or e-commerce. This has two dimensio ns. We can talk about the Internet establishing linkages between business and business. protects consumers from hackers. was able to bring down the time taken in the port transaction form three days to 15 minut es by using Electronic Data Interchange. whic h recognizes electronic signatures. The first requirement is a legal framework. Howev er. Nearly 20 years ago a technology evolved in the information technology area call ed the Electronic Data Interchange (EDI). EDI will become inevitable and crucial instrument for exporters. It needs to treat e-commerce differently. In fact the three Cs are seen as increasingly important for promoting electronic commerce. for instance. This is imperative if India wants to take full benefit of the emergi ng era of electronic commerce. Starting as a project promoted by the US Department of defense for maintaining reliable communication in the event of a n uclear attack on the United States. The flip side of this is to give free trade status to e-commerce acros s borders. transactions by paper documen ts. business and customer and customers and government. affordable. The time has come for an aggressively promotional attitude to make computers. in part to encourage companies to get into the new medium of exchange and in part to break its tradition of oppressive taxation of Indian business. Th e second is for the government to touch e-commerce only lightly for taxes and revenue. or for that matter all the stake-holders in commerce closer to each other. The United Nations has proposed making electronic trade tariff free and there ar e plans to put this on the agenda of coming WTO millennium round. business and government.

Even USA. invoice payments) EDI cov ers the exchange of structured messages. or in person delivery with ele ctronic transmission. and lett ers) and structured (e. . The departments that are computerized to the greatest extent are finance and acc ounts. This fragmented approach divided a company into small and almost autonomous enterprises. EDI has developed out of the need of business enterprises to communicate efficiently wit h each other.it involves more human involvement and hence more cost. cost-based competition. agile manufacturing. Giant multinationals such as General Motors do n ot allow non-EDI companies to become their suppliers. phone. and it is a p air of standards that define a method for conducting business transactions between computerized companies. the net result of which was that the enterprise consisted of many islands of automation. on-demand delivery and customer focus have largely been alien to In dia Inc. is going paperless. stores. etc. dispatch advice. IT applications have entered almost all the companies but mostly in an uncoordin ated way without long-term integration plans or automation strategies. all these benefits result in faster and more cost-effective operations. EDI is an inter-organisational exchange of business. taking advantage of modern information technology. Moreover. time consumed for re-entering data. EC members are planning t o levy up to a 50% processing charge for non-EDI documentation and Singapore may s top trading with non-EDI countries. And herein lie s the problem. production planning and control (PPC) . The mechanism replaces traditional methods of data transmission such as mail. In the future there is a possibility tha t some shipping lines will not touch non-EDI ports... quality assurance and quality control (AQ / QC). IT Infrastructure. India s larges t export destination.. governments and institutions. manufacturing processes and distribution capabilities are some of the basic needs to become an e-business. corporations. product ion. Design / engineering. and rarely were computers employed beyond the confines of the accounts departments. Concepts such as zero-defect products. Quite seem ingly.g. are in the second tier while ma rketing. fil ing and transfer of paper documents. The use of EDI eliminates problems like delays associated with the handling. Indian Scenario One of the prerequisites to be able to do e-business is a sound strategy for all eging IT with business goals. Indian companies have not been IT savvy. purchase orders. Electronic Data Interchange mechanism is a sure step towards curtailing the proc essing times for documents and the number itself. From the start. while email deals with unstructured types of communication. memos.g. messages. Traditional business communication occurs in two forms: unstructured (e. Individual departments introduced computers and purchased or developed software to support their own department operations. and purchasing / vendor development reflecting a "transaction processing " mentality.

Users and Internet service providers can themselves introduce a mutually acceptable certification system to provide security and accountability to the system. Globally. Bu sinesses that do not re-engineer themselves to exploit the emerging Internet computing technology will be wiped out or simply left behind. The emergence of Internet and e-commerce is like discovering oil. Internet is the most democra tic of all technologies ever developed. like media and entertainment. which their more resourceful competitors can boast of. With relatively little expenditure companies can ri de the Internet bandwagon and enjoy the advantages. a company can now reach any market it wishes. human resource management (HEM) and projects brought up the rear. In respect of any industries. which actually offer their musical shows live thro ugh . you could now reach a m arket. Just as econom ic activity took a new turn after the discovery of oil. Four. insurance company or even a book shop should te ll you how unprepared Indian industry is as far as Internet and e-commerce is concerned . The increase in reach its becoming evid ent even for the manufacturing sector. surely. won t all these shopping complexes become redundant? Businesses all over the world. There ar e many entertainment companies. Impact of E-Commerce One. What is counted as one s strength today could well be its liability t omorrow if adequate reinvention and re-engineering do not take place with the help of In ternet. which you could not dream of a year ago. as long as its target market is linked to the Intern et world. have to think their future expansion plans afresh. Internet is developing too fast for governments all over the world. Three. internet and e-commerce is the latest buzz in today s world of business. Singapore boasts of huge shopping complexes. A visit to a public sector bank. than the number of motorcycles through its various showrooms. So the government cannot hope to get into the Internet business and stall its smooth expansion. the spread of Internet and e-commerce will dismantle the physical boundarie s of the market.distribution. With the Internet revolution likely to change the way people sho p in future. Today. which are thronged by shoppers from all over the world. With virtually zero advertisement and promotion cost. e-commerce will make most existing infrastructure of existing companies redundant. Two. there is consensus that there should be no government regul ation over the Internet. Harley Davidson of the US (it was known for manufacturing high-powered motorcycles) sells more accessories of its various motorcycle models through the Internet. Internet and e-commerce wil l open up a new world of opportunities for businesses across the world. Neither is internet technology zealously guarded nor d ifficult to access.

Cisco systems. Growth of business-to-business electro nic . Companies are quickly moving to utilize the expanded opportunities created by th e Internet. sending and receiving purchase orders. invoices and shipping notifications electronically via EDI (Electronic Data Interchange). They are so convinced of its benefit to their own co mpanies and their customers that they believe most of their business will involve the In ternet in the next three to five years.through the Internet. the world is on the verge of the Internet rev olution. There are many theatre companies. Companies of all sizes can now communicate with each other electron ically. The cost of installa tion and maintenance of VANs put electronic communication out of the reach of many sm all and medium-sized businesses. It is used for coordinati on between the purchasing operations of a company and its suppliers. many banks do not even have facility of updating their account hol der s passbooks through computerized printing. Some believe the volume of Internet commerce will be much higher. these businesses relied on the f ax and telephone for their business communications. and the customer service and maintenance operations and the company s final customers. the logistics planners in a company and the transportation companies that warehouse and move its produc ts. And in India. There are insurance companies that are not even present on the world-wide web. often over private communications networks called value added networks (VANs). Today. EDI is a sta ndard for compiling and transmitting information between computers. networks for company-use only (intranets) or for us e by a company and its business partners (Extranets). The Internet makes electronic commerce affordable to even the sm allest home office. Electronic Commerce between Businesses Internet commerce is growing fastest among businesses. For the most part. Although still in an embryonic stage. and private value-added networks. which will allow you to buy a ti cket after taking you round the theatre and letting you choose a seat of your liking . The industr ial revolution passed India by. analysts predict businesses will trade as much as $300 billion annually over the Internet in the next five years. through the public Internet. the sales organisation and the wholesalers or retailers that sell its products. Dell computers and Boeing s spare parts b usiness report almost immediate benefits after putting their ordering and customer servi ce operations on the Internet. let alone Internet banking. Even larger companies that used EDI often did not realise the full potential savings because many of their business partners did not use it. In the 1970s and 1980s businesses extended there computing power beyond the company s walls.the Internet. For instance.

Small companies also benefit. Large companies benefit from lower transmission costs versus private networks. more efficient and effective customer services. The Internet reduces processing costs and op ens up new sales opportunities from potential buyers that post requests for bids on the Internet. When changes to the normal order happen . For instance. multi-step proc ess. and quality and price requirements. Automating routine procurement means the procurement staff has more time to focus on negotiating better prices and building supplier relati onships. Companies lower procuremen t costs by consolidating purchases and developing relationships with key suppliers to benefit from volume discounts and tighter integration in the manufacturing proce ss.a frequent occurrence in most companies . and reduced labour and material costs as a res . l ower cycle times. T he Internet also opens the door to doing business electronically with new suppliers and with small and medium-sized suppliers who formerly communicated only via fax or hone. The buyer s accounting department matches the invoice with the PO and pays the invoice. printing and mailing costs in the procurement process. improved service. the buyer.the process can be much more complicated. Lower Purchasing Costs Buying materials or services for a corporation can be a complex. purchasers have to find suppliers who make the product and determine whet her they meet volume. When the product ships from the supplier. First. reductions in inventories. They also cast a wide net for lower-cost sources of supply. General Electric s lighting division reports significant gains in responsiveness.commerce is being driven by lower purchasing costs. 1. lower sales and mar keting costs and new sales opportunities. then transmits a purchase order (PO) for a specific quant ity of goods. detailed drawings and information are transmitted to t he supplier so that the product is built to exact customer specifications. Large companies have been using EDI over private networks to reduce labour. receives notification from the supplier that the PO was received and confirmation that the order can be met. Specific company examples suggest that i ts potential is large and growing. Assuming the product sample has been approved and the supplier s manufacturing lines are read y for production. Companies using EDI commonly save 5-10 per cent in procurement costs. Analysts estimate that businesses already trade over $ 150 billion in goods and services using EDI over VANS. along with an invoice for goods delivered. The Internet has the potential to further reduce procurement casts. Procurement via the Internet is new enough that projecting economy-wid e savings or other benefits is difficult. Once a potential supplier has been chosen. meanwhile. delivery. the buyer again receives notification. The buyer.

When a customer enters a furniture showroom loo king for an armchair with green and white stripes and is told it s on back-order for 12 weeks. either. The production planning departments identify manufactur ing and materials capacity in each factory. The lower investment and operating costs due to improved inventory turns have resulted in savings of $500 million. Managing inventory pr operly results in better service for the customer and lower operating costs for the com pany. the process is repeated and the production sched ule fine-tuned. Shelves weighed down with size -10 running shoes do n o help the customer who wears a size 8. he may drive across town to a competitor rather than wait. As new information comes in each week. the group marketing departments report information on how many PCs they think will be sold. The procurement staff uses the same information to negotiate with suppliers. inventory turns increased 40 per cent over the pre vious year. Electronic communication between factories. handling and storage costs. More efficient pro duction can reduce or eliminate the need for additional investments in plant equipment. Having huge inventory does not ensure better customer services. If demand suddenly rises or it one factory cannot meet its production schedule.ult of shifting purchasing company has to hold to account for delays and errors. The group anticipates another 50 percent increase in turns and a 20 percent increase in sales volume in 1997. During the first year of APS. Problems are communicated as they arise and the appropriate adjustments are made. IBM has avoided having to make ad ditional investments to meet the increased volume requirements. and sales volumes increased by 30 per cent. . production schedules are assigned to each factory. Each month. Reducing inventory levels also mea ns that existing manufacturing capacity is more efficiently utilised. IBM s personal systems group provides an illustration of how the Internet and private networks are helping companies keep stocks of inventory smaller. The Personal System Group has been phasing in thi s Advanced Planning System (APS) since 1996 and already reports significant result s. IBM aware of it in time to increase production at another factory. By better utilizing its existing manufacturing capacity. IBM is not alone in its efforts to use networks to improve communicatio n between the marketing and sales arm of a business and its production units. and th e less quickly it can react to changes in demand. Armed with inputs from across the compan y on demand and supply. Increasing the frequency of inventory "turns" (the number of times inventory in existing warehouse or store space is sold or used for production each year) reduces inven toryrelated interest. marketing and purchasing departments have made this quick response possible. yet more target ed on likely consumer needs.

a retailer and its supplier electronically post their latest sets of forecasts for a list of products and to share information about t he availability of products in stock. The Internet will permit even further reductions by broadening the network of . If th e time to build a product can be reduced to seven days instead of ten. The accounting and consulting firm Ernest and Young believes that CPFR could yield an inventory reduction of $250 billion to $350 bi llion across the economy. 2. then the fixed cost s per product are lower since less time was needed. These standards will allow companies to collaborate in determining future demand for products and to share information about the availa bility of products in stock. By reducing inventory levels. and most managerial and supervisory time. Lower Cycle Times Cycle time is the total time it takes to build a product. Electronic commerce allows "cycle times" to be shortened.Manufacturers. businesses will realise substa ntial savings in materials handling. allowing more to be produced for the same or lower costs. Differences are then reconciled by planners at both the retail er and the supplier. In th e 1980s. warehousing. With CPFR.say 5 per cent. and general administrative costs. most utility and building costs. These "fixed" costs include depreciation of equip ment. The responded by breaking down organisatio nal barriers that had grown up between design. software companies are working to develop programs that automatically handle exception messages based o n rules that apply to that business. wholesalers and retailers are working together to form standards and guidelines for setter forecasting and restocking called Collaborative Planning f orecasting Replenishment (CPFR). A server tied to the Internet compares the forecasts and flags differences in those that exceed a normal safet y margin . With CPFR. the lower cycle s times realized by Japanese companies presented American compan ies with a serious competitive challenge. manufacturing and sales division and improving communications with external manufacturing and sales division and improving communications with external partners. There are certain fixe d costs associated with building any product that do not vary with the amount of product ion. Some also began to share product specifications and drawings over value-added networks to speed product design and development. To keep that process from becoming too cumbersome. but rather are time dependent. invoices and shipping notifications with much shorter lead times than pr evious. Establishing electronic links w ith their large suppliers and customers enabled companies to transmit and receive pu rchase orders. a retailer and its supplier electr onically post their latest sets of forecasts for a list of products.

Working as a team and sharing information electronically has cut the time it takes to develop and build a new vehicle to about 30 months. First. Engineers worked with the prototype builders to refine the engineering specifications.businesses connected electronically and by facilitating collaboration on project s across work teams and geographical locations. suppliers. Then. engineers in Detroit can assign a problem t o engineers on their team in India. Through the use of computer aided design (CAD). and manufacturing and assembly personnel . the engineers would design the individual components and the tooling needed to make the components. contributing to the process from beginning to end. the veh icles were mass-produced. Incorporating changes to the model could take months. Today. Once the prototype was ready. If everythin g went smoothly. all parties involved in designing a new platform or vehicle . after additional modifications. a full-scale clay model was built to see how the vehicle would look in re al life. Once approved. Changes to the components can be made without building sample tooling and parts. As a result of computerizatio n. Automotive companies now want to shorten the design cycle to less than 24 months by setting up platform teams in different parts of the world and linking them elect ronically. By using global communication links.work as part of a team. The same techniques are being used to reconfigure a nd retool assembly plants. Finally. steps that used to take weeks or months can now be done in a matter of days. the whole team can sha re computer files and use 3-D modelling techniques to design the vehicle and see ho w parts fit without building prototypes by hand. the manufacturing . While Japane se auto makers could take a car from concept to mass production in approximately three y ears. purchasing agents would work with suppliers to produce prototy pe tooling and parts for assembly of pilot or pre-production vehicles. engineers. When the final design is agreed on CAM data is loaded into machines that build t he tooling and prototype parts. the engineers i n the Far .designers. With the time zone difference. American companies typically took four to six years.engineering team would then assemble the vehicle t o discover any assembly problems. rather than having to wait for each member to finish his step before t he next one can be taken. single or multiple-prototype vehicles were built by hand to see whether parts fit together correctly and whether car could be build economically. computer aided manufacturing (CAM) and computer aided engineering (CAE). Sharing information electronically allows the different members of the group to work on projects together. Few industries faced a greater challenge to reduce cycle times than the automotive industry in the early 1980s.

a managed virtual private network" that runs over the Internet and links manufacturers and suppliers world-wide. Ford. Connecting all levels of suppliers through t he entire industry via EDI could save nearly $1. phone an . This meant time-consuming manual data ent ry. automotive companies communicated production requirements and schedules to their suppliers by phone. Error rates were reduced by 72 percent. automobile manufacturers and their large suppliers communicated productio n and scheduling requirements via EDI. Cycle times are also being shortened for production. most North American assembly locations turn inventory 130 times per year. At the projec t outset.East can work on the problem and get an answer back to the Detroit counterparts by the next business day. information was distorted and truncated. the Automotive Networ k Exchange (ANX). photocopying and information hand-offs from one supplier to another. Johnson Controls and 12 of their suppliers began working together as part of the Manufacturer Assembly Pilot (MAP) to further imp rove material flow within a pilot four-tier seat assembly supply chain. GM. The assembly plant electronically sends the supplier an 8 to 12 week forecast or builds plan. it took four to six weeks for material release information to reach the bottom of t he supply chain. inaccurate and entrusted information cost millions of dollars in the form of "ju st-incase" inventories.1 billion annually . It could ta ke several weeks to get the manufacturing schedule and requirement to all component factories and vendors. The resulting lat e. The automotive industry is now investing in a new venture. the supplier notifies the assembly plant that the parts are on their way. Chrysler. Today. On-time shipments improved 6 percent. Before t he use of EDI. premium freight. Daily production requirements detailing the number of parts needed at each plant at specific scheduled times are also communicated electronically. unplanned set-ups and changeovers and their inefficiencies. The plant schedules its lines to coincide with the arrival of the trailers. In January 1994. To minimize the impact of delays and errors caused by miscommunication. up fro m 7 to 10 times per year in the past. When the parts are ready and loaded in the trailer. production schedules reached the bottom of the supply chain in less that two weeks. Along the way. By changing its assembly process to take advantage of the more accurate and timely information they receive electron ically. fax or mail. the plant kept a large inventory of part on-hand. Up to eight hours we week per customer was saved in labour costs. ANX will electronically link those suppliers who still communicate to the automotive manufacturers by fax.a cost savings of $71 or more per car . By electronically connecting the MAP participants.and decrease information lead-time to just one day between each tier o f the supply chain.

it can also lead to more sa tisfied customers. technical support and order status information online not only sav es money by freeing up a company s won customer service staff to handle more complicated questions and manage customer relations. And. Because of its low cost and ease of use. it will replace the thousands of direct dial connections with a singl e network. Innovat ive businesses are finding ways to tap the potential of that information. Participating automobile manufacturers believe that ANX has the potential to reduce the product development and manufacturing cycles even further. Lower sales and marketing costs . Dell estimates that it saves several million dollars a year by having basic customer service and technical support functions available on the Internet. Few things are more frustrating to a customer than uncertainty about when an important purchase will arrive. payments and other business information. software downloads and technical support information onl ine. considerably lowering the transmission costs borne by the manufacturers and the supplies. For instance. Companies have long gathered and stored information about customers a nd products in databases that only certain authorized employees can access. resulting in savings of $125 million in customer service costs. Delivery companies are helping their busi ness partners solve this problem via the Internet. This pattern consumes time an d money for the customer and the seller. and are being. Scheduled to be fully implemented by 2000. replicated in many other industries. The results achieved by the auto industry through EDI can be. In addition to improved customer satisfaction. making it available to those who need it most whether it s a customer service representative answeri ng a phone call or a customer looking for account information or technical support on line. More efficient and effective customer service Companies are beginning to use the Internet for customer service. 3. enter his order number. This information can be retrieved from the company s Web site in less than a minute. Cisco reports that its customer service productivity has increased by 200 to 300 per cent. Having product descriptions. phone calls to a supplier result in a series of transfers from one department to another and an eventual promise to check on the status of the order and to call the customer back.d mail. A customer can go to the company s Web site. as well as improve many other key business processes. and find out that the product is already on a truc k and is expected to arrive the next morning. the network will electronic ally route product shipment schedules. purchase orders . 4. th e Internet will help accelerate the pace at which businesses communicate with each other electronically and the benefits they can realise. companies using the Internet for customer service report savings f rom putting order tracking. CAD files for product designs. Too often.

An individual sales person can support as many customer accounts as he can physi cally visit or contact by telephone. as the number of accounts increases. when Cisco s system tried to validate the order. Nearly one out of four orders didn t get a "clean" bi ll of health. A Cisco customer service administrator entered the orde r into Cisco s system. By contrast. they can spend time building and maintaining customer relationships. and a much larger percentage of customer-service enquiries. ordering a product could be complicated. Electronic catalogues present f ar more information and options that their paper counterparts. switches and other n etwork interconnect devices) to order. an engineer at the customer site knew what type of produ ct was needed and what should be configured. If the order went through “clean". its reach is bounded only by the capacity of the servers to respond to inquiries and orders. about 50 percent of Boeing s customers use the Internet for 9 percent of all parts orders . Some recent business examples suggest the potential of the Internet as an effici ent sales tool. B efore the company establishment Internet sales capability. Even direct marketing companies increase staffing a s telephone order volume increases. Instead. because customers can satisfy many se rvice requests online. And. order parts. Cisco builds virtually all its products (routers. phone or email. allowing its airline customers around the world to check parts availabilit y and pricing. Because its sales function is housed in a com puter server rather than store locations or sales people. The Internet can als o make traditional sales organisations. however. Direct marketing onl ine can shorten repurchase cycles and increase and ability to sell additional items. s o does the size of the sales force. Less than a year lat er. a web business can add new custom ers with little or no additional cost. Boeing s spare parts business debuted its PART page on the Internet in Nov ember 1996. its booked and its production scheduled within 24 hours. catalogue sales and advertising more efficient. layered distribution channels. The Boeing spare parts bus iness processes about 20 per cent more shipments per month in 1997 than it did in 1996 with the same number of data entry people. Generally. sales represen tatives no longer have to prepare time-consuming manual orders. so there are very few off-the -shelf products. Therefore. With automated ordering capabilities. as many as 600 phone calls to customer service representatives are avoided each day. Instead. it di . The engineer communicated this information this procurement department who then created the purchase order and sent it to C isco via fax. and track the status of their orders.

Ci sco ruled out its Web-based ordering and configuring system. click on a Web browser and search for suppliers spelling industrial plastics online. the authorized purc haser can complete the order with few keystrokes. New sales opportunities The Internet operates around the clock and around the world As a result business es on the Web can reach new markets they could not reach effectively with an m-person sales force or advertising campaigns. With the onli ne pricing and configuration tools. and route the order to the procurement department. and customer s productivity has increased an average of 20 percent per order. By having an online presence and creating customised services for the small business market that vendor may devel ops a new. And. saving time both at Cisco and the customer s site. Because the customer s pricing structure is already programmed into the Cisco site. eighty percent o f the consumers and half of the small businesses that purchased from Dell s Web site h ad never purchased form Dell before. a plastic commodity specialist at a large manufacturer can site do wn at his PC. they would not have made the purchase.scovers an error in how the product was configured. Because the virtual store . th e customer contacted and the procurement cycle would begin again. a vendor s sales force may not be able to reach millions of home offices and small offices around the country. A small supplier with a limited sales force can now reach that buyer getting its f irst introduction online. more than 30 per cent of the company s online sales are t o new customers of incremental sales to existing customers. both within the US and globally Companies using the Inte rnet to sell products find that they attract new customers For example. describes similar results. rather than calling Cisco to find out the status of the order. know immediately if there a re any errors. that same engine er can sit down at a PC. Today. lucrative market. And their average purchase value is higher tha n Dell s typical customer. WW Grainger the leading distributor of MRO supplies in North America. For instance. Lead times ha ve dropped two to three days. In July 1996. Similarly. a customer with the pap er authorization can access the information directly on the Web site. One out of four say that if not for the Web si te. The company launched its Web business in the spring of 1995. invoice or account information. about 98 percent of the orders go through the s ystem the first time. Today. configure the product on-line. The "dirty" order would be rejected. 5.

sell. traditional intermediaries like department stores ar e joining the bandwagon of the new opportunity but still keeping their traditional way of doing business. Three of the companies discussed . customers who wouldn t otherwise be able to o rder from a Grainger store are now able to do so. . Internet commerce will only represent 3 percent of total G DP of US. In this sense. If their current projections provide accurate. more than 50 percent of al l orders are placed 5 PM and before 7 AM when the local store is closed. Investments are already taking place to realise the $300 billion in busin ess-tobusiness Internet commerce analyses predict by 2002. these three companies alone with conduct more than $17 billion in Internet commerce within t hree to five years. This means that the greater efficiencies companies are experiencing from ele ctronic commerce are likely to continue to diffuse through the U. 24 hours a day. . However. manufacturers can sell directly to customers and provide customer support online. On the other hand.Cisco. because it has to provide something that the electronic intermediaries cannot pr ovide. the benefits only increase as the network of businesses conducting electronic commer ce grows. A key impact is dis-intermediation of traditio nal distribution channels and electronic re-intermediation. And. Let us call this phenomenon dis-intermediation.Dis-intermediation and Re-intermediation By using the Internet. The experiences of these and other companies are quickly spreadin g through the rest of World industry through conferences and consulting firms who assist companies to design and implement Internet based business solutions. These phenomena are another evolution toward reintermediation and re-intermediation. distribute and maintain products and services are realizing significant cost savings and increased sales opportunitie s. the traditional distribution business can never be the same a gain.is open seven days a week. Occurrence of a new breed of electronic intermediaries is called re-intermediation. Even at $300 billion. new electronic intermediari es emails and product selection agents . Electronic Business The impact of E-commerce on traditional retailing systems based on the business models discussed in this section. The future Businesses that use the Internet to buy.S. In fact. Traditional vs. economy for decades to come. Dell and General Electric .were responsible for about $3 bil lion in Internet commerce in 1997. some manufacturers like auto makes still need to cooperate wi th dealers in a different way. In response to this change.are emerging instead. the traditional intermediaries are elimi nated. However.

Levi s changed its policy). In the traditional distribution channel. Regionally mixed strategy: In a certain region a particular company may sell on the Internet. For instance. This can be realized. This is possible because Lev i s has such a name value and customers like to have a single contact point in cyberspac e. there are intermediating layers. Another re-intermediation can emerge by differentiating the service of traditional intermediaries from on-line intermediation. In Japan. between the manufacturer and consumer as depicted in the following figure. A logical alternative to dis-intermediation is re-intermediation. which actually points to the shifting or transfer of the intermediary function.Now let us elaborate the notion of dis-intermediation and re-intermediation furt her. . If manufacturers are able to connect directly with consumers and s horten the traditional distribution chain they used to depend on. when they can theoretically obtain the same products directly from the manufacturer. the intermediaries such as e-mails.Impact on Manufacturer s Distribution Strategy In addition to dis-intermediation and re-intermediation. distributor. Owing to the presence of the Internet as a marketing and product select ion vehicle. and comparison-shopping agents can create the role of reintermediation. Nike provides physical retailing stores abroad. fo r instance by offering entertainment during shopping and by upgrading the shopping as pleasant as hobby. an interesting emergenc e of manufacturer s distribution strategies is the following: a. and retailer. there sometimes exist 10 layers. Manufacturer s monopolistic Internet-based distribution: Levi s does not allo w anyone else to sell Levi s product on the Internet. These new intermediaries replace the role of traditional interme diary layers. b. Dis-intermediation is new term that refers to the removal of organisations or bu siness process layers responsible for certain intermediary steps in given value chain. In summary. which add a 500 per cent mark up. Nike sells on the Internet but only in the United States. Coexistence with the dealers: This is the case in car distribution. directory and search engine services. while in another region it sells through the traditional retailer. . it is theoretically p ossible to get rid of the inefficiencies of the current structure. such as whole saler. The policy depends upon the maturity of Internet-based customer groups. (In late 1999. In the EC era. Automaker s need to keep the traditional dealers as test-drive servers even though they sell on the Internet. customers are beginning to question the value offered by the distributi on channel. c. rather than the complete elimination of it. customers have more choices of alternative intermediaries.

A general framework of the E-commerce market will be helpful in better understanding this emerging market. services l and money. directly to custome rs. c. b. 1999. d. reminding them that Home Depot h as the right not to carry their products they will sell online. which enables new players to step in. A similar strategic question applies to trad itional retailers. It is influencing the way the market is structured by adding another element .www. A critical question to traditional manufacturers and retailers is how to tran sform their business posture incorporating the benefits of electronic marketing with existin g distribution channels to satisfy customers most effectively at the minimum opera ting cost. restructuring the current manufacturing and distribution system. thereby creating a n ew set of market dynamics. Powerful suppliers: According to Fortune. its management should decide whether to commit to being a generalized directory service or retail spec ialised items. e. E-Commerce Industry Framework Traditionally market ties were created through the exchange of goods. Online publishing . . Online shopping 4.g. Mass customization for make-to-order: Manufacturers have to be adaptive to th e customised orders of ultimate consumers.information. E-Commerce Applications 2. However. The combination of the criteria of business models of electronic marketing ca n construct various business models depending upon the initial position of each in dividual company. Procurement and purchasing 5. 1. Home Depot sent a letter to its major suppliers (e. It has enabled the creation of new market opportunities. Traditional manufacturers have had to decide whether they want to transform to a full commitment to direct marketing. But E-commerce is changing all that. the emergence of pure cyber-marketing companies has irritated tradit ional distributors. Supply chain management 3. Management also has to investigate starting a completely new business to c ultivate the future opportunity of E-commerce. From an electronic intermediary s point of view. A new opportunity is available to pure direct marketing manufacturers and pur e cyber-retailers.whirlpool.d.Managerial Issues a.com). New business models have diminished the role of traditional intermediaries. This means the manufacturer should be r eady for mass customization. or regard the electronic storefront merel y as an additional channel of distribution. August 16.

The story is that Jeff Bezos.5: e-Vendor Business Links Consumer Internet e-Commerce facilities. Electronic Newspapers. They are not like cl oths that the customer might wish to try on or bananas where the customer could want to check the size-and ripeness. Internet Bookshops One of the first applications of e-Commerce on the net was the Internet Books sh op. These sectors exem plify the range of consumer e-Commerce services that are available. san down to work out what he could sell online and decided it was books . . Bookshops. have four significant advantages for the onlin e retailer: 1. Share Dealing. A number of contrasting sectors are examined in this section. 5.5. An existing retailer has supply chain arrangements that have been built up and tuned over time. The important differences between e-commerce applications are how they fit into the consumers market. Information products and services Consumer Internet e-Commerce uses a single set of technologies. The infrastructu re for an e-shop selling books is essentially the same as is used for the online sale o f airline tickets. Grocery Suppliers. 2.the result was amazon. 3. The new entrant to the market has to match this efficien cy by quickly setting up similar arrangements or developing an alternative infrastruct ure that better meets the needs of its way of conducting business. Existing players in a market may respond to the new entrant by sharpening up their conven tional retail act or by setting up a competing online channel.6. 6.c om. the latter course of act ion adds to the threat to their investment in the conventional distribution channel. The e-commerce applications also need an effective supply infrastructure. Books. the on line purchaser is not going to be impressed by lines that are out-of-stock or goods t hat take forever to arrive. 1. be adequately described online. may be set up by: · A new entrant to an existing market · An existing player in the market using the Internet to develop a new sales channel New entrants to the market have the potential to threaten the market position of existing players but they have to build up expertise to support their operations . Software Suppliers and Support. in most cases. Banking. 4. an e-shop. These essential com ponents of the business structure are shown in figure 1. when he decided to set up an online business. Online banking 7. as an item of merchandise. They can. Figure 1. The chosen sectors are: 1. how they are supported by the supply chain and their potential to alter the role of players in that supply chain.

book emporiums. Many customers are prepared to wait for the goods to arrive (and there is oft en a similar wait for books ordered through a conventional bookshop). Direct supply from the publisher. The exact balance of the equation is not clear. They are moderately priced . The book trade supply chain is summarized in figure 1. Book wholesalers (and it is Amazon s relationship with^ a large wholesaler in Seattle that. Bookshops have two main sources of supply: 1. The advent of retail e-Commerce customer interfaces has not altered the supply c hain arrangements of the book trade. The reaction of other players in the book trad e has been threefold: Defensive reaction by large traditional players that setup their own e-Bookstore s.g. Some new entrants have been aggressive in their advertising and pricing. arguably. 4. the existing player adds to the threat to their investment in conventional trade out lets).com is one such example in Europe and the UK. Wholesalers tend to deal more with popular books than with specialist or academic requirements. many multiple book retailers ha ve made considerable investments in their conventional bookshops converting them in to. e. displacing Amazon adverts on some p ortals and pushing them to increasing their discounts. The start-up and subsequent success (in terms of growth and sales volume) of Ama zon came as something of a shock to convention booksellers.2. bol. Postal / small packet services can be used at reasona ble prices and the customer does not have to be at home to receive the goods. The major disadvantage for the online bookshop is that the customer does not collect the product and delivery h as to be paid for. Barns and Noble in the US is one such example (and in setting up an online alternative . 2.6. A warehouse operation where the customer does the data entry is cheaper to operate although the IT infrastructure is an additional expense. 3. TeleOrdering in the UK). Competitive reaction by new operators in the field who have copied Amazon s init iative. either from a sales representative or using direct ordering (direct ordering is typically via EDI. made their operation possible). The shock was in terms o f loss of sales but also the discount pricing of Amazon that threatened existing pricin g structures within the book trade. Enhancements of conventional bookshop offerings. they can be posted through the customer s letter box.expensive enough to make the transaction worthwhile but not so expensive that the transaction exacerbates customer fears about online payments. Apparently the conventional book retailers don t intend to let the online vendors have it all their own way. what could be termed. The online retailers d o discount but the high headline discounts are concentrated on a few best-sellers and many books . Delivery is manageable. In competitive terms the Internet bookshop has the advantage that it does not ha ve to maintain expensive retail premises and the staff that go with such an operation.

seemingl y. at the time writing. The online supermarket works much like any other shop.com. The large online bookstores need a sophisticated web site. www. · Details of stock and hence an accurate picture of delivery times (this is. That said. t he queues at the checkout.g.co.are sold at the publishers recommended price.com Bertelsmann AG . for example. Deli ver ing Goods: Groceries are both bulky and perishable.uk Barnes and Noble . need to pay for promotion to a greater degree than their conventional competitors. the logistics are a bit different from other onlin e stores: Selecting Goods: The typical food supermarket carries a product range of several thousand items and a customer may well select (say) 60 of them on a weekly shopp ing trip. The facilities of the online bookshop may include: · A large database of books: The details available for display include a picture o f the cover. robust and comprehensive. 2.blackwell. the aisles are jammed.amazon. both to attract and r etain the attention of their customers and to ensure the efficiency of their backroom oper ations.www. Th e online only retailers. a few clicks of the mou se and the weekly shop is done.com Blackwell . The customer logs and selects the groceries that are required. are all making substantial losses.www. Noteworthy Sites Large online bookshops include: Amazon .chapters. taken into the house and loaded yet again into the refrigerator and the cupboards. and leaving them ou . provided by Blackwells which also has a wholesale function and thus has access to this data). · Software to record the readers’ interest and to suggest other titles that might al so appeal.bol.amazon.www. etc.www. Grocery Supplies Going to the supermarket for many people is just a chore. reloaded into bags. Also the online retailer. loaded into the car.co. The car park is crowded. · Integration into the supply chain. often the time they ca n go is the time everyone else can go. facilities to send EDI orders to the publisher (again this is a feature of the design on the Blackwell s online bookstore). The staffs pick the g oods.ca There are also a large number of sites for bookshops dealing with specialist int erests. · A search engine for author.barnsandnoble. price and possibly customer reviews. This is a task that can take some time and the online supermarket tries to help with facilities such as an online shopping list. How much easier if one could call up the home page of the friendly local supermarket. description of the book.www. subject. The system has to be up-to-date. these sites are much smaller and tend to have fewer features than the major onli ne bookstores. pack and dispatch them. title.uk Chapters .bookshop. e.

tside
the back door is not necessarily appropriate. Common practice for home delivery
is to
arrange a delivery slot with the customer, delivery within a specified two hour
period
and to make a small charge for delivery.
In the UK most of the large supermarkets have started online shopping services.
There
is strong competition between UK supermarkets and possibly the rollout of online
shopping is more do with a need not to be seen to be falling behind than a great
enthusiasm for the new channel. In the UK, the first food retailer with a (moder
n) home
delivery service was Iceland, a frozen food chain that also does general groceri
es. The
Iceland home delivery service docs have a web connection but the main method of
access is telephone ordering and a sizeable number of the customers are senior c
itizens
who have a problem getting to the shop but are readily available at home to rece
ive
deliveries.
In the US, one of the pioneers of online groceries has been Peapod, a software c
ompany;
they have set-up the online facility and have found other organisations to stock
and
deliver the groceries. Amazon has also recently joined in with their Homestore b
rand
offering its services in selected locations.
The logistics of the online grocery business are very different from the e-books
tore. A
warehouse in Seattle can do nation-wide (or even world-wide) delivery of books b
ut
would not be appropriate for general grocery supplies. The home delivery grocery
business requires local depots and it needs the same supply chain infrastructure
,
coordinated by EDI, which the supermarkets have in place. The organisations that
have
the infrastructure to enter this business are the existing food supermarkets; th
e only
part of their facility that is not entirely appropriate is the retail store whic
h is a much
more lavish facility than would be required in a purpose built, home delivery de
pot.
The supply chain of the home delivery grocery operation is diagrammatically very
similar to the bookshops; a vital difference is that supply has to be from a loc
al depot
rather than a central warehouse. The supply chain is shown in Figure 1.7.
It is noted that there are a number of online suppliers of specialist food produ
cts. These
operators work with a limited product range of specialist products at premium pr
ices.
These operators can work from a central warehouse and use the postal / packet de
livery
system. Selling chocolates or wine online is a very different operation from gen
eral
groceries.
Noteworthy Sites
Peapod - www.peapod.com
Homestore - www.homestore.com
Sainsbury - www.sainsbury.co.uk
Tesco - www.tesco.net

13. Software Supplies and Support
Software supplies are both a business to business market and a business to consu
mer
market. It is also a consumer market and as it contrasts with the other trade se
ctors
discussed in this section. The Internet as a channel for software sales, includi
ng
computer games, has two distinct advantages:
1. The customers are presumably computer literate and will be able to operate th
e
medium.
2. The product is electronic and can be delivered via the net.
The supply chain for software delivered over the net is therefore very simple. I
t is a
straight transaction between the customer and the supplier without the need for
any
agent or retailer. The supply chain is shown at figure 1.8.
4. Electronic Newspapers
The web, it is suggested, provides a new channel for news distribution that over
comes
the shortcomings of both the printed newspaper and of broadcast news on radio an
d
television. The web can give news coverage that is as up-to-date as broadcast ne
ws but
has the in-depth coverage available from a serious newspaper. Further than that,
the
browser could be set to select the news of interest to the reader and to leave o
ut the rest.
That is the potential but it has not yet happened, possibly it never will. The s
implistic
assessment given above perhaps misses out on a more complex way that news is
consumed . Radio and television news is often consumed while people are doing o
ther
things, eating their breakfast or driving a car; they happen in the background.
Newspapers are read on the train or in the park and then may be shared with some
one
else. The newspaper gives the reader the chance to be selective (and that select
ion
process is to do with moods and time in a way it would be difficult for any soft
ware to
emulate). There are a number of online newspapers available and most of them are
web
versions of existing newspapers. The Washington Post is the one that has, to dat
e,
received the most favourable coverage. Currently access, with a couple of except
ions, is
free.
The online newspapers, it seems, are often used to look up something that has be
en
missed in a previous issue or to look at the job advertisements, rather than bei
ng read as
a newspaper. Online magazines attract some readership but they have had a hard t
ime
attracting subscriptions - there is the ethos that the net should be free and th
ere is also a
concern that the magazine might not be as good as it pretends to be or that it m
ay not
last the period of the subscription. There is, however, a threat to the conventi
onal
newspaper from the web. A large part of the revenue that pays for newspapers com

es
not from the cover price that the reader pays but from the money received from
advertisers. The web has the potential to advertise jobs, houses and used cars a
t a
fraction of the price of a newspaper -should the advertising of these items shif
t to the
web then it might not be possible to buy or daily or local newspaper, at least n
ot at a
price that the public is prepared to pay.
The supply chain of the online newspaper is also much simpler than that of the p
aper
version. No need for a midnight deadline before the papers are loaded on to lorr
ies,
delivered to wholesalers in each major town, re-packed for delivery to news agen
ts and
then possibly to the door by a paper boy. The supply chain of online newspaper i
s direct
from the company to the reader’s screen.
5. Internet Banking
There are times when the bank customers want to know their bank balance or make
an
urgent payment and a visit to a branch is not convenient; Internet banking (and
telephone banking) can solve these problems. The use of the telephone or the Int
ernet
also have advantage for the bank; it reduces the cost of processing each transac
tion (by a
factor of between 10 and 100 depending on which report you read) and has the pot
ential
to enable the bank to reduce the overhead of the branch network. Online banking
allows
the customer to check their balance or pay a bill at any time of the day or nigh
t. The
services offered by online banks typically include:
· Online balances and statements giving up-to-the -minute information. The
statement can be used to check that any specific debit or credit has gone throug
h;
· Credit transfers so that bills can be paid online. Included, is the facility to
set up a
transaction now for the bill to be paid at a later date;
· Maintenance of standing orders and direct debits.
The major service that is not provided is cash in and cash out; for this service
the
account holder has to leave home and visit an automatic teller machine (ATM) or
a bank
branch (assuming it has not been closed down). A problem is that doing your own
banking allows you to make your mistakes and there are reports of customers send
ing
money to the wrong account or just out into cyberspace. Banks also make mistake
but
when they do it is comforting to have someone other than oneself to blame. For o
nline
banking, security is obviously an issue. At the Bank of Scotland logging on repo
rtedly
involves a customer number, three passwords and eight different pages before the
balance could be accessed; and the service needs special software downloaded ont
o the
PC. It is, of course, right that security is taken seriously but it does not nec
essarily make
for an easy to use, or a fun, service. The supply chain of the bank, using e-ban
king,

The day trader s aim is to make a profit from volatile shares that are bought in the morning and sold in the afternoon. The investor is able to deal at a price viewed immediately. some provide information free and some require a subscription. converting off-line practices to an onlin e equivalent. The investor who might h ave made calculations about trends and valuations by hand can download the informati on from the web into a spreadsheet or a personal finance program that runs on their PC. whereas using more traditional dealing services an investor will of ten have to wait in a telephone queuing system to get through to the dealing desk and whe n trading may have to wait for the price of the trade to be confirmed.10. Internet share trading sites are been setu p by stock broking organisations and by new entrants to the market (the latter need clearan ce from the regulatory authorities before they can operate). Day traders are often just ordinary me mbers . Also the commodity being traded is intangible. In the US the availability of online shares dealing services has created the phe nomena of day trading. The use of online brokerage services automates the process of buying and selling and hence allows a reduction of commission charges. The supply chain of the online bank is shown at Figure 1. The Internet can make available to the private investor the up-to-the-minute informa tion that. That same private investor who used to ring up a stockbroker to buy or sell (a p rocess that might take some time when the market was busy) can issue that same instruct ion online for immediate execution.reduces usage of the branch network (although a branch or ATM machine will still be required). Current developments are. a number of the banks and few large US companies that have set up in the UK. Figures for 1999 show 7 million online tra ders in the US and a rapid growth in the UK since the first traditional British stock broking firms. essentially. Online Share Dealing The use of the Internet is taking off among private investors in stocks and shar es. The number of sites and the usage of them is mushrooming. The private investor who may have received a stockbroker s report th rough the post and looked up share prices in the morning paper can access the informat ion online (with the current market price being available). The Internet is also being used for information sites and chat lines. until recently. 6. the ownership of stocks and shares can be recorded electronically so there is no requirement for physical delivery. had only been available to those working in financial inst itutions.

the market space provides a context sufficient for the entire procurement process.of the public who have given up their jobs to spend the day glued to a screen wa tching the price movements of a few selected stocks. It is a risky business for the individual and of doubtful benefit to the overall economy that the financial markets are supposedly-designed to service. including structured graphics such as diagrams and musical scores. video conferencing and video-clips. The supply chain fr om the broker to investor is shown in Fig 1. · reference information. · images. and · interactive voice. The problem with online trading is that it in creases the temptation to indulge in short-term speculation rather than long-term invest ment. · commerce in money. · projected sound. Internet share dealing seems like a sector set to grow and grow. including articles and books. That said. such as speeches and musical performances. including foreign currencies. · commerce in securities. · software. including dictionaries and encyclopaedias. including television. for digital goods and services.11. · weather forecasts. Some day traders make money but ma ny do not. including statistics. · interactive video and video-with-sound. infotainment. if the financial institutions can and do speculate. Digital goods and services are those that can be de livered using the information infrastructure. such as video-conferencing. the unsuccessful day trader losses all their savings and often a great d eal more as many take out loans or trade on credit. such as telephone conversations and teleconferencing. Hence. Why trade throu gh a broker when you can get better information and a better service by trading onlin e. quite generally. and photographs. · commerce in insurance. · news. Now members of the-gen eral public can compete on equal terms. and financial derivatives such as stock-based. · bookings and tickets for live events. and . often in a thoroughly irresponsible manner. · projected video and video-with-sound. · data. The supply chain for share dealing is unchanged. edutainment and education via multi-media. the use of the net just speeds up the whole process (and that can be vital in some share dealing). interestrate-based and index-based options. Digital goods and services include: · documents. For many years the people in the trade have had up-to-the-minute information on shar e prices that has not been available to the general public. · entertainment. w hy should the ordinary punter not have a chance to join in if they wish to? Digital Goods and Services Electronic commerce can support most of the processes involved in the purchasing of physical goods and services.

modern based P Cs and satellite based communications etc. Describe E-Commerce Applications. The players in this industry segments can be called as "information transport providers". For example an e-mail sent from Bangalore to California may travel across different interconnected transport networks before it reaches California. Multimedia Content and Network Publishing Infrastructure The development of World Wide Web (WWW) has thrown open the gates of Internet to the common user. computer based communication and networking hardware (hubs. Explain applications of Intranet and Extranet in businesses. 3. The last 5 years has seen a tremendous growth in t he router business. The architecture is a mixture of several high speed ne twork transport systems like land based telephones. QUESTIONS 1. T he category of CPE includes TV set top boxes. Major play ers in . These include telecommunication companies that provide telephone lin es (DOT). 5. It provides a mean to create product information (con tent) and to publish it in a network server. 3COM. 13. Narrate Electronic Commerce as Online Selling. The web has also triggered the growth of a new indu stry that creates tools called browsers to access and publish information.End of Chapter Unit – II NETWORK INFRASTRUCTURE The information superhighway has many transport systems and does not function as a single monolithic entity. 8. Describe the advantages of E-commerce? 2. 4. Explain the nature and characteristics of digital goods and services. The web allows network publishing. . Discuss in detail emerging role of E-commerce in business growth. 6. air based wireless. Distinguish Electronic Commerce from traditional Business. 10. Explain various E-Commerce Concepts. Java has been created. routers etc). Why do companies adopt EC models? 7. Write a detailed note on the status of electronic commerce in India. which was previously used in universities and defense labs. and commodities derivatives such as futures. Explain the importance of E-Commerce Applications. cable companies that provide coaxial cables. Cisco etc. Explain various forces aiding E-Commerce. 12. wireless networks. Explain the differences between traditional and E-Business models.· commerce in commodities. satellite networks. and public networks like the Interne t. private networks like Compuserve. 9. Routers are devices that connect the Lo cal Area Networks (LAN) inside various organisations with the Wide Area Networks (WA N) of various network providers. A whole new set of software for the web l ike HTML. 11. The industry segment also includes hardware and software tools that provide inte rface between the various network options and the customer premises equipment (CPE). Today this is a multi billion dollar industry dominated by Bay networks.

unalterable message delivery that is not subject to rep udiation. Business Services Infrastructure Doing business online had received attention for its potential as well as for su ch shortcomings as inadequate directories. The web has also created a new industry that deve lops multimedia applications in which most entertainment providers are jumping. electronic checks) will still . The messaging vehicle is called "middlewa re software" that sits between the web servers and the end user applications and ma kes the peculiarities of the environment. shipping notices and invoices are example of structured documen t messaging. The business services infrastructure attempts to address th ese shortcomings. Providing value addition will be the only differenti ator. set-top boxes etc). graphics ) and networks (satellite. Messaging vehicles provide ways for communicating unstructured as well as struct ured data. Structured documents messaging consist of the automated interchange of standardi sed and approved messages between computer applications via telephone lines (ex-EDI) . fibre optics. In order to enable online payment and ensure its safe delivery. Th e development of catalogs. financial services and shopping mechanisms over the las t two years has greatly simplified online business.the browser industry are Netscape communications (Netscape communicator) and Microsoft (Internet Explorer). to be able to acknowledge and give proof of delivery when required. cable. The infrastructure includes the different methods for facilitating online buying and selling processes. For the purpose of E-commerce the existing messaging mechanisms must be extended to incorporate reliable. It also includes translators that interprets a nd transforms data formats. The challeng e in the development of messaging software is to make it work across a variety of communication devices (PCs. But the free message market is cluttered today wi th every one offering such services. wireless and twisted pair). the payment serv ices infrastructure needs to develop strong encryption and authentication methods. Messaging and Information Distribution Infrastructure Once content has been created and stored on a server. Unstructured messaging vehicles are Fax. But the development of secure tran sactions and secure online payment instruments (such as digital cash. E-mail etc. The success story of Hotmail stems from the fact that offering free messaging services will be | attractive a nd helps to develop a loyal customer base. inadequate online payment instruments an d inadequate security. Purchase orders. messaging distribution met hods carry that content across the network. interfaces (characters.

Information traffic policy issues deal with the cost of accessing information. it was able to garner support from content providers seeking mor e lucrative contracts. newspapers. a popular free e-mail provider and is considering many more. It also made Microsoft independent of any access prov ider. regulation to protect consumers from fraud and to protect their right to privacy and the policing of global information traffic to detect inform ation piracy. It recently acquired Hotm ail. Case Study: Microsoft Microsoft is an excellent case study of a company that understands the importanc e of the various aspects of the E-commerce framework. It has also undertaken the route of M&A.be a concern and this provides a market opportunity for many players. In the area of business service. an Internet access provider. But the issues themselves. All the acquisitions and partne rships undertaken by Microsoft are keeping in this view. Microsoft made a pre-emptive strike by trying t o acquire Intuit. Other Key Issues Public Policy Public policy related to E-commerce encompasses such issues as universal access. Many organisations like the W3 consortium are working to establish the relevant techn ical standards. Microsoft then launched an intensive effort to build an attractive content base. privacy and information pricing. and is involved w ith various consortia and standards organisations that are developing standards for such distribution.0 operatin g systems. and transport. let alone solutions are just now evolving and will become increasingly important as more people enter the electronic market place. user interfaces. Microsoft decided to attract content away from other providers like America onli ne (AOL). This gave Microsoft access to a telecommunication infrastructure that reaches several million consumers. It developed a business m odel that allows each content provider (magazines. With thi s business model. Microsoft is active in messaging and information distribution. Microsoft has developed a web server called Internet Information System (IIS) that comes with Windows NT 4. Microsoft began the efforts by establishing a key link to the Internet. TV networks) to set fe es and to retain 70% of the revenues and a 5% commission on goods sold on MSN. Even though . Quicken. Standards are essential to ensure compatibility across the networ k. Techni cal Standards Technical standards dictate the specifics of information publishing tools. it bought at 20% stake in UUNET technologies. CompuServe instead of building its own content. In terms of network servers. When Microsoft decided to build the Mic rosoft Network (MSN). the maker of the popular personal finance software.

the challenge lies not in technology but using it sell ideas and services to the customer. when the E-commerce market expands. Since such catalogue companies carry no physical stores. In a s imple case. The online catalogue business is one of the most efficient and successful interm ediationbased industries. (www. This will then provide valuable data to the manufacturers and inventory systems that control the production and distribution of the car.autotown.com). intermediaries are doing well by packaging and selling info rmation. As an example we can consider firms in the financial service sector like banks. Information based products range from the simple order taking to the highly sophisticated customised manufacturing. In online retailing. Many opportunities exist for online intermediaries who process and add value to information along the transactional chain. Intermediaries and E-Commerce Intermediaries are economic agents that stand between the parties of a transacti on namely buyers and sellers and perform functions to the fulfillment of the transa ction. Other online intermediaries li ke brokers (priceline). (www. For instance Wall-Mart and Microsoft have made a deal to provide online shopping services. ins urance companies. stock traders (e*trade) etc are also doing well . . brokers. The following table lists a variety o f online intermediaries in E-commerce. Microsoft has built its own software called Microsoft is working with various application vendors. customers can order flowers through the online intermediaries that divert the order to the regular boutique shops. intermediaries create software that allows customers to view and choose cars by computer. for example. inventories and labour they are able to offer customer lower prices than those provided by the traditional retailers. mediators etc. Microsoft also realizes that in the ne ar future.flowers.its attempt failed. agents. CUC International. auctioneers (ebay). because it believes that applications will prolifer ate. Suppli er Management Electronic applications help companies to tightly integrate with the suppliers a nd facilitate business partnerships by reducing the Purchase Ordering costs (Pos) a nd cycle times. In more complex cases. Types of E-Commerce There are three distinct types of E-commerce applications: Inter-organisational (Business-to-Business (B2B)) Intra-organisational (Within Business) Business-to-Consumer (B2C) Business-to-Business E-commerce From the inter-organisational perspective E-commerce facilities the following bu siness applications: 1.com).

which will result in better-informed employees. then information can be instantaneously transmitted. Intra-Organisational E-commerce The purpose of intra-organisational applications is to help a company maintain t he relationships that are critical to delivering superior customer value by paying close attention to integrating various functions in the organisation. If all the business p artners are electronically linked. In this perspect ive some of the applications offered by E-commerce are. Technical. purchase orders. Electronic applications will also help in reducing inventory costs . video conferencing and bulletin boards. 3. Electr onic Publishi ng These applications improve the flow of information between the production and sa les force. The goal is to use technology for knowle dge sharing. I nventory Management Electronic applications shorten the order-ship-bill cycle. 1. By electronically linking production related information with distributor and reseller networks. which can be funnelled into a better st rategy. increases the speed at which the companies compute their invoices and lower transaction costs.2. Within intra-organisational commerce the largest area of growth has been in the area of "corporate Intranets". Payment Management Electronic applications link companies with suppliers and distributors so that p ayments can be sent and received electronically. and also can enable bett er resources management by ensuring the documents themselves to contain more data. and pricing information that once required repeated phone calls and labour hour could now be posted in electronic bulletin boards. 5. product. companies can eliminate countless labour hour s and ensure accurate information sharing. By better integrating the sa les forces with other parts of the organisation. advanced shipment notices etc. Channel Management Electronic applications quickly disseminate information about changing operation al conditions to trading partners. 4. Intranets are primarily set up to publish and access corp orate . Electronic payment reduces clerical err or. companies can have greater access t o market intelligence and competitor information. reducing out-of-stock occurrences. and between the companies and the customers. Busi ness can also track their documents to ensure they are received there by improving auditi ng capabilities. Wor kgr oup Communications These applications enable managers to communicate with their employees using e-m ail. 2. Distribution Management Electronic applications facilitate the transmission of shipping documents such a s bills of lading.

Once a tool reserved for scientific and academic exchange . Per sonal Finance Management Electronic applications help consumers manage their finance and investment decis ions through the use of online banking tools (ICCI bank s INFINITY a online banking t ool was created for the purpose of NRIs to conduct financial transactions with the b ank from their home). 2. Citizens of many nations are finding additional o utlets for personal and political expression. is already transforming our world. Doctors are utilizing tele-medicine to administer o ff-site diagnoses to patients in need. will experience thes e changes as part of a global community. still in the early stages of its de velopment. advances on the GII wil l affect almost every aspect of daily life -. Business-to-Consumer (B2C) E-commerce In electronically facilitated business-to-consumer transactions. Soci al I nter action Electronic applications enable consumers to communicate with each other through email. customers learn about products through electronic publishing. No single force embodies our electronic transformation more than the evolving me dium known as the Internet. Global I nfor mation Di str i bution Networ ks The Global Information Infrastructure (GII). buy products through electronic payments and have information related products delivered to them directly over the network. 3.education. It provides the consumers with convenient shopping methods from online catalogue ordering to phone banking. S ome of the B2C electronic applications are: 1. Students across the world are discovering vast treasure tro ves of data via the World Wide Web. Pur chasi ng products and I nfor mati on Electronic applications help consumers to order products (both physical and information related) and services from their home and pay through electronic payments. It also helps them in finding information about existing and new produ cts / services. it is also changing classic business and ec onomic paradigms. the Internet has emerged as an appliance of every day life. Over the next decade. once separated by distance and time. New models of commercial interaction are developing as businesses and consumers participate in the electronic market place and reap the resultant bene . It also officers lower prices to the consum ers since many intermediaries are eliminated. As the Internet empowe rs citizens and democratizes societies. news groups and video conferencing. 4. The Internet is being used to reinvent govern ment and reshape our lives and our communities in the process. and work and leisur e activities.information. accessible from almost e very point on the planet. health care. Disparate populations.

fits.
Entrepreneurs are able to start new businesses more easily, with smaller up-fron
t
investment requirements, by accessing the Internet s worldwide network of custom
ers.
Internet technology is having a profound effect on the global trade in services.
World
trade involving computer software, entertainment products (motion pictures, vide
os,
games, sound recordings), information services (databases, online newspapers),
technical information, product licenses, Financial services, and professional se
rvices
(businesses and technical consulting, accounting, architectural design, legal ad
vice,
travel services, etc.) has grown rapidly in the past decade, now accounting for
well over
$40 billion of U.S. exports alone.
An increasing share of these transactions occurs online. The GII has the potenti
al to
revolutionize commerce in these and other areas by dramatically lowering transac
tion
costs and facilitating new types of commercial transactions.
The Internet will also revolutionize retail and direct marketing. Consumers will
be able
to shop in their homes for a wide variety of products from manufacturers and ret
ailers
all over the world. They will be able to view these products on their computers
or
televisions, access information about the products, visualize the way the produc
ts may
fit together (constructing a room of furniture on their screen, for example), an
d order
and pay for their choice, all from their living rooms.
Commerce on the Internet could total tens of billions of dollars by the turn of
the
century. For this potential to be realized fully, governments must adopt a nonregulatory, market-oriented approach to electronic commerce, one that facilitate
s the
emergence of a transparent and predictable legal environment to support global
business and commerce. Official decision makers must respect the unique nature o
f the
medium and recognise that widespread competition and increased consumer choice
should be the defining features of the new digital marketplace.
Many businesses and consumers are still wary of conducting extensive business ov
er the
Internet because of the lack of a predictable legal environment governing transa
ctions.
This is particularly true for international commercial activity where concerns a
bout
enforcement of contracts, liability, intellectual property protection, privacy,
security and
other matters have caused businesses and consumers to be cautious.
As use of the Internet expands, many companies and Internet users are concerned
that
seme governments will impose extensive regulations on the Internet and electroni
c
commerce. Potential areas of problematic regulation include taxes and duties,
restrictions on the type of information transmitted, control over standards deve
lopment,
licensing requirements and rate regulation of service providers. Indeed, signs o

f these
types of commerce-inhibiting actions already are appearing in many nations. Preempting these harmful actions before they take root is a strong motivation for t
he
strategy outlined in this section.
Governments can have a profound effect on the growth of commerce on the Internet
. By
their actions, they can facilitate electronic trade or inhibit it. Knowing when
to act and —
at least as important — when not to act, will be crucial to the development of ele
ctronic
commerce. This report articulates the Administration s vision for the emergence
of the
GII as a vibrant global marketplace by suggesting a set of principles, presentin
g a series
of policies, and establishing a road map for international discussions and agree
ments to
facilitate the growth of commerce on the Internet.
The Government Policy Regarding Global E-commerce
The government policy on global EC includes the following five principles:
1. The pr i vate sector should lead
Though government played a role in financing the initial development of the Inte
rnet,
its expansion has been driven primarily by the private sector. For electronic co
mmerce
to flourish, the private sector must continue to lead. Innovation, expanded serv
ices,
broader participation, and lower prices will arise in a-market-driven area, not
in an
environment that operates as a regulated industry.
Accordingly, governments should encourage industry self-regulation wherever
appropriate and support the efforts of private sector organizations to develop
mechanisms to facilitate the successful operation of the Internet. Even where co
llective
agreements or standards are necessary, private entities should, where possible,
take the
lead in organizing them. Where government action or intergovernmental agreements
are necessary, on taxation for example, private sector participation should be a
formal
part of the policy making process.
2. Gover nments should avoi d undue r estr i cti ons on electr oni c commer ce
Parties should be able to enter into legitimate agreements to buy and sell produ
cts and
services across the Internet with minimal government involvement or intervention
.
Unnecessary regulation of commercial activities will distort development of the
electronic marketplace by decreasing the supply and raising the cost of products
and
services for consumers the world over. Business models must evolve rapidly to ke
ep
place with the break-neck speed of change in the technology; government attempts
to
regulate are likely to be outmoded by the time they are finally enacted, especia
lly to the
extent such regulations are technology-specific.
Accordingly, governments should refrain from imposing new and unnecessary
regulations, bureaucratic procedures, or taxes and tariffs on commercial activit
ies that
take place via the Internet.
3. Wher e governmental i nvolvement i s needed, i ts ai m should be to

suppor t and enforce a pr edictable, mi ni mali st, consistent and si mple legal
envi r onment for commer ce
In some areas, government agreements may prove necessary to facilitate electroni
c
commerce and protect consumers. In these cases, governments should establish a
predictable and simple legal environment based on a decentralized, contractual m
odel
of law rather than one based on top-down regulation. This may involve states as
well as
national governments. Where government intervention is necessary to facilitate
electronic commerce, its goal should be to ensure competition, protect intellect
ual
property and privacy, prevent fraud, faster transparency, support commercial
transactions, and facilitate dispute resolution.
4. Gover nments should r ecognize the uni que quali ties of the I nter net.
The genius and explosive success of the Internet can be attributed in part to it
s
decentralized nature and to its tradition of bottom-up governance. These same
characteristics pose significant logistical and technological challenges to exis
ting
regulatory models, and governments should tailor their policies accordingly.
Electronic commerce faces significant challenges where it intersects with existi
ng
regulatory schemes. We should not assume, for example, that the regulatory frame
works
established over the past sixty years for telecommunications, radio and televisi
on fit the
Internet. Regulation should be imposed only as a necessary means to achieve an
important goal on which there is a broad consensus. Existing laws and regulation
s that
may hinder electronic commerce should be reviewed and revised or eliminated to r
eflect
the needs of the new electronic age.
5. Electr oni c Commer ce over the I nternet should be faci litated on a global
basis.
The Internet is emerging as a global marketplace. The legal framework
;
supporting
commercial transactions on the Internet should be governed by consistent p
rinciples
across state, national, and international borders that lead to predictable resul
ts
regardless of the jurisdiction in which a particular buyer or seller resides.
E-Commerce Infrastructure
The requirement of E-Commerce Infrastructure is Performance. It should be fast a
nd
reliable. The bandwidth server capacity should be as per the company s requireme
nt. It
should be Scalable. It should have Redundant Connection to the internet; it shou
ld
contain Farm of web-servers with mirrored content for load-balancing. It should
also
have Farm of databases Load balancing for firewalls and web/database servers for
flexible management. The infrastructure services, resources and protocols should
be
monitored. There must be a centralized security management for Maintainability.
It
should have Self repairing procedures and Emergency procedures. Intrusion detect
ion
must be done. The website must have Global presence so that users can be redirec

RealAudio. The firewall need s logging and reporting mechanisms Security Policy Security Policy is a set of rules that collectively determines an organization s security posture. VLAN technology solves the problem of broadcast floods m switching network by segmenting it into smaller domains. to Log events and act as a locked door between internal and external network. or from. Example of a Simple Security Policy is like allowing anyone to get to W eb server and FTP server or allowing internal hosts to go anywhere and deny everything els e. Application Level. Protocol and subnet-based (layer 3 VLAN). reliable. Firewall is simple. an s ecure network. Firewall must be positioned to control all incoming and out going traffic. Circuit Level Gateway. Segment or port-based (Layer 1 VLAN). Firewall Policy must support wi thout internal client modifications: telnet. authentication and sanitizing of data.forces all commun ication between the inside and outside network to take place through the gate. HTTP. Firewall should prevent ping and trace-route from outside. If packets do not pass inspection. It is a hardware and software connecting 2 networks. Firewall types are Packet Filtering.ted based on site load and network proximity of clients. There are 3 types of VLANs 1. It mediates all tr affic between the internal and external nets. Gate enfo rces security. Firewalls A firewall is a system designed to prevent unauthorized access to. NAT.based (Layer 2 VLAN). It consists of group of LAN segments 2. Firewall consists of choke and gate. Secure remote administration should be allowed. VPN. Inter V-LAN communication can be controlled by access lists and traffic filters. Stateful Inspection Gateways. e-mail (SMTP out POP3 in). Firewall should be at the entry point of the networked system it protects. Firewall must prevent IP spoofing attempts. It consists of group of MAC addresses. . Choke . Gateway. The inspect ion engine inspects packets by accessing its rule base. HTT PS. Medium Access Control (MAC) . Security Policy is translated into a collection of individual rules. Cashing techniques should be adopted to improve performance a nd response time. configurable. Firewall components are Proxies. IRC. FTP. NNTP. 3. manage able and self healing system. There must be few centers i n various countries. Routers interconnect VLANs and fi lter out unnecessary broadcasts between them. Virtual LAN Virtual LAN (VLAN) is a collection of workstations grouped by logic instead of geography. Firewall also allows to enforce compa ny s written security policy. It consists of protocol and sub networks. VPN tunneling should not be allowed through a firewall.

Electronic Checks E-checks enable consumers to pay on credit over public networks. firewalls Network cost: which incl udes Internet connection and Operational costs like 24x7 personnel. The Cost model includes Development cost like software. NAS (Network Attached Storage) and SAN (Storage Area Network). Security Policy Workflow is to decide on what kind of services / sessions are allowed and what type of user s permissions and authentication methods. BAS (Bus Attac hed Storage). I t needs FC host bus adapters. Banks such as Wells Fargo and Bank of America offer online banking and services such as e-wall ets. Infrastructure cost Estimating the cost of e-business infrastructure is a key step toward a quantita tive analysis of ROI (Return of Investment) and SLAs (Service Level Agreements). where the communication is going to . switches. The File System data transfer proto cols are NFS. Internet only banks offer convenience and lower rates to their customers. CIFS. disks. building rent. SAN shares large amount of data. up to 10 km. netwo rk operations and maintenance. Disk Storage The different types of storage are DAS (Direct Attached Storage). It has the Name of payer. It has guaranteed relia bility and availability. heating. air conditioning. Name of payer s financi . Howeve r customers still like to know where physical branch is located. The hybrid bank m odel is most successful. E-checks are ve ry similar to traditional checks. DAS is typically less expensive than other servers. It connects storage devices into a storage pool. facilities. Rules for firewall should be installed and monitored. routers. It is good for small and mid-size networks. Individual rules should be defined. either a s an extension of services from traditional bank or as a purely online entity. what to do with the communication and during w hat time can this action take place and should log the alert. what kind of communication it is. switches and SCSI to FC bridges. according to the base rule. ONLINE BANKING Online banking is one of the fastest growing online service industries. And also define the Objects used in the security policy. hubs.they are rejected or dropped. It is based o f Fibre Channel Technology (ANSI X3T11) it can connect up to 126 devices. Storage is connected dire ctly to the LAN via a LAN interface. Security Rules sh ould look into where the communication is coming from. It is used in data intensive applications with High bandwidth. LANs. List of rules representing the security policy must be crested. low latency. modifications and Capital equipme nt like servers.

the amount is transferred from your account to the merchant s account. The merchant digitally signs the c heck to endorse it.al institution. shipping. covers invoicing. To use e-check you must register with a third . etc). Financial EDI Financial Electronic Data Interchange (FEDI) is defined for the purpose of payme nt and refers to the co-existence Electronic Data Interchange (EDI) and Electronic Fund s Transfer (EFT). Electronic Funds Transfer Electronic Funds Transfer (EFT) refers to ACH which is a data format used betwee n financial institutions and the Federal Reserve to initiate debits and credits. Name of the payee. There are 2 major systems for conducting fund transfers. Global (international) cross indu stry trade is using UN/ EDIFACT: EDI for Administration. Amount to be paid. Two standards in EDI are United Nations EDIFACT (elsewhere outside of North America). Signature cannot be forged. EDI is a universal data format of business documents to facilita te the exchange of digital documents between applications. E-check is digita lly signed and endorsed by the payer and payee. It might be improper to refer to IOTP as a payment protocol. paymen t. A group of standards.12 is not design to support inter national trade. designed as an alternative to checks. X.12 is implemented as one system. American National Standards Institute ANSI X. 12 an d EDIFACT are hierarchical in structure.12 (US & Canada). Payer s account number. The next is Automated Clearing House (ACH).Internet Open Trading Protocol.12. checks replaced by electronic notification. which enables you to purchase goods and services. the check is cleared. E-che ck is treated as the request to the sender s bank to transfer money. The Internet Open Trading Protocol pro vides a data exchange format for trading purposes while integrating existing pure paym ent protocols seamlessly. Web. In Financial EDI Development of standards is coordina ted by ANSI. These standards define the structure of hundreds of business document and their associated business rules. The standard used in ECheck is IOTP .party account server. Commerce and Transport. This motivates the multiple layered system architecture wh ich consists of at least some generic IOTP application core and multiple specific pa yment modules. To purchase an item you send a check (digitally signed) with appro priate amount to the merchant (via email. since it a ttempts to capture the entire online shopping cycle. called X. usually residing in differen t enterprises. The first is Wire transfers (SWIFT). designed for moving large dollar amounts in single payment. Both X. X. The merchant deposits the check. order placing. It is focused on activities in the USA. F .

The n ext is B2C billing most EBPP systems are focused on B2C market. 6) Discuss in detail the Global Information Distribution Networks. most of the surveys that attempt to find t he inhibitors of EC consistently place legal and related public policy issues at th e top of the list. Here email notification is made for new bills.inancial Institutions use the ACH standard to digitally transfer funds between each other . and other public policy i ssues that are necessary for EC s existence are still evolving. The first one deals with th e validity of contracts related to software purchase and distribution. 5) Briefly explain the terms multimedia content and network publishing infrastructure . 7) Discuss the government policy regarding Global E-commerce. Clients can setup their default payment profiles. ethical. This issue is especiall y important since software is a digitized product and its sales online are growing rapidly. bill distribution. which is related to intellectual property and software piracy. 4) Explain the various types of E-Commerce. Electronic commerce is so new that the legal. The second vignette illustr ates a legal loophole that was fixed only after the incident occurred. delivery.End of Chapter UNIT — III PUBLIC POLICY ISSUES This section covers Legal. Ethical. pay ment and tracking. The second vignette deals with the issue of unethi cal distribution of software. Electronic Invoice Prese ntment and Payment is also done. In addition to contract validity. This is a Process by which companies present invoices and make payments to one another through the Internet. Electronic Bill Presentment and Payment EBPP consists of bill creation and presentment. 2) Comment on the Business Services Infrastructure available in India? 3) Explain Intermediaries in E-Commerce. this vignette is related to the issue of intel lectual property and software piracy. As a matter of fact. such issues are e xtremely important to the success of EC as they encompass one of the major pillars that s upport EC applications. and Other Public Policy Issues to EC. Yet. The op ening vignettes illustrate two legal issues related to EC. Bill consolidation where many billers sen d bills to one consolidator and consumer connects with one place to pay all bills. The procedures involved are. In B2B bil ling payments typically involve significant amount of money. These can be classified in . . Legal and Ethical Issues: An Overview The implementation of EC involves many legal issues. QUESTIONS 1) Explain Network Infrastructure.

trad emarks. 6. and Internet gambling. Taxation At the present time. Free speech The Internet provides the largest opportunity for free speech that has ever exis ted. Copyright. in information technology (IT). one can distinguish between legal issues and ethical issues. this freedom may offend some people and may collide with the Indecency Act. an individual fac ed with an ethical decision is not considering whether or not to break the law. If you d o something that is not legal. 2. philosophers have proposed many ethical guidelines. Privacy This issue is becoming the most important issue for consumers. A possible collision between federal and state legislation is possible. Consider t . We have segregated the EC-related legal issues in this chapter to include: 1. Thus. the definitions of right and wrong are not always clear. many illegal acts are unethical as well. are related to electronic trade. priva cy statements can be found today in most large EC-related Web sites. Over the years. Furthermore. the line is not always clear between what is illegal and what is unethical. Yet. Consumer protection Many legal issues that deal with consumer protection. as well as between tax laws of different countries. Other legal issues Several other EC legal issues exist. and other intellectual property issues are defined by federal legislation. And indeed. Legal issues versus ethics In theory. jurisdiction over trades. it is ve ry difficult to monitor who is using intellectual property and how. you may not be breaking the law. Intellectual property Protecting intellectual property on the Web is very difficult since it is easy a nd inexpensive to copy and disseminate digitized information.several ways. you are breaking the law. In today s complex environment. If you do something uneth ical. The problem is that. since the line between le gal definitions and ethics is not always clear. Before we explore these issues. it is illegal to impose new sales taxes on Internet busines s. including topics such as validity of contra cts. yet w hat is unethical is not necessarily illegal. 5. Agai n. Obviously. Compliance wit h the Privacy Act of 1974 and its extensions are not simple. it is not always clear with sev eral topics that under most circumstances are both illegal and unethical. let us examine the meaning of ethics. 4. in many instances. encryption policies. ranging from misrepresenta tion to different kinds of fraud. ETHICAL ISSUES Ethics is a branch of philosophy that deals with what is considered to be right and wrong. 3.

Management allowed employees to use the Web for limited personal uses then monitored usage without employee s knowledge. consequently. as illustrated thought this text. There are also differences regarding ethics among different countries. As a result. knowing it had bugs. the issue of a company monitoring e-mail is very controversial (47 percent of the readers of information week believe companies have the right to do so. . Obviously. others have none. storage. To overcome t his problem. Spain. in general. coun try. some users filed incorrect tax return s and were penalised by the IRS. Portugal. and accessibility. Privacy . more emphasis is. and Greece had minimal legislation protecting and indi viduals right to control personal data in governmental or commercial databases. the European Community Commission issued guidelines to all its member countries regarding the rights of individuals to access information about them and to correct errors. Accuracy . there are major differences among companies and individuals with resp ect to what is right and wrong. For example. Belgium. who categorised ethical issues into privacy. An attempt to organise IT ethi cal issues into a framework was undertaken by Mason (1986) and Mason et al. have very strict privacy laws. Many companies and professional organisations develop the ir own codes of ethics. .collection. For example. Property .authenticity. The spread of EC has created many new ethical situations. . accuracy. In Asia. in 1998. a collection of principles intended as a guide for its members. and dissemination of information about individual s. Some of the profile s were inaccurate.A company developed profiles of potential customers from information collected with cookies and questionnaires and sold the list to advertisers. property. 53 percent disagree) . fidelity. (1995). Whether these actions are considered unethical depends on the organisation. like Sweden an d Canada. Many Western countries. f or example. What is u nethical in one culture may be perfectly acceptable in another. and the specific circumstances surrounding the scenarios.he following scenarios: .The president of a software development company marketed online a tax advice program. placed on the benef its to society rather than on the rights of individuals. This obs tructs the flow of information among countries in the European community. I taly. The diversity of EC applications and the increased use of technology have create d new ethical issues.ownership and value of information and intellectual property. and accuracy of information collected and pro cessed. have a much higher concern for individuals and their rights to privacy than some Asian countries. people received numerous pieces of inappropriate e-mai l. Some countries. in 1997.

the structure of the Internet makes it difficult to do so when the product or service is delivered electronically.oecd. Nevertheless. . Legal and ethical issues are important for the success of EC.right to access information and payment of fees to access it. Although there are significant areas of overl ap.commerce. Given this recognition. Mason et al. Therefore. This principle should be established quickly before nations impose tariffs and before vested interests fo rm to protect those tariffs. FINANCIAL ISSUES 1. (1995) also developed a model for ethical reasoning that shows the process that leads to ethical judgement when an individual is faced with an ethical issu e. one in which competition and consumer choice will shape the marketplace. the Internet lacks the clear and fixed geographic lines of transit that historically have characterized the physical trade of goods. Issues in EC This section covers nine areas where international agreements are needed to pres erve the Internet as a non-regulatory medium. Thus. and because the Internet is truly a global medium.net). legal issues. these items can be divided into three main subgroups: financial issues. Financial Issues • Customs and taxation • Electronic payments Legal Issues • Uniform Commercial Code for electronic commerce • Intellectual property protection • Privacy • Security Market Access Issues • Telecommunications infrastructure and information technology • Content • Technical standards I. Further. Two organisations that are active in this area are the Organisation for Economic Cooperative and Developmen t (www. and market access issues. many nations are looking for new sources of revenue. the United States will advocate in the World Trade Organization (WTO) and other appropriate international forums that the Internet be declared a tariff-fr ee environment whenever it is used to deliver products or services. nations have negotiated tariff reductions because they have recognized that the economies and citizens of all nations benefit from free trad e.org) and CommerceNet (www.Accessibility . Customs and Taxation For over 50 years. while it remains possible to administer tariffs for products ordered over the Internet but ultimately deliver ed via surface or air transport. it makes li ttle sense to introduce tariffs on goods and services delivered over the Internet. and may seek to levy tariffs on global electronic commerce.

the government believes that no new taxes should be imposed on Inte rnet commerce. Before any further action is taken. Electr oni c Payment Systems New technology has made it possible to pay for goods and services over the Inter net. should avoid inconsis tent national tax jurisdictions and double taxation. The Administration believes that the same broad principles applicable to interna tional taxation. should be applied to sub federal taxation. To achieve global consensus on this approach. based on existing principles of taxation where feasible. is participating in discussions on the taxation of electronic commer ce through the Organization for Economic Cooperation and Development (OECD). Any such taxation system will have to accomplish these goal s in the context of the Internet s special characteristics -. No tax system should discriminate among types of commerce. nor should it create incentives that will change the na ture or location of transactions. Wherever feasible. It should be capable of capturing t he overwhelming majority of appropriate revenues. and should be simple to administ er and easy to understand. and the difficulty of asso ciating online activities with physically defined locations. be easy to implement. we should look to existing taxation concepts and principles t o achieve these goals. Of cours e. the capacity for multiple small transactions.In addition. states and local governments should cooperat e to develop a uniform. . the primary forum for cooperation in international taxation. Any taxation of Internet sales should follow these principles: • It should neither distort nor hinder commerce. implementation of these principles may differ at the sub federal level where ind irect taxation plays a larger role. The uncertainties associated with such taxes and the inconsistencies among them could stifle the development of Internet commerce. through the Tre asury Department. and minimiz e burdensome record keeping and costs for all parties. No new taxes should be applied to electronic commerce.the potential anonymity of buyer and seller. the United States. such as not hindering the growth of electronic commerce and neutrality between conventional and electronic commerce. 2. The taxation of commerce conducted over the Internet should be consist ent with the established principles of international taxation. and states shou ld coordinate their allocation of income derived from electronic commerce. simple approach to the taxation of electronic commerce. • The system should be simple and transparent. • The system should be able to accommodate tax systems used by the United States a nd our international partners today. The Administration is also concerned about possible moves by state and local tax authorities to target electronic commerce and Internet access.

For example. It would be hard to develop p olicy that is both timely and appropriate. with representation from finance ministries and central banks (in consultation with l aw enforcement authorities). government should suppo rt the development of both a domestic and global uniform commercial legal framework . the commer cial and technological environment is changing rapidly. and tasked to produce a report that identifies common policy objectives among the G-10 countries and analyzes the national approaches to electronic commerce taken to date. to p rotect consumers. Their analyses will contr ibute to a better understanding of how electronic payment systems will affect global comm erce and banking. The Working Party is chaired by a representative from the U. To encourage electronic commerce. based on stored-value. is a lso under development. in the near term. smart card. parties should be able to do business with each other on the Interne t under whatever terms and conditions they agree upon. Substantial private sector investment and competition is spur ring an intense period of innovation that should benefit consumers and businesses wis hing to engage in global electronic commerce. LEGAL ISSUES 1. At this early stage in the development of electronic payment systems. the U.S.S. however. government action may be necessary to ensure the safety and soundness of electronic payment systems. inflexible and highly pr escriptive regulations and rules are inappropriate and potentially harmful.Some of the methods would link existing electronic banking and payment systems. including credit and debit card networks. From a longer term perspective. As electronic payment systems develop. Private enterprise and free markets have typically flourished. the G-10 deputies formed a Working Party. case-by-case monitoring of electronic payment experiments is preferred. sophisticated retail electro nic payment systems. is working with other governments in international forums to study the global implications of emerging electronic payment systems. where th ere are predictable and widely accepted legal environments supporting commercial transactions. Unifor m Commer ci al Code’ for Electr oni c Commer ce In general. II. Electronic money. or to respond to important law enforcement objectives. and ensure that governmental activi ties flexibly accommodate the needs of the emerging marketplace. The United States. the marketplace and industry self-regul ation alone may not fully address all issues. A number of organizations are already working on important aspects of -electronic banking and payments. The Economic Communiqué issued at the Lyon Summit by the G-7 Heads of State called for a cooperative study of the implications of new. with new retail interfaces via the Int ernet. governments should work closely with the private sector to inform policy development. however. or other technologies. In response. Treasury Department. For these reasons. Rather. through the Department of the Treasury.

defines the characteristics of a valid electronic writing and an original docume nt. already are working to adapt the UCC to cyberspace. The Administration supports the prompt consideration of these proposals. guide the drafting of r ules governing global electronic commerce: • Parties should be free to order the contractual relationship between them as the y see fit. domestic sponsors of the UCC.that recognizes. Internationally. Work is also ongoing on a proposed electronic contracting and records act for transactions not covere d by the UCC. To enable private entities to perform this task and to fulfill their roles adequately. just as parties currently choose the body of law that w ill be used to interpret their contract. Private sector organizations. In the United States. to the extent possible. provides for the acceptability of electronic signatures for legal and commercial purposes. governments should encourage the development of simple a nd predictable domestic and international rules and norms that will serve as the le gal foundation for commercial activities in cyberspace. bar associations. facilitates. set s default rules for contract formation and governance of electronic contract perfo rmance. any such legislation w ill be designed to accommodate ongoing and possible future global initiatives. The United States Government supports the adoption of principles along these lin es by all nations as a start to defining an international set of uniform commercial pr inciples for electronic commerce. other appropriate international bodie s. and enforces electronic transactions worldwide. and other private sector groups to continue their work in this area. This model law establishes rules and norms that validate and recognize contracts formed through electronic means. . the United Nations Commission on International Trade Law (UNCITRAL) has completed work on a model law that supports the commercial use of international contracts in electronic commerce. and supports the admission of computer evidence in courts and arbitration procee dings. every state government has adopted the Uniform Commercial Code (UCC). are participants in this process. an d the adoption of uniform legislation by all states. Participants in the marketplace should define and articulate most of the rules t hat will govern electronic commerce. The National Conference of Commissioners of Uniform State Law (NCCUSL) and the American Law Institute. Of course. We urge UNCITRAL. The following principles should. including the American Bar Association (ABA) along with other interest groups. Fu lly informed buyers and sellers could voluntarily agree to form a contract subject t o this uniform legal framework. a codification of substantial portions of commercial law.

participati on in these areas with a goal of achieving substantive international agreement on mode l law within the next two years.. and the International Chamber of Commerce (ICC). To promote this commerce. Inconsistent local tort l aws. and • promoting the development of adequate. contracts. I ntellectual Proper ty Pr otecti on Commerce on the Internet often will involve the sale and licensing of intellectu al property. 2. NCCUSL and the American Law Institute. efficient. For example. the rules should neither require nor a ssume a particular technology) and forward looking (i.S .e. are urged to continue thei r work to develop complementary domestic and international efforts. sellers must know that their intellectual pr operty will not be stolen and buyers must know that they are obtaining authentic produc ts.. consideration should be given to establishing electronic registries. ability to achieve a reasonable degree of certainty regarding their exposure to liabilit y for any damage or injury that might result from their actions. The Departments of Commerce and State will continue to organize U. UNCITRAL. • Existing rules should be modified and new rules should be adopted only as necess ary or substantially desirable to support the use of electronic technologies. The expansion of global electronic commerce also depends upon the participants. should work closely with other nations to clarify applicable jurisdictional rule s and to generally favor and enforce contract provisions that allow parties to select sub stantive rules governing liability. • encouraging consistent international rules to support the acceptance of electron ic signatures and other authentication procedures. The U. . acceptance and facilitation of electronic communications (i..• Rules should be technology-neutral (i. With these principles in mind. the rules should not hinder th e use or development of technologies in the future). UNIDROIT.e. notarized documents. could substantially increase litigation and create unnecessary costs that ultimately will be borne by consumers. working with t he American Bar Association and other interested groups. the development of global electronic commerce provides an opportunity t o create legal rules that allow business and consumers to take advantage of new technology to streamline and automate functions now accomplished manually. etc. and • The process should involve the high-tech commercial sector as well as businesses that have not yet moved online. and effective alternate disput e resolution mechanisms for global commercial transactions.S. and others should develop additional model provisions and uniform fundamental principles designed to eliminate administrative and regulato ry barriers and to facilitate electronic commerce by: • encouraging governmental recognition. coupled with uncertainties regarding jurisdiction.e. Finally.

will greatly facilitate the commercial applications of online digital communications over the GII. under their own laws.g.S. "fair u se"). can help combat piracy. Increased public educa tion about intellectual property in the information age will also contribute to the s uccessful implementation and growth of the GII Copyrights There are several treaties that establish international norms for the protection of copyrights. Both treaties include provisions relating to technological protection. Both treaties also contain provisions that permit nations to provide for excepti ons to rights in certain cases that do not conflict with a normal exploitation of the w ork and do not unreasonably prejudice the legitimate interests of the author (e. and the right of communication to the public. a nd trademark protection are therefore necessary to prevent piracy and fraud. all of whi ch are indispensable for an efficient exercise of rights in the digital environment. These provisions permit member s to devise new exceptions and limitations that are appropriate in the digital net work environment. Th e U. such as encryption. Government recognizes private sector efforts to develop international and domest ic standards in these areas. While technology. and is working to tailor implementing legislation accordingly. In December 1996. but neither reduce nor extend the scope of applicability of the lim itations and exceptions permitted by the Berne Convention..the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty -. The Administration understands the sensitivities assoc iated with copyright management information and technological protection measures. These treaties link nearly all major trading nations and provide them with a means of protecting. an adequate and effectiv e legal framework also is necessary to deter fraud and the theft of intellectual propert y. The Administration is drafting legislation to implement the new WIPO treaties. These provisions permit members to carry forward and appropriately extend into the dig ital environment limitations and exceptions in their national laws which have been considered acceptable under the Berne Convention.International agreements that establish clear and effective copyright. most notably the Berne Convention for the Protection of Literary and Artistic Works. each other s copyrighted works and sound recordings. copyright management information. patent. a nd looks forward to working with the Senate on their ratification. . the World Intellectual Property Organization (WIPO) updated th e Berne Convention and provided new protection for performers and producers of sou nd recordings by adopting two new treaties. The two treaties -. and to provide effective legal recourse when these crimes occur.

• encouraging other countries to join the two new WIPO treaties and to implement f ully the treaty obligations as soon as possible. subsequently held. Patent and . pol icy with respect to sui generis database protection. The adoption of the two new WIPO treaties represents the attainment of one of th e Administration s significant intellectual property objectives. Patents Development of the GII will both depend upon and stimulate innovation in many fi elds of technology. The Administrations copyright-related objectives will include: • encouraging countries to fully and immediately implement the obligations contain ed in the Agreement on Trade-Related Aspects of Intellectual Property (TRIPS). Based on the brief discussion of sui generis database protection that took place before and during the Diplomatic Conference. including motion pictur es.S.S. the U. • seeking immediate U. and telecommunications. it is clear that more discussion of the ne ed for and the nature of such protection is necessary domestically and internationally. disseminated via the GII. The United States will pursue these international objectives through bilateral discussions and multilateral discussions at WIPO and other appropriate forums an d will encourage private sector participation in these discussions. Instead.S. Consistent with this objective. and academic communities and the commercial sector. to discuss preliminary steps to study proposals to e stablish sui generis database protection. leaving them to be determined by domestic legislation. computer software.The two new WIPO treaties do not address issues of online service provider liabi lity. and that thes e laws and regulations are fully implemented and actively enforced. Governme nt will continue to work for appropriate copyright protection for works disseminated electronically. The Administration looks forward to working with Congress as these issues are addressed and supports effo rts to achieve an equitable and balanced solution that is agreeable to interested parti es and consistent with international copyright obligations. ratification and deposit of the instruments of accession to the two new WIPO treaties and implementation of the obligations in these treaties in a balanced and appropriate way as soon as possible. in order to develop U. Sui Generis Protection of Databases The December 1996 WIPO Conference in Geneva did not take up a proposed treaty to protect the non-original elements of databases. computer hardware.S. library. The Administration will seek additional input from. among others. the scientific . An effectively functioning patent system that encourages and protects patentable innovations in these fields is important for the overall suc cess of commerce over the Internet. and sound recordings. the Conference called f or a meeting.S. trading partners establish laws and regulations that provide adequate and effective protection for copyrighted works. The U. and • ensuring that U. including computer software.

and • establish international standards for determining the validity of a patent claim . and provide its patent examiners better access to prior ar t in Gilrelated technologies. a nd . source identifiers. An Internet domain name functions as a source identifier on the Internet. patent agreements shou ld: • prohibit member countries from authorizing parties to exploit patented invention s related to the Gil without the patent owner s authority (i. a trademark) per se. The United States will pursue these objectives internationally. like addresses. and United States Patent Officers’ meet.e. The United States will attempt to establish a work ing group of this organization to address GH-related patent issues. In a separate venue. disapproval of co mpulsory licensing of Gil-related technology except to remedy a practice determined after judicial or administrative process to be anti-competitive). and courts have begun to attribute intellectual property rights to them . Japanese. are not protected intellectual property (i. • require member countries to provide adequate and effective protection for patent able subject matter important to the development and success of the GII..Trademark Office (PTO) will (1) significantly enhance its collaboration with the private sector to assemble a larger. (2) train its patent examiners in GII related technologies to raise and maintain their level of technical expertise. dilute. one hundred countries and international intergovernmental organizations participate as members of WIPO s permanent committee on industrial property information (PCIPI). and (3) support legislative pro posals for early publication of pending patent applications. more complete collection of prior art (both patent and nonpatent publications). Officials of the European. Countries may also apply different standards for determinin g infringement. registered or common law trademarks. The use of domain names as source identifiers has burgeoned. The United States will recommend at the ne xt meeting that a special committee be established within the next year to make recommendations on Gil-related patent issues. Trademark and Domain Names Trademark rights are national in scope and conflicts may arise where the same or similar trademarks for similar goods or services are owned by different parties in different countries. Ordinaril y. however. Conflicts have arisen on the Gil where third parties have registered Internet do main names that are the same as..e . or similar to. for example. particularly in areas involvin g fast moving technology. each year to foste r cooperation on patent-related issues. while recognizing that misuse of a domain name could significantly infringe. To create a reliable environment for electronic commerce.

and (2) how best to foster bottom-up governance of the Internet. In June of 1995. The Administration supports private efforts to address Internet governance issues including those related to domain names and has formed an interagency working group under the leadership of the Department of Commerce to study DNS issues. Accordingly. rest on the fundamental precepts of awareness and choice: . To date. PRIVACY A ND THE NATIONAL INFORMATION INFRASTRUCTURE: Principles for Providing and Using Personal Information. consultin g with interested private sector. It may be possible to create a contractu ally based self-regulatory regime that deals with potential conflicts between domain name u sage and trademark laws on a global basis without the need to litigate. storage. It is essential. therefore. fundamental and cherished principles like the First Amendment. and re-use of person al data in the information age. (1) what contribution government might make. and instantaneous transmission of information . Commerce on the GII will thrive only if the privacy rights of indiv iduals are balanced with the benefits associated with the free flow of information. market-based system to register Internet domain names. which is an important hallmark of American democracy. to the development of a glo bal competitive. which build on the Organization for Economic Cooperati on and Development s GUIDELINES GOVERNING THE PROTECTION OF PRIVACY AND TRANSBORDER DATA FLOW OF PERSONAL DATA and incorporate principles of fair information practices. d iminish personal privacy. Unfortunately. The Administration also plans t o seek public input on the resolution of trademark disputes in the context of domain na mes. These Privacy Principles. if any. conflicts between trademark rights and domain names have been resolved through negotiations and/or litigation. Pr i vacy Americans treasure privacy. the GII’s great promise . congressional and state government and international groups. consumer.weaken valuable trademark rights. protect the free flow of information. The report recommends a set of principles (the "Priv acy Principles") to govern the collection. Governance of the domain name system (DNS) raises other important issues unrelat ed to intellectual property. in light of public input.can. This could cr eate a more stable business environment on the Internet. processing. The working group will review various DNS proposals. professional. The group will consider. re-use. linking it to our concept of personal freedom and we llbeing. the United States will support efforts already underway to create domestic and international forums for discussion of Internet-related trademark issues. if not managed carefully. At the same time. 3.that it facilitates the collection . the Privacy Working Group of the United States government Information Infrastructure Task Force (IITF) issued a report entitled. to assure personal privacy in the networked environment if people are to feel comfortable doing business.

Under these principles. what the information will be used for. his or her personal infor mation should be assured. choice. other federal agencies have studied privacy issues in the context of specific industry sectors. which focuses on the direct marketing and advertising industries. Disclosure by data-gatherers is designed to stimulate market resolution of priva cy concerns by empowering individuals to obtain relevant knowledge about why information is being collected. for example. the Privacy Principles identify three values to govern the way in w hich personal information is acquired. and how they intend to use such data. security.information priva cy. In April. incomplete. the National Telecommunications and Information Administration (NTIA) issued a report entitled Privacy and the Nil: Safeguarding Telecommunications-Related Personal Information. 1997. timely. In Ju ne of . and relevant for the purposes for which it is provided and used. The report. In October 1995. On Jan uary 6. personal information should not be improperly altered or destroyed. complete . consumers are entitled to redress if they are harmed by improper use or disclosure of personal information or if decisions are based on inaccurate. And.• Data-gatherers should inform consumers what information they are collecting. personal information should be accurate. and • Data-gatherers should provide consumers with a meaningful way to limit use and r euse of personal information. concludes that notice. third. Meanwhile. outdated. the FTC issued a staff report entitled Public Workshop on Consumer Priv acy on the Global Information Infrastructure. The paper surveys information practices in the United States and solicits public com ment on the best way to implement the Privacy Principles. First. what step s will be taken to protect that information. the Information Policy Committee of the IITF issued a draft pape r entitled Options for Promoting Privacy on the National Information Infrastructur e. 1997. an individual s reasonabl e expectation of privacy regarding access to and use of. Second. Such disclosure will enable consumers to make better judgments about the levels of privacy available and the ir willingness to participate. It explores the application of the Privacy Principles in the context of telecommunications and o nline services and advocates a voluntary framework based on notice and consent. information integrity. disclosed and used online -. or irrelevant personal information. the consequences of providing or withholding information. a nd access are recognized as necessary elements of fair information practices online. and information quality. The IITF goal is to find a way to balance the competing values of personal privacy and the free flow of informatio n in a digital democratic society. and any rights of redress that they may have. In addition.

the United States will engage its key trading partners in discussions to build support for industry-developed solutions to privacy problem s and for market driven mechanisms to assure customer satisfaction about how private d ata is handled. through NTIA. in its view. self-regulati on. These discussions are led by the Department of Commerc e. consume r. The United States will continue policy discussions with the EU nations and the European Commission to increase understanding about the U. Privacy concerns are being raised in many countries around the world. do not extend adequate privacy protection to EU cit izens. and some countries have enacted laws. evaluat ing private sector adoption of and adherence to fair information practices.1997. the Federal Trade Commission (FTC) and other relevant federal agencies. We urge industry. This problem warrants prompt attention. If privacy concerns are not addressed by industry through self-regulation and techn ology. the FTC held four days of hearings on technology tools and industry selfregulation regimes designed to enhance personal privacy on the Internet. NTIA is also working with the private sector to asses s the . Disparat e policies could emerge that might disrupt trans-border data flows. and education to provide solutions to the particular dangers arising in this area an d to facilitate parental choice. For example. The Administration is particularly concerned about the use of information gather ed from children. or instituted administrative solutions designed to safeguard their citizens privacy. The Administration also anticipates that technology will offer solutions to many privacy concerns in the online environment.S. the Europe an Union (EU) has adopted a Directive that prohibits the transfer of personal data to countries that. Parents should be able to choose whether or not personally identifiabl e information is collected from or about their children. These include mechanisms for facilitating awareness and the exercise of choice online. The Administration supports private sector efforts now underway to implement meaningful. including the appropriate use of anonymity. implemented industry self-regulation. and disp ute resolution. Otherwise. self-regulatory privacy regimes. who may lack the cognitive ability to recognize and appreciate pr ivacy concerns. the Administration will face increasing pressure to play a more direct role in safeguarding consumer choice regarding privacy online. consumer-friendly. and include the Executive Office of the President. and child-advocacy groups working together to use a mix of technology. and the State Department. To ensure that differing privacy policies around the world do not impede the flo w of data on the Internet. approach to privac y and to assure that the criteria they use for evaluating adequacy are sufficientl y flexible to accommodate our approach. government action may be required. the Treasury Department.

There is no single "magic" technology or technique that can ensure that the Gil will be secure and reliable. and confidentiality. We believe th at private efforts of industry working in cooperation with consumer groups are pref erable to government regulation. an d broader multilateral organizations. Both signatures and confidentiality rely on the use of cryptographic keys. A secure GII re quires: 1) Secure and reliable telecommunications networks. Secur ity The GII must be secure and reliable. authentication. but if effective privacy protection cannot be provided in this way. The United States also will enter into a dialogue with trading partners on these issues through existing bilateral forums as well as through regional forums such as the Asia Pacific Economic Cooperation (APEC) forum.) and effective.impact that the implementation of the EU Directive could have on the United Stat es. the North American Free Trade Agreement (NAFTA). On particular importance is the development of trusted certification services th at support the digital signatures that will permit users to know whom they are communicating with on the Internet. If Internet users do not have confidence th at their communications and data are safe from unauthorized access or modification. and the Inter-American Telecommunications Commission (CITEL) of the Organization of American States. the Summit of the Americas. we will re-evaluate this policy. and 4) Well trained GH users who understand how to protect their systems and their d ata. consistent use of those technologies. Law abiding citizens can use strong encrypti on to protect their trade secrets and personal records. Key recovery based encryption can help address some of these iss . Depending upon the val ue of the information. the Administration is encouraging the development of a voluntary. 3) Effective means for authenticating and ensuring confidentiality of electronic information to protect data from unauthorized use. they will be unlikely to use the Internet on a routine basis for commerce. But those trade secrets and pe rsonal records could be lost forever if the decrypt key is lost. Accomplishing that goal requires a range of technologies (encryption. etc. the loss could be quite substantial. firewalls. 4. But strong encryption is a double-edged sword. market-driven key management infrastructure that will support authentication. 2) Effective means for protecting the information systems attached to those netw orks. Encryption can also be used by criminals and terrorists to reduce law enforcement capabilities to read their communications. To promote the growth of a trusted electronic commerce environment. all supported globally by trustworthy key and securit y management infrastructures. integrity. password controls. The Administration considers data protection critically important. Encryption products protect the confidentiality of stored data and electronic communications by making them unreadable without a decryption key.

In order to spur the removal of barriers. seamless. i s taking steps to promote the development of market-driven standards. Vice President Gore spo ke to the World Telecommunications Development Conference in Buenos Aires.S. and 4) implementing. Unfortunately. opening markets to forei gn investment. government will work internationally to promote development of marketdriven key management infrastructure with key recovery. making it hard for both merchants and custom ers to purchase the computers and information systems they need to participate in electronic commerce. In promoting robust security needed for electronic commerce. including: 1) encouraging private sector investment by privatizing government-controlled telecommunications companies. t he Administration has liberalized export controls for commercial encryption product s while protecting public safety and national security interests. by an independent regulator. Additionally. 2) promoting and preserving competition by introducing competition to monopoly phone markets. in partnership with industry. Customers find that telecommunications services often are too expensive. 3) guaranteeing open access to networks on a non-discriminatory basis. public-key manageme nt infrastructure services and key recoverable encryption products. h as worked closely within the OECD to develop international guidelines for encryptio n policies and will continue to promote the development of policies to provide a predictable and secure environment for global electronic commerce. global telecommunications network and upon the computers and information appliances tha t connect to it.ues. The Administration is also working with Congress to ensure legislation is enacte d that would facilitate development of voluntary key management infrastructures and wou ld govern the release of recovery information to law enforcement officials pursuant to lawful authority. Likewise. many countries maintain trade barriers to imported information technology. Specifically. the U. believes should be the foundation f or government policy. pro-competitive and flexible regul . ensuring interconnection at fair prices. bandwidth is too limited. a nd services are unavailable or unreliable. MARKET ACCESS ISSUES 1.S. telecommunications policies are hindering the development of advanced digital networks. The Administration. the Administration has already taken steps that will enable trust in encryption and provide the safegua rds that users and society will need. He articulated several principles that the U. in too many countries. III. Telecommuni cati ons I nfr astr ucture and I nfor mati on Technology Global electronic commerce depends upon a modern. so that G II users have access to the broadest range of information and services. The U. and enforcing anti-trust safeguards. in March 1994.S.

and refuse to interconnec t because of alleged concerns about network compatibility or absence of need for o ther providers. Areas of concern include: Leased lines: Data networks of most online service providers are constructed wit h leased lines that must be obtained from national telephone companies. often monopolies or governmental entities.ation that keeps pace with technological development. or Next Generation Internet. In the absence of effective competition. in flating the cost of data services to customers. more customer choice. and therefore should be subject to the same regulatory restric tions that apply to those traditional services. telephone compan ies may impose artificially inflated leased line prices and usage restrictions that impede the provision of service by online service providers. Even when the monopoly has been broken. Monopolies or dominant telepho ne companies often price interconnection well above cost. Interconnection and unbundling: Online service providers must be able to interco nnect with the networks of incumbent telecommunication companies so that information c an pass seamlessly between all users of the network. These services also are often priced at excessive rates. In addition. Administration initiatives include Internet II. the FCC has undertaken several initiatives designed to stimulate bandwidth expan sion. a hos t of unnecessary burden some "type acceptance" practices have been used to retard competition and make it difficult for consumers to connect. Genuine mar ket opening will lead to increased competition. the Administration recognizes that there are various constraints i n the present network that may impede the evolution of services requiring higher bandw idth. these providers mus t be . The goal of the United States will be to ensure that online service providers ca n reach end-users on reasonable and non-discriminatory terms and conditions. improved telecommunications infrastructures. Attaching equipment to the network: Over the years. online service providers often have no choice but to purchase local exchange services from monopoly or government-owned telephone companies. Domestically. especially to residential and small/home office customers. Local loops pricing: To reach their subscribers. some telecommunication provi ders have used their monopoly power to restrict the connection of communication or technology devices to the network. In some countries. lower prices and increased and improved services. Internet voice and multimedia: Officials of some nations claim that "real time" services provided over the Internet are "like services" to traditionally regulated voice telephony and broadcasting.

the U. regional forums such as APEC and CITEL. which may hinder the global provision and use of some Internet-base d services. international alliances of private businesses. companies. T hese issues include the terms and conditions governing the exchange of online traffic . In a ddition the Administration is committed to finding other ways to streamline requirements to demonstrate product conformity. the administration i s developing plans for ITA II. also will be used for international discussions on telecommunication-related Internet issues and removing trade barriers that inhibit the export of information technology.e. information technology goods and services. and with the encouragement of U. In particula r. ru les to promote such public interest objectives should not fall disproportionately on an y one segment of the telecommunications industry or on new entrants. the International Electro-technical Commission [IEC]).licensed. which is designed to remove tariffs on almost all types of information technology. Bilateral exchanges with individual foreign governments. the Administration will seek to ensure that new rules of competition in the global communications marketplace will be technology neutral and will not hinder the development of electronic commerce. and various other forums (i. Such an app roach could hinder the development of new technologies and new services. countries have different levels of telecommunications infrastructur e development. rules for licensing new technologies and new services must be sufficiently flexible to accommodate the changing needs of consumers while allowing governments to protec t important public interest objectives like universal service. and multilateral forums such as the OECD and ITU. the International Or ganization of Standardization [ISO]. As the WTO Agreement is implemented. including through Mutual Recognition Agreements (MRAS) that can eliminate the need for a single product to be certified by diffe rent standards laboratories across national borders. To address these issues. which will ensure global competition in the pro vision of basic telecommunication services and will address the many underlying issues affecting online service providers. During those negotiations. The Administration believes that the introduction of policies promotin g foreign investment. The Administration will also seek effective implementation of the Information Technology Agreement concluded by the members of the WTO in March 1997.S. competition. the Administration successfully concluded the WTO Basic Telecommunications negotiations. succeede d in ensuring that new regulatory burdens would not be imposed upon online service providers that would stifle the deployment of new technologies and services. Buildi ng on this success. In this context. and existing non-tariff barriers to. In addition. regulatory flexibility and open access will support infrastructure development and the creation of more data-friendly networks.S. in which it will to seek to remove remaining tariff s on. as a way to control both the carriage and content offered.

S. Regulation of content: Companies wishing to do business over the Internet. virtual shopping malls. may enable parents to block their children s access to sensitive information or confine their children to pre-appr oved websites. U. Countries that are considering or have adopted laws to restrict access to certai n types of content through the Internet emphasize different concerns as a result of cultura l. This includes most informational material now accessible and transmitted through the Internet. In addition. The U. This principle extends to information cr eated by commercial enterprises as well as by schools. government will support industry initiatives ai med at achieving the important goals outlined in this paper. service delivery options or technical standards will reflect the principles established in this paper and U. 2. There are four priority areas of concern: a. many Internet governance issues will best be dealt with by means of private open standards processes and contracts involving participants from both governme nt and the private sector. governments and other n onprofit entities. that effective filtering technology becomes available. government supports the broadcast possible free flow of information acr oss international borders. In all forums. addressing. social. unnecessary regulation could cripple the growth and di versity of the Internet. for example. filte ring technologies and age verification systems) to assist in screening information on line. adoption of comp eting ratings systems.S. Government representatives will su rvey the work of their study groups to ensure that this is the case.S. and development of easy-to-use technical solutions (e. and entertainment features. New technology. an d to provide access to the Internet (including U. cont ent regulations traditionally imposed on radio and television would not need to be a pplied to the Internet. In contrast to traditional broadcast media. then. Government positions that might influence Internet pricing.S. The Administration therefore supports industry self-regulation. libraries. Content The U. In fact. .. To the extent.S.g. and the arts. and reliability.. online service providers with foreign affiliates or joint ventures) are concerned about liability based on the differe nt policies of every country through which their information may travel. the Internet promises users greater opportunity to shield themselves and their children from content they deem offen sive or inappropriate. including through World Wide Web pages news an d other information services. such as audio and video products.

Regulation of advertising: Advertising will allow the new interactive media t o offer more affordable products and services to a wider. amount. A strong body of cognitive and behavioural research demonstrates that children a re particularly vulnerable to advertising. These discussions could consider promotion of cultural identity through subsidy programs that rely solely on general tax revenues and that are implemented in a nondiscriminatory manner. In principle. Truthful and accurate advertising should be the cornerstone of advertisin g on all media. frequency. rather than under broadcast regulatory structures. Foreign content quotas: Some countries currently require that a specific proportion of traditional broadcast transmission time be devoted to "domesticall y produced" content. Problems could arise on the Internet if the definition of "broadcasting" is changed to extend these current regulations to "new services. b. The rules of the "country-of-origin" should serve as the basis for controlling I nternet . Some co untries stringently restrict the language. Advertising industry self-regulation also exists in many countries aroun d the globe. The Administration will work with industry and children s advocates t o ensure that these protections are translated to and implemented appropriately in the on line media environment. has well establish ed rules (self-regulatory and otherwise) for protecting children from certain harmful adv ertising practices. c.S. pornography and other content to ensure that differe nces in national regulation. There are laws in many countries around the world that require support for adver tising claims. the U. The Administration is concerned about Internet regulation of this sort. violence. sedition. global audience. including cultural and linguistic diversity. These different laws can impede electronic commerce in the global environment. without limiting content. The Administration will pursue a dialogue with other nations on how to promote content diversity. and will develop an informal dialogue with key trading partners on public policy issues such as h ate speech.and political difference. While recognizing legitimate cultural and social concerns. the United States does not favor such regulations. especially those undertaken to foster cultural identity. duration. do not serve as disguised trade barriers. the se concerns should not be invoked to justify unnecessarily burdensome regulation of the Internet." Countries also might decide to regulate Internet content and establish restricti ons under administrative authority. As a result. including the Internet. and type of tele shopping and advertising spots used by advertisers.

however. In order to realize the commercial and cultural potential of the Internet. the G-7 Information Society a nd Development Conference. The appropriate federal agencies (i. Standards also can be employed as de facto non-tariff trade barriers. as well as APEC Telecommunications Ministerial. The United States believes that the marketplace.advertising to alleviate national legislative road blocks and trade barriers. Federal agencies such as the Department of State. the Latin American Telecommunications Summits. through both bilatera l and multilateral channels. to "lock out" non-indigenous bus inesses from a particular national market. there have been a number of cases wher e fraudulent information on companies and their stocks.S. we urge industry driven multilateral fora to consider technica l standards in this area. 3. the Office of Consumer Affairs and othe rs have already engaged in efforts to promote such positions. To ensure the growth of global electronic commerce over the Internet. The Administration will explore opportunities for international cooperation to p rotect consumers and to prosecute false. and the Summit of the Americas process. should determi ne technical standards and other mechanisms for interoperability. that they will get what they pay for. Techni cal Standar ds Standards are critical to the long term commercial success of the Internet as th ey can allow products and services from different vendors to work together. including through the OECD.. Technology is mov ing rapidly and government attempts to establish technical standards to govern the I nternet would only risk inhibiting technological innovation. consu mers must have confidence that the goods and services offered are fairly represented. Rather. not governments. and fraudulent commercial practices in cyberspace. Fed eral Trade Commission and the Securities and Exchange Commission) are determining whether new regulations are needed to prevent fraud over the Internet. the Commerce Department (NTIA). All agencies participating in such forums will focus on pragmatic solutions based up on the principles in this paper to issues related to content control.e. can "lock in" outdated technology. The United States considers it unwise and unnecessary for governments to mandate standards for electronic commerce. deceptive. and that recourse or redress will be available if they do not. This is an area where government action is appropriate. Prematur e standardization. U. standards will be . They also encourage competition and reduce uncertainty in the global marketplace. Regulation to prevent fraud: Recently. the FTC. Trade Representative (UST R). d. and phony investment schem es have been broadcast on the Internet.

causing these nations to fall behind the technological cutting edge a nd creating non-tariff trade barriers.. nonrepudiation).g.g. cons ortia. The private sector should assert global leadership to address standards setting need s.needed to assure reliability. the International Organization for Standardization [ISO]. These organizations require demonstrated deployment of systems incorporating a given standard prior to formal acceptance. but the process facilitates rapid deploymen t of standards and can accommodate evolving standards as well. access control. different standards will be used in different circumstances. A Coordinated Strategy The success of electronic commerce will require an effective partnership between the private and public sectors. with the private sector in the lead. • high-speed network technologies (e. There need not be one standard for every product or service associated with the Gil. ease of use and scalability in a reas such as: • electronic payments. The United States has encouraged the development of voluntary standards through private standards organizations. Synchronous Digital Hierarchy). While no formal government-sponsored negotiations are called for at this time. • video and data-conferencing. the International Elec tro technical Commission [IEC]. Numerous private sector bodies have contributed to the process of developing vol untary standards that promote interoperability.) to discourage the use of standards to erect barriers to free trade on the developin g GII. authentication. multiple standards will compete for marketplace acceptance. t he United States will use various forums (i. • security (confidentiality. government also has adopted a set of prin ciples to promote acceptance of domestic and international voluntary standards..S. • security services infrastructure (e. and the medium s consensu sbased process of standards development and acceptance are stimulating its rapid growth. International Telecommunications Union [ITU]. In some cases.e. most rely on government-mandated solutions. and • digital object and data interchange. interoperability. • electronic copyright management systems. public key certificate authorities). The prevalence of voluntary standards oh the Internet. etc. The United States will work through intergovernmental organizations as needed to mon itor and support private sector leadership. data integrity. The U. test beds and R&D activities. Only a handful of coun tries allow private sector standards development. In other cases. international alliances of private businesses. and technical standards need not be mandated. These standards flourish because of a non-bureaucratic system of develop ment managed by technical practitioners working through various organizations. Government part icipation . Asynchronous Transfer Mode..

If the pri vate sector and governments act appropriately. foreign governments. The variety of issues being raised.S. state and local governments. The commercial use of the Internet involves service providers. Congress. targeted gover nmental approach to avoid inefficiencies and duplication in developing and reviewing pol icy. Government will con sult openly and often. an d consumer protection and in areas such as standards development. Private sector leadership accounts for the explosive growth of the Internet toda y. The Internet as a Network Infrastructure This section outlines the nature of the Internet. An interagency team will continue to meet in order to monitor progress and updat e this strategy as events unfold. and tens of thousands of people have put hundreds of tho usands . The use of the Internet by members of the gene ral public and the commercial use of the Internet is a relatively recent phenomenon. The strategy outlined in this paper will be updated and new releases will be iss ued as changes in technology and the marketplace teach us more about how to set the opt imal environment in which electronic commerce and community can flourish.must be coherent and cautious. Accordingly. The U. consumers and Internet user s. There is a great opportunity for commercial activity on the Internet. the interaction among them. the Administration also will encourage the creation of private fora to take the lead in areas requiring self-regulation such as privacy. with groups representing industry. the chapter introduces the various categories of players an d the range of services and facilities they offer. this opportunity can be realized for the bene fit of all people. and international organizations as we seek to update and implement this paper in the coming years. commercial code. The Internet was born as a US military project and develope d as an academic and research network. content providers and software facilities. Sufficient resources will be committed to allow rapid and effective policy implementation. content ratings. The web is a big place. and the success of electronic commerce will depend on continued private sector leade rship. and the disparat e forums in which they are being addressed will necessitate a coordinated. its history and the facilities that can be used for e-Commerce. The process of further developing and implementing the strategy set forth in thi s paper is as important as the content of the paper itself. and fostering interoperability. avoiding the contradictions and confusions that c an sometimes arise when different governmental agencies individually assert authori ty too vigorously and operate without coordination.

The Internet h as. defined not by the equipment but by its communication protocol. CSNet (Computer Scien ce Network) was established in 1981 and the military aspects were split from ARPAne t in 1983. institutions and companies that make information available. despite its simple planning and lack of formal control. notably JANET. national and international data netw ork. is to people the world into the informati on age and the twenty-first century. or the first. it is claimed. The individ uals. The Internet is. telegraph or telephone companies of the past that were owned by large p rivate corporations or state monopolies. The aim of the project was to explore packet switching technology in order to establish a netwo rk with distributed control that could still function if some of its nodes and links wer e knocked out in a nuclear war. EDI VADS providers and public access network companies such as CompuServe. The Internet is. and many did it for the joy of starting something new. The Internet is not the only. send messages. It had its origins as a military project b ack in 1969. Joint Academic Network in the UK (1984) and NSFNet. It is unl ike the railway.of hours into making it enjoyable. Further academic networks were put in place to provide access to supercomp uter centres. The TCP/IP protocol was established in 1982 and introduced for use on the ARPAne . however. became the tool (or toy) of computer nerds around the world and then. in the space of a couple of years. (Hof fman. The Development of the Internet The origins of the Internet are commonly traced back to a US military project. National Science Foundation in the US (1986). defined by the people who use it. buy and sell. evolved into th e global network. possibly its success is because of that absence of formal controls. The Internet is also an interesting phenomenon because nobody owns it. It is a pattern of usage of information and communications technologies that transcends any and all telecommunications infrastructure providers. In the late 1970 s and early 1980 s further experimental networks were created t hat were mainly used for e-Mail and between university departments. acces s web sites and. t he ARPAnet. commissioned by the US Department of Defense in 1969. it became the engine that. at another level. Other data networks have been put together by multinational organisations. at a technical level. The vast majority of them haven t made any mo ney from their work yet. Transmission Control Protocol / Internet Protocol (TCP/I P). The ARPAnet was demonstrated in late 1972 at an internatio nal conference in Washington DC: the first public demonstration of packet switching . 1995) The Internet is a strange phenomenon. in the case of e-Commerce. It was adopted by the research and academic community.

developed at about the same time as the web. users can dy namically crisscross the information web using pieces in an order most convenient to them. Nodes of information c an be linked to other nodes of information in multiple ways. was Gopher was. Switzerland developed an Internet Tool that would link information produ ced by various CERN researchers. sound and video to be hyper linked. a multipart numeric code used to identify all nodes in the network. The first commercial web browser was Netscape. Mosaic is an easy-to-use. graphics. The added featur es were not always compatible with other browsers or HTML standards and in the process . Microsoft used their dominance of the PC operating system market to get Explorer pre-loaded onto most new PCs . The tool provided a way to link textual information on different computers and created by different scientists. The Netscape Company was started in 1994 and included some of the programmers involved in the Mosaic Project. Application protocols developed for and used in TCP/I P include the file transfer system (FTP). Mosaic was the first of the Internet tools that are no w referred to as web browsers . The object was to overc ome issues of computer incompatibility and utilize a new way of linking called hype rtext . An alternative information access facility. With Netscape being the dominant web bro wser and Microsoft having a habit of wishing to dominate everything there ensued a pe riod known as the browser wars .Microsoft insisted that an Internet interface was cen tral to the design of their operating systems and a court case ensued. hypertex t permits information to be linked in a web-like structure. TCP/IP addresses are also repres ented by an alphabetic equivalent in e-Mail and web site addresses. Some t ime after. e-mail protocol (SMTP) and the remote lo gin facility Telnet.Netscape protested that this was anticompetitive . In 1989 a group of scientists at the European Laboratory for Particle Physics (C ERN) in Geneva. for a time widely used in the US but has largely succumbed to th e now near universal application of the web. Netscape and Internet Explorer vied with each other to add features to their browser. In 1993 the National Centre for Supercomputing Applications (NCSA) at the Univer sity of Illinois pushed the CERN idea further by creating a software tool called Mosa ic.t on the first of January 1983. The TCP/IP protocol also introduces the IP Address. graphical user interface that permits text. some might argue rather late in the day. Rather than presenting information in a linear or hierarchical fashion. Bill Gates caught onto the Inter net and Microsoft issued its Internet Explorer. As a result.

While networks connect individual computers. As with the client. fr om the user point of view. U NIX and (large) PCs being the most common choices. there is the softwar e on the server system. Now each of these networks may be running on different network software like Windows NT or DecNet etc.making the job of designing a web page more difficult (the provider of a web pag e cannot guarantee which browser the customer will be using). distribute Netscape and Explorer to thousands of potential users. Internet service providers. One year later this had increase d to nearly 10. In 1994 there were approximately 500 web sites. "Internet: A Network of Networks" A facility to connect two or more computers together to exchange information is called a network. More recently JAVA from Sun Microsystems and ActiveX products from Microsoft hav e been issued with the capability to perform the same functions. When computers are connected within a building or a campus it is referr ed to as a Local Area Network (LAN). On the other side from the browser and the client computer. When the systems around the world are connected t o one another it is Wide Area Network (WAN). a pub lic domain product is also widely used on UNIX boxes and with the Linux operating system. Therefor e a protocol is needed to communicate between networks. the server can be any one of several boxes. Several departments working together interconnect their networks so that the information may be shared more easily among the departments. The gateways are needed to provide physic al meeting point. on CDs through the post. Any colle ction of such networks is called a backbone. The gateways are the ph ysical meeting points of the backbone.000 and any further statistics that could be included in this course m aterial would be out of date by the time it is read. On the plus side. Th ese regional networks are interconnections based on geography or function. The commonly used approach has been a Common Gateway Interface (CGI) program using Perl (or another programming language offering similar facil ities). Internet server software is available from a number of suppliers with Netscape and Microsoft both prominent and Apache. and both packages are downloadable via the web. TCP/IP . A gateway is a communication device or program that passes data between networks having similar functions but dissimilar implementations. Aside from browser wars is the need to add logic and system interfaces to web applications. This type of arrangement is called a regional network. the browser is now free. Both the client and server need to be connected to the Internet via an Internet gateway. the Internet connects individual networks.

The IP address is used in conjunction with the port number. 6 and (part of) 5. As has already been indicated this was introduced on the ARPA net at the beginning of January 1983. IP addresses consist of four sets of decimal numbers separate d by full stops. The packets are reassembled into the message in the destination system. The route a packet takes through the network is determined within the network and th e lines used are shared with other packets that are travelling through the network (this contrasts with a circuit switched network where the line is used for just one transmission at any time). In pocket switching.vital given the Internet. The TCP/IP protocol stack has five layers. Application Layer Equivalent to the OSI Model layers 7. TCP establishes a logical connection with the receiving computer and determines the size of the segments to be sent. are passed to the transport layer for further processing. The reference model for network proto cols is the OSI seven layers of TCP/IP are commonly explained with reference to the OSI model.1. a logical number that specifies the applicatio n.20. . TCP then divides up the message into segments and attaches a header to each. the header specifies the source and dest ination ports and the sequence number of the segment within the message.9. This may be the user s own program / application package or one of the TCP / IP defined applications: • FTP (File Transfer Protocol) used to copy files across the network • SMTP (Simple Mail Transfer Protocol) used for all Internet e-Mail • Telnet (remote login facility) The message generated at the . IP pr ovides the routing mechanism. At this level.The network protocol used on the Internet is Transmission Control Protocol/Inter net Protocol . The five layers of TCP/IP are: a. TCP/IP is a packet switching protocol. The IP address specifies both the sending network ( netid) and the destination computer (hosted) .g. there is little virtue in re-transmission of errored segments i n such realtime applications. 192. TCP provides the transport protocol and ensures that the dat a that is sent is complete and error free when it is received at the destination. If the applica tion does not have the full Address then the DNS (Domain Name System) / WINS (Windows Internet System) can be invoked to provide it. Transport Layer Equivalent to the OSI Model layer 4 and (part of) 5. messages are split u p into segments (packets) and dispatched into the network with their source and destina tion addresses plus other header information including a package sequence number. e.application layer.g. e. The application is the program that initiates the transfer. together with the IP address an d port number. 80 for the World Wide Web. UDP is an alternative to TCP that is used for real-time audio or video.TCP/IP. UDP prov ides no error detection. b.

For both protocols the segments are passed to the network layer, together with t
he IP
address.
c. Network Layer
Equivalent to the OSI Model layer 3.
The Network Layer is responsible for routing the packet from source station to i
ts final
destination station, specified by the MAC address. If the MAC address is not alr
eady
available then an ARP (Address Resolution Protocol) request is broadcast to the
network
and the machine with that IP address responds with its MAC address.
The Network Layer may fragment the segments from the Transport Layer into smalle
r
packets if this is necessary, to fit the frame size.
The output packets from this layer (referred to as datagrams) are passed to the
datalink
layer.
d. Data Link Layer
Equivalent to the OSI Model layer 2.
At the datalink layer, IP interfaces with the network to be used, e.g. Ethernet,
or X25.
The network protocol will typically add its own header (Nh) and trailer (Nt) tha
t
incorporate the MAC address.
The packet is then passed onto the medium, the physical network layer.
e. Physical Layer
Equivalent to the OSI Model layer 1.
The cables used for transmission, at the time its introduction, TCP/IP was seen
as an
interim measure with the OSI (Open System Interconnection) standard intended as
an
eventual replacement. In the event the use of TCP/IP has continued and interest
in the
OSI standard has wanted. The OSI standards are still used in a number of commerc
ial
networks but the omnipresence of the Internet is tending to make TCP/IP the defa
cto
standard for wide-area networking.
Internet Components
The TCP/IP is the unifying factor of the Internet - the software, hardware and
connecting cables can be very diverse. Some of these components and the people w
ho
run them are:
- Users of the Internet access its facilities from a client machine;
- A PC, Apple Mac or Workstation that is joined to a network.
The two most used facilities of the Internet are:
1. World Wide Web
The web is accessed from the client machine using a web browser; at the time of
writing
the two most popular browsers are Microsoft Internet Explorer and Netscape Navig
ator.
The web page to be viewed is specified by its web address, the uniform resource
locator
(url), e.g. www.aimalu.edu; the url contains the addressing information needed t
o derive
the IP address of the server that holds the web page.
2. e-Mail
Accessing e-Mail requires a mail client program; this may be a facility of the w
eb

browser or a separate software package. Incoming e-Mails are downloaded from a p
ostbox (file) on the server and outgoing e-Mails are sent to the server for onwards
transmission. Each e-Mail has to include the address of the recipient, e.g.
ramdurai@yahoo.com (the name is fictitious); the second part of the e-Mail addre
ss
(following the ‘@’) is the domain name and is used on the mail server to derive the
IP
address.
Internet Service Provider
Access to the Internet, for members of the public and small organisations, is vi
a an
Internet Service Provider (ISP). The user provides the client computer and uses
a
modem to connect to the ISP s server. Telecom providers and cable companies are
increasingly providing digital services and open-all-the-time connections which
give
increased speed and convenience of access.
The ISP provides access to the web, an e-Mail address and very possibly user spa
ce for
the client to set up their own home page. Some ISPs specialise in hosting busine
ss sites
with services designed to meet the need of that market. The provision of Interne
t
services has become very competitive and users have taken to shopping around for
the
best package. Users of the service get the ISP s home page displayed when they l
og on
which gives the service provider the opportunity to create revenue from advertis
ing and
hosting links to commercial sites; many ISPs use the advertising revenue to supp
ort a
free access service to the users. For many large organisations the ISP is the co
mpany,
the university or whatever. The organisation is wired with its own LAN and WAN a
nd
access to the Internet-is via the company s own server.
Server
The server is a computer system linked into the Internet and that can be accesse
d by the
clients. The server may run a number of applications; Internet server applicatio
ns
include:
Web Server
Software that takes requests from client browsers searches the web and passes ba
ck the
resultant pages to the browser. The server software will support TCP/IP. The ser
ver will,
very probably, store a number of home pages that are available to local users an
d other
Internet users.
Mail Server
Software that acts as a post office for the e-Mail system. Mail created on the
client sites
is passed to the appropriate post-box within the system or sent out over the Int
ernet to
its intended destination. Mail from outside is stored in post-box files and uplo
aded to
the users machine when requested by the mail client. As with the web server, the
mail

server uses TCP/IP for its Internet transmissions.
Intranets
A web site designed for use by the employees of an organisation - a private Inte
rnet. The
Intranet can be used to replace documents such as staff manuals, Internet teleph
one
directories and office notices. Their advantage is that they are (hopefully) alw
ays readily
available and that they can be easily updated. Intranet systems can include appl
ication
systems where scripting languages give access to databases and the use of a brow
ser
gives easy access throughout the organisation.
Extranets
Some organisations have web sites available on the Internet but with access limi
ted to
account holders by a password system; such a facility is called an Extranet. Ext
ranets are
used in business-to-business trading where customers are required to have an acc
ount.
Another use of Extranets is by consultancies and business information services w
here
business reports are made available online but only to clients and subscribers.
Webmaster
The Webmaster is responsible for the provision of web services for the organisat
ion.
Responsibilities include setting up and maintaining the server software and the
home
page for the organisation. Where staff within the organisation can provide their
own
web content the Webmaster will probably set the standards so that the organisati
on can
ensure a professional appearance and consistent look and feel for its users.
Governance of the Internet
The Internet, as already described, is a network of networks - its co-ordination
and
development is provided by a number of voluntary committees. These include:
• Internet Society
• Internet Engineering Task Force
• Internet Research Task Force
The whole arrangement works well. It contrasts with the incompatibilities produc
ed by
competing commercial organisations such as the provider of web browsers. Whether
cooperation or competition is a better model for innovation and societal progress
is
debatable.
Uses of the Internet
i . E-Commer ce: One use of the Internet is e-Commerce, an application, is, as
indicated above, a relatively recent feature of the Internet. Other uses of the
Internet
are:
i i. Per sonal Messagi ng (e-Mail): e-Mail was one of the first applications on
the
Internet. The use of e-Mail is having a profound effect on the way people commun
icate
and the way that organisations operate. An e-Mail message can be quickly typed a
nd
sent. Unlike the use of the telephone, it does not need the recipient to be avai
lable to

the general availability of Internet access* has been an important facilitator of this change in working practices. v. vid eo and computer aided learning packages.the Internet is the default option for an e-Mail service unless privacy requirements dictate a more secure provision. i ii . edited and / or used in other documents. The e-Mail does not facil itate a conversation in the way that a telephone calls within organisations and between individuals and organisations. Informal tele-working has.take a call. Full-time tele-working has not materialized as the radical shift in working prac tices that was predicted by many pundits. There are also hybr id systems where EDI messages are taken in by a clearing house operation. supplemented in recent years by radio. is an ideal tool for e-Mail as it is the one ne twork that can connect all users . The traditional vehicle of distance education ha s been print through the post . The Internet. however. The Internet is been utili sed by traditional distance learning institutions such as the UK Open University and is . Tel e-working: Tele-working is another practice that predated the general availability of the Internet. Data I nter change (EDI ): EDI has been traditionally transmitted over proprietary VADS. to small businesses users with limited EDI requirem ents and no EDI provision. Users of EDI have bee n reluctant to transfer their communication needs to the Internet because of conce rns with security and reliability. Tele-work has a number of definitions but it gener ally involves doing work that has an IT component at home (or at least at a location that is away from the office) and using telecommunications to communicate with that offi ce. E-mail is not an invention of the Internet. become a comm on practice with employees spending the odd day working from home (or spending time in the evening doing a bit extra). The Internet has the facility to replace all o f this as a multimedia offering through a single delivery system. however. however. via the Internet. being transfe rred to the Internet. The eMail can be sent to many recipients. EDI started before the Internet was widely or commercially ava ilable and made use of either VADS or point-to-point connections. it is a matter of record and its electronic content can be saved. Di stance Educati on: The Internet is being utilised by colleges as a facilit y for the delivery of distance education. as its usage is generally cheaper than a VADS. E-Mail was a service available on th e internal networks of many organisations and has been provided by other public access netw ork services. iv. The e-Mail can be sent to many recipients to be available to take a call. Some EDI requirements are. decoded a nd forwarded. television.

Busi ness-To-Busi ness (B2B): Here business is sale to other business. they affect and effect the businesses and individuals that use them. The internal network of the company was an essential enabling technology. Seddon derives his definition of e-Commerce from this evolution: Electronic Commerce is commerce enabled by internet-era technologies Interestingly.1974 The Electronic Data Processing (EDP) era. Networks are an essential technological component in many. A sequence that is represented diagrammatically in Figure 3. Enter tai nment: In addition to specific uses of the Internet there is a rec reational use of the Internet. or most. • 1975 . One of t he facilitators has been the availability of networks. The Internet era systems include the Inter-organisational System (IOS) enabled b y EDI and the company and consumer. It was controlled by the DP professionals and used at the organisational level within the company. business information systems. On the Internet people can play games. to be worthwhile it still requires quality ma terials and thorough support of the students (and it seems likely that many of the newer pro viders will fall short of these standards). find sni ppets of information. organisation to public systems enabled by the use of the web. vi. Seddon puts a twenty-year life span on each of this era.EDP and enabled access to business data throughout the organisation and at all levels of the organisation. The MIS system subsumed the data processing funct ions of the .The Internet era. The Internet can be a great facilitator of distance education. vi i . which have been required by various business imperatives. The essence of each era is: EDP was essentially batch. I nter net Age Systems: Networks in general and the Internet in particular do not just exist in isolatio n. The Internet epitomizes these developments and is at the heart of many of these systems. • 1995 .hopefully that does not classify as an eCommerce transaction. The Internet can even be place to find a partner .1 These systems types and their evolution have been enabled by a number of technol ogical developments. the surfer. It requires a brave perso n to predict the next stage! vi i i. F .being leapt on by other institutions keen to get in on the act.1994 The Management Information Systems (MIS) era. For Sedd on the Internet era ends (or evolves into a new era) at 2014. join a chat room or just admire the intricacies of other web sites. Seddon (1997) suggested that the evolution of information systems could be divided into periods of 20 years as follows: • 1955 . MIS would normally utilize transactio n processing (TP) and databases.

which are basically of impulsive buying nature. 4) Explain the ethical issues in EC. flowers. Naukri.com) t hat are using e-commerce for selling goods and services in India.com. 5) What is Uniform Commercial Code for EC. www. Bank of Madura. give the customer what he wants at the price he want. CDs. chocolates. It offers books. ABB India. Most of these activitie s are covered under EDI. etc.OEMs who make computers. etc.com. Communication and Entertainment}. A new concept of consumer to business transaction may also be put in this catego ry under this concept. Indishop has more to offer from toothbrushes to computers. They have started B2B transactions with their suppliers. withou t the merchant having to suffer public embarrassment. Under this level. tickets. discount. and deployed electronic commerce to redefine its critical business process linking i t directly to its suppliers and distributors. flowers and other gift items. 3) Describe the legal issues in EC. Pitara. Samsung Electroni cs and TVS electronics are using e-commerce in some way or other. Maruti Udyog. . TCS. The products. com panies do not perceive B2B opportunities with suppliers and trade partners (mainly EDI based) as very important so far development of EC is concerned. Business-To-Consumer (B2C): Here business is directly sale to the end customer. HLL. departmental stores. and makes hotel reservations online with the assurance of secured technology.com is providing airline tickets at the demanded price by the customer. DuPont. Samsung has redefined its business paradigm.priceline.or example Intel sells its chips to the other business . Though B2B e-commerce is in use. "Rediff On The Net" became the first Indian web site to enable Indian credit card transactions online when they open shop in August 1998. however. are the first one to mover over Internet. c loths. All of us are aware of the amazon. music. M any companies like Tata. 6) Explain the problems of EC in relation to privacy. are some of the well-kn own Indian e-commerce sites. etc.com. such as financial services and ICE (Information. Bajaj Auto. QUESTIONS 1) Discuss in detail various issues involved in EC. Telco. e-commerce is going to have significant impact on information intensive and service oriented industries. BHEL. i x. TVS. book stores and even grocery stores (Babazar.com. IBM. Citibank. Here the product and services is amendable to online distribution. etc. JN Port Trust. Essar. 2) Explain the term Public Policy Issues in EC. Some enterprising players have already started offering on line shoppi ng with books. such as: books. thus it has been demonstrated that B2C is a very booming category. There are more than 80 sites including expo rt houses.

10) Explain the Business-To-Business (B2B) model. . like the Internet. In the page. a safer and more intelligent route leads security administrat ors to trust no one on the outside. The section will examine the pieces of the security puzzle to see how to best fi t them together for effective defenses and coverage. When they are hooked into public netw orks. you must specify a rule for each direction . Th ese include the uses of: • Routers • Firewalls • Intrusion Detection Systems (IDSs) • Vulnerability Assessment Tools (Scanners. the segments to which it is atta ched.End of Chapter UNIT — IV INTERNET SECURITY Introduction Corporate networks are built assuming certain levels of trust in how the informa tion passing through them is accessed and used. 9) Explain the Business-To-Consumer (B2C) model. we will examine firewall that protects network and system vulnerab ilities on systems attached to the Internet. this section wil l explain security technologies used to defend against attacks initiated from both within and without an organization. Packet filtering firewalls identify and control traffic by examining the source.1: A Basic Network Security Model Routers A router is a network traffic managing device that sits in between sub-networks and routes traffic intended for. Packet Filtering Straight Packet Filtering mechanisms allow communication originating from one si de or the other. detect. and p rovide multiple barriers of security that protect. as well as for private networks.) Basic Security Infrastructures Figure 4. the infrastructure relies upon layers of devices that serve specific purposes. and respond to network attac ks. destin .7) What are privacy issues in EC? 8) What is meant by security? Explain the security of transactions carried throu gh EC. To help an swer any questions you may have about where firewall is needed and used. As you see. based on your security policies that you ve already developed for the routing of network traffic. or emanating from. Naturally. we ll explore several security methods that are used wherever the Internet and corporate networks intersect. To enable two-way traffic. Figure 4. In this page. this makes them sensible places to implement packet filtering rules. often in real time.1 illustrates the basic design for a secure network infrastructure. etc.

Put simply. However. Typically .2. there are good reasons for using firewalls in any Internet. two engineers with AT&T who wrote the classic “Firewalls and Internet Security” (Addison Wesley. the two networks in question are an organization s (trusted) internal network and the (u ntrusted) Internet. a firewall is a mechanism used to protect a trusted network from an untrusted network.ation and port. Defining Firewalls A slightly more specific definition of a firewall comes from William Cheswick an d Steven Bellovin. We define an Internet as any connected set of networks. whereas an FTP request to a host behind the firewall may be dishonoure d. must pass through it. Firewalls typically run monitoring software to detect and thwart external attack s on the site. 1994). What is a Firewall? A firewall insulates a private network from a public network using carefully est ablished controls on the types of requests they will route through to the private network for processing and fulfillment. and • The system itself is highly resistant to penetration. We traditionally define the Internet as the worldwide network of netwo rks that uses TCP/IP for communications. o r intranet. There will be more about this use of firewalls later in this chapter. nothing in the definition of a firewall ties the con cept to the Internet. an HTTP request for a public Web page w ill be honoured. plus other security measures such as advanced authenti cation in place of static passwords. For example. and vice-versa. Another approach to firewalls views them as both policy and the implementation o f that policy in terms of network configuration. They based the book on their experience developi ng a firewall to protect AT&T connections to the Internet. • Only authorized traffic. Firewalls appear pr imarily in two flavours: appli cation level gateways and pr oxy ser ver s. a firewall may consist of . Cheswick and Bellovin defi ne a firewall as a collection of components or a system placed between two networks a nd possessing the following properties: • All traffic from inside to outside. Other uses of firewalls include technologies such as Virtual Private Networks that use the Int ernet to tunnel private traffic without the fear of exposure. usually while still allowing traffic between the two. such as a company s WAN. Although many firewalls are currently deployed between the Internet an d internal networks. is allowed to pass through it. and are needed to protect internal corporate networks. as defined by the local security policy. Physically. As shown in Figure 4. a firewall comprises one o r more host systems and routers.

The TCP/IP protocol suite. that block transmission of certain classes of traffic. TCP and IP. Figure 4. TCP divides the data into chunks.2: Basic Firewall Schematic (filters. officially referred to as the Intern et Protocol Suite in Internet standards documents. IP attaches to the packet. and gives ea ch one a number. Fig 4. and DMZ) Internet work Traffic When we say that all traffic from inside to outside and vice versa. including filters. The sequence numbers help to ensure that the pack ets can be reassembled correctly at the receiving end. in a protoc ol header. must pass th rough a firewall. the Transmissio n Control Protocol. Thus. called packets. Network applications present data to TCP. The intermediate area occupied by the gateway we often refer to as the De-Militarise d Zone (DMZ). These terms will be explained in more detail. each packet consists of content. but if it fails for any reason. sound or video—anything digi tal that the network can transmit. Figure 4. the rather alarming term "unreliable" simply means that upper-level protocols sh ould not depend upon IP to deliver the packet every time. one must gain a solid understandi ng of how it is structured. In th is context. which is a machine or set of machines relayin g services between the internal and external networks by means of proxy applications. showing protocol layers and addressing A protocol is a formal description of messages to be exchanged and rules to be f ollowed in order for two or more systems to exchange information in a manner that both p arties will understand. or screens. we refer to data transported by the TCP/IP protocol suite. graphics. gateway. TCP uses the seq uence numbers to reassemble the packets in the right order and request re-transmission of any packets that got lost along the way. it j ust drops the packet. gets its name from its two most important protocols. or IP. IP is technically referred to as an unreliable datagram service. the address from which the data comes and the address of the system to w hich it is going. This is where the higher-level protocol. and a gateway. and the information that the protocol needs to do its work.several different components. called the protocol header. These packets could represent text. IP always does its best to make the delivery to the requested destination host. showing the way the protocol is layered and the manner in w hich addresses are used. It can do this even if some of the packets . or data. TCP. TCP then presents the data to the Internet Protocol. comes in.3: Diagram of TCP/IP. the purpose of which is to provide basic host-to-host communication. To control TCP/IP traffic.3 illustrates a diagram of TCP/IP.

Steve Ha yes and Matthias Enders. Higher port numbers are dynamically assigned to client applicat ions as needed. a firewall s purpose is to keep the jerks out of your net work while still letting you get your job done. For more about TCP/IP basics. . Frequently. Po rts 1 to 1. Amoroso and Sharp were engineers at AT&T Labs. an FTP program will connect to port 21 on the FTP server. since it is the embodiment of the corporate policy. for example. (Ziff Davis Press. plus an IP source and destination address. Prentice Hall. I recommend Intranet and Internet Firewall Strateg ies by Edward Amoroso and Ronald Sharp. In a case where a company s policies dict ate how data must be protected. a firewall is very important. is plagued with the kind of jerks who enjo y the electronic equivalent of writing on other people s walls with spray paint. which makes the combination of TCP/ IP a very reliable protocol. Amoroso and Shar p developed a trademarked internal firewall. but convincing management that it s safe to do so. Some applications use standard port numbers. Like Cheswick and Bellovin. For more advanced reading on TCP/IP we recommend TCP/IP Tutorial and Technical Overview. and others have sensitive or proprietary data they must protect. Some peopl e try to get real work done over the Internet. is not justifying the expense or effort. TCP uses another piece of information to make ensure that the data reaches the r ight application when it arrives at a system. The number does not represent a physical port. Thus. Need of firewall The Internet. (5th Edition. or just sitting in the street blowing their car horns. called CWTG or Computer Watch Trusted Gateway. A firewall provides not only real security--it often plays an imp ortant role as a security blanket for management. but is more like a regional memory address. teari ng their mailboxes off. 1995) by Eamon Murphy. Usually. if yo u re a large company. data to be transmitted by TCP/I P has a port from which it is coming and a port to which it is going. 1996). lying within t he range 1 to 65535. but whereas Cheswick an d Bellovin developed a firewall to protect AT&T from the outside. Firewalls can use these addresses to control the flow of information.023 are reserved for server applications. like any other society. a trio of IBM engineers. like the serial port to which a modem or mouse might be attached. This is the port number.take different routes to reach their destination. although servers can use higher p ort numbers as well. the hardest part of hooking to the Internet. Many traditional style corporations and data centres have computing security pol icies and practices that must be adhered to.

25 protocol was developed for this). In this.net.Lastly. which broadcast over a shared wire. This method of communication.g .uu. and how this allows sites to filter for se curity. however. files to download. Sev eral of these systems have become important parts of the Internet service structure (e. This is true of both Ethernet and Token Ring. which could take over the wo rk of making external connections. and so forth. although smaller models and rack-mounted units for major interconnections have entered the market. into WAN protocols. bug fixes. whitehouse.com) and have reflected well on the ir organizational sponsors. each of which makes decisions about where to direct the traffic. Many corporations use their firewall systems as a place to store public information a bout corporate products and services.. It also limits the number of computers that can talk on the same wire. Alon g the way they normally pass through one or more routers. Next came a special type of switch called a router. and could also convert LAN protocols. Routers have since evolved into specialized computers. routers look at the address information in TCP/IP packets and direct them accordingly. TCP/IP transmission s differ from LAN communications. let us first examine old-fashioned LAN communications. Basically. A conne ction between two computers might pass through several switches until it reached its f inal destination.gov. Suppose five PCs reside on a LAN. The other three systems on the same wire will also hear the same data. it shouts out over the network and ho pes that PC #4 hears it. the packets seldom go straigh t from the host system that generated them to the client that requested them. limits distance and scope. If PC #2 wants to send some data to PC #4. gatekeeper. Early efforts to enable computers to communicate with each other over long dista nces used telephone lines and switches to connect calls from one specific computer to another in a remote location (the X. LAN protocols. a firewall can act as your corporate "ambassador" to the Internet. thus creati ng a WAN. Data packets transmitted over the Internet from the Web browser on a PC in Florida to a Web server in Pennsylvania will pass through numerous routers al ong the way.4 .25. Firewalls as Filters When TCP/IP sends data packets on their merry way. were incompatible with X. The typica l router is about the same size as a VCR. specifically IP. the two most widely used LAN protocols. UUnet. When LANs emerged it made sense for all the computers on one LAN to have access to the machine that had access to the remote connection. increases efficiency. Figure 4. in which a number of computers share th e same wiring. and the machine hostin g the connection to the WAN tended to get overworked.dec. To look at how TCP/IP routes packets.

which will route it. Since proxies must "understand" the application protocol being u sed. rlogin. only data from certain addresses may pass through the router. through a filter. In firewall p arlance. which includes proxies for Telnet. Traffi c goes to the gateway instead of directly entering the connected network.4: The trace route program shows the path Internet data takes Suppose the Web browser is on a PC on a LAN with a PPP connection to an Internet Service Provider (ISP). Proxies are often used instead of router-based traffic controls. Routers at the ISP will send the data to a backbone provider. they control access to and from the network. or firewall. Firewalls as Gateways Internet firewalls are often referred to as secure Internet gateways. SOCKS is a generic proxy system that can be compiled into a client-side application to make it work through a firewall. listing the path the data takes. One popular set of proxy servers is the TIS Inte rnet Firewall Toolkit (“FWTK"). this further enhances its value as a security device. to prevent traffic from passing directly between networks. this turns a router that can f ilter packets into an access-control device. Routers make their routing decisions based on tables of data and rules.. will likely direct the packets out from the LAN to the ISP. or a computer acting as a router. but it doesn t support the addition of authentication hooks or protocol specific logging. FTP. an FTP proxy might be configurable to permit incoming FTP and block outgoing FTP). and NNTP/Usenet news.shows the trace route program in action. to the other . In effect. It is po ssible to manipulate these rules by means of filters so that. Its advantage is that it s easy to use. Fig 4. they can also implement protocol specific security (e. HTTP/Web. a gateway is a computer that provides relay services between two networks. Proxy servers are application specific. to the ISP that serves the machine that hosts the Web site. We will discuss how this w orks in more detail in the next chapter. for example. If the router can generate a ctivity logs. Like the g ates in a medieval walled city. a proxy must be developed for it. Proxy servers A proxy server (sometimes referred to as an application gateway or forwarder) is an application that mediates traffic between a protected network and the Internet. X-Windo w. Many proxies contain extra logging or support for use r authentication. A firew all may consist of little more than a filtering router as the controlled gateway.g. often in several hops. A router. in accordance with access-control policy. In order to support a new protocol via a proxy. The gateway machine then passes the data.

reorganizations. firewalls become a focal point for the enforcem ent of security policy. Firewalls can also protect other external network connections. developed separate network . Figure 4. en hanced by authentication. token s and other methods. firewalls play an important role in enforcing access-control poli cies between networks and protecting trusted networks from those that are un-trusted.network or to another gateway machine connected to the other network. called dual-homed gateways. Mergers. Firewall-to-firewall encryption is thus used for secure communication over the public Internet betwee n known entities with prior arrangement. Verifying the authenticity of system users is another important part of network security.5). rather than for any-to-any connections. but these effo rts have a ways to go before the customer can assume compatibility. must somehow trust each other. Alternatively. according to different rules. In order to communicate i n encryption mode. a pair of machines can cr eate a miniature network referred to as the DMZ (see Figure 4. one computer containing two network connectors acts as the gateway. Typically. Multiple networks designed by differ ent people. Consider a manufacturing company that has. but not all. internal information. In some configurations. A company can apply the same traffic-restricting protections. over time. joint ventures and strategic partnerships all place additional strains on security as the scope of the network s reach expands. while the inside gateway is used to guard against the consequences of a compromised gateway [Ches94]. enabling the creation of virtual private networks (VPN) as a lower-cost alternative to a leased line or a value-added network (VAN ). using smart cards. acquisitions. Someone outside the organization may suddenly need acce ss to some. the two ga teways will have more open communication through the inside filter than the outside gat eway has to other internal hosts.5: The use of gateways Firewalls as Control Points By concentrating access control. Current standards efforts in encryption and key management have begun t o allow different manufacturers firewalls to communicate securely. including traffic encryption and decryption. In these circumstances. su ch as remote dial-in. modern business practices continue to underscor e the importance of internal firewalls. Internal Firewalls While the phenomenal growth of Internet connections has understandably focused attention on Internet firewalls. Some firewalls take advantage of this to provide additional sec urity services. Nevertheless it is a powerful feature. and firewalls can perform sophisticated authentication. The outside filter can be used to protect the gatew ay from attack. the sending and receiving firewalls must use compatible encrypt ing systems.

when connecting the networks. segregating the networks by means of firewalls greatly reduces many of the risks involved. Firewall design policy is a lower-leve l policy that describes how the firewall will actually go about restricting the access and fil tering the services as defined in the network service access policy. unauthorized access by authorized users. Types of Network Policy Two levels of network policy directly influence the design. However.s within the sales. salespersons on the road needin g access to an inventory database—are indeed who they claim to be. other forms of application-lev el security can protect sensitive data. a firewall is both policy and the implem entation of that policy in terms of network configuration. By using authentication mechanisms on the fi rewall. it is possible to gain a higher level of confidence that persons outside the fir ewall who request data from inside the firewall—for example. marketing. but the system administrator must not lose sight of the broade r definition of a firewall as an implementation of security policy. A firewall is an approach to security. Network service access policy is a higher-level. By adding encryption to the services performed by the firewall. Firewalls and Policy Diagrams of the various configurations of filters and gateways help when plannin g a firewall defense. Conseq uently. a problem that consistently outranks external hacking in information-security surv eys. installation and use of a firewall system. Al though users in one department may wish to access certain other networks. the organization may choose to limit the connectio n. host systems and routers. issue-specific policy that defines those services to be allowed or explicitly denied from the restricted ne twork. as w ell as other security measures such as advanced authentication in place of static passw ords. either with packet-filtering routers or with a more complex firewall. We will examine both l evels of . This policy also proscribes the way in which these services will be used. payroll. firewalls c an reduce the threat of internal hacking-that is. and production departments. This even enables wide-area networking between remote locations over the Internet. a site can create v ery secure firewall-to-firewall connections. it helps implement a larger security policy that defines the servic es and access to be permitted. it is probabl y unnecessary and undesirable for all users to have access to all networks. and th e conditions for exceptions to this policy. in particular. In a WAN that must offer any-to-any connectivity. accounting. In other words.

policy in the following sections. Network service access policy should stand as an extension of a strong site-secu rity policy and an overall policy regarding the protection of information resources i n the organization. Some firewalls also impl ement network service access policies that allow certain users access from the Interne t to selected internal hosts. but only to select ed systems such as information servers and e-mail servers. integ rity. Below this statement of principles come site-specific policies covering physical access to the property. Typically. the network service access po licy should exist prior to the implementation of the firewall. the network service access policy should also include all other outside network access. The firewall s network service access policy is formulated at thi s level. 4) All information-processing facilities belonging to the organization will be u sed only for authorized purposes. a firewall implements one of two general network service access polic ies: either allowing access to the Internet from the site but allowing no access to t he site from the Internet. For a firewall to function as the company desires. ad hoc connections are likely to b e improperly secured. opening the network to attack. the overall organizational policy might st ate the following pri nci pl es: 1) Information is vital to the economic well being of the organization 2) Every cost-effective effort will be made to ensure the confidentiality. so those other points of entry must also con tain equal protections. This includes everything from document shredders to virus scanners . These non-sanctioned. For example. or allowing some access from the Internet. 3) Protecting the confidentiality. general access to information systems and specific access to servi ces on those systems. but only if necessary and only when combined with advan ced authentication. integrity and availability of these informati on resources is a priority and a job responsibility for all employees at all levels of the company. remote access to removable media tracking. restrictions upon one type of network service a ccess can often lead users to try others. The policy must be rea . availability and utility of the organization s information. if restricting access to the Internet via a firewall p revents users from browsing the Web. Network Service Access Policy While focusing on the restriction and use of internet work services. After all. authenticity. At the highest level. including di al-in and SLIP/PPP connections. some will likely create dial-up PPP connections in order to obtain this service.

but then pass those services that have been identified as allowed. which are partially shielded by packet filtering but are not sheltered behind th e firewall. only a strong network service access policy will prevent the firewall s access controls from being modified or circumvented on an ad hoc basis. and with full awareness of. or feeds data to internal database sy stems. issues such as the firewall s capabilit ies and limitations. If a firewall system denies or restricts services. firewalls generally implement one of two basi c design poli cies: 1) Permit any service unless it is expressly denied. This is where firewall design comes in. since it offers more avenues for circumventing the firewall. The permissive first policy is less desirable. Firewall Design Policy The firewall design policy is specific to the firewall and defines the rules use d to implement the network service access policy. Application gateway firewalls are the most gr . A sound. With this approach. Some use this approach for Web serve rs. separated from other site systems. A company can also choose to locate t hose systems requiring services that should not be passed through the firewall on scr eened subnets. Packet filters are least granular. (If the Web server calls information from. they could run denied services a t nonstandard TCP/UDP ports that are not specifically mentioned by the policy. As ment ioned earlier.7: A screened sub-net All the types of firewalls are functionally equivalent. For example. The company must design the policy in relation to. management-backed-policy can provide t his defense against user resistance. Firewalls that implement the first policy (the permissive approach) allow all se rvices to pass into the site by default. with the exception of those services that the ser vice-access policy has identified as disallowed. Certain firewalls can implement either a permissive or a restrictive design policy. A realistic policy provides a balance between protecting the network from known risks on the one hand and providing users reasonable access to network resources on the other. The type of mechanism us ed determines the granularity of the firewall: how much security work it can accomp lish. This restrictive second policy follows the classic a ccess model used in all areas of information security. Firewalls that implement the second policy (the restrictive approach) deny all services by default. or 2) Deny any service unless it is expressly permitted. users could access new services not currently addressed by the policy. and the threats and vulnerabilities associated with TCP/IP. then that connection between the Web server and the internal machines should be well protected) Figure 4.listic and sound.

IPSEC addresses the former class. but it do es create some interesting possibilities when we look at combining firewalls with IPSEC-en abled hosts. and firewall the latter. Which is which. Alt hough firewalls can help to mitigate some of the risks present on an Internet without authentication or encryption. such things as vendor-independent virtual private networks (VPNs) . IP Security (IPSEC) Some have argued that this is the case." As always. Note that neither of these problems is what firewalls were created to solve. What this means is that one will not eliminate the need for the other. Namely. Before pronouncing such a sweeping predi ction. we can consider whether IPSEC will solve the problems that we re trying to solve with firewalls. better packet filtering (by filtering on whether packets have the IPSEC authenti cation header). Once we kno w this. there are really two classes of problems here: int egrity and privacy of the information flowing between hosts and the limits placed on wh at kinds of connectivity is allowed between different networks. however. A Packet Inspection firewall can be made almost as granular as an application gate way firewall.anular. and latest technologies are blurri ng the distinction to the point where it s no longer clear if either one is better or " worse. just because a particular product is characte rized as a particular type of firewall does not mean that it does all of the security pro cessing possible with that kind of firewall. it s worthwhile to consider what IPSEC is and what it does. depends on what mechanisms the firewall uses to pass traffic fro m one . There are many documents that collectively define what is kno wn as "IPSEC". you need to be careful to pick the type that meets your needs. which have plagued the IP protocol suite for years: host-to-host authentication (which will let hosts know that they re talki ng to the hosts they think they are) and encryption (which will prevent attackers from bei ng able to watch the traffic going between machines). and application-layer firewalls will be able to have better means of ho st verification by actually using the IPSEC authentication header instead of "just trusting" the IP address presented. However. IPSEC solves two problems. Types of firewalls Conceptually. there are two types of firewalls: 1) Network layer 2) Application layer They are not as different as you might think. IPSEC (IP Security) refers to a set of standards developed by the Internet Engin eering Task Force (IETF).

a highly defended and secured strong point that (hopefully) can resist attack. A simple router is the traditional network layer firewall. and now maintain internal information about t he state of connections passing through them. The single host is a bastion host. and a pplication. lower-level firew alls are faster. Application layer firewalls These generally are hosts running proxy servers. Modern network layer firewal ls have become increasingly sophisticated. since traffic goes in one "side" and out the other. a network layer firewall called a "screened host firewall" is rep resented. so to use one you either need t o have a validly assigned IP address block or to use a "private internet" address block.8. the contents of some of the data stre ams. a network layer firewall called a "screened subnet firewall" is represented. Generally speaking. presentation. after having passed through an application that effectively masks the . In a screened subnet firewall. but are easier to fool into doing the wrong thing. The important thing to recognize is that the lower-level the forwarding mechanis m. In order from the bottom . a network of scre ened hosts. destination addresses and ports in individual IP packets. Example Network layer firewall: In figure 4. Screened Host Firewall In Figure 4.security zone to another. these layers are physical. since it is not able to make particularly sophisticated decisions about what a p acket is actually talking to or where it actually came from. The International Standards Organization (ISO) Open Sy stems Interconnect (OSI) model for networking defines seven layers.9. effectively. network. transport. access to and from a whole network is controlled by means of a router operating at a network l ayer. access to and from a single host is controlled by mean s of a router operating at a network layer. Applicati on layer firewalls can be used as network address translators. the less examination the firewall can perform. and which perform elaborate logging and auditing of traffic pa ssing through them. Since the proxy applications are software components running on th e firewall. Network layer firewalls These generally make their decisions based on the source. where each layer provides services that "higher-level" layers depend on. Network layer firewalls tend to be very fast and tend to be very transparent to users. One thing that s an important distinction about many network layer fi rewalls is that they route traffic directly though them. It is similar to a screened host. session. In a screened host firewall. except that it is. data link. it is a good place to do lots of logging and access control. which permit no traffic directl y between networks. and so on.

The future of firewalls lies someplace between network layer firewalls and appli cation layer firewalls. are not particular ly transparent to end users and may require some training. Application Layer Firewalls vs. Network Layer Firewalls The purpose of this section is to explain the classical definitions of both a ne twork firewall and an application firewall. The pros. Many of the benefits arid drawbacks that are stated do not really come into play. It is likely that network layer firewalls will become increasin gly "aware" of the information going through them. "O ne thing that is an important distinction about many network level firewalls is that they route traffic directly through them. Having an application in the way in some ca ses may impact performance and may make the firewall less transparent. It has two network interfaces. some assumptions have to be made. Early application layer firewalls such as those built using the TIS firewall toolkit. cons and some of the vulnerabilities will be d iscussed about each firewall type. A dual homed gateway is a highly secured ho st that runs proxy software. an d blocks all traffic passing through it. To conclude the paper. Dual . The end result will be a fast packet-s creening system that logs and audits data as it passes through. Firewalls with end-to-end encryption can be used by organizations with multiple points of Internet connectivity to use the Internet as a "private backbone" without worrying about their data or passwords being sniffed. one on each network. and how the various technologies differ from the cl assic definitions.10.Homed Gateway Example Application layer firewall: In figure 4. Application layer firewalls tend to provi de more detailed audit reports and tend to enforce more conservative security models tha n network layer firewalls. and compare/contrast the two." . In the proce ss of doing so. an explanation of modern firewa ll technology will be examined. Modern application layer firewalls are often fully transparent.origin of the initiating connection. and application layer firewalls will beco me increasingly "low level" and transparent. Increasingly. an application layer firewal l called a "dual homed gateway" is represented. Network layer firewalls run at layer 3 (Network) and sometimes 4 (Transport) of the OSI Model and are only able to make "decisions" that fall under these two layers. firewalls ( network and application layer) incorporate encryption so that they may protect traffic p assing between them over the Internet. as an administrator should not set up t heir network in this manner.

" 2 Circuit layer gateways take this a step further and operate in layer 4. Most logical ne twork devices offer at least some level of packet filtering. This is due to the fact that latency is your enemy when it comes to people acces sing your site. they can make basic authorization decisions based on source a nd destination IP address as well as protocol type and port. network firewalls are a cheaper alternative. The most evident is that the firewall would be susceptib le to any attacks or vulnerabilities that the operating system possesses. Generally speaking. such as routers and switches have the ability to function as network firewalls. Typically network level firewalls do not provide a high level of auditing or log ging. "A packet filter examines IP packets and makes a decision to accept or deny traf fic based upon criteria such as source and destination IP addresses and source and destina tion TCP/UDP port numbers. This would allow use of p re-existing equipment to perform firewall duties. Network firewalls are typically used when speed is essential. Network level firewalls run on an access control list and do not provide the sam e high level of protection that application firewalls do. "As such. Network lay er firewalls typically fall under one of the following two categories: packet filte rs and circuit layer gateways. VLSI (very large scale integration) devices. packets can be processed quicker. The list simply verifies if the source and destination data are vali d. this may present a problem. This can be advantageous for firewalls that sc an for connections to web and email servers. Since packets are not passed to the application layer and the contents of the packet are not being ana lysed. Three common ones are b uffer . Network firewalls are susceptible to different exploits. This can present a problem if you are actively trying to scan for vulnerabilities in the data itself. especially ones that have high amounts of traffic. This may prove to be an inexpensive solution ." 3 This provides a higher level of flexibility in that they can make decisions on whether inbound requests to ports are valid.1 Meaning they scan for source and destination information and allow or disallow packets based on this information. since they cannot monitor the contents of packets. This offers a layer of protection to your network and does not impede conn ectivity. Some network operating systems also come w ith the ability to do packet filtering. but can often produce problems. Based on how closely the traffic needs to be scanned.

as the name implies." 5 Since these exploits take advantage of the application layer. these firewalls work at the application level. based on its own set of rules. a backdoor command was inserted to assist in debugging the . an intelligent administr ator would drop all ICMP traffic at the firewall. a network firewall could not scan them and disallow them. In order for an exploit like this to work properly. in this case a firewall and fa king a source address that the firewall will trust. In this way. They view information as a data stream and not as a series of packets . For example. they are able to scan information being passed over them and to ensure that the information is acceptable. if one were running ‘sendmail’ behind the firewall. If carefully crafted. /bin/sh will have root access. so they tend t o be equipped with a certain level of logic. a buffer exceed what was allotted. it cannot deny the connect ion. The system has alread y been compromised if it has reached this point. the original implementati on of an SMTP mail server.overruns. ICMP tunn elling allows a hacker to insert his data into a legitimate ICMP packet. However. a process must be in place on t he other side of the firewall to strip the data out of this packet. "They generally are ho sts running proxy servers. operate in the Application Lay er of the OSI model. we see how the firewall would not be able to stop this exploit in the long term. "an attacker could send specific co de that will overflow the buffer of a command like VRFY and execute /bin/sh. This allows the firewall to make some in telligent decisions about what to do with packets that are passing through it. Since the netw ork firewall cannot probe the packet past the IP headers. for purposes of this discussion. An example of this ability follows: "In an early incarnation of sendmail. IP spoofing and ICMP tunnelling. If ‘send mail’ is running at root. In this particular scenario. and wh ich perform elaborate logging and auditing of traffic passing through them. executable code could be inserted and ran. IP spoofing is simply sending your data to a source." 6 As stated earlier. "A buffer overflow condition wo uld normally cause a segmentation violation to occur." 4 If we were to assume that a buffer was created with a fixed length of 500 bytes. Buffer overruns typically occur when data sizes inside. In real life. the ha cker would be able to access internal machines since he compromised the firewall. which permit no traffic directly between networks. Application level firewalls. we could send the process data exc eeding that size.

its rat e of degradation will decrease faster than the available bandwidth. which makes it ea sier to track when a potential vulnerability happens. This may prove to be cumbersome. the task of moving throu gh the OSI model is typically negligible. The backdo or command was ‘WIZ . Another major benefit of applicati on firewalls is that they typically support the ability to report to intrusion dete ction software. application firewalls are less susceptible to attacks that hide data in legitimate traffic and more susceptible to distributed denial of service (DDOS) attacks. This allows third party software to take control of an intrusive situa tion and perform tasks above the capabilities of the firewall itself. b ut when the system is scanning thousands of packets. if an application layer firewall were to suffer a solid performance hit. which allowed the client machine to gain root shell access on t he remote sendmail server. with the speed of machines today. the datagram has to be pas sed through all the subordinate layers. human-readable. an application firewall can be configured to check for a "known" vulner ability. This is useful if y ou want to monitor a hacker once they get inside instead of just blocking them or have the system send a page when an intrusion is detected. they were vulnerable to this backdoor exploit. text-based dialog betwee n the client and server. is not at all significant. SMTP is based on a simple. it is more likely that it is related to I/O cycles required for logging and auditing than "bit strippin g". Another benefit of applic ation level firewalls is that they typically do a large amount of logging.application." 7 In this example. If enough data is forced on the fi rewall it can cease to operate. Many peopl e insist that the "bit stripping" or the removing of headers and passing the data up to the next level. The application firewalls will suffer a highe r rate of diminishing utility. but the option is available. using commands such as HELO. The difference may not appear substantial. As more connections are being made to the firewall. Since neither Packet Filters nor Circuit Layer Gateways examine application data. and DATA . as an administrator would have to stay on top o f all possible vulnerabilities. However. Since the firewall operates at the application layer. that occurs while passing packets up and down the layers. Due to the amount of work the firewalls must do.) QUIT . The high number of service level vulnerabilities that curr ently exist . it becomes more evident. The price you pay for the ability to scan packets for rogue data comes in perfor mance. By today s standa rds.

it is possi ble to pass traffic through local-tunnels. Circuit Layer Gateways do not operate purely at layer 4. but the advances in the technology should be considered. In the end. Application Layer firewalls do not solely f unction at the application layer. Setting suc h elaborate rules usually proves to be burdensome to most administrators. look into the network layer firewall. a hacker is mo re likely to look for another way in. In a perfect world . As a gen eral rule. Conversely. so this type of ex ploit is usually left unchecked. It is also important to note that many applicat ion level firewalls offer some level of clustering that allows the firewall to overcome it s speed issue. In reality. even though it may be a layer 3 device. typically the firewall will allow the data to pass.can also compromise application firewalls. which means the soft ware operates at many layers. the other has as a drawback. if speed is the most important feature. For example. They have beco me hybrid software implementations to address the need for stringent Internet secur ity. make sure to fully analyse the pros and cons. unless elaborate rules are established. in the Axent Raptor Firewall." 9 Ultimately a firewall serves more for peace of mind than a security device. or layer 4 Generic Service Proxies with no application data scanning. Many network IOS s have the ability to scan traff ic for vulnerabilities beyond layer 3. No one firewall will meet one hundred percent of everyone s needs. a stateless layer 3 mechanism. using a war dialer to locate modems on a network to dial in and bypass the . If the firewall is allowing SMTP traffic or DNS tr affic to pass through and a hacker has access to one of the many exploits. it would appear that what one firewall has as a benefit. Modern firewalls perform some tasks in b oth the network and application layer. "When vi ewed as a whole. In print. the delineation between network layer firewalls and applic ation layer firewalls is quickly diminishing." 8 Firewalls that fully function in the network and application layer are not developed fully as of yet. you would have an application proxy securing your corporate network. If security is a top concern. This allows one to add more machines as needed. but a network layer f irewall to protect your web presence. without impeding performance. It is generally marketed as Stateful Multi-Layer Inspection . Before purcha sing a secure firewall solution. For example. sendmail and DNS have numerous well-known exploits. then look into an application layer firewall. such as social engineering passwords from the staff of a company.

1872. Therefore some of the cyber challenges that need to be addressed are: • Authentication (identify to contracting parties) • Data Integrity (the facts and figures are true and genuine) • Confidentiality in storage and transmission of data • Bridging real and virtual transactions. The presumption under the Indian Evidence Act of signing the document is that th e person has understood and agrees to the contents of the document and is legally liable. This does not mean that a firewall should not be put into place. In the latter. fraud. Authorisation s chemes such as password protection etc. it is to the courts to conclude on the basi s of circumstantial evidence. The signatory is however free to prove that his signature was forged in cases of signatures purported. waste or abuse. Security in E-Commerce Transactions The paper based society makes a contract legally binding in accordance to the pr ovisions of the contracts Act. Companies that do business on the web face many security issues that need to be addressed in order to protect information and minimize ri sk. and firewalls ensure that only valid users and programs . The paying customer s concerns are not unfounded.firewall entirely or look for exploits on a mail or web server that would allow them to pass through the firewall legitimately. If this is not done. has the potential to disrupt data or network resources and incur economi c loss. Security and Authentication Issues Lack of user confidence in E-commerce transactions has been a major hindrance to the growth of E-commerce. Also remember that no matter how powerful the firewall is it is only as strong as the policy enforcement. Hackers will always look for the easiest route into the system first. Ens ure that the firewall is up to date on security vulnerabilities and all access lists are accurate. disclosure. denial of service. There are several cas es of security frauds being committed on the net. Similar is the process of corporate where the common seal of the company affixes the documents to contracts. This loss could be m the form of destruction. Only developing sound security can do this and authenticat ion systems. to the high level o f security that firewalls provide. Such a Security threat occurs when a hacker. modification of data. and concerns about data and transaction security. It s very similar to locking the car doors even though a thief can still get int o your car by breaking the windows. Make sure that policies are set up to cover all security related aspects of the LAN. it will quickly become another doorstop in the organization. The locked doors have forced the thief to go in a differen t route. The growth of B2C E-commerce depends on allaying the fears of consumers about transaction security. This is due in part. Security concerns in E-commerce can be broadly divided into concerns about user authorisation.

It thus becomes necessary to send the data in the encrypted/cod ed form for security and the receiver alone is enabled to decrypt/decode the concer ned document. The threat of "sniffer programs" that collect credit card numbers is still there. At the destination they are reassembled t o form the entire message. They are realising that consumers’ belief in the reliability an d protection of their business transactions against third party threats need to be improved. The different categories data are. Confi denti al Data . Because of the sensitivity of information being transferred and in order to prot ect the consumer from various forms of fraud and misconduct. Data and security schemes such as secret key encryption.This type of data contains content that is secret. However. and may be accesse d by any one. but the existence of the data is not a secret. Copyr i ght Data . Such data include bank account statements and perso nal files. Secr et Data .This type of data is copyrighted but not secret.have access to information resources such as user accounts. Types of Online Transactions The type of transaction depends on the type of content (data) that is sent acros s the network. Public Data . So in order to maximise revenue security must be tight. public/private key encryption et c.The very existence of this type of data is secret and must be kep t confidential at all times. It is necessary to monitor and long all access and at tempted access to the secret data.This type of data has no security restrictions. and confidentiality of business transactio ns and messages. Such data however should be protected from unauthorised tampering or modification. The fact that there many different types of Internet transactions makes security difficult. are used to ensure the privacy integrity. So companies are paying more attention to transaction security and authentication.) Transaction Security As more companies are beginning to conduct commerce online transact on security becomes important. Unsure of security consumers are not willing to provide credit card nu mbers over the net. The general cryptosystem is the symmetric cryptosystem and the more . Transmission of Electronic Documents The transmission of electronic documents from the originator is generally broke n up into smaller data packets to dispatch. files and database. The owner of the data will provide the data if he is paid for it. security and verification i s necessary for all type of data. (These are the basis on which several online payment systems such as electronic cash and checks are constructed. one may intercept the document and tamper the conte nts to the document.

Such a network monitoring can rapidly expand the number of syst ems intruders are able to access. Both the sender and the receiver opera te a single key to encrypt or decrypt a message. such as Telnet. Here there are two keys. but also to any remote machine the user logs into. The first part of such sessions contains the information that will enable the sn iffer to log onto other machines . The sniffe r programs watch the network traffic. A message encrypted with the private key can only be decrypted with its corresponding public key. If the sniffed syst em is on a backbone network. Such sniffer attacks begin when a hacker breaks into a computer and installs a packet-sniffing program that monitors the network traffic. This type of single key encryption i s called symmetric crypto-system.log in ID. The sniffer will also gather information about local users logging into other remote machines. Asymmetric Crypto-system It is also referred to as the public key system. the key needs to be transmitted and hence is exposed to theft of the key. the pr ivate key and the public key. the name of the user logging in etc. Requirements for Transaction Security There are three basic requirements for transaction security: Transaction Privacy The threat of information privacy is technically called unauthorised monitoring or packet sniffing. They used sniffers to record 50. The originator holds the private key.secured the asymmetric cryptosystem. typically for the first part of the sessions that legitimate users initiate to gain access to another system. intruders can monitor any traffic between nodes on that network. Also legal. it becomes impossible to ascertain the sender or the receiver and he nce fix the contractual capacity. 000 credit card and phone card numbers and then sold the data to European users who used these accounts to make free long-distance calls. as both the sender and the receiver of the message use a single key. while to the intended sender the public key is distributed. Users whose accounts and passwords are collected will not be aware that their ac counts are monitored. FTP etc. password. Though this system ensures security. In one of the most famous sniffing case hackers defrauded the US telephone major MCI to the tune of $28 million. The two keys form a unique pair and the presumption if a document is signed and sent through this type of transmission t he sender alone has given the authority to the receiver. Symmetric Crypto-system This is the simpler form of cryptography. Transaction Confidentiality The E-commerce environment must ensure the confidentiality of the data being sen .

All message archiving must be done in well-protected systems. leaving only the accounting record of entry and delivery. Encryption is the mutation of information in any form (text. in such a way that only the merchant can read it. a string of zeros and ones. All parties must know and trust each other completely and have in their possession a protected-of the key. Data Encryption Standards (DES) are availab le to implement such singe-key encryption techniques. video and graphics) into a form readable only with a decryption key. Encryption and Transaction Security Using encryption or secret codes sensitive information over a public network lik e Internet can be protected. Although useful. which secure links between computers. Suppo se a customer wants to send his credit card number to his online merchant. they risk being overhear d about the key via the communication networks. After successful delivery of information to the destination gateways. If the sender and the receiver reside in different cities. Confiden tiality is important for the transaction of such sensitive data like credit card numbers . delete or modify any part of the message in transit. The transmitter uses a cryptographic secret "key" to encrypt the message and the rec ipient must use the same key to decrypt it. encryption techniques etc. In this both the encryption key and the decryption key are the same. messages m ust be removed from the public network. The goal of encryption is to make it i mpossible for the hacker who gets the cipher text (encrypted information) as it passes on the network to recover the original message. The merchant will then decrypt the cipher text using the decryption key and will read the number. secret key encryption has certain limitations. The customer will encrypt the card number us ing an encryption key and sends the encrypted message (cipher text) to merchant. It works in the following way.t. Methods for ensuring information integrity include error detection. Secret-Key Encryption Secret-key encryption involves the use of shared key for both encryption by the transmitter and decryption by the receiver. Mechanisms for integrity must prevent attacks involving the modification of data while the tran saction is in progress. It can be accomplished using encryption methods. Since shared keys must be securely distribut . There are two main types of encryption techniques. Transmission must be tamper proof in the sens e that no one can add. This m akes the message unreadable to any third party. Transaction Integrity Integrity means that the transactions must remain unmodified during the transpor t between the client and the server. A "key" is a very large number. sequence numbers.

The best known public key encryption algorithm is the "RSA" algorithm. both the key system are often combined to form a hybrid key system. the message itself can be protected. whatever the data one of the key "locks". For example. it is incapable of decrypting the message. a "public key" which is published in a public sort of directories and a "private key" which is kept secret. adding to the overall cost . For example.generation. Public Key Encryption Public key encryption uses two keys: one key to encrypt the message and a differ ent key to decrypt the message. The following table compares secret and public key systems. but the private key must be confidential and known o nly to the owner. So. The two keys are mathematically related so that data enc rypted with one key can only be decrypted using the other key. it remains secure because the stolen "key" only locks th e contents. To determine whic h type of encryption best meets its needs an organisation first has to identify its sec urity . in order to exploit the advantages offered by the two systems. a customer sends a message (credit card information) to the online merchant through e-mail. The public key can be made know to other parties. secret key encryption suffers from the problem of key distribution.2 compares secret and public key systems. The two keys work together. In practical usage. The important concept in th is is that even if the channels are not secure. One of the keys is "public" and the other key is "private". The pr oblem of authentication is solved by checking the authenticity of the public key with a certification authority and obtaining an Authorisation Certificate (AC). secret key encryption cannot play a dominant role in E-commerce. In this m ethod each participant creates two unique keys. If the copy of the key is intercepte d or the message is intercepted. The message will be encrypted with the locking key (pub lic key) and forwarded to the merchant. Unlike secret key encryp tion which uses a single key share by two parties.e to each communicating party. if for a n online merchant to conduct transactions securely with Internet subscribers each customer would need a distinct secret key assigned by the merchant and transmitt ed over a separate secure channel such as the telephone. only the other key can unlock. public key encryption makes use of two keys. Secure key distribut ion is cumbersome in large organisations where a company deals with thousands of online customers. Further secret key encryption is impractical for exchanging information with a l arge group of previously unknown parties over a public network. Table 4. He unlocks the message with the unlocking ke y (his private key) and gets the information. transmission and storage of keys.

which Amazon could decrypt with A s public key and know th at only A could have sent it. Let us consider the following scenario: a customer (say A) interacts with an onl ine merchant such as amazon. For example a recipient of data (such as e-m ail message) can verify who signed the data and that the data was n modified after b eing signed. Digital signatures ensure authenticity in the following way. To ensure further security he can send a digital signature. enc rypted with his private key.requirements and operating environment. To verify the signature the bank performs a computation involving th e original document. If the user is communicating with his bank.com. he sends the second encryption to the bank. If the results of the computation generate an identical "finger print" of the document the signature is verified as genuine. The resulting digital signature can be stored and transmitted along with the data. which is the case in online commerce. Public key encryption is particularly us eful when the parties wishing to communicate cannot rely on each other or do not shar e a common key. the purported digital signature and the user s public key. Data is electronically signed by applying the originators private key to the dat a. The signatu re can be verified any party using the public key of the signer. To increase the speed of the process the private key is applied to a shorter form o f the data called "hash" or "digital digest" rather than to the entire set of the data. For instance. when an electronic document such as a order form with credit card number is run through the digital signature process the re sult is a unique linger print of the document. These digital . otherwise it is fraudulent or tampered. he will use Amazon s public key to encrypt his confidential information. They are used for sender authentication. Digital Signatures Digital signatures work with public key encryption to ensure authentication and privacy. The "finger print" is attached to the orig inal message and further encrypted with the private key of the signer. When ‘A’ orders books from amazon.com. It is cryptographic mechanism that performs the functions of a written signature . a user combines his private key and the document and performs a computation on the composite (key + document) in order to generate a unique numb er called digital signature . In order to digital ly sign a document. Amazon uses its pri vate key to decrypt the message. Thus the customer knows that only Amazon has receive d the information. The ban k then decrypts the document using the user s public key and checks to see if the message is altered.

An alternative to the use of a secure channel is to use a trusted third party to authenticate that the public key belongs to B. which means that we can send and receive e-mail from millions of people around the world. E-mail is much older than the Web. A and B. Once B has provided proof of his identity. it directly reaches the concerned individuals electr onic mail . Thus by using one public key (CA) . Electronic Mail (E-mail) E-mail or electronic mail can be defined as the exchange of messages and compute r files between computers over a computer network. At the time of the tra nsaction. as a trusted third party means of establishing authentication disparate parties can e ngage in E-commerce with a high degree of trust. E lectronic mail or e-mail is without doubt the most commonly used Internet service. which in most cases. To get most benefit. This message known as the CA digitally s igns the certificate. each wants to make sure th at the other party is authenticated. the CA creates a mess age containing B s name and his public key. Digital Certificate Authentication is further ensured by the use of digital certificates. he wants to ensure that the public key belongs to B and not to someone else masquer ading as B on an open network. Advantages of Electronic mail The main benefit of e-mail when compared to other messaging mediums like fax is that it is almost instantaneous. One-way to be sure that the public key belongs to B is to receive it over a secure channel directly from B. each party s software validates both merchant and cardholder before any informat ion is exchanged. Before two parties. Every system on the Net support s some sort of mail service. practical ly impossible. This network can be as small as a Loc al Area Network (LAN) or it can be as large as the Internet that spans the world. use public key encryption to conduct business. Before A accepts a message with B s digital signat ure. the public key of the certificate auth ority should be known to as many people as possible. It contains the owner identification information as well as a c opy of the owner s public keys. and then the institution then provides a digital certificate to the user. The validation takes place by checking the digital certificates that were both issued by an authorised and trusted third party.signatures are the basis of secure e-commerce. For example in the credit card industry Visa provides digital certificates to th e card issuing financial institution. and more people use it. such a party is known as a Certif ication Authority (CA). A similar process takes place for the merchant.

In some cases. or even know t he presence of the mail.com. Every Internet Service Provider runs a POP server and an SMTP server for the use of its custome rs. Internet mail addresses have two parts. separated by the “@” (‘at’ sign). and the domain tha t stores his mailbox is whitehouse.in or goa. the message is delivered into h is mailbox and is available the next time he checks his mailbox. If you are lucky. using encryption technology you could electronical ly deliver confidential documents saving time and money over the standard practice of having a reliable person . Used correctly. E-mail also ensures a much higher degree of security / privacy. When you send an E-mail message. a local telephone call. Usually the name of your Internet service provider (ISP). you get what the provider gives.who could be waylaid . For example you can write to the President of the United States at president@whitehouse.hand delivering a sealed doc ument. and the part afte r that is the domain. you get to choose your name.in most ca ses. When an e-mail message comes across the Internet. is the domain name. The Internet has two mail protocols to handle this POP (Post Office Protocol) and SMTP (Simple Mail Transfer Protocol). E-mail Addresses and Mail Boxes Every one with e-mail access has an e-mail address. which is the cyberspace equi valent of a postal address or a phone number. An authorised person is one who knows the login name and password to the recipient s mailbox. you can eve n confirm whether your message has been received and read by the recipient. fax. Compared to other mediums e-mail is very economical. e-mail offers many advantages over physical mail or message. The part befor e @ is the mailbox which is roughly speaking your personal name. the message needs space until someone is ready to read it.vsnl. you can even hinder forgery as digital si gnatures. Similarly by using digital signatures. you save money on printing.gov.gov. as the message is in an electronic form. but what do you do when the person you are calling is not at his table or if the person i s a few continents away? With e-mail even if the recipient is not around. the name your provider assigns to your acc ount.net. Only an authorised person can open. paper and ink. The mailbox is usually your username.vsnl. in other cases. such as bgl. Further.in or udupi. For example. The President’s mailbox is president. you ente r the address or addresses of the recipients so that the computer knows to whom se nd it. . like fingerprints can be verified and are unique for every user and message.box without getting buried under a mountain of paper.net. Sure the good old telephone offers advantages similar to that of a letter or fax . The cost of sending electro nic message across the world is the same as sending one across the city .

The recipient then downloads it from the destin ation mail server. This process continues until the mail is uploaded to hotmail server into B s mailbox. (here B downloads the mail from hotmail server). different e-mail options are availabl e from the low budget option all the way up to the relatively expensive but rock stable cor porate option. This process is very simple if you use a good E-mail program. This is analogous to your local post office where all y our letters end up after you deposit the in the letterbox.net. 1995.vsnl. HowE-mail Works? E-mail works on the store and forward principle. Broadly speaking. (VSNL) initially offered the service in the . Once the message reaches the destination m ail server. The country s long distance tel ecom service provider Videsh Sanchar Nigam Ltd. The bgl server checks the network for a mail server with the lowest traffic and uploads A s mai l to this server. which could be on your private network or the Internet. When you are ready to your responses you can reconnect and transmit your outgoing mail to the SMTP server.com). After you have downloaded your message you can get disconnect ed. The mail server also plays a larg e part in controlling the data traffic on the network. it gets posted in the mail server. You can read and respond to your mail while you are offline. When you write an e-mail message and mail it. This server in turn holds the mail while checking the network for a m ail server in turn holds the mail while checking the network for a mail server with the low est activity and uploads A s mail there. This service is called Gateway Internet Access Services or GIAS. the options available are: • E-mail through Internet service provider • Internet-based free e-mail • Internet-based e-mail for forwarding services • E-mail service providers • E-mail through Internet Service Provider: The public access to Internet is available in India since August 15. It also acts as a gateway or translator between different types of e -mail systems like the Internets POP3 or X400 (A recommended international communication standard that defines how e-mail should be transported over differ ent kinds of network like TCP/IP or X25).in) sends a mail to B (at b@hotmail. E-mail works in the same way as the postal system does. E-mail Options Just like there is a car for every driver. they are stored until the recipient collects it. It stores messages when network tra ffic is high and forwards them when network traffic is low thereby reducing network congestion. To understand this let us as sume person A (from a@bgl.When your mail program picks up the mail it gets your mail from your provider PO P server to your PC.

you hav e to be connected to the GIAS service to be able to use Pine. you have t o browse to the e-mail service providers homepage. To send or receive messages. this could result in hefty telephone bills.TCP/IP protocol-based graphical account In both cases.four metros of Delhi.Text-based Unix shell account (with a special discount option for students) . though the text based Unix shell option is cheaper. it has i ts downside. The GIAS service presently offers two types of dial-up access to the Internet: . identify yourself and then read or wr ite your e-mail.GIAS is based on POP. you also get to choose any of the easy-to-use e-mail clients like Eudora or Netscape s Messenger.including . In fa ct all Internet messaging . • Web based Free E-mail Unlike GIAS service where you are provided an e-mail address by default. This allows you to connect. you cannot write your mail offline. These can be used to access the two types o f e-mail available on the Internet: Web-based e-mail and post-office protocol (POP) based email. an e-mail account is offered as a default option to the subscribe r. Secondly. That is because most subscribers prefer t he TCP/IP service resulting in fewer lousy tones since the ratio of available shell accou nt dial up lines to subscribers has improved. With the TCP/IP account you not only get the graphical interface to the Internet . retrieve. POP protocol based e-mail services are similar to the GIAS e-mail service. Mumbai and Bangalore. Calcutta. It does not offer the familiar Windows-based interface and you will ne ed to spend some time familiarising yourself with the Pine e-mail program that is prov ided to shell account subscribers. Due to its popularity the number of peo ple dialing the service has out-stripped the number of access telephone lines put up by VSNL in India. This can be either through a dial-up connection. The only real advantage she ll account seems to offer is better connectivity. If you send a lot of e-mai ls or long e-mails. Today GIAS has expanded to many cities and includes the Department of Telecom (DOT) as a complimentary connectivity provider. One disadvantag e of the TCP/IP account is poor connectivity. Of the two options. a web browser like Internet Explorer or Netscape Navigator is the access client. you nee d to have Internet access before you can start using Internet based free e-mail. you need a client like Eudora or Netscape messenger and you ca n read . to access your mail. read and write all your message s offline but also receives and sends them in multimedia rich HTML format. As with GIAS -based e-mai l. In the case of Web-based e-mail service.

it will get delivered to you. But what do you do if you are one those types who like to keep all mails in one box? Then. articles from online magazines and special interest information. abili ty to collect e-mail from your POP based accounts and a personal address book. And if he passes any message to the paperboy. POP based free e-mai l has the disadvantage of having to install and configure an e-mail client. A forwarding service works like your paperboy who collects your paper and drops it at your house.hotmail. If you have a long e-mail address. The only problem is that you will have to put up with a few advertisements (that s how these services make money) when you access your e-mail. also offer you customised content. would you not love to have one that is short and easy to re member? You can always open a free account with any one of the many Internet-based e-mai l services that have addresses easy to remember.com or yourname@CyberJunkie. To check out the Free E-mail Address Dir ectory go to www. if you sport yourself to be a VIP or a computer addi ct then on NetForward (WWW. you choose a forwarding servi ce. Most popu lar Web based e-mail services like Hotmail (www.or write your message offline. all you have to provide is your long e-mail address. Some. like Net@address (www.com which lists over 100 e-mail sources.com) includes advanced featu res like spell checkers.com).emailaddresses. For example. which c an often be customised.netaddress. most e-mail service providers. The newspaper agent never gets to know where you live. when you register yoursel f with a forwarding service. All he knows is your name and the paperboy.com) you could pick yourself an address like yourname@A-VIP. be it Delhi or New York. Thus. articles from online magazines and special interest information or w orld news.com. Similarly. as long as you have access to the Internet you will be able to send and re ceive email. auto e-mail filtering and sorting. Besides offering an e-mail address. particularly Web browser ones.unless you are using a laptop PC. also allows you to access you e-mail through Internet indexes and directories. This m eans that it is not portable like the Web browser-based e-mail services since client softw are needs to be installed at the access point . • Internet-Based Forwarding Services Free e-mail is not the only useful service that is available on the Internet. irrespective of your location. financial or world news. like t he monthly bill. most index and directories like Yahoo ! or Excite also offer free e-mail services.NetForward. Now all you have to do is distribute this e-mail address and all the e-mail mailed to this address will au . which ag ain needs an Internet connection. anti-Spam options. These include sports. In fact.

which uses POP. On the negative side. Unlike Internet-based messaging services. Under this service you can send an e-mail message to a fax number a nd the service converts the e-mail message to a fax message. However. easy to remember email address you can continue to use your forwarding service. these technolog ical also allow prioritisation of e-mail. If you are sending loads o f long distance faxes. this works out cheaper compared to regular tax transmission and costs about the same as an e-mail message. Corporations use ESP services because of their superior connectivity and messagi ng solutions. All the mail in the Outbox can then be mailed together after connecting to mail server u sing the Internet account.25 or X. Even when you get a new.400-based messaging services under their GEMS 400 service. Th e ESP provides these. Most e-mail service providers also offer other value-added service s like email-to-fix. A servi ce not offered by the consumer e-mail oriented GIAS service. E-mail Software is used to manage the E-mail accounts. VSNL does not just offer I nternet messaging. which are often important to mos t organisations. Most ESP s also provide gateways to these popular messaging pack ages like cc Mail or Microsoft mail. furthermore. But the advantage with ESP is that they off er email solutions and onsite support to both small and large organisations. All you have to do is c hange your forwarding e-mail address to the new e-mail address. peak hour charges and the message is for national or international distribution. are not available in the existing internet-based messaging offere d by GIAS. E-mail Software Microsoft Outlook Express and Netscape Messenger are popular and smart E-mail Software. Messages can be composed off-line.25 and X. with ESP based solutions you need to use messaging clients that are X.400 messaging has a return receipt option that notifies th e sender whether the recipient has received the mail or not. • E-mail Service Providers The e-mail service providers (ESP) existent even before the Internet became popu lar. connect time. they also offer X.400 compliant. if the e-mail volumes are high. As ESP s do not use the standard Internet messaging technology. These features. there are some exceptions like Business India Information Technology’s (BIITs) aXcess World that offer Internet technology-based messaging. .tomatically be redirected to your long address. and stored in an Outbox until all the mail to be sent is read y. most ESP s use either the X. The reason is e-mail service providers charge by vo lume. e-mail provider-based mess aging becomes an expensive option.

5) How do Firewalls function as Gateways? 6) Explain the function of Firewalls as Control Points.vsnl. your username followed by an @ and the domain name. Electronic funds transfer (EFT ) is another relatively mature field that is only now reaching a mass market as ATMs. 8) Explain the different types of firewalls. 9) Distinguish between Application Layer Firewalls and Network Layer Firewalls. 2) What is a Firewall? 3) Explain the need of firewall.End of Chapter UNIT — V E COMMERCE AND WORLD WIDE WEB Electronic commerce is not an entirely new idea. . debit. gas stations. or new posting. and supermarkets increasingly accept credit. Your incoming (POP3) mail server: The name of the computer that receives your email messages. let alone used it. and anyone can use them to write . Today. 7) Explain the different types of Network Policy. usually include services and products that can be ordered online. nor is the online transaction. In 1993. Dial-up computer services. The Internet is Open All the Internet protocols are open and public. Example: aimalu@md4. 12) What are digital signatures? 13) Explain the advantages of Electronic mails.1.in Your e-mail password: The password for your mail box. The Internet Advantage Despite the Internet s long existence as a non-commercial research network.1. QUESTIONS 1) Explain the basic security infrastructures.What your E-mail Program Needs to Know? If you are using PPP account. Example: aimalu@md4. when the World Wide Web protocols were first being proposed as Internet standards. its commercialisation owes its apparent success to several factors: • The Internet is an open system • The Internet itself does not belong to anyone • The World Wide Web is the Internet s “killer app”. you have to inform your e-mail program the name of your incoming (POP) and outgoing (SMTP) mail servers. In internet based e-mail t his is usually the same as the password for your Internet account. and charge cards. Example: aimalu@md4. like those provided by CompuServe since 1980. 10) Describe the process of ensuring security in e-commerce transactions. 11) Explain the different types of online transactions. Your outgoing (SMTP) mail server: The name of the computer that distributes your outgoing mails to the rest of the Internet (often the same as the POP3 server).in or 140.net.net.e. Your e-mail address: i.vsnl. few people outside the research and academic world had even heard of the Internet. the Internet and the World Wide Web are such a part of daily life that major mainstream publications no longer define Internet-relat ed terms like Web site. home page. Following are some things you n eed to know before using any E-mail software. You can get this information from your ISP.128. 4) What does Proxy server mean? Explain its functions.

there were enough different information providers on the Inter net to make it a complicated matter to find a desired resource. Gopher servers simply made vari ous .software implementations that can intemperate with other computers and networks running the Internet protocols. held promise. but also an information provider. Gopher. these applica tions nevertheless had a sufficiently high cost of entry (long learning times) to turn off many potential users. The result of this competition is lower cost barriers to small companies and individuals who previously could not afford to connect to the Inte rnet. but ha ve lost the benefits of having an entire community of researchers and developers working on interoperable implementations. depending on when you read this. Beca use of this openness. Most of the competition between vendors of Inter net and TCP/IP software is based on performance. World Wide Web. Connectivity through the Internet allows any connected individual to browse any freely available content. Applications such as tel net (for running terminal sessions on remote computers) and ftp (the File Transfer Protoc ol application. Even before 1993. While not entirely unusable by the less technically sophisticated. And instead of communicating with an online service population. a wide range of implementations are available. One application. Non e of these vendors is foolhardy enough to announce a new version of their software th at provides even the most attractive of new features at the cost of compatibility w ith other TCP/IP implementations. Killer App of the Internet Most Internet applications were developed by computer scientists more often conc erned with performance and extensibility than with usability. ease of use. without regard to memberships. from freeware thro ugh high-performance. or 50 million people. for transferring files between two computers) required from the use r a high level of awareness about the operating systems of the local and remote computers . or 40. Various applications we re developed to make searching the Internet simpler. At least as important is that anyone with a dedicated Internet connection and a computer can be not just an informati on consumer. LAN (Local Area Network) operating system vendors such as Novell and Microsoft h ave traditionally kept their product specifications private and incompatible. high-function versions of Internet software sold by companies like FTP Software and SunSoft. or more. people with Internet connectivity can potentially communicate with anyone else connected to the Internet: 30. as has happened with the Internet protocols. and compatibility. but none was sufficiently comp elling to users.

or they could use any other allowable Internet application. who can point and click to navigate the Web and locate interesting or necessary information. For example. The World Wide Web In 1989.Internet resources available through a common interface. no matter how they are being displayed. Even more attractive is the ease with which regulate users can create and publish their documents for Internet consumption. it can be printed out in a specified font and size appropriat e for hard copy. c onnect to the server. The result was an application that appealed to a huge potential user base: those wanting to access to free or cheap information and entertainment. including more traditional file transfer servers and . the World Wide Web began to take shape as the ultimate networked hypert ext document. No serious contender for a killer applicatio n appeared until the World Wide Web began and graphical browsers became available. The result is that parts of each marked-up document behave the way they are supposed to. Connected services are often provi ded directly through Web documents. The World Wide Web offers improvements both to the end users. The idea was to use a mark-up language to create documents. The result is world wide web of connections between information services on the Internet. and attempt to locate the desired data. or de vice connected to a World Wide Web server. The resources could be file repositories o r remote computers allowing guest logins. The user starts up client software and con nects to a home page. and to the information providers. but the protocols allow any type of Internet application to be accessed. resources. It had always been a hassle to track down sources of information on the Internet.way the doc ument is displayed. relying o n tags (function-oriented labels that define how a part of a document behaves) rather t han using traditional word-processing formatting options to control the . This is very dry and technical way of saying that Web documents can be created i n such a way that a person using virtually any kind of computer (with a character-based or graphical user interface) can access virtually any information. size. with a menu based front end to those resources. if a lin e is tagged as a title. but when it is displayed on a monitor it may appear in a different specifi ed font. w ho can offers access to their own data as well as other related providers to a much wid er audience. and then can surf on to other Web documents by traversing links on the home page and other connected pages. but without the hassle s of figuring out how to work all the different computers and programs. using menus instead of requiring entry of explicit commands. Gopher simply provided a simple character-based system. and colour appropriate for that particular video display monitor.

specifications. which define the different functional pieces of each document.locating a specific resource on a computer can be equally complicated. server maintenance.terminal sessions on larger host systems. but are also mostly beyond the scope of this book. and files. Rather than r equiring an explicit search for Internet resources using arcane tools. these. it also becomes an e specially attractive avenue for companies looking for new ways to market their products. World Wide Web Standards The World Wide Web is defined by handful of protocol specifications. work better when they stay in their original formats. W orld Wide Web document development. HTML documents consist of plain text (ASCII) files and may point to gra phics files. all the services a re available in a graphic format and the user simply points and clicks to access them. or other network resources (URLs). tags allow different parts of a document to behave differentl y. The interaction between browser and server is defined by the Hypertext Transfer Protocol (HTTP). Although backward compatibility with existing services and systems is important. sound or full motion video files) stored in standard formats. and standards are all important topics. They identify to the server e xactly what resources are being requested. requiring the user to search through (somet imes unfamiliar) operating system directories. As it becomes trivially easy for increasing numbers to access a Web site. other documents and resources. The Uniform Resour ce Locator (URL) protocol specifies how individual resources (file. other types of multimedia files (for example. documents. Traditional Internet addressing conventions are for locating computers attached to specific network interfaces. most important are the abilities of text and graphics to behave as pointers to other parts of a document. in turn. the Web owes its success to an extra ordinarily simple user interface. Software developers use those specifications to implement the Web browser and Web server programs. The Common Gateway Interface (CGI) specifie s mechanisms for passing information from the person browsing your Web server to . Large databases. folders. or e ven a specific section of a document) are to be identified within the World Wide Web b rowsers use these URLs in HTTP requests to remote servers. in particular. Information transmitted from servers to browsers comes from Web documents stored on the server that have been specially tagged using Hypertext Mark-up Language (HTML) tags. Web browsers send messages conforming to this protocol to Web servers. but these are sufficient only to locate a computer . return the requested information. It isn t possible to put all the information that person browsing the Web would like from your site into HTML-formatted files. As mentioned earlier. and especially resources on other Web servers. Special Internet host names and addresses are used.

There is no shortage of Web browsers for any taste or budget. The most popular browsers are fully graphical. Browser functions can also be integrated into more complete network or communications packages (like Netcom s Netcruiser or Wollongong s Emissary). To offer Web services. but it is equally critical to collecting information (and then using it correctly and automatically) for the purposes of transacting business through the World Wi de Web. like the ability to "cache" or save documents already retrieved. although some will offer extra functions or featu res such as integration with other Internet tools (e-mail. Web server software is also widely available. This type of interchange is vital to allow the remote user to access resources s uch as databases. Although a basic PC with a full-time dial-up telephone link to the Internet is s ufficient to act as a Web server. or even into operating systems (like IBM s OS/2 Warp). Fin ally. and have Web documents available. Web servers are set up on higher-performance systems with higherperformance connections to the Internet. Individuals and organisations wishing t o . The user s order n eeds to be processed: if a physical product has been ordered. it would not be sufficient to serve very many simultaneous users. c an also differentiate browsers. More often. network news). be running a Web server program. there m ust be some mechanism outside the server to handle that information. although non-graphi cal browsers are necessity for character-based operating systems. Performan ce enhancements. billing information must always be processed. Just as Web browsers are available for virtually every c omputer and operating system. Browser s range fr om Spartan text only implementations like Lynx for UNIX and other operating systems to full-featured commercial products like Netscape Navigator and Microsoft Internet Explorer. a computer must be connected to the Internet. Browser and Servers Web browsers (or clients) must be able to send HTTP requests and receive HTTP re plies from servers. Designing forms to collect orders through a Web site is not enough. and display-customisation options. CGI provides the link between the Web server and the rest of commercial process.other resources available through that server. in particular by collecting infor mation along to the other resource. Web servers can contain highly grap hical content without being able to display that content locally: The server system ne ed only be able to run the server software and store the hypertext documents and files. the security protocols relevant to the World Wide Web include secure Sockets Lay er (SSL) Hypertext Transfer Protocol (S-HTTP). options fo r saving or copying retrieved data to files. inventory and shipping information must be handled. All should provide access to any Web-connected resource.

we can say t hat selling on the World Wide Web parallels selling in the real world. no other network mechanisms are required (remember. and to other organisations involved in electronic transfers of value. to banks providing electronic banking services.products. the customer will place an order. and charge cards all represen . For example. that the vendor in this instance would have to collect the sale informat ion and process the credit card transaction manually). The merchant s overall presentation. the World Wide Web seems an ideal medium for commerce. determines the con sumer s level of trust. but may require additional mechanisms connected to it. Assuming that some security mechanism is in place to keep the credit ca rd account number private. Those mechanism cover the proc ess from the point at which the sale information has been captured through the Web. its funding by government agencies for research purposes only. The Web page presentation content . of course. Obstacles such as a lack of market penetration and lack of mechanisms for secure transactions are rapidly disappearing. Very simply. to companies that provide services like credit card authorisati on. pric ing. The biggest obstacle to commercialisation of the Internet. the customer enters the merchant s Web site and views product and company informatio n.will help the consumer to make a decision. disappeared rapidly i n the early 1990s as those subsidies expired and were not renewed. Credit cards. Commerce over the World Wide Web requires more than transaction security: it requires mechanisms for processing sales as well.provide Web services have the option of setting up (and managing and maintaining ) their own system. both online and offline. The rest of the transactio n is carried on across the World Wide Web. and delivery . Selling on the World Wide Web With its easy-to-use and graphical interface. or paying an Internet presence provider to run their Web sites for them. and the Web server transmits th e article. the purchase of a digital product such as the text of an article can be carried on entirely through the Web page: The buyer selects the d esired article and enters a credit card account number. If the merchant successfully sells a product and fosters sufficient trust in the customers to generate an order. debit cards. Commerce Models and Environments The movement of money between buyer and seller is rarely simple even in the traditional storefront. Keeping in mind the previous discussion of commercial transactions. moving information to the appropriate systems within the merchant s organisation as well as outside. as consumers and businesses are flocking to the Internet and devel opers are turning their attentions to the problem of securing the Internet for commerc e. descriptions.

The eshop can be anywhere in the world and it is open 24 hours a day. Consumer trade transactions are open to anyone with an Internet connection. for the basic web page. eShopping can take place using a computer at home. Ho w it works out depends on who is buying. • The Internet application may be linked to back office systems to process transac tions and utilise information held on databases. Electronic commerce systems include many of the same options as non-electronic commerce. personal and third party cheques. Books. held on the server. Consumer e-Commerce has gained a new dynamic by the popularisation and commercialisation of the Internet but online business has been around for some t ime using technologies such as interactive videotext and TV shopping channels. e. Internet e-Commerce The basic elements of Internet use and of Internet e-Commerce are: • The user of the system with a computer hooked-up to the Internet. the computer running the browser is the client. This sectio n looks at what constitutes an e-Shop and analyses e-Sales in terms of the stages of the trade cycle. is an e-Shop. • The content provider who has set up an Internet application and installed it on an Internet linked computer. and it is no longer simple to figure out where the mon ey is and where it is going. add to the mix cash. Consumer Oriented e-Commerce (B2C) The Internet offers the opportunity to buy and sell almost anything. Electronic payments can be as simple as the unencrypted transmission of a credit card account number.g. Netscape or Internet Explor er. contracting insurance.t different payment methods. Third-part y payment processors and electronic currencies add to the complexity. who is selling and what is being sold. The user acces ses the Internet using software known as a browser. from work or at a cyber cafe. but add different methods of transmission. All that said. or as co mplex as the encrypted transmission of a digitally signed electronic check. The infrastructure of the e-Shop can be very s . shopping is still shopping and sometimes it is a pleasure and sometimes it is a curse. These elements are shown in the following figure: e-Shop For e-Commerce applications that are selling goods or services the Internet appl ication. using mark-up language (HTML). The computer that holds the Internet content is known as a server. CDs and IT supplies have been among the first products to make a splash online but buying t icket. and money order. travelle r s cheques. servicing a bank account or finding a house are just a fe w of the many products and services that are available. • For Internet service provider through the World Wide Web (web) the data is formatted.

A dynamic web page is built for each user when the web bro wser requests it. encourage a customer to return but it can also be off-putting for the f irst time customer . Complex e-Shops have many more features. for instance .it is a hassle to input a lot of personal details and the customer ma y be concerned about how the information will be stored and used. or online advert. A example of a simple e-Shop.imple or it may be very complex. Facilities are made available for the contents of the basket to be reviewed and unwanted goods can be returned to the shelves . before coming to the till and making the purcha se. A Shopping Basket Customers in a conventional shop are likely to collect a number of products. An airline site could . This add s a level of complexity. Per sonalised Web Pages This is another use of the dynamic web page. When the shopping is complete the customer then makes payment for the goods in the basket . these can include: Customer Regi str ati on Some e-Shops ask the customers to register and then store the customer details o n a database. to make a real e-Shop. to change it requires that the source be edited. Reading a database in which case the page can include. in a shopping basket / shopping cart. it is thought. display the details of the customer s frequent flyer programme and fea ture flight deals from the customers local airport. The" basic element of an e-Shop is a web page that offers o r advertises the goods for sale and provides a means for the shopper to make the purchase. Goods can be selected an d placed in the electronic basket. The shopping basket analogy is used in many larger e-Shops. set up by Charlie Bucket (and with apolo gies to Roald Dahl) are shown in Figure 2. At its very simplest the e-Shop. is to add online purchasing. the latest price and possibly whether the goods are in stock may build the dynamic w eb page. Registration ca n. the site is no longer simply coded in HTML but needs some way of interacting with the server so that the customer and credit card details can be passed across. could simply list the product s for sale or the services offered and invite the customer to phone. The next step up. fax or e-mail their or der. for instance. This then allows the vendor to tailor its information for the specific customer and saves the customer typing in details again on future visits. If the customer has registered with the site the system can generate a page for that specific customer. Dynamic Web Pages The basic web page is formatted in HTML and is then fixed.

There are various security / encryption schemes in use or being developed and there are arguments as to whi ch is best. money represented electronically on the web and available for spending w ith sites that are participants in the scheme. Encr ypti on e-Shops are very sensitive to the notion that e-commerce is insecure. if done well and kept up to date. Examples of this are: • The wine shop that gives a detail assessment of each vintage. Online Deliver y Electronic products such as software. The provision of the additional information. is trying to create a sense of com munity around the store. Loyalty Schemes Some e-Shops are introducing loyalty schemes. • Music sites that can play a sample of the recording that is for sale. Bulletin boards are one such device in this area (but preferab ly not bulletin boards where the shop and the products are criticised too much). Some e-vendors also have / accept: • Their own store credit card (often also available for use in conventional branch es of the store). information and music can be delivered onl ine. A device that del ays completing the transaction but that is made available for customers that are con cerned about online payments. • Payment by phoning the credit card number or posting a cheque. Additional I nfor mation The e-Shop needs to let the customer know what the product or service is. Most e-Shops use an encryption system to secure (or add security) to the transmission of personal and payment details. Multiple Payment Opti ons The current norm for online payments is a credit card and most e-Shops will want to accept all major credit cards. • Debit Cards. Communi ty Beyond the concept of additional information. • Bookshops that provide customer views (both good and bad). accumulated electronically by the vendor. particular ly when it comes to online payments. The customer cannot select t heir own bananas or try on the jumper but they can have additional information not normally available in a conventional shop. Each purchase made attracts a numb er of points.. can eventually be used for discounts or free goods. Onli ne Help Having used the Internet for sales it can also be used for after sales. • e-Cash. The web . The In ternet has both advantages and disadvantages in this area. Where is appropriate. the use of online delivery cuts the cost of distribution a nd avoids the customer having to wait for the goods to arrive. c an give the shop a buzz and keep the punters coming back.

For the online shopper.all of which can be updated when the need arises. the ways of finding goods ar e: • Selecting a menu item or a button on the portal . Order Once on the site the consumer has to do their shopping. as it is on the high street. when found. • Selecting a page that has been featured on an advert or that is recommended by a friend. This can be a disadvantage for goods such as clothes but it may be an opportunit .the screen that is first shown when the user logs on to the Internet. except electronically. The customers can also use e-mail for online help (an expe nsive game for the vendor to play if the help service is free and it becomes popular). Internet Shopping and the Trade Cycle As with any other trade exchange. a purchase on the Internet has a number of sta ges. for instance a commo n customer file and a shared payment infrastructure. are: Search To make a purchase a shopper has to find an appropriate vendor. A picture and a description rather than the real thing represent the goods. there is no negotiation and settlement takes place at the same tim e as the order (there is no credit offered).page can be used for product instructions and self-diagnosis pages . There is less likely to be an assistant that comes to b other you (but the boffins are working on that one). Typically for a retail sale the trade cycle is simpler than for business to busi ness transactions. • Following a link to a store from another page that is advertising it. Like their conventional equiv alent the online mall is designed to attract customers because there is a range of stores. In the conventional shop the consumer can wander through isles or departments looking at the merchandise or a sk an assistant for help. • Using a search engine to find an appropriate Internet e-Store site. and so me of the difference when the selling is done online. The online shop does the same. The larger eStore will have departments and there will be a search engine (or an index) that can assist in finding goods. e-Mails can help out the individual vendors with shared facilities. This is true for a business looking for suppliers or a consumer going to conventional shops and is equally true of the online shopper. Internet addresses are not neces sarily memorable and book marking the site in the browser is the way this is done. The stages in the retail trade cycle. or as hard. And finding a shop that sells what is wanted in a way that the customer is comfo rtable with can be just as easy. Once a useful store is found the customer is likely to want to return. Shoppi ng Mall e-Shops may be set-up as a part of an online mail.

24 hours a Day Trading The Internet home shopper can access an e-Shop anywhere in the world at any time day or night (although not all e-Shops will deal with a world-wide clientele). queuing and whatever else ma kes you made in a shop. Ordering of goods takes place by selecting the image. fresh food that needs a local distribution depot an d. The normally way of paying for online purchase is by the input of credit card details. Home Shopping Shopping can be done from the home. Delivery The smart way to do business is to get your customers to do the work for you. An e-commerce vendor needs a retail distribution network that mat ches the nature of the goods. The delivery requirements differ for a book that ca n be posted from almost anywhere. Ecommerce does this with the ordering process but not with delivery. 4. software that can be delivered. World-wide. in an e-Shop the goods have to be delivered and that could be inconvenient and always adds to the cost. hopefully quickly and conveniently. Internet eCommerce avoids the hassles of travelling. their circumstances and the goods or services that are to be traded.y to provide better information for items such as books and wine. In a convent ional shop the customer usually transports the goods home. Home Delivery The goods are brought to your door . Advantages and Disadvantages of Consumer e-Commerce The spread of Internet e-Commerce will depend on the perception of the consumer of its advantages and disadvantages. in part at least. parking. the name of the product or a selection box. Sending back goods bought online ca n seem to be more of a problem. 3. Technical ways of overcoming the deficit are being developed. The delivery issue associated with e-commerce is an important one and it is one that is often ignored.can be an advantage if you are there to tak e them . Among the advantages of Internet e-Commerce for both the consumer and the trader are: 1. After-Sales Goods that you don t like or that don t work can be taken back to the store (alt hough how helpful the store can be another issue). e-Cash is an alterna tive that is under development. virtual reality to show off garments is one such approach. online. Payment Once the goods have been selected they have to be paid for. 2. at the time of purchase. for instance. The Latest Thing at Bargain Prices Goods bought online may be cheaper or more up-to-date than goods available in a conventional retail shop. the cost structures of the distribution industry and th e expectation of the consumer. on the individual. This perception depends.

Advantages specific to a trader are: a. 5. 3. Delivery can b e an advantage but it causes delay. Delivery Where tangible goods are bought online they have to be delivered.in.htrnl and other sites. The online trader has some of these advantages. feel or try on the good s you are buying. A shopping trip on the Internet will not be the same experience as a shopping expedition with family or friends (for those who like such things). Some customers will use the web site to look up products and then use the conventional store to make pur chase. 2.premises for an online trader can be much more functional. E-mail can also be an appropriate facility for after-sales services. which is critical to successfully conducting business across a ne .uk/~RDavies/arian/emoneyfaq. Online Sales Support For some goods there can be information online on how to use them and how to fix them. one-day. The possibilit y of submitting forms to public administration electronically or getting discounts / favourable terms for online services such as ticket sales and banking transactio ns may turn into compulsion.ex. Electronic Payment Systems 1 1 The original source is greatly acknowledged http://www. As the Internet continues to transform commerce. 4. sometimes inconvenience and it adds another cost. Inspecting Goods The web can provide a good picture. Return of Goods Having to return faulty goods takes time and is an embarrassment. Social Interaction Shopping for some is a chore and for others is an excursion. Returning good to an online vendor can seem even more problematic. b. Disadvantages of Internet e-Commerce include: 1. an eloquent description and even customer re views or virtual reality displays but you cannot actually see. be with drawn. Service providers may be able to make significant cost sav ings using online transactions and the conventional alternative may. access to world-wide markets may be one of these. High-tech Image Being known as an online trader gives an up-to-date image. 5.ac. it known the method of payment is one component. Reduced Costs The online trader does not have the expense of staffing and maintaining conventi onal retail outlets . An additional issue for the consumer is whether they will always have the option to choose between e-Commerce and the conventional trade alternative. Privacy and Security The privacy of personal details and security of financial transactions are a con cern to many users and potential users of e-Commerce.

up-to-date survey of the major electronic payment schemes currently available . This lesson describes the differences between mere encrypted credi t card schemes and true digital cash. this book does the homework for them. Even the majo r card associations. • Motivation for Electronic Payment • Characteristics of Current Payment Systems • Cryptographic Techniques • Credit Card-Based Systems • Electronic Checks • Electronic Cash Payment Systems • Micropayment Systems • Payment Systems . digital cash are outlined and a t enth element is proposed which would embody digital cash with a non-political unit of value. For the first time ever. Electronic Payment Systems offers the first comprehensive. and other governmental units of account. electronic cash and Millicent. are limited to clearing and settling governmental units of account. secure mechanism for value exchang e could be developed. and secure. Digital Cash & Monetary Freedom Much has been published recently about the awesome promises of electronic commer ce and trade on the Internet if only a reliable. effective.from a technical perspect ive.Prospects for the Future Requiring only a basic familiarity with computing and networking. It is this final element of true digital cash. The nine key elements of electronic. and explains the protocols involved. then people have not come very far.freedom to establish and trade negotiable instruments. If all that digital cash permits is the ability to trade and store dollars. the book cover s numerous Internet payment systems including SET (Secure Electronic Transactions) .and helps you understand the key criteria for evaluating and selecting a system that s efficient. If they deal with payment systems and financial software on a daily basis. fran cs. such as Visa and MasterCard. It saves time by gathering and presenting timely informat ion on today s most influential Internet payment systems .twork. each individual has the power to create a new value standard with an immediate worldwide audience. It also identifies the pr operties unique to the various payment schemes. For in an age of inflation and government ineptne . provides a working knowledge of the neces sary cryptography. which represents monetary freedom -the . FSTC electronic checks. which present a revolutionary opportunity to tran sform payments. In eight concisely written ch apters. people acquire the background they need to fully understand how each payment sys tem works.

which enha nces individual privacy and security to the point of choosing between several monetar y providers. all promised visions of the future with one notable exception. which are both.F. Independent academic advancement in eith er discipline alone will not facilitate what is needed for electronic commerce to f lourish. It may be that the smaller firms can devise a un it of value that will enjoy wide acceptance and stability (or appreciation). The year is 2005. but at least then the market determines it and individuals have cho ices between multiple providers. the lifeblood of an economy. People buy lunch at a deli and they pay in wireless digital ca sh from them through electronic wallet. It is money. There must be a synergy between the field of economics. Some firms may at first have an advantage over lesser-known name-brands. languag e and morals it can emerge spontaneously. The cashier gives them a choice of monetary units. displayed on the flat-panel screen for them to view. which emphasises that th e market will dictate the best monetary unit of value and cryptography. which ultimately symbolises what commercial structure we operate within. "Money does not have to be created legal tender by government: like law. but that will soon be overcome if the early leaders fa ll victim to monetary instability. True digital cash as an enabling mechanism for electronic commerce depends upon the marriage of economics and cryptography." . The turkey and cheese sandw . Such private money has often been preferred to government money. the value of what is being transacted and saved can be seriously devalued. A. this can happen in a privately manage d digital cash system. Hayek. Nobel Laureate. but government has usually soon suppressed it. Each of the following key elemen ts will be defined and explored within the bounds of electronic commerce: · Secure (unable to alter or reproduce) · Anonymous (untraceable) · Portable (physical independence) · Infinite duration (until destroyed) · Two-way (unrestricted) · Off-line capable (availability) · Divisible (fungible) · Wide acceptability (trust) · User-friendly (simple) · Unit-of-value freedom (non-political) The transition to a privately operated digital cash system will require a period of brandname recognition and long-term trust.ss. Who wants a hard drive full of worthless "cash"? True. The section on key elements of a private digital cash system compares and contra sts true digital cash to paper cash as we know it today. Currently.

Essentially. But. and others are currently dev eloping. which represents monetary freedom -the freedom to establish. issuance. with limited real-world penetration have always seemed to exist in on e form or another. digital cash are outlined and a t enth element is proposed which would embody digital cash with a non-political unit of value. and "true" digital cash. the Internet provides (1) ease of mass issuance and circulation. It is this final element of true digital cash. circulate. and (4) real-time conversion between competing units. The opportunity to launch an alternative monetary system on a grand scale simply has not been available until recently. ( 2) accessible encryption technology. The future belongs to superior private currencies and the linchpin for successfu l digital cash ventures will undoubtedly be freedom in the unit of value. Once seeded. robust economic commerce depends on a flexible. digital cash as the representatio n of binary value will pave the way to a further off-network revolution in money. and trade negotiable monetary instruments. This lesson highlights the differences between mere encrypted credit card schemes. and management of private currencies. secure mechanism for valu e exchange could be developed. (3) affordable currency transfer infrastructur e. which presents a revolutionary opportunity to transform payments. banks.50 or 5 pvu. responsive monetary system which can best be provided by unbridled mar ket competition. Muc h has been published recently about the awesome promises of electronic commerce and tr ade on the Internet and World Wide Web if only a reliable. for the first tim e ever. only lately with a global. which now compete in most commercial settings with the US Dollar a nd have stayed remarkably stable since their initial issuance in mid-1996. each individual has the power to create a new value standard with an immediate w orldwide audience. such as LETS an d constants. Importance of Monetary Freedom Monetary freedom is essential to the preservation of a free-market economy. Mastercard. People are witne ssing nothing less than the birth of a new industry . The monetary symbol "pvu" is an abbreviation for "priv ate value units". This implies not only market competition among issuers but also str ong competition among the units or representative units that are being issued. small local experiments. The nine key elements of electronic. and financial service providers of the current paradigm. Granted. inter-networked societies can truly say that the established monetary order is susceptible to challenge. Specifically. as Visa. Ultim . As t he current trend on the Internet demonstrates.the development. This should serve as a friendly warning to the clearing associati ons.ich will cost them Rs.

are limited to clearing an d settling governmental units of account. the potential exists for monetary manipulation and an overbearing control of the economy. a hard drive full of worthless digital "cash"? True.ately. nor any other governmental unit. such as the "Fed". as we know it today. there are ten key elements to a succ essful. Neither the US Dollar. The moneta ry landscape is ripe and wide open and private currencies should infiltrate now. Eve n the major card associations. For in an age of inflation and governmen t ineptness. which are incorporated into elements one throu gh six below: . Each of the following key elements will be defined and explored within the bounds of electro nic commerce: • Secure • Anonymous • Portable (physical independence) • Infinite duration (until destroyed) • Two-way (unrestricted) • Off-line capable • Divisible (fungible) • Wide acceptability (trust) • User-friendly (simple) • Unit-of-value freedom As would-be currency providers should note. In 1991. private digital cash system. such as Visa and MasterCard. This section compares and contrasts true digital ca sh to paper cash. the competition for the standard of value should be no different than the compet itive market of multiple providers that see for toothpaste or shoes. With the unprecedented growth of the Interne t. fran cs. the value of what is being transacted and saved can be seriously deva lued. If all that digital cash permits is the ability to trade and store dollars. this can happen in a privately managed digital cash system. and other governmental units of account. Who wan. controls the supply of money a nd the specific units being transacted. yen. has gained a foothold into this new economy. When a single currency issuer. which meets all ten criteria alth ough several are reportedly close. I t has yet to discover a working digital cash system. Tatsuaki Okamoto and Kazuo Ohta proposed six properties of ideal digital cash. then people have not come very far. Key elements of a private digital cash system This section compares and contrasts true digital cash to paper cash. Each of the following key elements of digital c ash "token" will be defined and explored within the bounds of electronic commerce. marks. the standards for electronic commerce are still evolving. but at least then the market determines i t and individuals have choices between multiple providers.

through sophisticated encryption techniques. Alice. Carol. and David share an elaborate dinner together at a trendy restaurant and Alice pays the bill in full . peer-t o-peer payments are possible without either party required attaining registered merchan t status as with today s card-based systems. Bob. they should have the option to remain completely invisible to the mere existence of a payment on their behalf. Bob. able to alter or reproduc e the electronic token. or others. I nfinite dur ation: The digital cash does not expire.Secur e: The transaction protocol must ensure that a high-level security is main tained. Carol. inclu ding noncomputer-network delivery channels. and David each should then be able to transfer one-fourth of the total am ount in digital cash to Alice. Alice and Bob should be able to approach a provider or excha nge house and request digital cash breakdown into the smallest possible units. The cash must be fungible so that reasonable portion of change can be made. this optional intractability feature of digital cash promises to be one of the major points of competition as well as controversy between the various pr oviders. Alice and Bob should be able to walk away wi th their digital cash and transport it for use within alternative delivery systems. Furthermore. Divisibl e: Digital cash token in a given amount can be subdivided into smaller pieces of cash in smaller amounts. Both Alice and Bob should have the option to remain anonymous in relation to the payment. Essentially. proprietary computer network. Two-way: The digital cash can be transferred to other users. Transactional privacy will also be at the heart of the government s attack on di gital cash because it is that feature which will most likely render current legal tender ir relevant. at the second level. The s maller. Anonymous: Anonymity assures the privacy of a transaction on multiple levels. The cash can be transferred through computer networks and off the comp uter network into other storage devices. Digital wealth should not be restricted to a unique. Por table: The security and use of the digital cash is not dependent on any phys ical location. It maintains value until lost or destroyed provided that the issuer has not debased the unit to nothing or gone o ut of business. Beyond encryption. Availability must be unrestricted. Alice should be able to pass digital cash to Bob without either of them. meaning that neither is required to be host-connected in order to process. the better it is to enable high quantities of small-value transactions. Alice should be able to store a token somewhere safe for ten or twenty years . Off-line capable: The protocol between the two exchanging parties is executed of fline. For instance. Alice can freely pass value to Bob at any tim e of day without requiring third-party authentication.

Alice and Bob should not require an advanced degree in cryptography. this influence can be utilised to their advant age to build preference for their "site" through money issuance in much the same way th at various forms or scrip and coupons build customer loyalty and guarantee repeat v isits. non-political monetary units. And. such as Coca-Cola. Alice should be able to use her preferred unit in more than just a restricted local se tting. card-based payment networks. and Net Market. but that will soon be overcome if the early leaders fa ll victim to monetary instability. this feature implies recognition of a nd trusts in the issuer. Alice and Bob should be able to issue non-political digital cash denominated in any defined unit. and IBM. as the protocol machinations should be transparent to the immediat e user. for it is this group tha t will directly influence the payment channel between consumer and merchant through the ir extensive contact with both. Microsoft. the true business gain is realised when the units ar e negotiable in their own right and not merely accepted at the mall only. Other potential unit providers include Internet service providers (ISPs). and we llknown manufacturer or service companies. Wide acceptability: The digital cash is well known and accepted in a large commercial alone.and then retrieve it for use. Some firms may at first have an advantage over lesser-known name-brands. As the new digital cash providers. inter national brand names. As will be explained later. User -fr i endly: The digital cash should be simple to use from both the spendin g perspective and the receiving perspective. Uni t-of-value fr eedom: The theme of this lesson: the digital cash is denominat ed m market-determined. content publishers. With several digital cash providers displaying wide acceptability . Primarily a brand issue. It may be that the smaller firms can devise a un it of value that will enjoy wide acceptance and stability (or even appreciation). They all share in common the existence of an extensive base of on-line customers. bullet in board system operators (BBSs). Simplicity leads to mass use and mass use leads to wide acceptability. which competes with governmental-unit digital cash. Implementing a Non-political Unit of Value The transition to a privately operated digital cash system will require a period of brandname recognition and long-term trust. Potential Unit Providers Opportunities abound for almost anyone but in reality the greatest advantage cur rently goes to the on-line shopping malls and the large merchant sites on the Internet. such as Open Market. find themselves in an enviab . Internet Shopping Network.

(0. It possesses built-in ease of calculation and is universally recognised. Initial distribution techniques for the new private money include elimination of discount fees for merchants. and even other units of digital c ash.001) The base unit name becomes the unit. Redemption and Convertibility Monetary backing includes equity mutual funds.(0.(100) • deca. This area affords unique opportunities for innovative advertisers and marketers to involve them in electronic commerce.(1. precious metals. it would have the following monetary unit prefix designations: • kilo. real estate. which is being distributed.01) • milli.le position to capitalise immediately on their global name recognition. circu lation will then be a factor of merchant acceptance and the rewards of ultimate redempt ion. To cite an example. Outsourcing the portfolio function takes advantage of t he experts in the field today who compete already on reliability and overall perfor mance prime benchmarks for a private monetary unit. free coupons or promotions to consum ers. Mu tual funds of mutual funds exist today and contracts can be executed with the special ist managers of those funds. This is a vastly different world then people have now a nd consumers will analyse currencies as the investments that they really are. This will undoubtedly develop into a main basis for competition among digital cash providers as each one promotes their underlying currency backing as the strongest and most reliable. this does not imply that a prospe ctive digital cash provider learns to become adept at managing an entire portfolio. Distribution and Circulation Probably the least exploited system in the world of money is the metric system. Anything and everything can be magnetised. commodity funds.000) • hecto. domestic pric es will adjust rapidly to reflect relative values of monetary units and the holders of s tronger currencies will benefit. With multiple monetary unit providers. Focusing on the option of equity mutual funds.(0. such as a pvu i n the 2005 example. Once digital cash has hit the market.(10) • base unit name (1) • deci. Unlike today s n ational monetary systems. and royalty schemes for content providers that accept payment in the new digital cash. The issuer s skills should concent . I propose a decimal unit-of-value measurement system that is based o n the 1864 metric system. Hypothetically. universal merchandise and/or services. the benefits of a strong currency will be immediately noticeab le within a country s borders.1) • centi.

and managing the ra te of redemption. Primarily. American Express will benefit from: a) Increased acceptance of American Express card products at merchant locations. extreme diligence is required in accounting for digital cash and tracking redemption patterns. b) Increased demand for American Express card products in countries without established currencies and in countries with severe monetary instability of the established currency. This will be possible because of the lower fees and discount rates derived from manag ing a private unit of account. As multiple currencies infiltrate the market. These freemarket clearinghouses act as a central bank forcing each issuer to maintain an a dequate balance between digital cash outstanding and the chosen reserve backing. monitoring geographic circulation of the unit. Managing a Non-political Unit of Value After initial issuance and circulation. Issuer Benefits Taking the proposal one step further. the manager of a private monetary unit can rely on these clearinghous e parties to communicate to the public the unit s standing in the economy. Digital Cash-flow Administration Since electronic monetary units on a client/server network can return to the iss uer almost instantaneously. This applies to several new democracies in Eastern Europe and the volatile third world nations of Africa and South America. the digital cash providers must turn the ir attention to the management of the monetary unit if it is to survive in an ultra-competiti ve environment. Just as with our on-line provide r.rate on distribution. their relative values will dictate that they trade at a discount or premium to some other benchmark. Moreove r. Therefore. the benefits to American Express are substantial if an American Express monetary uni t can gain world-wide acceptance. if the discount of a particular unit begins to deteriorate. Systems of clearing and redemption are a necessity for the smooth operation of free banking as they provide a check on over-issuance and the general deterioration in sound credit. let us assume that after witnessing the on -line successes with monetary freedom a point-of-sale brand such as American Express wanted to capitalise on their global infrastructure and issue proprietary moneta ry units. Devaluations and reval . This can prove the most difficult area due to the perennial temptat ion of over-issuance. in both digital cash and non-digital cash form. This need not be solely the function of the issuer and probably will not be as new sheets and databases evolve to manage the discountin g and exchange function. it can alert management to the fact that some market forces are affecting the demand for that unit.

uations
of a currency have always plagued American Express from a financial management
perspective. However, a new American Express monetary unit will provide these
countries with a stable alternative to their own currency without the political
ramifications of adopting the "imperialist" US Dollar.
c) Natural marketing benefits associated with a private currency or unit of acco
unt. It is
easiest to displace cash and cheques by becoming cash and cheques. American Expr
ess
will gain clout from the name association and brand identification that accompan
ies a
pricing system. Since American Express s private monetary unit will be the first
nongovernmental unit of account. It is difficult to compare to other products, but
it is fair to
say that from a trade perspective American Express will benefit in much the same
way
that the United States benefits when products globally are priced in US Dollars.
d) Transaction volume that remains within the American Express system by providi
ng a
unit of account with ultimate redemption only at an American Express location. A
sharp,
sustained increase in transaction volume can be expected because the majority of
cardholder transactions made in the American Express monetary the acceptor of th
e
American Express monetary unit will duplicate unit. This will occur because of t
he
incentive to avoid costly conversion out of the American Express monetary unit.
The
user incentive is maintained by providing a stable unit of value with strong mer
chant
acceptance. The great irony occurs when Visa and Mastercard begin accepting and
processing transactions denominated in the American Express monetary unit throug
h
their authorisation and clearing systems.
e) Open market operations conducted by American Express that expand or contract
the
available supply of American Express currency. The gains in this case are derive
d from
the fact that American Express can determine its own monetary unit s short-term
interest rate, and hence lending revenue, by manipulating its own unit s supply.
The
capital for these operations is generated from the difference between the digita
l cash
face value and the cost to produce and ultimately back the electronic token. Iss
uers may
lend capital or spend capital that is generated in this fashion.
Since the treasury division of American Express would resemble, in some respects
, the
dealing room of the Federal Reserve Bank, American Express could artificially ex
pand
the supply of its own monetary unit to generate direct corporate revenue with th
e
obvious constraint being the long-term preservation of the unit s market value.
This may
prove to be a tricky endeavour and it is the tightrope that a monetary issuer wa
lks.
f) Increased corporate borrowing capacity resulting from an almost immediate inc
rease
in overall capitalisation of the company. Over time, the balance sheet of the is

suing
entity will largely be a function of the American Express monetary units in circ
ulation. A
stronger balance sheet can only enhance the strategic position of the corporatio
n in
financial markets.
g) Potential unrealised profits from a managed portfolio comprised of a reservebacked
currency at a time when government fiat currencies are suffering from internatio
nal
market instability. The profits of currency held are a direct result of the appr
eciation of
the new monetary unit relative to other monetary units.
True digital cash as an enabling mechanism for electronic commerce depends upon
the
marriage of economics and cryptography. Independent academic advancement in eith
er
discipline alone will not facilitate what is needed for electronic commerce to f
lourish.
There must be a synergy between the field of economics, which emphasises that th
e
market will dictate the best monetary unit of value and cryptography, which enha
nces
individual privacy and security to the point of choosing between several monetar
y
providers. It refers to this new sub-discipline as cryptonomics. The Internet is
a new
world demands a new currency - a new standard of value. As an enabling mechanism
for
social change, digital cash has vast implications for macroeconomics in the area
of a
government s money monopoly and taxing authority. In light of the growing attack
s on
individual privacy both in the United States and abroad, there has never been a
more
important time to emphasise the concepts behind the vigilant protection of total
financial and monetary privacy. It is money, the lifeblood of any economy, that
ultimately symbolises what commercial structure, and hence what political struct
ure,
humans operate within.
Prepaid Smart Card Techniques
A prepaid smart card contains stored value, which the person holding it can spen
d at
retailers. After accepting stored value from cards, system providers periodicall
y
reimburse retailers with actual money. A system provider receives money in advan
ce
from people and stores identical value onto their cards. During each of these th
ree kinds
of transactions, secured data representing value is exchanged for actual money o
r for
goods and services. Telephone cards used in France and elsewhere are probably th
e best
known prepaid smart cards (though some phone cards use optical or magnetic
techniques, which are not considered here). National prepaid systems combining p
ublic
transportation, public telephones, merchants, and vending have already been
announced in a number of countries. And road tolls at full highway speed are not
far
behind. The systems proposed so far are compared, after a quick look at the card

types
on which they are based.
Card Types
There are in essence only four types of microcircuit card that have been suggest
ed for
use in prepaid applications, each based on a particular kind of chip. They are l
isted here
in historical order:
Memor y car ds: The chip in these cards consists only of storage and a little ex
tra
hardware that prevents access to the stored data unless certain stored passwords
or
PINs are input correctly. Most telephone cards are of this type.
Shar ed-key car ds: Secret keys in the chip let the card authenticate its
communication with any device sharing the same keys. The chips are standard micr
ocontroller card chips, with masked-in software for the cryptographic authenticat
ion
algorithms.
Si gnatur e-tr anspor ti ng car ds: The same chip hardware as in shared-key card
s is
used, but with different software masked-in. The card stores publicly verifiable
digital
signatures created by the system provider, and fills them in like blank cheques
when
spending them.
Si gnatur e-cr eating car ds: These chips also contain a micro-controller, but i
n
combination with a dedicated co-processor capable of making digital signatures.
Instead
of spending signatures created by the system provider, they create their own.
Comparison
Security and cost are the fundamental criteria used here for comparing prepaid c
ard
techniques, but the best choice of technology depends on the situation. Security
suitable
for an in-house company card, for instance, may be wholly inadequate for a natio
nal or
international card, which may require protection of many system providers from e
ach
other as well as protection of personal privacy. Also depending on the setting,
higher
card costs can lead to lower system costs.
Closed or Open Security
Memory cards are suitable only for closed systems where a single company issues
the
cards and accepts them as payment for goods and services, or for systems with ve
ry low
fraud incentive. The reason is that defrauding such systems requires only a smal
l
computer interposed between an actual card and a cash register. The computer mer
ely
has to record the secrets communicated during an initial transaction and can the
n, as
often as desired, be used to play the role of a card having the initial balance.
Shared-key card systems require a tamper-resistant secured module in each vendin
g
machine or other point of payment. The module uses the key it shares with a card
to
authenticate messages during purchases. This lets the card convince the module t

which becomes impractical as the number of providers. but also the entire card base ma y be compromised. As a consequen ce. Privacy All cards. which might be hard to achieve. if a reload or any one of the payments made by a person is traced to that person. the module tran smits a similarly authenticated message. not only is significant retailer fraud facilitated. grows. These are the only truly open syst ems. except the signature-transporting type. A car d convinces by using the shared key to encrypt a random challenge issued by the mo dule together with an amount. all payments a person makes are linked together by the card identity. cards use a different si gnature per . Cash registers need no secret keys. which act like guaranteed checks filled in with all the relevant details. If the cards of mult iple system providers are to be accepted at the same retailers. The signature-transporting approach avoids the nee d for identification. since instead of a single key per card. uniquely identify themselves in each transaction. via telecommunication or manual collection procedure. who reimburses the retailer. Periodically. and issuers cannot cheat each other. in any shared-key system. (Although tamper-resistant modules are not needed for verification. only public ones. retailers cannot cheat issuers. which gives some problems. This means that even if the card does not reveal the person s ident ity. if a module is penetrat ed. Therefore cards are given unique keys. the n they all are. The system provider for reimbursement can later verify these s ame signatures. This means either a mutually trusted module containing the keys of multiple providers. Signature-transporting and creating card types avoid these problems since they d o not require secured modules. and the cash register needs the card identity each time to re-creates the corresponding unique card key from the master key. or one module per provider. i n order to authenticate the signatures. back to the system provider.hat it has reduced its stored value by the correct amount and that it is genuine. all the retailers mus t have secured modules containing keys of every provider. they can still be used to aggregate transactions. The secured module in a shared-key system thus needs to store or at least be abl e to recreate secret keys of all cards.) Both signature-based card types also a llow the cards of any number of issuers to be accepted at all retailers. The reason for identification of shared-key cards is that security is t hought to be too low if all cards have the master key. Furthermore. so that the module can decrypt the transmission and com pare the result with the expected challenge and amount.

and system provider processing and security measures. which need extra circuitry for the co-processor (or a very powerful processor). require more on a chip. stored. as is of course required with non-refillable memory c ards. and consequently much less expensive to produce. Non-Card Costs Apart from cards themselves. secured modules trusted by all system providers must be installed in all retailer equipment. thereby allowing sharin g of card cost among multiple applications.20 in quantity. and printing can cost ab out the same for all card types. but also by how long cards last and how much of each card is needed. roughly between US$ 0. however. etc. They cost. Signature-creating card chips.10-0.00-1. but on the other hand require infrastructur e for online reload transactions with system providers.) and even the price of current terminals ( about US$ 150-1500) suggest that the point-of-sale equipment can be more costly than e ven a dedicated micro-controller card base. not limited to stored value. Nonrefillable memory cards have a very limited card lifetime and are suitable only for a single purpose. typ ically use less durable materials and less costly production techniques. then they must be transported. Refillable cards can be distr ibuted without value and avoid these costs. Memory card chips are much smaller. In open systems such security modules must be . Suitabl e chips cost about US$ 1. Non-refillable cards.00 (plus the cost of the smal l fraction of chips that are damaged during production). In the shared-key approach. depending on the type. assembling them into cards.payment. Shared-key and signature-transporting cards t oday use exactly the same chip hardware. only the masked-in software differs. than those in micro controller cards. and currently cost several times more. retailer equipment. If car ds are issued with value on them.40 in quantity. like those associated with bank notes.50 to 2. When the system provider makes signatures on blinded checks that are th en un-blinded by the card. Typical ratios of cards to points of sale (about 100 to 1 for c ash registers and higher with vending. Retailer equipment costs may be higher than card costs. the other main system costs are card issuing and re filling. and dispensed. But micro-controller cards can last years and is flexible enough to handle a variety of things. Card Costs The overall cost of cards for a system is determined not only by how much each c ard costs. phones. not even the system provider can trace payments to cards . roughly US$ 0. Bonding chips into modules. are relatively new on the market. using costly security and audit provisions.

But the higher cost of terminals incorporating such modules is at odds with the objectiv e of automating all manner of low value payments. the memory card. and start to include less trustworthy retailers and mor e system providers. . The mai n reason is that shared-keys require tamper-¬resistant modules at all points of payment and processing sites. and the other card types are unable to address this problem. These can then be verified by any transaction processing comp uter that has copies of the freely available public keys. The most expensive type. PayMe Protocol Set The use of the www as an electronic marketplace is increasing. can today be based on exactly the same ki nds of micro-controller chips. even the minimum security necessary becomes excessively costly . as large open sys tems are built or as closed systems grow and merge. and there is a ne . The remaining two card types. thereby reducing exposure w hile both increasing the quality and reducing the cost of security audit and controls. The low card cost makes this approach attractive.he cost of maintaining even mere ly acceptable security with shared keys becomes prohibitive. seems to offer little fund amental advantage over less expensive cards and. With either signature card type. The system cost with s haredkeys. is significantly higher than with signature transporting.significantly more elaborate and costly than any card. incidentally. Prope r management of keys and auditing of such systems are cumbersome > and expensive. while signature transporting solv es it neatly.transportin g. By contrast. while these modules are not needed with signature. is well suited for closed systems where there is little incentive for fraud by persons or retailers. but the low security makes it unsuitable for more gene ral use. If shared-key systems grow. however. the signature-creating card. shared-key and signature transporting. such as in vending. there are other reasons to prefer signature-transporting ca rds for larger systems. In addition to cost. since the security offere d by a card is generally considered inadequate to protect the keys of all other cards. suitable software not tamper-resistant modules are all retailer equipment needs in order to verify payments and later forward the signa tures for reimbursement. When more retailers and system providers are included. Privacy may be an issue in large-scale consumer systems. is far too slow in signin g for highway speed road-tolls and even some Telephones. The simplest of the four card types. and thus have the same card cost. Transaction processing by the system providers also requires tamper-resistant devices. signature transporting maintains a very high level of security while allowing flexible sca ling and merging of systems.

requiring no additional hardware such as smart cards. NetCash. will be discuss related work on two sys tems for electronic payment and go on to propose a new set of protocols that surmounts so me of their inherent problems. two electronic cash systems. Keywor ds: "Web payment. that allow for larg e numbers of payments to take place without requiring unreasonably large databases to be maintained. the system must support large numbe rs of buyers and sellers affiliated to many different banks. uses identified electronic c . This gives rise to a secondary problem in tha t since the coin is an electronic quality that is easily duplicated. such a payment syst em must guard against the coin being spent more than once. The World Wide Web has potential to become a highly efficient electronic marketp lace for goods and services. scalable payment. The most effective meth od of achieving this is to implement a form of electronic cash. In this lesson exami ne two existing systems: E-cash and NetCash. The second. Related Work Recently. and these figures are rising very rapidly. Mi suse of such information can give rise to serious breaches of personal privacy. The problem of detection of double spending is particularly acute. and solutions must be found. it has been estimated that there may be over 30 million users of the Internet spread across 96 different countries using over 6. anonymous and secure. If a payment system for the WWW is to receive widespread support. using numbered ba nk accounts and blind signatures. where the coins being spent cannot be linked with their owner. In the following section. Ecash. it must offer its users som e form of protection against the gathering of such information. discuss their strengths and weaknesses and propose a new system called the PayMe Transfer Protocol (PMTP). secure payment. and illustrates its use with an example based on p urchase of goods across the WWW. The first. It shows how it improves on existing systems. which can be used to make payments for WWW resources have been published. there is alwa ys a risk that organisations may resort to gathering information relating individuals with the amounts that they have spent. At the time of writing.6 million host co mputers. is a fully anonymous electronic cash system. When payments are effected electronically. Internet payment mechanisms. This means that an effective electron ic payment system must be highly scalable. locations involved and types of good purchased. electronic cash. It should not be possible for an attacker to bypass the system or to falsely obtain monetary value from it. In practice. and security".ed for a cash payment system that is scalable.

from a company called Digicas h. validat e existing coins and exchange real money for Ecash. In an e lectronic cash system there is usually a bank. It is an on-line software solution. Customers and merchants verify the coins usin g the bank s widely available public key. and merchants wh o will accept currency in exchange for goods or a service. from which they can withdraw and deposit Ecash coins. Electronic cash is the electronic equivalent of real paper cash. and paying or receiving coins from a merchant. the inventor of blind signatures and man y electronic cash protocols.ash giving a more scalable but less anonymous system. or hard goods. whose managing director is David Chaum. Every customer. The serial numbers are then blinded using the blind. and the bank uses the customer s public key to verify the sig nature. Ecash from DigiCash Ecash is a fully anonymous electronic cash system. for secu rity. Using a 100-digit serial number usually guaran tees this. A ba nk digitally signs coins using its private key. Merchants who can accept Ecash coins in payment for information. Every user in the system has his own public/private key pair. Ecash is implemented using RSA public-key cryptography. It is also possibl e for merchants to run a pay-out service where they can pay a client Ecash coins. Customers sign bank deposits and withdrawals with their private key. and to digitally sign. The Ecash system consists of three main entities: Banks. and blind signatures. signature technique. and bank has its own public/private key pair. and can be impl emented using public-key cryptography. digital signatures. The blinded coins are then p ackaged . the user s cyber-wallet software calculates how many digital coins of what denominations are needed to withdraw the requested amount. who mint coins. a custome r who has accounts at the bank and can withdraw and deposit currency. responsible for issuing currency. Special client and merchant software is require d to use the Ecash system. which implements fully anonymous electronic cash using blind signature techniques. for authentication. The client software is called a "cyberwallet" and is responsib le for withdrawing and depositing coins from a bank. Buyers who have accounts with a bank. The s erial numbers are large enough so that there is very little chance that anyone else wi ll ever generate the same serial numbers. blocks of data that represent coins. Multiplying the coins does this by a random factor. merchan t. The software then generates random serial numbers for these coins. The keys are used to encrypt. Withdrawing Ecash Coins To make a withdrawal from the bank.

The message cannot be decrypted by anyone but the bank. In this way the cash is fully anonymous. Merchant] If they disagree or do not have the exact denominations necessary to make a corr ect payment. and unblind t he coins by dividing-out the blinding factor. To bu y an item the user selects the URL representing that item. 5) When the merchant receives the coins in payment. Since the bank couldn t see the serial numb ers on the coins it was signing there is no way to now trace these coins back to the us er who withdrew them. 2) The CGI program invoked will be the merchant Ecash software. it checks the signature. The bank signs the coins with a private key. The following steps occur in making a purchase with Ecash: 1) The user s Web client sends an HTTP message requesting the URL to the Merchan t s normal Web server. The user can then decrypt the message. The location of the buyer s hos t machine will also be passed in an environment variable from the server to the me rchant Ecash software. Th e Ecash software can be used with any existing Web client and Web server software. A mer chant shop is simply an HTML document with URLs representing the items for sale. he must verify that they are valid coins. the merchant is sent a payment refusal message. encrypted with the bank s public key. and then sent to the bank. Spending Ecash To spend Ecash coins. asking t hem if they wish to make the payment. and have not been double spent. After signing the blind coins. the bank returns them to the user.into a message. e ncrypted with the user s public key. This URL will invoke a Common Gateway Interface (CGI) program . The withdrawal amou nt can then be debited from the signature owner s account. the user starts up their cyberwallet software and a normal Web client and then browses the Web till they find a merchant shop selling goods. digitally signed with the user s private key. asking it for payment. and it will be p assed details of the item selected encoded in the URL. 4) When the cyberwallet receives this request. If they agree. To do this he must contact the bank. the cyberwallet will gather togeth er the exact amount of coins and send this as payment to the merchant. as o nly the . When the bank receives the message. 3) The merchant software now contacts the buyers wallet using a TCP/IP connectio n. The coins will b e encrypted with the merchant s public key so that only the merchant can decrypt t hem: {{Coins} K[public. it will prompt the user.

Currently no real money is used in the system. There are many sample Web shops at which to spend cyberbucks.minting bank can tell whether coins have been spent before or not. due to the blind signatures used when generating coins. If the serial numbers don t appear in the database. The electronic cash used is untraceable. since they have been spent befor e. but also for a 10. If a large number of people start using the system. The values of the coins are credited to the merchant s acco unt. but an Ecash trial with 10. The bank notifies the merchant of the s uccessful deposit. signs the message with his private key. and message tampering. Advantages and Failings The strengths of Ecash are its full anonymity and security.000 participants. Coins cannot be stolen while the y are in transit. then they are valid. the merchant was paid. Thus the merc hant packages the coins. Under the circumstances. each b eing given 100 "cyberbucks" for free has been running since late 1994. The main problem with Ecash may be the size of the database of spent coins. However. and have the banks signature on the m.000-user bank. or an indication of successful purchase of hard goods. encrypts the message with the bank s public key. password protection and encryption could strengthen the protection of coins on the local machine.00. The coins are destroyed.000-user bank. It seems likely that the bank host machine has an inter nal scalable structure so that it can be set up not only for a 10. If the n umbers appear in the database then they are not valid.Merchant]}K[public.Bank] 6) The bank validates the coins by checking the serial numbers with the large on¬l ine database of all the serial numbers ever spent and returned to the bank. Ecash client and merchant software is available for many platforms. is then sent from the merchant Ecash software to the Web Server. the Ecash syste m is safe from eavesdropping. By employing secure protocols using RSA public key cryptography. the task of maintaining and queryi ng a database of spent coins is probably beyond today s state-of the-art database sys . and sends it to the bank: {{Coins}K[private. 9) The Web server forwards this information to the buyer s Web client. the size of this database could become very large and unmanageable. Keeping a database of the serial number of every coin ev er spent in the system is not a scalable solution. 7) Since the deposit was successful. 8) The purchased item. Thus coins are good for one transaction only. and a signed receipt is returned to the buyer s cyberwallet. Digicash plans to use multiple b anks each minting and managing their own currency with inter-bank clearing to handle the problems of scalability. and the serial numbers added to the database of spent coins .

all signed by the central au thority: {Certif_id. which consist of: Cur r ency Server Name: Identifies a currency server. The use of multiple curr ency servers allows the system to scale well. name of the currency server. whom the coins are issued.CS_addr. a name server can be queried to find the curre nt address. it will contact the m . If a currency server receives coins that were not minted by it. The coin is signed with the currency server s private key: {CS_name. exp_date} K[private. only the ne twork address of where they are coming from. cu rrency server s public key. The currency server generat es a public/private key pair.coin_val}K[private. such as NetCheque can be exchanged for electronic cash. NetCash NetCash is a framework for electronic cash developed at the Information Sciences Institute of the University of Southern California. To furth er aid anonymity a holder of coins can go to any currency server and exchange valid coi ns for new ones. If this address is no longer in use. issue_date. Cur r ency Server Networ k Address: Where the currency server can be found. The currency server does not know who is exchanging coins.tems. The system is based on distributed currency servers where electronic checks. The currency server is trusted not to record to. If the coin s serial number is in the dat abase it has not been spent already and is valid. Auth] The currency server mints electronic coins.CS] The currency server keeps track of the serial numbers of all outstanding coins. An organisation wishing to set up and manage a currency server obtains insurance fo r the new currency from a central certification authority. Many of the ideas used in Pa yMe came from the NetCash proposal. Ser i al Number : Uniquely identifies the coin. An electronic cheque can be exchanged with a currency server for electronic coin s. This certificate contains a certificate ID. CS_name. When the coin is checked the serial num ber is then removed from the database. The NetCash system consists of buyers. By performing the exchange and by choosin g any currency server to do this with. Expir y Date: Limits the state that must be maintained by each currency server. merchants. and currency servers. it becomes difficult to track the path of t he coins. Coi n Value: Amount coin is worth. Alth ough the cash is identified there are mechanisms whereby coins can be exchanged to allow some anonymity. The coin is then replaced with a new coin (coin exchange). Being signed by the central authority then certifies th e public key. In this way checking a coin s serial number with the currency server at the time of purc hase (or exchange) can prevent double spending. K[public) CS].serial_num.exp_date. issue date and an expiry date. It uses identified on-line electronic cash.

inting currency server to validate those coins. SK[Merchant]. a freshly generated secret key (SK[Buyer]). To do this he sen ds them to the currency server to be exchanged for new coins or for a cheque. the identifier of the purchased service (S_id). and that the merchant has the public key of the currency server. Extensions to the protocol are detailed in these are more complex and give prote ction against fraud for both the merchant and buyer. and a public session key (K[public. starting from when the buyer attempts to pay the merchant: The buyer sends the electronic coins in payment. signed with his private key and enc rypted with the buyer s secret key: {{Amount.Buyer]). A valid coin is one whose serial number appears in the database. Buyer]. The mercha nt generates a new symmetric session key SK[Merchant] and sends this along with the coins and the chosen transaction type to the currency server. The following steps are clearly explained how a buyer uses NetCash coins to purc hase an item from a merchant. CS] The Currency Server checks that the coins are valid by checking its database.transaction_id.K[public. Implementation details of how the NetCash protocols might be linked with applica tions such as the Web are not available. The server will then re turn new coins or a cheque to the merchant. The Merchant needs to check that the received coins are valid. to the merchant .date}K[private. The merchant to establish a secure channel with the buyer later uses the secret key.Merchant]}SK[Buyer] The buyer can then use the transaction identifier and the public session key to obtain the service purchased. Merchant] The message can t be eavesdropped or tampered with. There is nothing to stop the merchant spending the buyer s coins without providing a receipt. transaction_type} K[public. but it could be done in a similar fashion to Ecash using an out-of-band communications channel. SK[Buyer]. S_id} K[public. In this transaction the buyer remains anonymous since the merchant will only know the network address of where the buyer is coming from NetCash assumes that the buyer has or can obtain the public key of the merchant. While it prevents double sp ending it does not protect the buyer from fraud. all encrypted with the Merchant s public key. There are also mechanisms to allo . The whole message is encrypted with the server s public key so that only it can see the contents: {Coins. He now returns a receipt. This is the basic purchase protocol used in NetCash. The transaction consists of the fol lowing four steps. encrypted with the merchant s session key : {New_coins} SK[Merchant] Having received new coins (or a cheque) the merchant knows that the buyer has properly paid him. The public session key is later used to verify that subsequent requests originate from the buyer who paid for th e service. {Coins.

This makes for a much more scalable solution to the payment problem . A NetCash system is currently being implemented. These h owever rely on the buyer contacting the currency server beforehand. which can be used to buy coins. They use a time window in which the coins are only val id for certain short lengths of time. and achieves these using protocols that are quite complex in nature. NetCash uses identified coins with multiple currency servers.w the merchant to be fully anonymous to the buyer. NetCash is also fully secure. a new p ayment system called the PayMe Protocol Set was devised. It is scalable sin ce multiple currency servers are present and security is provided by the cryptographic proto cols used. The advantages of NetCash are that it is scalable and secure. Successful operation of the Ecash system depends on the maintenance of a central database o f all coins ever issued within the system. If it were to become accepted as a global p ayment system. This could compromise the performance of the system as a whole. NetCash is not fully anonymous. NetCheque will be used to prov ide cheques. The two payment systems outlined each have their strengths and weaknesses. To generate a public key of suitable length to be secure takes a very large amount of time compared with that involved in generati ng a symmetric session key. unlike Ecash. The ability to exchange coins and use any or multiple currency servers inc reases the anonymity of the system. and knowing who the merchant is at that time. while an onymity is maintained. there is only a requirement to keep track of all currency current ly in circulation. Ecash is a fully secure system that provides for very strong anonymity. or which can be issued when coins are t raded in. It is difficult but not impossible for a currency server to keep records of who it issues coins to and who it receives th em back from. Partially off¬line protocols where th e bank does not need to be contacted during a purchase are also described. A major goal was to preserve a s much of the anonymity provided by Ecash while adopting many of the features of NetCas . this would quickly become a major problem. Possible disadvantages of the system are that it uses many session keys an d in particular public key session keys. The use of banks wi thin the system reflects current practice in non-electronic payment systems. and thus. but no details are given as to how it will be linked with applications such as the Web. The PayMe Protocol Set In an attempt to combine the best features of the two systems described.

or deal with the bank. ba nk id. Since this paper concentrates on payment for WWW resources. The PayMe system and protocol set are now presented. to communicate between entities. Th e coins are digitally signed by the bank using public key cryptography to make them vali d currency.BANKl] Here the coin is worth 10. An exa mple coin is of the form: {10 MIK1234 BANK1 bank. minus the failings of those systems. In the fol lowing sections. The PayMe system uses its own secure communications protocol. This scale is better than the blind signature electronic cash approach. serial number. will be discussed the overall design of the protocol set and work thro ugh an example of a network payment. Coins have fields for the coin value. the user-id of the bank s public key is BANK1. accept payments. PayMe is an on-line electronic cash system. when the coin is minted. A bank within the PayMe system mints coins. This can be used for making refunds or in payout services.h that allow it to scale to large numbers of users with multiple banks. The y can make payments. In this way PayMe is a collection of th e successful parts from existing systems. the PayMe Transfer Protocol (PMTP). This app roach was adopted to allow a full prototype to be developed that could eventually be u sed with any emerging Web security standard. which is entered into the bank s databa se. maintains a database of the serial numbers of coins in current circulation to prevent double spending.es. that is. outside the Web s HTTP protocol. and expiry date. the bank is located at port 8000 on the machine bank. Many of the design ideas ar e based on a close examination of systems such as NetCash. and manages the . an d the coin expires on 18th December 1998.ie. When these five fields are put together and signed with the bank s private key.8000 18-12-98}K[private. Any user in the PayMe system can accept paym ents and make payments. Each coin has a serial number.ted. The entities involved are banks and users. its serial number is MIK1234. Each bank mints its own identified electronic cash with serial numbers. PayMe Currency Coins are the pieces of data that represent monetary value within the system. Users can be either buyers or merchants but each has the same functionality. Merchants can receive payments for selling Web goods but they can also make payments to the buyers.ie. detailed coverage will be given of both the currency representation a nd the protocol primitives used during a Web transaction. This provides security and a m eans of communicating out-of-band. bank host name and port number. Ecash and other related systems such as Magic Money and Netbill.ted. a valid coin is created.cs. The bank maintaining a database of coins in circulation prevents double spending of coins.

Exchange Coins for new ones Any user. and amo unt. or obtain a bank statement fr om the bank for that account uses the first three messages. and digita l signature are required to make a deposit. It is not necessary to have an ac count at a bank to exchange coins. W hen a user withdraws coins from a bank the bank could record the numbers on the coins and . digitally signed by the account owner. A bank account owner to withdraw or deposit coins. but it is still secure. who holds valid coins from a bank. A request is where the receiver is being aske d to perform an action. The account identifier. It uses both symmetric and public-key cryptography. A refusal is where the receiver refused to perform the action. Request Bank Statement Returns a bank statement for an account. and the message body may contain a r eason for this refusal. These accounts could then be settled using a real-world inter-bank clearing mechanism. A digital signature is required to auth enticate the account owner. These have been called request. A response message identifier indicates that the action has b een performed and the message body contains the results of that action. PMTP consists of six request-response message types. Withdraw Coins Requires an account identifier. If that bank does not mint the coins then the min ting bank will be contacted to validate the coins. For efficiency an exchange must be done with the bank th at minted the coins. Banks have accounts with other ban ks and in this way records are kept of how much each bank owes another. account password. Deposit Coins Attempts to deposit coins into a bank account. matching account name. The bank will check that the coin s are*valid before crediting the account. During the exchange the bank only knows the network address of where the coins are being sent. The process for doing this is anonymous. A deposit can be done with any bank wi th which the user has an account. PayMe Transfer Protocol (PMTP) PMTP is the set of secure messages designed to provide the communications necess ary in the PayMe system. can exchange the coins for new ones . name. For each of the six message type s there are three different possible message identifiers. response and refusal respectively.accounts of merchants and buyers. If the coins i t receives are valid it will return new ones in exchange. Either a buyer or merchant can use this mechanism to help hide their identity. There is one request message i dentifier and two different response message identifiers.

Ideally the buyer should hav e obtained the merchant s public key before the purchase. The only exception to this is the ask_payment_request message. or • encrypted with a symmetric session key which has been distributed securely. a digitally signed messa ge cannot be tampered with. and masquerading techniques. since an attacker could replace the merchant s key with his own. By using message digests. However. During a purchase a buyer remains anonymous to the merchant. Ask for payment The last two messages are used between a user and another user such as a merchan t. The merchant only knows the network address of the buyer. replay. The addr ess of where to send the message to. making it more difficult to trace spending habits. It ensures that the message . Message Tampering Prevention Any encrypted message cannot be tampered with.whom it gave them to. then the bank does not know who has performed the exchange. The parameters will often be generated automatically by the PayMe software. and to prevent a replay of that message. The buyer remains anonymous to the merchant in this transaction. Eavesdropping Prevention An attacker cannot see the contents of a PMTP message because the message is eit her… • encrypted with the public key of the receiver. However the merchant s p ublic key is also sent within the payment request. also needs to be given. Replay Prevention A nonce is used within each PMTP message to ensure that the message can be used for one occasion only. Then when a merchant later deposits the coins the bank cou ld check to whom it issued the coins. PMTP Security PMTP messages are secure from attacks using eavesdropping. since it will not be possible to decrypt it after it has been changed. if during a purchase a merchant exchanges the coins rather than deposit ing them. The ask payment message is used to ask a buyer for a payment amount. The session key was distributed by sending it in a public-key encrypted message. If the user already holds the m erchant s public key. Only the private key can decrypt the message. In this way the spending habits of a user cou ld be recorded. or even another trusted third party could perform this exchan ge to "launder" the money. There is some risk involved with th is. Since the buyer i s to remain anonymous this message is transmitted in clear text. message tampering. Either the merchant or buyer. The user is given the choice to accept a new merchant key in this way or not. then this is compared with the one received in the payment request a s part of the procedure to authenticate the merchant. Pay coins Attempt to pay coins to a merchant.

If he accepts the Wallet selects the coins needed to make the exact payment and sends them to the Merchant. Additional information. 5) The Merchant validates the coins by either anonymously exchanging them for ne w coins or depositing them into a bank account. can b e passed through a Web form if required. or pay-out service) a URL is se lected representing that item. To purchase an item a user starts up both their PayMe Wallet and any Web client. Combinations of PMTP messages are used in a purchase transaction. such as a shipping address for hard goods. In the anonymous mess ages where a digital signature is not possible. For efficiency. this prevents the attac ker being able to access the private key. Bank withdrawals also require the password of the bank account. 2) The Wallet is passed the item details and the network address of the requesti ng Web client. To help prevent this software keeps track of all recently received nonce s and will not accept two messages with the same nonce such as a replayed message would have. which will be presented by an HTML document. If a serial number is not prese nt in the . Without this private key any cash stored locally cannot be decrypted.must come from a specific network address and within a small time window. This is a PMTP ask_payment_request. If an attacker can forge the IP network address to be the same as that of the message sender. The network address within the nonce prevents an attacker at another site from masquerading as the message sender at the original network address.. knowledge of a symmetric session key is used. PayMe with the Web PayMe was tailored for use with any Web client or server. hard goods. Masquerading Prevention Where possible all messages are authenticated with a digital signature.. The minting bank checks the serial numbers of the coins with those in its database. and PMTP messages cannot be sent. then he could possibly replay the message within the short time frame that it is valid. A deposit can be done with any bank with which the merchant has an account. He will then either refuse (ask_payment_refusal) or accept (pay_coins_request) the payment request. They browse the Web until they find a merchant shop. 3) The Wallet then looks up the cost of the item and contacts the buyer s Wallet software asking for payment. When selected the URL causes the Web server to automatic ally start up a merchant s Wallet software. if an exchange is performed it must be done with the bank that minted the coins. 4) The buyer will be notified of the request. 1) To purchase an item (information. It is encr ypted with a secret passphrase. If the user s account is broken into. Private Key Protection The private key of a user is stored on file at the user s local site. This is done using the Common Gateway Interface (CGI).

was used to implement the cryptographic function s. 6) The merchant will receive an indication from the bank as to whether the coins were valid. in order to provide resource sharing in an institution. PayMe could be used for schemes other than just monetary payment. and a deposit acknowledgement (deposit_coins_response ) with a deposit. Coin backups and log files are maintained to increase the fault tolerance of the system. Jobs which req uire units of CPU time could be submitted or initiated through the Web where the merchant w ould be the CPU host requesting the PayMe coins representing time on that CPU. A coin within the system could be used to represent a unit of CPU time. a new payment mechanism using elec . An extended version of PgpTools. a set of C functions. It uses RSA to provide the public key cryptography and IDEA for the symmetric key cryptography. This must be done because otherwise th e same coins could be presented many times and they would always be valid. Thus the configuration of the bank can contr ol the anonymity available to its users. knowing for certain that no anonymous exchange has taken place. which provide low-level P GP packet functionality in memory. or the amount can be credited to his bank accoun t. A valid coin indication will be new coins in an exchange (exchange_coins_response). Payments must be made with the exact amount. 7) For a good payment the merchant then issues a signed receipt to the buyer (pay_coins„response). and hence monetary value. The merchant is given new coins in replacement. Implementation A prototype was implemented in a C++/Unix environment on a Sun workstation clust er. In an environment where anonymity is not necessary or desirable the banks involved can be configured to refuse any requests to exchang e certain coins. Pgptools is subject to similar patent restrictions as PGP. 9) The Web server then forwards this to the buyer s Web client. Having performed the check the bank then removes the serial numbers from the database. such as those representing CPU time. or connection time to a li mited resource. For applications where anonymity is important the exchange coins mechanism can b e used to anonymously exchange the coins with a bank preventing the bank knowing w ho now holds the new coins. is kept to a m inimum if any of the entities crash. 8) The purchased item is sent from the merchant to the Web server.database the coin is not valid and is rejected. In this way the bank can rec ord to whom it issues the coins and who then deposits them. If the serial numbers are presen t then the coins are valid. Taking the best features of existing systems. In this way the chance of losing coins. thereby invalidating the coins. No change can be given since this c ould compromise anonymity if a merchant colluded with the minting bank.

Electronic cash where only a database of the serial numbers in cu rrent circulation is used. The serial numbers of every com ever spent need not be maintained. hold valid credit cards. and the accounts at the bank. Usable wi th any Web cli ent or server softwar e PayMe can be used with any Web client or server software and it is not limited t o any specific product or HTTP version. In this way pay -out services can be used. The syste m can be used right now using only software. images. By using its own secure out-of-band protocol. since not a ll Internet users. in theory anyone who wants to can buy PayMe electronic coins and have an account at a PayMe online ba nk. giving no central point of failu re. it is important that a Web payment mechani sm can be used with all of these. No credit card numbers are used. A buyer w . Secondly the serial numbers can be short. much like in the NetCash system. the private cryptographic keys used. As many new innovations and advances in Web technology are designed and released. Payment for i nfor mation. Security steps were also taken to prot ect coins. and pay-out servi ces Web information of any type such as text. Limited Anonymity and Pr ivacy It is desirable to prevent a database being. In this way it is much mor e scalable than Ecash. It offers the follo wing desirable properties: Secur i ty The system was designed to be secure from fraud. Hard goods can be paid for through the Web using forms. are required to use PayMe. Scalabi lity and Reliabi lity Multiple banks can be used in the PayMe system. audio streams or video can be purchased using PayMe. The possibility of an attacker being able to bypass the system or falsely obtain value in it was minimised. Some anonymity can be provided by the system by anonymously exchanging coins with a bank.tronic cash for use with the Web has been designed and implemented. similar to NetCash s exchange mechanism. such as smart cards. Usable by all It is important that the system can be used by anyone provided they have the mon ey to pay for the items they wish to buy. PMTP was designed to provide secure communication. for whatever reasons. and this is more suited to the global Int ernet where it would take time for users to obtain and begin to use new hardware. The simple PMTP protocols can be used for inter-bank communication as well as with regular users. Har dwar e independent No special hardware s. T he PayMe client software used by a buyer can also receive payments. built with full details of every pu rchase made by an individual. Pay Me can be used with both current and emerging Web technology and protocols. unlike the long serial num bers of about 100 digits. necessary to prevent serial number collisions when using blind signatures. har d goods.

EDI could be used for after-sale transactions but only if they were in a standardised format and frequent enough to justify the system costs. The system does not offer offline operation. The cycle can be repeated many times. The area of application of EDI to the trade cycle is shown in figu re 3. Electronic Data Interchange (EDI) Electronic Data Interchange (EDI) is used by organisations for transactions that occur on a regular basis to a pre-determined format. the customer s order can be sent by EDI and the delivery notification from the supplier can also be electronic. offline operation is not required. as only the buyer s network address will be known. and more efficient than the complicated protocols and use of both symmetric and asymmetric session keys of NetCash. This whole cycle may be more complex and other electronic messages can be includ ed. And it was shown how this can be combined with WWW client and server software allowing payment to occur on an out-of-band link as u sers browse the Web. Only a payment system with these properties will allow the Web t o1 be used as an electronic marketplace without compromising the privacy of its users. it is not acceptable to use an off-line electronic cash system where fraud will only be detected after it has occurred. there have been EDI messages develop ed for transactions such as contract buy they are not widely implemented. scalable anonymous payment system. For the most part it is used for purchase transactions. and more reliable global networks. then prese nted the design of PMTP. transaction . However it is felt that with the trend towards faster. a hybrid of these two approaches that offers a fully secure. Finding an appropriate trading partner and negotiating conditions of trade is likely to be undertaken by a member of staff in the buying department (or a manager on golf course). The final implemented system provides a secure and scalable means of paying for all types of Web services. In this lesson have examined two existing means of effecting anonymous electroni c payment across networks and looked at their strengths and weaknesses. For sett lement the supplier can use EDI to send the invoice and the customer can finish the cycle w ith an electronic funds transfer via the bank and an EDI payment notification to the su pplier. It would seem to be more scalable than the fully anonymou s Ecash system. as often as the supermarket wants to buy Cornflakes or the vehicle assembler needs new supplies of wheels. In execution of a simple trade exchange. It was not possible to fulfill all the above requirements and at the same time remove the need for a bank to be contacted dur ing a purchase transaction. Secondly. on the In ternet where it is easy to hide one s identity. EDI is most commonly applied in the Execution and Settlement phases of the trade cycle.ill also remain anonymous to a merchant during a purchase transaction. EDI can be used for pre-sales transactions.

using the national bank clearing syste m (BACS) (Willmott 1995). 4. much of which can be saved using EDI (Electronic Commerce. 1996) Both these applications of EDI facilitate the passing of data between the comput er applications of trading/co-operating organisations without the delays. an order has codes fo r the customer and product and values such as quantity ordered. as: The transfer of structured data. The standard is not just agre ed between the trading partners but is a general standard agreed between the tradin g partners but is a general standard agreed between or international level. by EDI. The board then pays the dentists for its proportion of the treatment cos t and again this transaction is electronic. each of them essential to an EDI syste m. values and (if necessary) short pieces o f text. By Electronic Means Usually this is by data communications but the physical transfer of magnetic tap . Agreed Message Standards The EDI transaction has to have a standard format. each element with a strictly defined purpose. 3. More formally EDI is defined. A purc hase Order will be one of a number of agreed message standards. In 1996 it started a programme of switching these invoices to EDI starting with the 250 bills from Scottish Power the 250 bills. many National Health Service Dentists keep dental records on a computer system and treatment details are sent. inaccurac ies and inefficiencies associated with the exchange of data on paper. took up two days work. 2. the message is directly between the customer s purchasing system and the supplier s order processing system. Examples are: · In the UK. EDI Definition EDI is often summed up as Paperless Trading. For example. EDI can also be used for standardised and repeated transactions that do not fall wit h the usual definition of trade exchanges. 1. processed manually. There is no requireme nt for people to read the message or re-key it into a computer system. With 9. from one computer system to another. · British Telecom has also started using EDI. in this case for its bills from the gas electricity and heating oil utilities. From One Computer System to another The EDI message sent is between two computer applications.s such as a dealer claiming payment for warrantee work could be a possible application. For example. by th e International Data Exchange Association (IDEA).000 bills a year from the various utilities. by agreed message standards. Structure Data EDI transactions are composed of codes. by electronic mea ns. to the Dental Practice Board.000 telephone exchanges computer centres and offices up and down the country it was processing about 120. This definition of EDI has four elements.

The direct advantages of EDI include: Shor tened Or der ing Ti me Paper orders have to be printed. To achieve all this reliabl y in underthree days would be to do very well. These include the costs of stationery and postage but these all probably be fully matched by the costs of running the EDI service. There are many further definitions of EDI.this is the normal route taken in the initial installa tion of EDI.just-in-time (JIT) manufacture and quick response supply being prime examples of where EDI is used as an enabling technol ogy to gain competitive advantage. Cost Cutting The use of EDI can cut costs. no longer creat e a backlog in the order entry area. The definition presented by Sokol (1989) is one further example: · The INTER COMPANY COMPUTER-TO-COMPUTER communication of STANDARD BUSINESS TRANSACTIONS in a STANDARD FORMAT that permits the receiver to perform the intended transaction. most of them include the same four po ints. etc. The Benefits of EDI EDI can bring a number of advantages to the organisations that use it. for example every hour. The obvious exa mple of this is that if the orders are directly input to the system there is no need for an order entry clerk. EDI can be simply used to replace paper transactio ns with electronic transactions . Often networks specifically d esigned for EDI will be used. The full advantage of EDI is only realised when business practices are restructu red to make full use of the potential of EDI. enveloped and sent out by the customer s post r oom and input to the supplier s order processing system. The princ iple saving from the use of EDI is the potential to save staff costs. staff holidays. or if there is urgency the messages can be retrieved more frequently. It should save considerable time on the exchange of business transactions and has the potential for considerable saving in costs.e or floppy disc would be within the definition of EDI. there are also applications of EDI for information exchange and for intra-company transactions. Ord ers can be in the suppliers system within a day. Elimination of Er r or s Keying any information into a computer system is a source of errors and keying p aper . The cost savings need to be offset against the system development and network costs. when EDI is used as an enabling technolog y to change the way the business operates . This definition emphasis the point that the normal application of EDI is in busi ness transactions between companies but. EDI orders are sent straight into the netwo rk and the only delay is how often the supplier retrieves messages from the system. contrary to this definition. Note also that seasonal peaks.

However. The EDI payment system can also generate an EDI payment advice that can be electronically matched against the relevant invoices. again avoiding query and delay. Business Oppor tuni ti es There is a steady increase in the number of customers. EDI Payment Payment can also be made by EDI. Switching to a new supplier requires that the electronic trading syste m and trading relationship be redeveloped. Customer Lock-in An established EDI system should be of considerable advantage to both customer a nd supplier. On the down side. Supermar kets and vehicle assemblers are prime examples. and directly matche d to the corresponding orders and deliveries. Elimination of most invoice queries can be particularly signi ficant in reducing delays in payments. Accur ate I nvoi cing Just like orders. Fast Response With paper orders it would be several days before the customer was informed of a ny supply difficulty. EDI eliminates this sou rce of errors. With EDI the customer ca n be informed strait-away giving time for an alternative product to be ordered or an alternative supplier to be used. EDI invoices have similar advantages to EDI orders in saved time and avoided errors. Cash Flow Speeding up the trade cycle by getting invoices out quickly. Being ready and able to trade electro nically can be an advantage when competing for new business. power ful customers that will only trade with suppliers that do business via EDI. the double handling goods (into store and*then out again onto the f actory or shop) and the capital requirement to pay for the goods that is just sitting i n store. such as the product is out of stock. there is no order entry clerk who might have spotted e rrors made by the customer . a problem to be avoided if a switch of supp lier is . Reduced stock holding cuts the cost of warehousing. Indirect advantages of the use of EDI can be: Reduced Stock Holdi ng The ability to order regularly and quickly reduces the amount of goods that need to be kept in a storeroom or warehouse at the shop or the factory. the major advantage in EDI invoices is that they can be automatically matched against the original order and cleared for payment without the sort of queries that arise when paper invoices are matched to orders. For many JIT manufa cture and quick response supply systems stockholding is eliminated altogether with goo ds being delivered only as they are needed.orders into the order processing system is no exception. can and should speed up payments and hence improve cash flow. invoices can be sent electronically. particularly large.the customer will get what the customer asked for.

Pens and Things need. The packaging is also very dependent upo n the customer order and is the item most vulnerable to short notice changes in the production schedule.there are costs up-f ront and the payback is longer term. particularly urgent ord ers. in turn. The cost is the set up of the EDI system (hardwa re. however. not ea sily held in store. EDI is an option in Pens and T hings production control system and it is EDI that is to be used for this requirement. more prob ably. Pens a nd Things can keep two or three months supplies in stock without any great disadvan tage. Most of Pens and Things production materials are easily held in store. The ranges of materials are applicable across a range of products. Pens and Things wants to cut down on its stock of packaging and its supplier would like to improve its processing of orders. if they are not avai lable from the factory store. a point that is called the critical mass in the jargon o f EDI. The savings only start when there is a significant volume of business transacted using EDI. The monthly production plan does. the items are relatively small. Pens and Things has been talking to its packaging supplier on how the situation might be improved. com ponents and packaging and orders are placed with the stocks of raw materials. for example. At the simplest lev el EDI can be a direct replacement for the paper transactions and this. The range of materials is limited. To gain these advantages EDI has to be seen an investment . The exception to this is the packaging. need to be flexible .not essential. Assume.any significant new order can require that the pl an is modified and that new materials be ordered at short notice. is what this example shows. The packaging supplier used EDI with other customers. at short notice. more packaging for their Exe cutive Elite fountain pen and ball-point pen set. faxed it. The production plan is. A copy of the order would be retained and be entered into the stock co ntrol system to keep the records straight . EDI Example The nature and use of EDI is best illustrated by an example. Pens and Things plans its production on a monthly basis. software and network) and the time required establishing agreements with trading partners. The order is shown at the following figur . Each month the details of orders and sales are reviewed and sales forecasts for the coming month are made. Before the EDI system went in: The production controller would have typed out an order and posted or. The sale forecast is then compared with the goods in stock and a production plan is devised. correlated with the stock of raw materials. components and packaging and orders are placed with the suppliers. using the Pens and Things case study.

The loom can contain as many as a thousand individual wires and a tho usand individual components. It operates some 120 large retail outlets and is represented in most major UK shopp ing centres.e 4. EDI is used to confirm supplier delivery and to communic ate bar code information for use in delivery and packaging. many s maller parts are stocked in warehouses at the assembly plant but a number of large part s will be ordered for sequenced delivery for the models that are to go down the line on that day. Using just-in-time supply it is important for Bhs t o know what the suppliers have in stock and for the supplier to be able to anticipate d emand by seeing Bhs sale data. the configuration of the loom varies depending on the model. car manufacturers make extensive use of EDI as a facilitator of just -in-time manufacturing systems. Lucas Rist manufactures the "main harness” for Rover Cars. New EDI orders can be generated overnight and be with the supplie r the next day. the configuration of the loom varies individual component s. sales and replenishment system. When the order arrived with the packaging company it had to be keyed into their order processing system / production control system. Bhs calculate that they can be making 4. . Hopefully the order would be recognised as urgent and would be keyed in correctly. EDI Applications in Business.Derived from the role of computers within Bhs(1994) Lucas Ri st All volume. Typically parts supply is divided into categories. The main harness is a wiring loom that carries all the electrical cables for virtually every electrica l part of a motor car.5 million replenishment de cisions each working week. In addition to the orders. but that would not always be the case. Rover sends Lucas Rist a ten day build plan and later a provisional order. Bhs deals with about 400 suppliers on a regular basis and all orders fo r merchandise are sent by EDI. this two-way flow of information is also maintained using EDI. Extensive users of EDI include: Bhs Bhs is a UK and European multiple retailer dealing mainly in apparel (fashion) g oods. Replenishmen t decisions are dependent on the sales plan and the stock available (updated from the EPOS systems). EDI and E-Commerce EDI has potential applications in any organisation where the administration proc esses are computerised and that exchanges regular and standardised transactions with o ther organisations. variant and component configuration of the specific car that is being built. The use of EDI at Bhs is the backend to an integrated merchandising. both .

after the goods have been delivered. for example. for example. Some bookshops deal with the representatives of the major publishers and some wi th wholesale book suppliers but. Online bookshops must ensure that orders are satisfied as rapidly as possible and Blackwells. have made a po int of linking their online bookshop to TeleOrdering so that efficient supply can be as sured. The book trade has a number of methods of s upply. confirmed EDI orders are placed every two to four hours and are for delivery of the correct specification main harness. The actual. It allows the bookshop to look up any book that is in print but not in stock. a system that is linke d to the Whitaker s catalogue Books in Print.Based on a case supplied by Perwill Plc TeleOrdering The EDI system for the book trade is called TeleOrdering. The orders are sent from the hub to th e suppliers (spokes) and. At the other end of the scale. Initially EDI is implemented with a small number of important suppliers and then . such as Bhs and component assembly manufacturers such as the Rover Group. The EDI flows have been typified as a hub and spoke pattern. ‘Books in Print’ is a monthly catalogue issued on CD-ROM. for the academic bookshop.by EDI. in the post. Smiths. If the customer then wants t he book ordering the system will format an EDI order that is sent via TeleOrdering to th e appropriate publisher. over . . from TeleOrdering. These prime movers have set up extensive electronic trading networks with their suppli ers. Lucas Rist inform Rover. the Whitaker s catalogu e is a standard tool. in sequence. to be fitted to the body shell before it goes through the paint shop. have incorpor ated Whitakers into their own warehouse. the small pub lisher that does not have an online connection to the system will receive a printed ver sion of the EDI order. without th e part the production line stops. The system is flexible and readily copes with the various types and sizes of organisations in the book trade. A good supply chain is important to both the virtual as well as the physical bookshop. of whe n the part is to be dispatched. to track side within 10 hours from the dispatch of the order. the major organis ation is the hub and the suppliers are the spokes. EDI Trading Patterns Hubs and Spokes Many of the prime movers in the adoption of EDI have been large retail organisat ions. this gives Rover requirement is that the part needs to be there. again using EDI. the spoke will tran smit the EDI invoice to the hub.

et al. • The number of available EDI VADS is growing and interconnection with organisatio ns connected to other VADS can be difficult. a bakery . Bray (1992) expresses it thus: Therefore. This situation is illustrated by Hood. Their paper presents a stu dy of one of the large supermarkets and four of its suppliers. These issues are further examined in the following sub-sections: . they just need to b e implemented. • Different EDI standards.if the supermarke t is to sell your product then you will use EDI. This arrangement can work reasonably well for a supplier that is a spoke serving just one hub. messages and message subsets are used by different organisations. when it (the Hub) says. The major food processors will typically supply most. of the major supermarket chains. and the attendant coding problems. Some hub organisations will specify the system or even supply the software that is to be used. or in a ph rase attributed to the UK supermarket chain. "thou shall trade electronically".the supplier will specify a number of very det ailed requirements including a strict subset of the EDI standard that is specific to t hat closed user community (and is not always in strict compliance with the EDI standard). The arrangements wi ll in fact be more specific than that . supplied several of the top ten food retailers and the following supply arrangements are recorded with different customers: • EDI orders and invoices with three customers • EDI orders only and manual invoices • Telephone orders and manual invoices • Manual orders but invoices on tape • Salesmen calling at the retail outlet. Tesco: EDI or DIE The hub and spoke pattern of electronic trading leads to the formation of closed user communities. One of the suppliers. and combine this with a non-EDI system for other customers The spread of EDI trading is increasing the number of electronic traders and the number of trading partners that any organisation might have. The EDI implementation decisions are already taken.time. the system is extended to encompass all suppliers to the core business act ivity. The position is less satisfactory when the supplier trades with more than one hub. The supermarket or the car builder hub chooses the VADS and the EDI standard and the suppliers (spokes) are required to confirm. (1994). For many of these organisations EDI is made a condition of trade . these suppliers will have to join a t least two EDI VADS (most supermarkets trade using the GEIS/INS network but one of the majo rs uses IBM for its network) and then meet the different EDI standard and other conditions laid down by each of the hub organisations. The authors summarises the situation as: Supermarkets see only their own systems whilst suppliers have to cope with mult iple EDI systems. The hub and spoke pattern is becoming messy: • The spokes are becoming inter-wined and the hubs are spokes to other hubs. if not all. In Britain.

• Between the players in the network • To further tiers of suppliers of subcontractors Links to secondary suppliers are a logical development. The pattern of suppliers trading with a number of hubs gets f urther complicated when second tier suppliers start trading electronically. As already discussed this has been happening but in general development has not been rapid. which are large companies and have their own suppliers. however. • Are less computerised. automated and streamlined than their larger trading partn ers. Retailing is one the sectors most advanced in electronic trading and a pat tern has developed of: • Major retail chains with EDI links to many (or most) suppliers. entrapped by the con flicting requirements of a number of powerful and demanding customer organisations. so that they can reap the same benefits as their own customers (Bray. If the supplier of cakes to the supermarket is receiving EDI orders then they might want to use the same system to purchase the flour and dried fruit they use in their baking. An illustration of the nature of the overall trading network is given at figure 2. but by no means all. • Suppliers with links to one or (typically) several of the major retail chains. Differing Patterns of EDI Trade The hub and spoke is often presented as the general pattern of EDI trade. supplier organisations are small or medium size firms which : • Have enough on their plate coping with the EDI and JIT demands of their customer s. As ED I trade has developed differing patterns are beginning to develop for differing sectors. Automotive assembly is an other sector that is making widespread use of EDI and the trading pattern is similar t o that of the retail sector. instances of large organisations introduced to electronic trading by th eir customers which have then gone on to make extensive use of EDI in their own supp ly networks: ‘Spokes like Courtaulds Textiles (pushed into EDI by customer pressure). There are . are busy becoming hubs of their ow n EDI networks. Many. This pattern has already been illustrated in Figure 2. The user community looks like a hub and spoke network to the hub but more like a spider s web to the spoke organisation. The extension of the trading network is further discussed in the following secti on. EDI links with seco ndary suppliers have not occurred at the same rate as with the major hub organisation. The patterns vary in the range of trading links established and the type of messagin g that is used.Over lapping User Communi ties As illustrated above. 1992) . electronically capable suppliers to organisations such as supermarkets and vehicle assemblers are becoming involved in EDI trading relatio nship with several customers.

can also gain considerable competitive advantage from the arrangement at the expense of the supplier organisations. see figure 3. very possible for wholesalers to be integrated into wider supply networks. That complexity has evolved while trade is still restricted t o the core business of organisations. the network used b y bookshops for ordering books and featured as a case study at the start of this c hapter. as already discussed. all publishers and book retailers. The addition of further layers of suppliers. One such EDI network is TeleOrdering. Further such examples exist. but then ag ain perhaps only). It is of course. seems to be the most common pattern but is not the only pattern of EDI trade. The spread of electronic trading has produced unwelcome complexit y within that model. Open User Communities The opposite of a closed user community is an open user community. large and small can take part in this network. par ticularly in Scandinavian countries where electronic trade systems are often set up by tra de associations or organised as co-operative ventures. EDI trading is not sold on this basis and there are EDI communities where the pr ocess of setting up the community is co-operative and where a win-win share of advanta ge appears to be achieved. This structure is illustrated at figure 4. the reader is left to c onstruct a mental picture of this structure integrated with the links of the network shown at figure 7. Co-operative User Communities The hub and spoke pattern of electronic trading is typically lead by the hub cus tomer and.The spread of EDI to second tier suppliers. has the potential for a significant increase in complexity (a complication if there are disparate EDI standards. The hub and spoke pattern. In many instances the customer organisation. messaging an d networks in use). An alternative pat tern is that exhibited by a wholesaling organisation. in the hub and spoke. and suppliers acting at more than one layer. extends the network still further. The hub and spoke pattern and the closed user community evolved to later for the established trading relationships. In a simple form the wholesaler ha s EDI links with a number of its (larger) customers and then is a traditional hub of its own supplier network (maybe it could be called a corn sheaf structure . se nding and receiving book orders on a broadly equal basis. when added to the picture at figure 2. with the spokes networking to several hubs. A new approach is required if electronic trading is t . the suppliers who form the spokes are not necessarily willing participants.

The problem is both national and international. readily. of the inter-organisational transactions that orga nisations make. This move to a common standard starts to solv e one of the problems but generates another. on an indu stry basis (e.in effect reproducing the problem of separate standards that the us e of EDIFACT was designed to overcome. miscellaneous trade will cross trade sector boundaries and the problem of the user community defined by the membership of a VADS will increase. However. in trying to encomp ass the needs of all. The basic pattern of documentation for these trade exchang es is: • The customer sends an order to the supplier.closed user communities will con duct all their business on a single VADS chosen by the hub. VGA). EDI must be defined and implemented in a way that is appropriate to an ope n user community. Tradacom or XI2). • The customer makes payment against the invoice and sends a payment advice.o be extended to most. • The supplier follows up the delivery note with an invoice.g. There are three principle barriers to the evolution of open EDI trade: • Networks • EDI Standards • Product Coding The norm for EDI trading is the use of a VADS . however. is so vast that it cannot. if not all. EDI Transactions EDI Tr ade Exchanges The main use of EDI is for the execution and settlement exchanges of the trade c ycle. This pattern is illustrated in the following figure 9. • The supplier sends the goods and a delivery note. Odette) or even for one industry in one country (e. The EDIFACT standard. There has been a tendency fo r any given trade sector to concentrate on one particular VADS and this has lessened t he potential problem. some half dozen major VADS offering their services in the UK. The EDI standards that have evolved are again associated with closed user commun ities. VADS have li nks to similar services in Europe. Standards have been evolved on national basis (e. Most manufactures code their products but it can be a problem unless the coding syste m is accepted on an industry basis. These exchanges take place within an agreed trade relationship and often in the context of a formal contract. The requ irement is for a common EDI standard and this is recognised by the European Community promotion of EDIFACT and the evolution of other standards towards the underlying structure of the EDIFACT standard. by definition. North America and across the world but again these partnerships only give access to the user community belonging to the connected V ADS. There are. . The final problem is that of product codes and the quantities they imply. be fully implemented and d ialects are being used .g.g.

• Call-off orders are also used in the retail trade. The EDI order serve s the same purpose as the paper order. Another form of order that is widely used in commercial transactions.. daily or even hourly. for the delivery of the required quantity of components for the specific production plan. The supplier might have a problem in fulfilling the o rder. The actual orders than speci fy the quantity. date and retail location for delivery. say. The customer may need to amend or part of an order. The order may reference a co ntract or it may be against call-off order. It is perhaps most easily understood by considering a couple of examples: • Vehicle assemblers extensively use call-off orders. Delivery Note Goods arriving at a customer s door should have documentation to indicate who th ey are from and why they have been sent. a large quantity of a particular design of garment. EDI can al so be used to amend orders or confirm receipt and availability. etc. the supplier could be left with stock that the retaile r never asks for). these later facilities will often not be implemented because of the system costs of setting them up. where it is to be delivered. It is arguably more of a contract than an order. The four ex changes shown are present in most trade exchanges even if not exactly in the form indica ted above. who will pay and often much more beside. These specify product. see below. Some of the important variations and complications that occur in each of the four phases are outlined below: Order The order (often referred to as a purchase order) is a contract for one specific consignment of goods. there should be a notification of which order . The assembler then places orders. cheaply and with no transcription errors. The call-off order can be pla ced for. This then gives the retailer th e flexibility to ensure that each outlet gets the stock it requires when it needs it (the adva ntage to the supplier is more datable. It can be EDI but the real advantage is in using EDI for the many orders raised against ca ll-off order. Its merit is that it gets into the suppliers or der processing system speedily. perhaps idealised. version of trade documentation. for example errors in the order data or unavailability of stock. but not del ivery. weekly.This is a simple. in what quantity. It specifies what is wanted. it is the call-off order . Along with the order comes the need to amend orders. The assemblers place large c all-off orders with component suppliers. price. The call-off order will be for large quantities and / or for an extended period. This is an order for goods that will be needed but it does not specify w hen (and/or where) they will be delivered.

This -says what has been supplied. Invoices can be issued for each order or at the end of the month for al l orders sent out in that period (sometimes referred to as a statement). The processing of paper invoices can be a costly and time-consuming matter. Th e use of EDI should save time for the customer. This save s the not inconsiderable effort involved in typing the details from the delivery note and matching it to the corresponding order. It may be that the inv oice is sent with the dual purpose of notifying delivery and requesting payment but it is a c ommon practice to keep the two functions separate: a delivery note for the lads (and l asses) in blue overalls and with dirty hands in goods-in and an invoice for the nice cle an people in the office. There can be a discrepancy against the ordered quantity or there ca n be damaged or faulty goods.they fulfil. The task is made more difficult by disparate invoice formats.many organisations use bar . This in turn sparks off a further exchange with a deliv ery variance or goods returned note. for which order(s) and the total cost (which we would no w like paying).the details from the delivery note then have to be input to the computer system and matched with the originating order ( the system needs to know that the goods have been delivered before payment can be authorised). with or wi thout acquiesce of the supplier. the electronic delivery note will have a ll the correct codes and the matching should be automatic. The document that does this is the delivery note. The delivery note can be sent by EDI. The problem with the EDI del ivery note is that it does not prove that the package and the goods actually arrived. the supplier issues an invoice. The payment of invoices is often delayed to take advantage of credit. cut out most invoice queries and improve cash flow with earlier payment for the most invoice queries and improve cash flow wit . There is still the need to confirm that delivery took place but this can be done with muc h less detail . Invoice When goods or services have been delivered. incorrect / incomp lete data and complications such as partial deliveries / multiple deliveries of an order. The use of EDI for invoicing means that the invoice gets through reliably and qu ickly and is accurately matched to the original order and subsequent delivery-note. Most organisations check invoices against the origina l orders and deliveries to make sure that they are only paying for goods and services rec eived.code labels on the delivery to meet this n eed and to allow automated matching with the electronic delivery note. The delivery note is used to check the goods in .

inte rfaces to the accounting system and the like. The excuse that the invoice was lost in the po st loses its credibility. in many organisations. The processing of the cheque is relatively easy. this time it is the supplier that needs to search through the outstanding invoices an d tick off those that are paid. this integration of computer systems stopped at the companies front (a nd back) doors.h earlier payment for the supplier. Initially. within the computer system. the main administrative processes and to large organisations. for example. ther e is now a computer on every desktop. The payment advice can be sent to the supplier as an EDI message and is readily matched. The development of mini and microcomputers allowed the adoption of information technology by medium and small size enterprises and. Offices have local area networks linking one desktop to another. Geographically dispersed organ isations have wide area networks linking their locations and systems together. However. the order processing system formul ated the replenishment demand. both payment and payment advice can be electronic . to a server and / or a central computer. The integration of systems has been a factor in improving customer service and customer care. throughout the country and / or across the world. EDI Adoption and EDI Maturity Business System Evoluti on The development of business computer systems has essentially taken place over th e last 30 years. Payment can be sent to the bank either using an EDI payment message or the BACS system. to the invoice(s) for which it is the payme nt. Many organisations have used these networks t o interface or integrate their business processes with common customer files. the commercial use of computers was limited to mainframe computers. The payment advice is another matching job . The marriage of computers and telecommunications has enabled organisations to network their computers. Inside the company. updated the stock file and made a posting to the accou nting . particularly in the financial services industry. it goes to the bank. it has also given birth to new products and services. At the simplest level this is achieved by numerous interface transactions but it can also involve the set-up of the corporate database of distributed database on networke d and client server systems. Many banks offer an EDI payment service and will take instruction on payment fro m the supplier and forward the payment advice to the customer (arguably giving confide nce that the payment advice actually represents a real payment). For paper systems this requires a cheque and a payment advice to indicate what the cheque is for. With EDI. Payment and Payment Advice The final step in the cycle is payment.

The prime "technology" of the IOS is EDI. 50% will be in put with mistakes in the transcription. Discovery Stage The first stage in EDI development is the discovery stage. transaction errors and coffee stained documents. This stage can be termed . of these documents. Introductory Stage Organisations setting out on the EDI path generally start with a pilot scheme. This can be represented as a six-stage maturity model. (1995). Discovery can be by a n organisation choosing to adopt EDI to gain competitive advantage or to solve an administrative problem.such requests are not necessarily negotiable. EDI Matur ity EDI development. Often it arises from the realisation that competitors ar e adopting EDI and the being left behind will result in competitive disadvantage. The development of EDI and IOS systems is. The overall impact and implications of the development of the Interne t on corporate systems is still to be evaluated. The stages of the model and some of the opportunities and implications of each s tage are: a. Whiteley. for a typical company. The model had as its starting point a three stage model suggested in Saxena and Wagenaar. The paper order was then posted to t he supplier where it would be typed into their order processing system with the ine vitable quota of delays. 70% of the documents they type into their system will hav e been printed out from another computer system and. The answer to these difficulties and ineffic iencies is the Inter-organisational System (IOS). which are forced into EDI trad ing by an insistent partner. start electronic trading in a similar way. These developments of business information systems can be represented as three s tages or three generations: The development of Internet enabled system is arguably the next stages in this evolution. Organisations. arguably. a new generation of compute r application that has changed inter-organisation business practices in much the s ame way as the evolution of IT and IS has radically changed intra-organisational pro cedures.system but then printed the order on paper. The model was first present ed in a paper EDI: Re-Engineering the Competitive Edge . it is suggested. follows a fairly standard pattern. I nitiators of EDI trading networks will choose one or two trading partners with which to pi lot a single message (transaction) type. (1995) and has been developed usin g the author s own commercial and research experience. It is calculat ed that. b. For most EDI users discovery has come in the form of a request from a significant custo mer organisation that is converting its trade transactions to EDI .

This stag e. orders have to be printed out and typed back into the order processing system. c. often forced into EDI by a large trading partner. e. Reaching a critical mass in the volume of electronic trading gives cost savings . however. does not result in any cost saving or efficiency gain. never achieve integration. Different organisations have placed differing emphasis on the completion of the operation stage. Completing the electronic trade cycle speeds up business transactions and gives the opportunity to look at the organisation of the trade cycle and the supply ch ain. Operation Stage Integration realises the EDI benefits of saving time and avoiding transcription errors. Very probably the introductory system was a free stand ing system with transactions being transcribed from the EDI system to the main busin ess system (or vis a versa depending on the selected message type). Large retailers have been keen to convert all their suppliers t o EDI orders but there has been less emphasis on electronic invoicing and payment. Many small organisations. Integration Stage Having found out about EDI and having gained some practical experience the syste m can be developed further. The next stage therefore is to interface the EDI softwa re with the business application so that EDI messages can be transferred electronically and automatically between the two systems. Real business benefits only come when a significant number of trading partners a nd / or commonly used trade transactions are converted to EDI. There is little benefit in an EDI system if. for example. Integrating the EDI softwa re and the business system would normally apply to data input. The vehicle assemblers.the staff dealing with manual transactions can be re-deployed. The conversion of the major part of the trade c ycle. Strategic Stage There are savings to be made by simply replacing paper documents by their electr onic equivalent.there are direct costs in computer hardware and software but at least as significant will be the time comm itment in establishing the parameters of the electronic trading relationship. Integration is an essent ial stage for the large user of EDI. This stage is referred to as the integrat ion stage. on its own. To esta blish the EDI service EDI software can be bought off-the-shelf. This stage requires investment . tend to be more advanced in implementing other mess age types.the introductory stage. d. both in volume of trading partners and in numbers of message types is the ope rational stage. The real opportunities come from making changes to established busin . The work involved in this stage is very variable but is often expensive.

Document matching is a considera ble problem in order processing: the customers have to match deliveries to the order s and invoices to the deliveries. These developments are termed the inno vation stage in the model and it is contended that they open up new possibilities for competitive advantage. • EDI can give dramatic timesaving. EDI ma kes the process easier . For example: • Raleigh will build their top of the range mountain bicycles to a customer specif . These opportunities only arise when significant progress is made in th e operational stage . Examples of such developments are emerging as the early u sers of EDI achieve maturity in their systems.for all orders. have stopped producing cars for stoc k only produce a car when they have the dealers order. self-invoicing. f. not just rushed orders. The time between formulating a replenishment demand to the order being processed by the supplier can be as short as is requir ed . the suppliers have to match payments to invoices . A number of moves for product customisation rely on a mature EDI infrastructure. the suppliers have to match deliveries to the orders and invoices to the deliveries. Innovating Stage The establishment of an operational EDI infrastructure and the change of operati onal procedures that it facilitates also give the possibility of changing the nature of the product or the provision of new services. d iscussed earlier in this chapter. part deliveries and incorrectly recorded codes.at the very least codes should be correct and in the proper place. Rover dealers have been equipped with computer syst ems where the punters can specify their own car (well at least the options they want ) and two weeks later there it is with sun roof.e ach process made more complex by • Disparate document types.ess practice. One example of such a development is: • Rover Cars who. Possible areas of change and examples of where such changes have taken place are: • The sequence of trade documents can be revised. EDI also gives the opportunity to re-engineer the trade document cycle. alloy wheels and gleaming pink paint work . having been adopted by a number of major organisations. EDI and the associated changes in supply and production have reduced the time from production planning to delivery of a car from seven weeks to two. for the UK market at least. This has facilitated the reduction or elimin ation of stock holding (by the customer organisation at least) and is a part of the devel opment of just-in-time (JIT) manufacture and quick response supply. The use of EDI has allowed companies to disband their order processing and invoice matching sections with large staff savings reported by the major EDI users.the implementation of these changes is the strategic stage.

we could have had the reprint out three weeks earlier. EDI is. The measurements are taken in the store and submitted electronica lly to the centre. forecast this possibility in 1992 in a speech to the BIC Symposium: "With EPOS and EDI working together on our behalf. As already discussed it is an essential part of the JIT or quick response supply ch ain of many organisations. an application to application interface for repeated and standardized transactions. The e-Commerce vendor needs their own quick response supply chain to minimize ‘stock-outs’ and back-order delays. no bookshop need ever have been out of stock . There is not much point n being able to order goods in matter of minutes from home if deliver y times are unpredictable and can stretch out to be several weeks. Internet e-Commerce provides for searching for products and for once-o ff purchase. chairperson of Harper Collins. if you are female and live in the US. For many e-Commerce vendors EDI is.ication. and will be an essential element of their su pply chain. a person to application interface. above all else. The overall electronic supply chain is illustrated at the following fig . EDI and Internet e-commerce The use of EDI is in no way rendered redundant by the introduction of internet e Commerce. as they grow. A sector where the linking of EPOS and EDI is set to change the market is that of the ‘best seller book trade. will produce a factory made to measure pair of jeans. in c ontrast. The Blackwell’s online bookship is specifi cally designed to interface with the book trade TeleOrdering system and that is that i s but one example. The Converse is that the same market information can dramatically reduce the half of all printed books that are remaindered or pulped. • Levi Jeans. One of the prob lems of Internet e-Commerce is waiting for delivery and this problem is compounded if th e online retailer does not have stock and there is a second delay while goods are ordered from the wholesaler or manufacturer. The user of Internet e-Commerce is looking for a quick response. it is. supermarkets that start an e-Commerce / home delivery operation being an obvious example have their supply chain and distribution oper ations already in place. Further moves to exploit a mature EDI infrastructure in an innovative way should be expected. Timely market intelligence can allow reprints of successful blockbusters to be rushed out before the stock disappears and the public interes t is lost. going to need to p ay attention to their back-office systems. Eddi Bell.and we could probably have doubled our sales during this early ‘hot period”. Other e-Commerce vendors are. Existing retailers.

EDI Implementation The final technical element of the EDI system is the EDI software. • Facilities for transactions to be sent by fax or e-Mail to customers that do not use EDI. The overall picture is summarized in Figure 13. etc.) and provide standardised interface s to those packages. The basic functions of the EDI Software are the already outlined. bought from the VADS supplier then.ure 12. order processing or accounting may include EDL software as an integral feature or as an optional module. · Obtaining EDI software from an ‘interested’ party has both advantages and disadvantages. for example. • Sophisticated facilities to ease the formatting of internal application data to and from the EDI Standard. The selection of the appropriate standards ma y be determined by the trading partner database. • Interfacing with the VADS. namely: • Coding business transactions into the chosen EDI standard. Var ious EDI software suppliers have associations with the large suppliers of business applic ations (production planning. The EDI software is normally bought in from a specialist supplier. • Interfacing with a variety of EDI VADS (including the Internet). The selection o f the . This can provide fo r code transaction (e.g. there would not be any problem interfacing with the chosen network but using an additional VADS or switching to a new network supplier may be more problematic. · A third party. Many EDI software suppliers provide additional functions. e. If the software is. internal customer codes to a trade sector standard code) and / or for the specification of the EDI requirement of each trading partner. order processing. These may include: • A trading partner database integrated into the EDI software. An example of this is that a number of banks provide EDI solution s that include the collection of and accounting for electronic payments. • Support of multiple EDI standards. T o pick up the order at the other end. There are a n umber of software houses supplying EDI solutions or the EDI software may come from: · Major Trading partner – the trading partner may supply the software or recommend a third party supplier · The VADS supplier. Drag and drop interfaces are available for this purpose. The identification of such customers may be determined by the trading partner database. The coding/decoding of the EDI message and the interfacing wi th VADS is normally achieved using EDI software.g. If Pens and T hings is to send an order from its production control system to Packaging Solutions it ne eds to code that order into the agreed EDI standard and ‘squirt’ it into the chosen VADS. · As part of applications package. Packaging Solutions has a similar need to ex tract the data from the network and to decode the data from the EDI message into its order processing system. hopefully. packaged software for production control.

• Direct input and printed output of EDI transactions . possibly systems that are replica ted across the various divisions of the organisation. EDI Software is available on a variety of platforms. from the basic PC up to a m ainframe system.in effect the EDI system provides the service of a fax machine. QUESTIONS 1) Describe the salient features of WWW 2) Explain the World Wide Web standards.allowing free standing EDI Operation . The system can also be used fo r intraorganisational transactions . 14) What is protocol set? 15) Explain the Secure Cash Payment.appropriate VADS may be determined by a trading partner database. This software. mid-range. Yearly maintenance charges. why not use the same interfaces for trades between divisions of the organiz ation.if the interface for external customers and suppli ers uses EDI. As with all classes of software the price varies: the basic PC packages starting at (say.End of Chapter UNIT . 500 pounds sterling / 800 US dollars and the price then goes up from there for the larger machines. For som e EDI software the support of each standard and / or VADS is additional plug-in that i s paid for separately.VI INTRA-ORGANISATIONAL ELECTRONIC COMMERCE . • The option to encrypt the EDI message. tend to quite hefty. At the top of the range is the concept of an EDI Corporate. that include updates as the new vers ions of the EDI Standards are released. • Facilities for the automatic acknowledgement of the EDI message. 3) Give short notes on Browsers and Servers. additional facilities and services such as consultancy. machine acts as a central clearinghouse for all the e-com merce transactions of a large organisation. 13) Explain the approaches to the payment system in EC. 16) Explain the cash payment system in EC. The internal interfaces can link to a number of business sy stems such as order processing and accounts payable. The external interfaces can link to severa l EDI VADS s and translate to a variety of EDI Standards to meet the needs of a large number of trading partners. 7) Discuss in detail advantages and disadvantages of Consumer e-Commerce 8) Why monetary freedom is important for the growth of EC? 9) Explain the key elements of a private digital cash system. 6) Explain Internet Shopping and the Trade Cycle. 4) What do you understand by the term e-Shop? 5) Explain Multiple Payment Options. 17) What will back the new monetary units and how will they be redeemed? 18) Who will be the new monetary unit provider? 19) What will the providers be issuing and how will they circulate it? . often mounted on its own. • Message tracking and an audit trail of messages sent and received. 10) What is Smart Card Technique? 11) Explain the different types of Cards that can be used to make payment in EC 12) Explain the strengths and weaknesses of electronic payment.

services. and industry specific intranet solutions. browsers. Intranets are primarily set up to publish and access corp orate information. review the applications of intranets from three perspectives: g eneric functions. Activities c an range from selling corporate products to employees to online training and cost-reducti on activities. usually perf ormed on Intranets that involve exchange of goods. The goal is to use technology for knowle dge sharing. and video conferences • Document distribution and workflow: web based download and routing of documents • Groupware: fancy e-mail and bulletin board • Telephony: intranets are the perfect conduit for computer based telephony • Integration with EC: interface with Internet-based electronic sales and purchasi . faster delivery of information etc. or information. ►Sales Force Productivity These applications improve the flow of information between the production and sa les force. TCP/IP networks (LAN or WAN) and firewalls. product specification. sales data etc. we need Web servers. publish and disseminate human resource manuals. backend databases. video conferencing and bulletin boards. companies can have greater access t o market intelligence and competitor information. application areas. The purpose of intra-organisational applications is to help a company maintain t he relationships that are critical to delivering superior customer value by paying close attention to integrating various functions in the organisation. ► Electronic Publishing These applications enable companies to organise. which can be funneled into a better str ategy. The goal is to provide the information to enable the better strategic and tactical decision making througho ut the firm. By better integrating the sa les forces with other parts of the organisation. To build an intranet. Web publishing tools. In this perspect ive some of the applications offered by E-commerce are: ► Workgroup Communications These applications enable managers to communicate with their employees using e-m ail. A. Also online publishing shows immediate and clear benefits: reduced costs f or printing and distribution. audio. Within intra-organisational commerce the largest area of growth has been in the area of "corporate Intranets". and between the companies and the customers. APPLICATIONS OF INTRANETS In this section.In this category we include all internal organisational activities. which will result in better-informed employees. Generic functions of Intranet The major generic functions that intranets can provide (SurfCONTROL 1997) are • Corporate/department/individual Web pages • Database access: Web-based database • Search engines and directories: assist keyword-based search • Interactive communication: chatting.

and other documents regardless of where they are stored. purchase orders. Enhanced knowl edge shar ing: web pages can enhance knowledge sharing. Document management: Employers can access pictures. training programs. and greater efficiency. document sharing. Faci li tate tr ansacti on pr ocessing: The data are entered efficiently through the Intranet Web only once. Empower ment: Everything should be available to everyone with the right to know. photos. FedEx. Enhanced gr oup deci sion and business pr ocess: Web based group-ware and workflow is becoming the standard Intranet platform. inventory. insurance . Eli minate paper -based infor mati on deli ver y: Eliminating the paper in a fir m can result in lower cost. data warehouse and decision support access. shipping. B. information that is most frequently included in intranets are co rporate policies and procedures. purchase orders. because the technology is no longer a bottleneck for implementation. and travel reservation services. Vir tual organisations: Web technology at both ends removes the barrier of incompatible technology between businesses. and suppliers to authorised sections of intranets creates happier customers. brokerages and other financial services. charts. Admi ni str ati ve pr ocess suppor t: The internal management of production. The applications are customer databases. Reduced ti me to mar ket: Easy online access for product development speeds teamwork. human resource forms. easier accessibility. Training: The Web page is a valuable source of providing knowledge to novices.ng • Extranet: linking geographically dispersed branches. Electr oni c commer ce: Sales and purchasing can be done online. corporate phone directories. the top 100 Intranet and extranet solutions can be classified by industry as follows: • Financial services: banking. product catalogues and man uals. image archives. These functions provide for a large number of applications. and distribution can be effectively supported by linking these functions in a single threaded environment . maps. customers. and reduced staff costs. According to the classification of Information Week Online. customer database. Industry-Specific Intranet Solutions Intranet solutions are frequently classified by industry instead of technology. and other pioneering companies have proved that information about product shipments and availability make customers happier. Intranet Application Areas According to a survey conducted by Information Week with 988 responding managers (Chabrow 1998).id purchasing. enterprise suits. Softwar e di str ibuti on: Use the Intranet server as the application warehQtase e and avoid many maintenance and support problems. The development of business models has become a critical concern for the managerial success of Intr anets. more efficient suppl iers. product catalogues and manuals. Pr oj ect management: Share the reports and check the project progress. procurement.intranet .and these functions can also be seamlessly integrated with the inter organisational extranets. and travel reservati on services are directly related to electronic marketing a. Customer ser vi ce: UPS. and internal control can be applied consistently through out the system. C.

health care. transportation. medi a. transformation of these mater ials into intermediate and finished goods and the distribution of these finished prod ucts to customers.• I nfor mation technology • Manufactur ing: chemicals and oil. and utilities. SUPPLY CHAIN MANAGEMENT Supply chain is a stream of interrelated activities that extends from an organis ation’s suppliers to its end customers. It includes suppliers. education. • Retai l • Ser vices: construction/engineering. • Information flows immediately and openly up and down the chain. products and services · Information · Money Supply chains exist in both service and manufacturing organisations. telecommunications. logistics providers. • Goods flow seamlessly from suppliers to customers. distributors and retailer s. environmental. and pharmaceuticals. food and beverage. although th e complexity of the chain may vary greatly from industry and firm to firm. · Materials. It is a network of facilities and distribution o ptions that performs the function of procurement of materials. entertainment. general manufacturing. consumer goods. Activity in the money conduit is triggered when the customer actually purchases the product/services. Players in the Supply Chain The players in the supply chain are: 1) Suppliers • Preferred suppliers • Tier-1 suppliers • Tier-2 suppliers • Vendors • Preferred vendors 2) Logistics providers (both inbound and outbound) Surface transport providers like • Road ways • Railways • Shipping companies • Air cargo companies • Warehouse providers 3) Manufacturers and Service providers 4) Distributors • Country wide • Region wide 5) Retailers • Super markets and chain stores • Specially stores • Industrial retailers and dealers 6) End-customer • Companies • Individual customer Components of Supply Chain . The typical supply chain for an organisation is: A supply chain has 3 key flows namely. In an e fficient supply chain.

As the figure shows. The manufacturer pushes the inventory to the distributor based on the safety stock levels (warehouse) and the distributor in turn replenishes the retailer based on the shelf inventory level (safety stock) of th e retailer. delivery and returning processes. Each componen t requires focused expertise as well as knowledge and managerial effort.Those activities related to sourcing and purchasing from suppliers of all types. The int eraction among various players is not coordinated.The transportation. This consumer-need-based business is forcing a paradigm shift from a manufacturers pu sh based model (build-to-stock) to a customer-pull-based model (build-to-order). warehousing and distribution activities which get materials and products from suppliers to the end-customer and back.The organisation-wide synchronisation and deployment of products and services across the entire supply chain to meet both operational needs and customer demands. As the power being shifted to the customer today. organising operations to provide services. The right operation strategy will differentiate a company from its competitors. Pull vs. Financial and Accounting Management This aspect of supply chain management deals with the financial flows associated with . Make . such a model will not yield an y advantage. ordering.The support. The figure shows t he model. • Maintain the customer loyalty by delivering the products and services promptly. move and sell. In the push based model the product is actually pushed into the customer.The process of manufacturing and configuring products for customers or for companies in the service sector. the information associated with the movement of the product flows seamlessly throughout the supply chain. It is also an era where the customer is more increasingly determining his choice rathe r than other way round. Push Supply Chain Models The rapid growth in technology is driving companies to more efficient operations . Demand data becomes accurate as retailer s and distributors share the customer data with the manufacturer. The fo llowing figure shows this: In this model the customer data is not flowing through the supply chain. The push-based model addresses these shortcomings. Buy . operating efficiencies driven by the right supply chain strategy will yield a sustainable advantage. • Satisfy the customer demand quickly and at the lowest possible cost. They are: Plan . Buy. As more and more companies strive for competitive advantage the y are beginning to realise that satisfying the customer demands is the only way. Sell . The full model requi res companies to: • Collect data about the customer demands quickly and accurately. services and technology can be matched. Make. sales and marketing activities that service customer in buying.The components of supply chain are plan. While products. Move .

These organisations have their own objectives and are often conflicting. The streamlini ng of the financial flows help companies to process their invoices faster and also avo ids unnecessary delays in financial transfers. marketing. which delivers them to the customer. Lack of integration among manufacturing systems and the supporting logistics cre ates breaks in the process of fulfilling customer demand. Distribution packages the goods and passes them to transportation. Distribution planning systems allocate goods to warehouses an d warehouse management packages products and gets them to the shipping dock. planning. or customer delivery routes. and slower customer response. Problems with Traditional Supply Chain Traditional supply chain management takes an over-the-wall approach to filling customer demand and time lags between systems make it impossible to commit to orders in real time. longer pro duct wait time. Traditionally. distribution. Marketing s objectives of high c onsumer service and maximum sales conflict with manufacturing and distribution goals.the suppliers and the customers through financial intermediaries. Supply Chain Management (SCM) as a Competitive Strategy One of the biggest challenges facing organisations today is the need to respond to everincreasing volatility. The changed conditions in the global marketplace demand a much more agile respon se from the organisation and its partners in the supply chain. short er Product and technology lifecycles and globalisation have all dramatically increased the complexity of running a business. inte grated plan for the organisation. The process of logistics . which re sults in delivering commitments that cannot be fulfilled efficiently. increased uncertainty leads to overstocked inventories. But these systems don t have access to real-time information about production plans. success was .can t react to chan ges in customer demand because distribution focuses inside the four walls and transport ation manages equipment. The result of these factors is that there is not a single. greater product diversity. In the past. manufacturing and the purchasi ng organisations along the supply chain operated independently. These processes take place sequentially.distribution and transportation . Ma ny manufacturing operations are designed to maximise output and lower costs with li ttle consideration for the impact on inventory levels and distribution capabilities. Purchasing contracts are often negotiated with very little information beyond hi storical buying patterns. And at each handoff between applications. Faster customer service. These problems clearly indicate that a new approach to supply chain management will be the key in the new market of today w hich are dynamic and volatile. Manufacturing determines production and passes finished goo ds to distribution. inventory in other facilities.

the customer will purchase another company s product. companies must undergo a fundamental management shift. Manufacturing quality .a long-time competitive differentiato r . In today s business environment it i s important that a business be agile as well as efficient. managing the place at w hich were manufactured and distributed. The bottom line is that customers want ever more innovative and complex products tailored to their specific personal needs and delivered when and where they choo se. meeting customer s specific demands for pro duct delivery has emerged as the next critical opportunity for competitive advantage. companies are reinventing their su pply chains in order to succeed.based upon strong brands and innovative technologies. The ir goal is to bring together the production. quick order fulfillment and fast delivery. and start seeing the supply chain as continuous cycle. Gaining quick access to accurate data can be d ifficult. If a customer is seeking a company s product arid it is not available when he/she wan ts it. They have to stop looking at jobs in iso lation. Supply chain management has come into vogue because companies no longer compete simply on quality. and service capabilities of multiple supply chain partners. They now seek partnership with organisations whose complementary capabilities can give the whole supply chain a competitive edge. To meet the challenge. having the right produ ct at . Instead the winning combination is s trong brands and innovative technologies supported by an agile supply chain capable of responding more rapidly to volatile demand. Supply Chain Efficiency This often means the difference between success and failure for companies. Today. customers are calling the shots. In the past. Companies accustomed to pushing products to stable homogenous markets are now straining to succeed in satisfying more knowledgeable and demanding consumers. T rue competitive advantage is gained when the organisation is able to consistently me et the needs of customers more precisely and in a more timely way than anyone else. manufactures were the drivers of the supply chain. So. Recent years have seen a significant shift in the balance of power between the c onsumer and companies providing them with products and services. To meet these new consumer-driven challenges. delivery.is approaching parity across the board. Increasing de mands for customised products require firms to match market demands with production capabilities and their inventory. and to have them operate as though they were one seamless organisation. Today brands and innovatio n are still critical but they are not enough. and manufacturers are scrambling to meet customer demands for options/styles/feature s. Companies that deal with the consumer through complex distributor/ retailer channels are now finding themselves face-to-face with their end customers via the Internet. Supply chains can help achieve this through the ability to respond quickly to customer demand and by reducing operating costs.

Historically. but for thos e that can deliver the right product in a timely fashion.) The quicker a company gets it. A company. raising the bar of competitive performance.the right place at the right time is one way to define "customer service. Leading companies have cash available 2 to 3 months faster. True value creating opportunities are not limited to cost reduction and asset productivity . Companies le ading in supply chain efficiency have an advantage in cash-to-cash cycle time over averag e companies. how well a company manages its supply chain will determine its business performance. many senior executives viewed the supply chain as a collection of materials management functions (procurement." Save Money/Reduce Costs It includes reducing the cost of getting the products to market. retailers and consumers.supply chains can be significant source of competitive advantage and revenue growth. communications and computing power have created a wealth of opportunities to pla n and execute supply chain activities more quickly and effectively than ever befor e. which reduces its time to market. and then f inished product flow to distributors. containing all costs associated with moving the product through the supply-chain . raw materials flow to manufacturers. Striving to achieve efficiency in supply-chain management should last as long as the company is in business. warehousing. The major emerging opportunity over the next few years lies in creating more value for consumers by enhancing the supply chain am ong supply chain partners. At the same time. (Cash-tocash cycle time begins when commitments are made for the sourcing and procurement of materials and components and continues through the manufacturing and assembly process to final distribution and finishes with the receipt of payment from the customer. will emerge as the winner. In the 1980 s and 1990 s numerous reengineering programs reduce d supply chain costs and assets within companies. E-Commerce is changing th . manufacturing. the quicker it can reinvest it in raw materials and /or plant/operations improvements. recent technology advances in software. Critical time advantage SCM helps companies to compete on time. and transportation). Heightened customer expectation and shorter cha nnel response times will be difficult to achieve for some organisations. And this usually results in a more time-efficient supply chain as well. Finding opportunities to create value for shareholders is a constant pursuit of the CEO. SCM and E-Commerce In the traditional supply chain. As the realisation grows that it is no longer company competing against company but rather supply chain against supply chain. increased market share will be th e reward. The ultimate goal is to improve shareho lder value by differentiating the supply chain from that of the competitors and winni ng and retaining customers as a result. In other words.

consumers have a wide range of choices and are not as influenced by the physical placement of goods or their packaging. Instead of goods flowing from one participant to the next. and reach some consumer s directly all while reducing costs. Retailers can ensure their place in the supply chain by establishing themselves online. If we consider the supply chain play ers as a single organisation the. Traditional r etailers rely on physical locations to store and sell products to consumers. each participant in the chain must establish a more direct connection with the party who pays for it all the consumers. Developing a Web Enabled Supply Chain Model The model is based on the "Pull" based supply chain whereby the customer initiat es the purchase and drives the activities along the supply chain. Distributors can leverage electronic information to supply value to their retail ers. This enables them to provide information about available goods. The model will address the information issues that are associated with above flo ws. The integration of information issues will enable the organisation to manage its sup ply chain in a better way. E-Commerce enables distributors to reach consumers directly. be cause E-Commerce makes it much easier for manufacturers to sell directly to consumers and retailers.. They can link the best manufacturers with the appropriate retailers to vied better en d-to-end service. basic model will be.. today s online market places allow each participant to reduce costs by bypassing some of the other participants.is linear view of business-to-business interactions. Also manufacturers need to reinforce brand identity to build mind sha re with the public and ensure future sales. In the Pull model customer satisfaction depend on effectively l inking the customer information gathering front lines (sales and customer service) to the u pstream functions (manufacturing and distribution). fulfill electron ic orders. In an electronic environment. In addition to these opportunities there exist certain risks also. In such a basic model the information flows using the Web may be considered to b e: If the model is to be considered in terms of a “manufacturer centric” one certain . making manufacturers with weak brands vulnerable. This model is the rea lity today with the power being shifting to the customer. Distributors are easy to eliminate from the supply chain. Manufacturers and distributors alike can bypass these retail channels by selling directly to consu mers via the World Wide Web. In some instances. Manufactures can provide better product information to the rest of the supply chain and take advantage of new electronic channels to reach customers for their branded products. To survive.

For inst ance we can consider web enabling the supplier and the manufacturer. The four major decisions are location. Suppliers in this case will therefore deliver data and the product and services that can be integrated in to the customer’s business process electronically. which prepares the organization for E-Commerce. In the Logistics SCM a concurrent move is taking place in electronically linking up the logistics providers along with suppliers and customers. l . Internet will shift to customer-centric computing. Both stages are supplier-centric models. Supply chain decisions are strategic decisions (long term) and operational decisions (short t erm). It also enables radically different relationships and generates competition and how effectively suppliers can integrate their information with the customers’ business systems. This will help customers to obtain personalized data and products and service tailored to their needs. production. Thus the complete supply chain including logistics can be operated through E-Commerce. Stage 2 The second stage is when suppliers go beyond displaying electronic brochures and allow the customers to place the orders directly with them by linking to internal line of business systems. For this we have to make certain assumptions. “Supply chain excellence through technology” forecasts that the real competitive edge for organizations will come through the se “Intelligence supply chains”. Stage 4 The ultimate stage is the automated inter-business process where the decision ma king system between the customers and suppliers are tightly integrated.functions of the model are ideal for converting into a web enabled one. According to Mr. George Moakley. Stage 3 In the next stage. fewer order entry errors. Supply Chain in the Age of E-Commerce • Lower operating costs through reduced inventory requirements • Improve customer satisfaction by maintaining adequate stock • Improved productivity through better data integrity. Inventory and Transportation’s (distribution). They are • The company has a vendor rating program • A source list of all the raw materials for all products is maintained • The supplier is having net enabled PC • The information exchange is secure and protected • The manufacturer’s web site is integrated with his internal IT system (central) repository) The information exchange that accompanies the flow of goods and services between the manufacturer and the supplier may be 1) Electronic purchase orders 2) Production plans (time period) 3) Re-order levels 4) Information re-order levels The Stages of SCM Stage 1 Web presence is the first stage.

• It supports both differentiation-based and cost-based strategies • It contributes to world-class performance by progressing beyond functional excel lence and cross-functional integration..ess rework and faster communications. The Supply Chain Development Model Fi r st Dimensi on: The closed loop It contains of the four stages. • It integrates the activities of all members of the value-added chain to produce higher levels of performances than can be achieved individually. or to create operational efficiencies? • Ti me: Is this cycle time from source to delivery limited only by physical const raints? Supply chain integration is practised in aboard range of industries. These are 1. and replenished direc tly from the distributor inventory. Objectives The progress and success of supply chain management should be measured against objectives. The evaluation begins with the diagn . Supply Chain Management in Practice Supply chain integration practices can be tailored to unique industry situations . • Servi ce: Do customers receive what they ordered. . • It focuses on the practices used by the different businesses that together produ ce the product and service the customer. Supply Chain Management as E-Business This is done over the web using: • Customised extranet sites • Web servers • Group-ware (email integrated collaborative software) Characteristics of Supply Chain Management • Supply chain management is a tool to achieve sustainable competitive advantage. when they want it in the manne r they desire? • Cost: Is the net landed cost to the end user optimised with service and time requirements? • Assets: Does inventory exists within the supply chain merely to respect the vari ability of consumer demand. quick response and continuous replenishment. A leading distributor of hospital supplies offers a program to deliver hospital pr oducts directly to the nursing station. bypassing storage and handling in a hospital in a hospital store room Orders are issued based on nursing station use. • Supply chain management practices create supply chain integration that yields superior business performance. Diagnosis and concept development The first stage is assesses the supply-chain competitiveness of the organisation and builds a vision the desired supply changed. reducing operating costs and investment. yet an en tire step in the traditional flow of products is eliminated. timeliness and accuracy are paramount. Supply chain integration can be evaluated against the objectives of. • Supply chain integration utilises a variety of business practices such as just-i n-time manufacturing.

capital. quality. 1. quality and volume of goods keep ing in mind that customer demand and satisfaction must be met. and linking information resources throughout the chain for speed of exc hange. 2. A delicate balance exists between too many inventories and not enough inventorie s to meet market demands. and placing them in prime locations to the market serve d. inventory. the long terms supply chain stru cture is designed in detail. 3. supply. 4. 1. costs and service. The production must focus on capacity. Transportation Any organisation must have a transport mode in place to ensure a smooth distribu tion of goods. and once performance drivers are assessed. cost and service. and informati on. 2. people and resour ces are effected to team building and high involvement activity. quality. 3. Location The strategic decision must focus on the placement of production plants. location. Production Strategic decisions regarding production focus on what customers went and the ma rket demands. economically and efficiently while keeping the quality high and must carefully s elect the suppliers for raw materials. flexibility. Performance Results It is the stage when results of the plan are measured for performance success of the five drivers like velocity. Supply An organisation must determine what their facility or facilities are able to pro duce. distrib ution and stocking facilities. 6. Second Dimension: Si x Key Holes These are production. transportation. flexibility. The master plan i s a continuous closed loop process. Detailed action planning The second stage is the engineering phase that future develops the master plan i n detail that is created in stage one. During the phase. Inventory The strategic decisions focus on inventory and how many products should be in-ho use. Building capabilities This is the stage of the effort when detailed plants to achieve world class supp ly chain agility and performance are executed. both. Information Effective supply chain management requires obtaining information from the point of end-use. Velocity .osis and comparison of business objectives against existing capabilities and performance. Thi r d Di mensi on: Per for mance dr iver s for success These are velocity. 4. the major activi ty returns to stage 1 for further diagnosis and development. 5. New technology.

finished products and information travel through the supply chain. For companies concerned about time-based competition. Quality It is the degree of excellence performed in designing. Supply Chain Management Software From source to shipping to manufacturing.Time stamping of transactions and events . 4. 2.Trust Management (Certificate Revocation) . selling. Quant itative approach is the more traditional method of customer service of orders placed to orders shipped. Requirements of Supply Chain Management Any secure networked supply chain requires: • Public-Key Infrastructure (PKI) Technology Solution • Data Privacy over un-trusted networks Encryption • Data Integrity Digital Signature • Password management • Public key authentication techniques. components.Digital Certificates .Digital Signature Encryption . 3.It is the rate at which raw materials. the establishment of the network and the associated flows on them. The qualitative approach measures the customer s satisfaction with serv ice received. • Location • Production • Inventory • Transaction (distribution) These decisions are focus more on the design aspect of the supply chain. SCM software can be one of their most powerful weapons. . Network Designs Methods These models typically cover the four major strategic decisions. SCM software turns discrete supply cha in function into an intelligent process. • Electronic Authentication and Digital Signature with PKI certificate • Strong binding between a user and a transaction Public Key Infrastructure . Costs Cash are the total cost of the conversion and movement through the supply chain per unit.Encryption Key Recovery PKI Integration with Business Application With the adoption of the above-mentioned aspects the supply chain would prove to be a competitive differentiator to a firm. Service Customer s service is the quantitative as well as qualitative measurement. It enables them to collaborate with suppliers Importance of Networked Supply Chain Management Today s customers want / expect to • buy in small quantities • buy customised products • postpone the buying decision to be close to the act of purchase • enjoy and be rewarded by the buying experience and • get instant gratification of their needs Supply Chain Modelling Approaches It consists of the following three methods: A. parts. producing and de livering products and information. Flexibility It is the ability to adopt new or changing demands m the market. 5.

custome r business practices and technology. approaches such as phone or mail. Supply Chain Process Supply chain integration links suppliers. The opportuni ty to manage the method or order entry creates the potential to solidify marketing str ategies. Or der Cr eation Order creation results in the customer’s decision as to the quantity. incur lower manufacturing and distribution costs. quantity. Producing closer to the point of need minimises the risk of obsolescence or rewo rk. and the potential to contribute to supply chain integration . and cost structures. storage space. on the way they desire. manufacturers. competitor’s capabilities. and give higher quality. considering both strategic and operational elements. Processes that are well aligned will produce higher servi ce. time and cost. The opportunity to co-ordinate consumption and production creates th e potential to minimise investments in finished goods. and build relationships. and schedule of product generation. Leaders in supply chain integration provide a variety of order entry methods so that customers can order. to permit a mutual benefit. Simulation based methods It is a method by which a comprehensive supply chain model can be analysed. Or der Entr y The order entry process enables a custom’s desires to be acted upon. The key pro cesses within the supply chain are depicted in the above figure. Pr oduction Pl anning Production planning establishes the location. Eac h supply chain partner should support others to create greater productivity. channel partners. Supply chain integration through the order creation pro cess requires deep understanding of marketing strategy. create sales opportunities. such as explicitly considering the sites relation to the others in the netwo rk. frequency an d composition of an order. . These models t ypically assume a "single site" (i.B. and customer satisfaction. Leaders in supply chain integration establish operational capabiliti es are coupled with managed service. ignore the network) and add supply chain character istics to it. Each of these processe s results in the clear output.e. Supply chain integration th rough the order entry process requires through knowledge of customer requirements.. C. However. Rough Cut Methods This method gives guiding policies for the operational decisions. and handling costs. value . one can only evalu ate the effectiveness of a pre-specified policy rather than develop new ones. Comp uterto-computer Electronic Data Interchange (EDI) and voice response expand traditio nal but often valid. and customers through the process used from order creation to customer delivery.

Decisio ns on inventory deployment strongly influence the customer service parameters of ord er cycle time and order completeness. I nventor y Deployment Inventory deployment determines the location of product awaiting orders. Making the correct decision requires a detailed knowledge of production requirements and an intimate understanding of each suppl ier s business drivers. purchase quanti ty. A business strategy of make-to-stock or make-to-order creates different issues. and cust omers. Supply chain integration transforms the procurement process fr om an adversarial relationship based primarily on price to a partnering relationship b ased on total cost. Inventory deployment presents the opportunity to create competitive advantage through responsiveness and service quality. but the objective remains the same. Leaders in supply chain integration have established the shop floor procedures a nd process by which the material will be used in production. purchase frequency. An obje ctive of maintaining inventory only to respect the variability of consumer demand. The opportunity to establi sh singleinventory investments between supplier and manufacturer and customer establishes a potential benefit in capital reduction through integrating this process. production. establishes a stretch goal. Customised transportation programs between supplier and manufacturer are often developed to manage total cost and create mutual efficiencies.Supply chain integration requires linkages with purchasing. or to create an operational efficiency in production or procurement that reduces net landed c ost. . Pur chasing The purchasing process results in decisions on source of supply. I nventor y Management The inventory management process establishes the available product to respond to customer demands. and purchase order composition. Correct decisions maximise availability and minimise cost. Customised transportat ion programs between supplier and manufacturer are often developed to manage total c ost and create mutual efficiencies. Leaders in supply in integration establish customised order quantiti es and frequencies based on mutual understanding of the activities required to create m aterial on the part of the supplier and process by which the material will be used in pr oduction. A production process that exhibits fle xibility and responsiveness strengthens supply chain integration. Pr oducti on The production process generates product. to balance the multiple objectives of each in a manner that achieves overall obj ectives. The benefits of co-ordi nation between customers and manufacturer are lost if the production process cannot rou tinely respond with quality products.

Such change must have the full support and commitment of senior executives. documentation of the existing supply chain eco nomies. Requirements of Supply Chain Integration Identifying opportunities for supply chain integration requires a deep knowledge of customer satisfaction objectives. These supply chain processes are applicable to a broad range of businesses. The opportunity to minimise cycle inventory. By f ocusing on the process outputs. Customer requireme nts for many criteria such as order cycle time. In addition. Supply chain int egration through order fulfillment requires detailed understanding of customer requiremen ts. progressive organisations can develop new business pract ices that achieve improved results. Deli ver y Pr ocess The delivery process produces the cycle time. Integrating the Supply Chain Initiating supply chain management requires top management involvement. reduce buffer inventories and create cost efficiencies. Without a results-oriented process approach. The opportunity to customise an order provides the potential to create additional value by avoiding duplicate efforts and re-handling. the supply chain management approach will call for a c ultural change within an organisation. Attention ma y focus on functional performance and tradeoffs among functions and channel partne rs may not be achieved. Supply chain integration through the d elivery process requires careful monitoring of transportation economics. delivery precision. atte mpts at true breakthroughs among supply chain partners may not be achieved. Supply chain integration must therefore be judged against performance rather than by technique. item availabilit y and order fill rate can be established by a variety of survey approaches and methodologies . Supply chain integration may produce fundamental changes in the relationship among chan nel partners. » Customer Satisfaction Objectives Establishing customer satisfaction objectives requires quantitative analysis of customer requirements and an analysis of the customer’s business issues. delivery precision. » Current Business Practices Understanding current business practices requires an ability to explain not only how key . and arrival qu ality of the customer’s order. flexibility in order selection efficient processes that permit mutual benefits.Or der Fulfi llment Order fulfillment results in the configuration of products that conform to the c ustomer s desires. From the se. and understanding of practices used in other businesses and industries. thoughtful analyses will reveal gaps in practices or gaps in execution that can lead to a prioritised action plan. a commitment to long-term business relationships and a willingness to act in partnership with ot hers.

Close attention must be paid to identifying the rules. Wor k i n time. channel partner. or be left behind t hat is the frantic pace of E-commerce. The Role of SCM in Financial and Market Place Supply chain management assists in achieving financial and marketplace success. opportuniti es will surface and leverage points may be identified. Since proc esses produce results. The web life style is going to be the order of the day in time to come. These can then be synthesised an d prioritised. and customers. quality. to increase customer satisfaction and yield better performance.business processes work but what derives the process. be fast. beliefs. corporate wi ll be forced to revamp their traditional marketing and operating strategies. » Performance profile The performance profile quantifies performance along the entire supply chain: su pplier. The dimensions of time. and customer. It does require insightful thinking about the processes used to make. and sell products. manufacturer. Utilising framework based on business processes assists in moving toward supply chain integration. and financial performance that result along the supply chain. Competitive advantage will spring lar gely from service-focused commitments . so that efforts initiated for supply chain integration yield substa ntial benefits. be adaptable. move. cost and investment should be applied to understand the service. channel partners. and sufficient knowledge will exist to suggest how such opportunities could improve customer satisfaction and business performance. values. Functional excellence is expected of companies to day. Completion of th ese steps ensures analysis of supply chain integration and contains and understandin g of existing business practices and alternative approaches used by others. The integrated movement of materials through the supply chain can build customer satisfaction and improve performance. Leverage points represent the pla ces along the supply chain where large improvements are possible with a relatively s mall investment. Supply Chain Management does not require massive scale or volume. Supply chain management moves beyond that to better align the capabilities of suppliers. Hence. They woul d .the result of intelligent performance with su ppliers and customers. manufacturers. With this knowledge. e very business will have to think as to how they will survive and prosper in their new emerging world. Supply chain management provides and approach for making those objectives a reality. and principles that are incorporated within a business process. Through supply chain management. Potential improvement opportunities may be revealed. » Gaps in practices and gaps in execution From these three building blocks an objective assessment of gaps in practices an d gap in execution must be made. be flexi ble.

Asian paints installed VSATS (Very Small Aperture Terminals) in three p lants and 16 branches. receive the previous day’s stock position from each of the company s 73 branches.spread its geographical reach and increase its product reach.000 dealers . It had therefore to do two things . The new machines handled functions like customer billing and dealer requirements.one of the largest networ ks in India. Today the company has 73 branches and 14. Today a total of 49 VSATS installed at a cost of Rs. From 1981 onwards on the company went for CP/M machines. The company sells 2000 shades and pack types in decorative paints and ano ther 1500 in industrial paints. Asian paints was among the first companies in India to go for computerisation. Since it touches alm ost every person in the organisation. Six Regional Distributions Centres (RDC). In 1983 the company decided to extent computerisation to the shop floor. Since each branch is dealing on an average of 300 dealers. The paint major then decided to install a Supply Chain Manage ment System (SCMS).30 million link six factories and 43 depots. All this meant that the compa ny started selling paints in more number of colours. The company s clerical staff strength has not gone up much and computerisation has helped the company to tackle competition in a more effective manner. each in one zone of the country. This it could do by providing better service and also a wider range of stocks to the retailers.become much more agile in their approach. CASE STUDY: ASIAN PAINTS Background One of the pioneer paint companies in India. The company s strategy to compete against MNCs liker Berger paints and ICI was t o spread to smaller towns. Why did the company go for SCMS instead of an Enterprise Resource Planning (ERP) ? The company felt that ERP implementation takes a long time. So the company developed a Manufacturing Resource Planning (MRP) application in 1984 which is working well even today. By 1978. Asian paints be came the first company to use Unix on the shop floor. SCMS is being implemented in modules and will be fully functional by year 2000. The enti r e concept of the tr aditi o nal br ick-and-mor tar shop wi ll be r eplaced by the vir tual stor e. there is an enormous amount of data is being generated. it meant that all most all the persons in the . But for many Indian companies installing a VSAT is a co stly option even today. The Road to SCMs In 1994. The salesman. all the account functions of the company have been transferr ed to this new machine. shades and can sizes than the competition to a larger dealer network. In 1971 the company decided to go for a mainframe. sales supervisor or th e branch manager according to his requirement does the data crunching. All this computerisation brough t direct changes in two areas.

alone with Java and sometimes virtual reality. and integrated with selling and buying procedures. Electronic catalogues can be sea rched quickly with the help of software agents. The SCMS takes care of the planning system. th en it had gone to implement SCMS to further hone its competitive edge. Electronic catalogues consist of product database. online catalogues have evolved to be more dynamic. users at the plant s among other functions. web browser. On the web-based e-mails. For merchants. play the role of presenting static and dynamic inform ation. SCMS will reduce sales forecasting by the depots from th e present 15 days to one week to one day. the company may lose a sale eventually the customer. It helps to make the core business of the company efficient whi ch is the supply chain for a manufacturing or marketing company. As the online cat alogue . corporate office. With increasing competition this is important. recently electronic catalogues on CD-ROM and on the Web have gained popularity. The reaction from the p lants and depots will also be much faster. and a presentation function. comparisons involving catalogues products can be made very effectively. But SCMS touches a lesser number of people and takes lesser ti me. However. No wonder. The full installation of SCMS will lead to a shorter planning system Fo r example. The company feels that it has a 10 year lead time over its competitors and it wants to maintain this.organisations need to be trained. Also the ERP needs to be customised or the organisation may have to adapt to the ERPs process logic both of which are big a nd will take a long time. Evolution of Online Catalogues Printed paper has been the medium of advertisement catalogues for a long tune. It allows the company to have shorter production cycles. However. if earlier 100 cans were dispatched. the objective of online catalogues is to advertise an d promote products and services. This is frequently done via online catalogues. customised. SCMS will also help to track the various promotion schemes adopted by a branch manager. Also. directory and search capabili ty. since if the products are stocked out. whereas the purpose of catalogues to the customer is to p rovide a source of information on products and services. Electronic Commerce Catalogues or Online Catalogues An important factor in EC is the manner in which products of services are presen ted to the users. The majority of early online catalogues were online replication of text and pict ures of the printed catalogues. now the company will need to send only 20 cans so that it is not supplying more than necessary. enable it determine proper inventory levels based on demand and supply variability. The company recruits IT professionals and a lso rope in training institutes like NUT to train its staff. The Company will know exactly how much s tock each depot will require.

2) The degree of customization Two extremes are distinguished: a. a. ability to integrate with the purch asing process. the tools for building online catal ogues are being integrated with merchant sites.upenn. in B2B. some ads about company image can only be linked with e-mail. Stati c catalogues: The catalogue is presented in textual description and static pictures b. conside ring the fact that printed newspapers and magazines have not diminished due to the online ones. customers need compu ters and the Internet to access online catalogues. 3) The degree of integration of catalogues With the following business processes: a. we can guess that the paper catalogues will not disappear in spite of the popula rity of online catalogues. Dynamic catalogues: The catalogue is presented in motion pictures or animation. Howev er. such as ease of updating. since computers and Internet access are spreading rapidly. Order taking and fulfillment b. Ready-made catalogues: Merchants offer the same catalogue to any customer. However.edu/davudtic.pobox. There seems to be room for both media. Customi sed catalogues: Deliver customised content and display depending upon the characteristics of customers. as shown in the following Application Cas e 1: Advertising in Online Catalogues versus Electronic Mails Some catalogues on Web sites provide text and pictures without linking them to o rder taking. Refer to Calvin Klein ads in www. we can expect a large portion of paper catalogues to be r eplaced by or at least supplemented by electronic catalogues. Inventory and accounting system e. Although there are significant advantag es of online catalogues. possibly with sound to supplement static content. Most of all.is integrated with order taking and payment. ther e is no reason why the catalogues cannot be linked with order taking or at least e-mail contacts. Paper catalogues Comparison of Online Catalogues with Paper Catalogues The advantages and disadvantages of online catalogues are contrasted with those of paper catalogues in the following table. the dedicated advertising site seems to be a transient form of e-mail. b. Suppliers or customers extranet f. paper catalogues may disappear more quickly. and coverage of a wide spectrum of products with a strong search capabi lity. The site has an electronic directory with a large number of electronic catalogues. Intranet work flow software and systems d. However. Electronic catalogues can be classified according to three dimensions: 1) The dynamics of the information presentation Two categories are distinguished. On the other hand. there are still disadvantages and limitations. However. So. Electronic payment system c. because the ads do not .

so many catalogues had a life-cycle of two years. Then. usua lly a customer of the catalogue owner. It just r eminds people about the taste of Coca-Cola. customers do not have to deal with irrelevant topics.00 0. The estimate of the cost of setting the o nline catalogues up and running is $1. and display formats.000 in faxback phone costs. Cookie techno logy is . It can be tailored to individual shoppers in so me cases as well. APPLICATION CASE 1 With annual revenues of more than $5. These catalogues cover about 134. Product offerings can be specialised for each customer s organisation or for individuals with specific ne eds.cocacola.broadvision. even tho ugh products changed more often than that.com). LiveCommerce features a specialised catalogue langu age that offers complete control over the look and feel of catalogs. AMP had only enough resources to update about one-half of their 40 0 catalogues each year. Every customer company can view a custom catalogue with individualised prices.openmarket.2 billion. This combinatio n of power and flexibility allows a catalogue to be quickly and easily modified to me et the evolving needs of customers. AMP. value-added capabil ities that make it easy for customers to find the products they want to purchase. product s. Coca-Cola s Web site (www. However. A tool that aids customisation is LiveComme rce from Open Market (www.000 electrical and mechanical components . For instance.pointcast. with the remainder spent for language translation and catalogue development.correspond to a specific product. software and hardware costs were $300. An e-mail manager who uses LiveCommerce can control a complete range of information that the customer sees and link the online catalog ue with related computing resources.com) and Point Cast (www. Customised Catalogues A customised catalogue is a catalogue assembled specifically for a company. For collecting data. you can buy Coke s collector items and more. There are two approaches is to let the customers identify the interesti ng parts out of the total catalogue as is done by companies such as One-to-One (www. LiveCommerce allows the creation of catalogues with branded. roughly one-fifth of the previous pri nting costs.000 to $400. an electronics components manufacturer.com) is not appropriate for taking Coke s orders online. In this past.com/livecom).2 million. The second approach is to let the system automatically identify the characterist ics of customers based on their transaction records.2 million. Of the $1. spent more than $7 million each year to mail and update 400 specia lty catalogues to its distributors around the world and another $800. See the demos of their customers. and quickly compose their order. loca te the information they need.

Joe logs on to the Acme Shopping site. Joe also has some very distinct hobby areas-one is photography. so Joe f urther refines his preferences to reflect that he is only interested in electronics tha t relate to photography and cost $300 or less 1 . It may not be wrong to say that everyone associated with the . He is not a sportsman or a great book lover. However. incl uding electronics. Indeed recent advances in the field of information technology contribute significantly to improve the services of libraries. 1 Source: Oracle’s white paper (1998). to generalise the relationship between the customer and items of interest. Joe is only interested in clot hing and electronics. The Internet explosions have opened up electronic information to the masses and they are demanding that information be presented t o them in an aesthetic manner. Furthermore. After Joe has recorded his preferences. Acme shopping offers a wide range of products. digital librari es and virtual libraries.used to trace the transactions. Against the backdrop of intense competition for Web airtime. and interest areas. let us review a scenario of using a tool b y Oracle called ICS in a customised catalogue. DOCUMENT MANAGEMENT AND DIGITAL LIBRARIES Gone are the days when libraries were store houses of books. data mining technology and support by intelligen t systems. he only sees products related to photography -cameras an d accessories. the first page of the electronic store w ill show him only the clothing and electronic departments. As an example of the second approach. when Joe goes int o the electronics department. is necessary. preferred metho d of payment. building brand loyalty to that Inter net store. But some of the products are way out of Joe s price range. libraries have evolved to become information provider rather than mere documents provider. books. such a neural network. Such personalisation gives the consumer a value-added experience and adds to the compelling reasons for revisiting the site. clothing. This second approach can be effect ively combined with the first one. personalisation pro vides a valuable way to get the consumer matched to the products and information they ar e most interested in as quickly and painlessly as possible. where he has the option to register as an account customer and record his preferences in terms of address details. With the development of automation and computing and a knowledge society. Information technol ogy has changed the complexion of today s libraries in a big way with the current th rust on universal education. the impact of information technology has led to a paperless society. and sporting goods. Furthe r. P6.

Mosaic etc. WWW also provides hypertext link s between textual documents of related files. capable o f computing at very high speed and having large disc storage space. A large number of information fragments. Hypertext Transfer Protocol (HTTP) refers to the protocol enabling ret rieval of information pointed to by the hypertext link.com. This is meant fo r information retrieval services on the Internet.server protocol.management of knowledge in the coming days would be talking about the digital processes and the digital library. The format of the URL is: Protocol/host/path filename. The World Wide Web popularly known as WWW was started as a project in 1992 by CERN (European Laboratory for particle physics) in Switzerland. colour imag es. This protocol can transfer plain t ext file. we can say that the web is an important tool for dissemination of information. a worldwide ne twork of thousands. The word hypertext (HT) means the combination of natural language text with embedded links enabling non-linear information s access and navigation. of networks interconnecting countless computers located world-wide.vtls. The Uniform Resource Locator or URL specifies the Internet Address of a file sto red on a host computer connected to the Internet. Every file on the Internet has a uniq ue URL. It is important to mention here that HTTP is an internal requirement of WWW and is also sometime referred to as client . ‘http’ stands for the proto col. Precisely. it is possible to digitise and store information in the form of high quality graphics. URLs are translated into numeric addresse s using the Domain Name System (DNS). Internet.http://www. Netscape communicator. graphics and images linked together electronically/forming a multi faceted indefinite shaped database in which one can write and read the information nonlinearly. Hypertext Markup Language (HTML ) allows the authors of a document identify particular locations within their docu ment as the source of the links and to specify the location of the target of those links . which is interpreted by a WWW browser such as Internet explorer. The Web software programmes use the URL to retrieve the file from the host compu ter and the directory in which it resides. h as become a most efficient channel for dissemination of information. In this process the client (who is a us er of hypertext document) may ask a query to the server makes available the required information in a formal. For example in the site . hypertext or even images from the server end to the user s end. With the availability of computers. World Wide Web (WEB) technology based on Hyper Text Markup Language (HTML) and emergence of advanced web browsers have provided a very easy-to-use interface to users. ch unks such as text. givin g clickable access to the vast amount of multi-media information stored on million s of web servers across the globe. . voice signal and video clips at a relatively affordable cost.

Unlike a conventional library wh ere users are provided with physical materials from many sources. This information explosion is not confined to any partic ular subject and is also taking place in Social Sciences and Humanities and in every country. By now the number of documents may have risen to four trillion. The Stanford Digital Library project states. With libraries facing manpower and monetary constraints. the participant libr aries are coming together to convert their holdings to electronic form and then putting th em on . In addition to the above. Producers of in formation will make it available.‘www’ stands for World Wide Web i. there are close to 50. "Powershift" that in one year the U nited States runs out 1. uniform access to networked informat ion collection”. "th e digital library will be a collection of distributed information sources.personal information collection to col lection of conventional libraries to large data collection shared by scientists. but a network of multimedia systems. According to another estimate. Need for Digital Libraries In 1990 Alvin Toffler estimated in his book. the middle name ‘vtls’ belongs to a particular organisation (it refers to the organisation to which the site belongs). it is impossible to acq uire every publisher s document under one roof and thus evolved the concept of resour ces sharing and networking. A typical digital library is a media server (group of interl inked workstations) connected to high-speed networks. Since information can be digitised. while org normally stands for voluntary or non-profit organisati on. a digital library is a group of distributed repositories that users see as a single repository in digit al form. and com means a commercial organisation. Similarly edu means educa tional institutions. University of California. Web or the Internet.e.3 trillion documents. Integra ted virtual libraries provide an array of new services. dozens or domain names have been assigned to identify the country and locate files stored on host computers in different countries around the world. Meaning of Digital Library Digital Libraries does not mean Libraries in the classical sense. and consumers will find it perhaps through the help of a utomated agents". According to the Berkeley Digital Library project. like the ever-attendant waiter filling your water gl ass before you know it is empty.000 perio dicals in Science and Technology. the information ar rives as needed at the users screen. In other words we can say that in digital library. "Integrated digital librar y will create a shared environment linking everything .

it requires a large amount of storage space. Characteristics of Digital Libraries The transformation effects that digital technology brings in to information syst em are as follows: Collecti ons: Digital library collections contain fixed. touch screens. electronic storage. is poor. CR-RO M. 5) Display technologies . allowing them to make searches . the digital library seems a suitable solution at the moment. Methodology The first major process is to digitise the entire physical medium. hard disks. image navigator software etc. Wor k: Digital libraries are to be used by individual working alone. There is wo rkoriented perspective focusing on a group of information analyst. presently m ost of the information is reproduced on paper. The legibility of documents. the content has to be catalogued and indexed so th at the repository can be easily made available to users. Since there is a demand for information with a facility for searching tailor-made information at faster speed. reprography copy stand.a variety of devices to store and retrieve information in digital form such as magnetic tapes/cassettes. electronic publishing. voice recognition s ystems. 2) Storage technologies . They are basically grouped as: 1) Computer technologies with input devices that collect and convert information into digital form. Technologies: The digitisation requires certain technologies. floppy disks. This may get started with the use of Optical Character Recognition (OCR) to convert the captured digi tal images to text content. and the transmission of the same to other users is difficult. smart cards etc. Moreover. Wh ile current libraries have more dynamic collections. high-resolution digital camera.the network. Further. flatbed scanner. 3) Processing technology . which are repro duced. a digital library facilitates q uicker handling of information. Such devices include keyboards. Next. The technology for electronic transfer of information is developing rapidly. It is viewed that the support for communications and collaboration is as important as information seeking activiti es. Tr ans-bor der ing of I nfor mation: Breaking the physical boundaries of data transfers within and outside the countries. 4) Communication technologies primarily to communicate information in digital fo rm.creating the systems and applications software that i s required for the performance of digital network. processing and delivery of informatio n including text and images are all feasible and operational.varieties of output devices. DAT Tape. work being done and the documents and technologies that support it. permanent documents.

enterprise. One can enlighten himself/herself even sitting a t home. sex etc. access and preservation of information. public digital libraries. This facility is very useful since it not only saves the amount of money require d for travelling but also precious time. The library authority have to discuss seriously with pub lishers on this aspect in order to evolve some mechanism profitable to both users. irrespective o f caste. Any research scholar writing thesis on agrari an reforms done during Mogul period in India may access the requisite material from any corner of the globe provided the library specialises in the said theme is puttin g their material in digitised form for world wide access. Challenges Faced by the Digital Library 1) Pr otecting the intellectual proper ty r i ghts A major administrative challenge is in complying with copyright and intellectual property rights issues. subject and various other searches. • The e-books and journals provide key words. publishing.for information through bibliographic description or content. creed. group. Users may be charged for each access. religious. Advantages of Digital Library The major advantages of Digital Libraries are mentioned below: • Promote universal accessibility • Access to more information than is possible to physically acquire and maintain • Protecting rare books that are rapidly deteriorating due to over-use and poor st orage conditions. In case of multi-media collection such as video. annotation and integration of information • Integrating personal. Functions of Digital Library The key functions of digital library are: • Providing access to a very large information collection(s) • Supporting multi-media content • Making the network accessible • Providing user-friendly interface • Providing unique referencing of digital objects • Enabling link representation to local/external objects (hypertext) • Supporting advanced search and retrieval • Making information available for a very long time • Supporting traditional library missions of collection development. • Provide multiple access and access through the campus LAN • Facility for the downloading and printing • Saving the cost and manpower required for publishing and bringing out new editio n. • One copy of the documents could be viewed by any number of persons simultaneousl y. publishe rs as well as authors. • A tool for preservation of heritage. downloading from servers and/or . • Saving space which is required for physical documents. age. catalogues would have a preview of a video clip descri bing the consents of the actual video file. Users of the Digital Public Library Digital library can be accessed by all sections of the community. organisation. • Supporting editing. • The user can peruse them instantly.

Allowing broader access to the unique collections held by the library . Dante. proud of having produced the best IT professionals. however. We ar e indeed.Determining how to achieve self-funding digitisation and delivery. 4) Technophobia In general. It was successfully completed and the Gallery later decided to provide access to their collections through a web site that serves the general public. Indian Scenario India has made tremendous progress in the field of Information Technology. and networking stress etc. fear any upcoming technology. a team comprises the Vatic an Library IBM research. In 1995. parallel satellite. The project s goals included: . These professionals . 2) Secur i ty aspect This is the most pressing challenge of the digital affair. Piracy of database. IBM started working to develop a digital library of images of the gallery s arts . Homer and Virgil However.each kind of digital library collection. the Internet and collecting the view of participating scholars.Protecting the Vatican Library s assets . because of the time and cost required to travel to Rome. These are not only the libraries/information centres which have made progress m the area of digitisation. some people do. the Pontifical Catholic University of Rio De Janeiro and C ase Western Reserve University investigated the practically of prodding Online Digit al Library service to scholars. Their website www . making them availabl e via. 3) Lack of exper ti se Not too many vendors/experts are available m the country and abroad as well. authors and libraries. Euclid. Efforts in the West The Vatican Library possesses an extraordinary collection of rare books and manuscripts such as original copies of works by Aristotle. These goals were pursued though scanning set of manuscript. v iral invasions. In fact there are a number of libraries in the developed c ountries where sizeable collections of the library have already been digitised and also m ade available for world wide access able it with some restrictions.nga.Providing tools that enable more effective scholarship . for instance the (U S) National Gallery of Arts has an extensive collection of paintings and drawings. are some of the issues for digital libraries are confronted as a way of routine. Ove rseas vendors charge too much and also reluctant to import techniques/technology. This would provide revenue for publishe rs. In 1990. Individuals m ay have several reasons for not using the new technology. only ab out 2000 scholars can afford to visit each year.gov first made public in 1997 provides some of the most beautiful images available o nline. s everal digital library projects have also been executed in the USA. Moreover.

6) Why do companies care about supply chain efficiency? 7) Explain the characteristics of an efficient supply chain management. destroyed and stolen. and applications. archaeologic al findings. QUESTIONS 1) Explain Intra-organisational Electronic Commerce and its functions. Sunmicro Systems and VTLS Software Company. probably. . The university has already identified and started digiti sation process for its thesis/dissertation collections. unfortunately. museums and at so many others places. in the field of automation of libraries not only IT professionals but also libraries have shown a great interest and hen ce today a number of libraries in the country / have either been automated or in the proc ess of automation.are greatly in demand across the globe interestingly. This will be joint effort of UO H. we have not yet ma de any significant headway. mutilated. Indeed the vast amount of information in our country is sca ttered in libraries. 10) Describe the supply chain development model 11) List the advantages of electronic catalogues over paper catalogues. in the digitisation area. In academic ins titutes. Some of this invaluable information have g ot lost. oral and disciple traditions. for which we cannot do much. and advantages. We can start digitisation process of our rate collections. 8) Discuss in detail supply chain modelling approaches. 5) Briefly explain the problems of traditional supply chain.End of Chapter - . 12) How does a Digital Library work? 13) Explain the need of digital library and its challenges. 9) Explain the importance of networked supply chain management. Nevertheless huge amount of information is still available and could be used for the development o f society. 4) Explain supply chain management (SCM) as a competitive strategy. 2) What is supply chain management? 3) Narrate the components of a typical supply chain. the central University of Hyderabad (UOH) will establish the first dig ital library in the country. However. individual possessions. which would be an important step in preserving our composite culture and heritage.