E-Commerce

UNIT-1
Introduction of electronic commerce

E-Commerce
E-commerce (electronic commerce) is the buying and selling
of goods and services, or the transmitting of funds or data, over an
electronic network, primarily the internet. These business transactions
occur either as business-to-business (B2B), business-to-consumer (B2C),
consumer-to-consumer or consumer-to-business.

The terms e-commerce and e-business are often used interchangeably.

Goals of E- commerce

 More than reach, it also important for increasing digital transaction

of the country.
 Customer satisfaction will be improved more.
 More offer and discounts will be provided for buyers.
 Helps to increase our national income.

Technical components of e-Commerce

1. Suppliers and supply chain management

You are or plan to be a retailer in an increasingly

competitive market. It means a lot to come up with a great idea, drive
good traffic and convert it to sales but you can't do that without the
right products, delivered at the right time, with a price the market is
willing to pay.
Suppliers meant a whole lot when ecommerce was not around. Now - even
more so. When it comes to ecommerce, suppliers can provide you with the
right merchandise but they can also take the stocks burden off your
shoulders. Amazon, for example, relies heavily on its marketplace
partners to increase listed products number, without buying stocks for
those products.

2. Warehouse operations

Post brick-and-mortar retail relies on electronic

communication and product display. But when a product is bought it has to
come from somewhere, right? Seal the deal with the suppliers and it's
off to the Warehouse, that magical place where online retailers pick
products from the shelf, pack them neatly and prepare those products to
be delivered.

3.Shipping and Returns

Just as mentioned above your merchandise may be

displayed and marketed online but it has to be packed and reach its
destination in the real world. That's why you need a good warehouse
management and that's why you need a great shipping service.
Shipping is usually an outsourced service. The best thing to
do, unless you're swimming in cash and you want to start competing the
likes of FedEx and DHL, is employ one of the shipping providers and
negotiate your way to a marketable shipping cost. Such a cost is likely to
be, in the future, one you will be paying yourself-so pay attention.

4. Client Relationship Management (CRM)-software and policies

CRM, It just means that everything you do needs to be

done "for the customer, by the retailer". You need to understand the
customer purchase patterns so you can recommend the most suited
products. You need to record purchases, interests, preferred channels
and basically all there is to it when it comes to understanding your
customer.

Functions of e-commerce

These are the typical functions of an e-commerce system

available both on back office and front office:

• Registration
• Basket
• Payment
• Product management
• Orders management
• VAT and shipping costs

Registration
 In order to make a purchase, users must register with the site,
providing all the information needed for shipping and billing.
 The data will be stored on a database and will be available from the
back office.

Basket

 The basket is a tool that, like a shopping basket, allows users to

select the products they want and then go to the Managing the
basket means:
 checkout for payment.
 Summarizing user requests within the possibilities offered by the
catalogue Checking the basket and possibly cancel/modify the items
placed in it
 Starting the payment process for the selected products

Payment
 The payment system is a mechanism that facilitates dialogue between
the parties involved in financial transactions: the bank, the store and
you with your credit card.
 After filling in the order, the customer enters his/her credit card
number that travels along a channel solely accessible
 to the bank. The bank checks the customer's account and decides
whether or not to authorize the payment.
 The operation takes a few moments. If approved, the bank performs
the transaction and transfers the payment to the account. If denied
the user is notified that the transaction cannot be completed and his
order is cancelled.

Product management

Product management: this makes it possible to define a product via

a set of standard fields:
 • Product code
 • Category
 Subcategory
 • Product name
 • Description
 image, zoom
 • Sizes available
 • Price in euros
 • 'Pieces' in stock

 The products can be searched by category and subcategory.

 The back-office feature that allows you to associate related products
to further stimulate online sales is very useful.

Order management
The order is the card that summarises all the delivery
and order information to enable correct delivery. It includes:
 List of products purchased
 User information
 Details of place of delivery
 Delivery time information
 Payment information

Listing orders and customer details

From the back office of the site you can search and sort orders by:
• Customer
• Order status
• Date
• Payment
Orders may be printed for attachment to the shipment (packing list).

VAT and shipping costs

In addition to the cost of products purchased, the system
manages the VAT and the shipping charges. The e-commerce module is
able to manage VAT rates in countries within and outside the EU.
Shipping costs both fixed and variable based on the weight and volume of
the shipment.

Discounts
Discounts and promotions are managed for a single product or
product category.
This second phase of the site requires a detailed analysis of
your current storage and order management system which it will be
necessary to integrate.
Advantages of e-commerce.

 Availability. Aside from outages and scheduled maintenance, e-

commerce sites are available 24/7.

 Speed of access. While shoppers in a physical store can be slowed

by crowds, e-commerce sites run quickly, which is determined by
computer software. Product and shopping cart pages load in a few
seconds or less. An e-commerce transaction can comprise a few clicks
and take less than five minutes.

 Wide availability. E-commerce enables brands to make a wide

array of products available, which are then shipped from a warehouse
or various warehouses after a purchase is made. Customers will likely
have more success finding what they want.

 Easy accessibility. Customers shopping a physical store may have

difficulty locating a particular product. Website visitors can browse
product category pages in real time and use the site's search feature
to find the product immediately.

 International reach. With e-commerce, businesses can sell to

anyone who can access the web. E-commerce has the potential to
extend a business's customer base.

 Lower cost. Pure play e-commerce businesses avoid the costs of

running physical stores, such as rent, inventory and cashiers. They
may incur shipping and warehouse costs, however.

 Personalization and product recommendations. E-commerce sites

can track a visitor's browse, search and purchase history. They can
use this data to present personalized product recommendations and
obtain insights about target markets.

Disadvantages OF E-Commerce

 Limited customer service. If customers have a question or issue in

a physical store, they can see a clerk, cashier or store manager for
help. In an e-commerce store, customer service can be limited: The
site may only provide support during certain hours, and its online
service options may be difficult to navigate or not answer a specific
question.

 Limited product experience. Viewing images on a webpage can

provide a good sense about a product, but it's different from
experiencing the product directly, such as playing a guitar, assessing
the picture quality of a television or trying on a shirt or dress..
 Wait time. With e-commerce, customers must wait for the
product to be shipped to them. Although shipping windows are
decreasing as next-day and even same-day delivery becomes common,
it's not instantaneous.

 Security. Skilled hackers can create authentic-looking websites

that claim to sell well-known products. Instead, the site sends
customers fake or imitation versions of those products -- or simply
steals credit card information.

Scope of E- Commerce

1. Exchange of digitized information:

The digitized information exchange can represent
communications between two parties, coordination of the flow of goods
and service, or transmission of electronic orders. These exchange can be
between organizations or individuals.

2.Technology-enabled:
E-Commerce is about technology-enabled transactions.
Web browsers are perhaps the best Know of these technology-enabled
customer interfaces. However, other interfaces including automated
teller machines (ATM's) also fall in the general category of e-commerce.
Business once managed transactions with customers and markets strictly
through human interaction; In e-commerce, such transitions can be
managed using technology.

3.Customers retention:
E-Commerce enables organizations to get classified and
customized market information that helps in retaining customers through
fast order fulfillment and effective customers relationship
management (CRM). End-to-End supply chain management in e-commerce
provides the opportunity the overall flow of demand and supply and
results in fruitful customers retention.

4. Accounting: Financial accounting, treasury management and asset

management are best possible in e-commerce because of integrated
database. Financial planning and strategy determination become more
convenient in e-commerce.

5. Supplier integration: For lowering inventory-carrying costs and

broader availability of material and opportunities suppliers network can
be integrated through EDI to implement just-in-time (JIT) inventory
management.

6. Support the exchange: E-Commerce includes intra and inter-

organizational activities that support the exchange. The scope of e-
commerce includes all electronically based intra and inter-organizational
activities that directly or indirectly support marketplace exchange. In
this sense, we are talking about a phenomenon that affects both How
business organizations relate to external parties customers, suppliers,
partners, competitors, and markets and how they operate internally in
managing activities, processes and systems.

Applications of e-commerce

The applications of E-commerce are used in various business areas such

as retail and wholesale and manufacturing. The most common E-commerce
applications are as follows:

 Online marketing and purchasing

 Retail and wholesale

 Finance

 Manufacturing

 Online Auction

 Online publishing

 Online booking (ticket, seat, etc.)

 Entertainment

 Education
Types of E-Commerce
E-commerce is used in various business fields; the
major categories of e-commerce are:

 Business-to-Business (B2B)
B2B is e-commerce representing electronic
exchange of products, services and information between
businesses Some of the B2B e-commerce applications are product
and supply exchange websites, online directories, that feature an
option to search for particular products and services and thus
initiate payment transactions within.

 Business-to-Consumer (B2C)
B2C is the retail part of e-commerce where
businesses sell products, services and information directly to its
customers online. Now the B2C market comprises all sorts of
consumer goods including many virtual stores and online shopping
platforms where Amazon or flipkart leading the markets with
domination and valuable customers.

 Consumer-to-Consumer (C2C)
It is a type of e-commerce where consumers
could trade their products or services with each other online.
The transactions are carried out through third party online
platforms.

 Business-to-Administration (B2A)
This kind of e-commerce platform enables online
payment transactions between companies and administration or
government bodies.Many government authorities depend on e
services or products directly or indirectly.

 Consumer-to-Administration (C2A)
C2A e-commerce refers to transactions
conducted between individual customers and public
administration or government authorities. Unlike government
authorities, consumers make use of e-commerce and methods to
make transactions for various industries including educational,
health, retail industries.
 Government to Government (G2G) -
Government to government (G2G) is the sharing of
data and/or information systems electronically between government
agencies, departments or organizations. The main aim of G2G is to favour
e-government initiatives by improving communication, data access and
data sharing.

 Consumers / Citizens to Government (C2G) -

C2G applications usually encompass tax payment,
issuing certificates or other documents, etc. Though we can’t strictly
define consumer or citizen to government as e-Commerce, we can see
several C2G applications under the scope of transactions that are done
and handled more efficiently and effectively with e-commerce systems
and technologies. In this type, an individual consumer interacts with the
government. Example: a consumer can pay income tax or house e tax
online.

 Business to Government (B2G) –

B2G networks or models furnish a way for
businesses to bid on government projects or products that government
might purchase or need for their organization. The B2G type covers
contracts of all sorts – for goods, services and information between
businesses of all sizes and government at all levels (both state and
central). Government contracts are mostly large and frequently more
stable than analogous private-sector work.

 Business to people(B2P)
A B2P strategy transcends the B2B/B2C distinctions
by placing the emphasis back on people — either individual consumers or
the several individuals that make up a B2B buying committee.

By adopting a B2P approach, you recognize that each

person involved in the purchase of your products has his or her own
unique needs and interests. These unique characteristics then drive your
entire business strategy – from branding to content creation to customer
service and beyond.
 Business-to-administration (B2A)

Business-to-administration (B2A), also known as

business-to-government (B2G), refers to all transactions between
companies and public administrations or government agencies. Government
agencies use central websites to trade and exchange information with
various business organizations.[1] This is an area that involves many
services, particularly in areas such as social security, employment, and
legal documents.

 peer-to-peer (P2P)

A peer-to-peer (P2P) service is a decentralized

platform whereby two individuals interact directly with each other,
without inter-mediation by a third party. Instead, the buyer and the
seller transact directly with each other via the P2P service. The P2P
platform may provide services such as search, screening, rating, payment
processing, or escrow.
 UNIT-2

Internet Security

computer monitoring

Computer monitoring, a form of electronic monitoring, refers to the

processes and systems used to monitor and record user activity on a PC
or computer network.

Employers use computer monitoring to monitor employees’ productivity,

adherence, and conduct at the workplace. It’s suitable for both in-office
and remote work teams.

Some of the common things employers track on their employees’

computers include:

 The user name an employee uses to log in to their laptops or

desktop computers.
 User activity such as keystrokes, visited websites, file transfer,
etc.
 Time spent on various tasks during work hours.
 Internet and application usage during work hours.
 All internal and external communications (instant messages, emails,
etc.) via the company network.
 Location and IP address (for a remote employee).
 Storage and other peripheral devices like hard drives, flash drives,
printers, etc., connected to the computer.
Companies usually store employee activity logs and time data on secure
servers as part of their compliance programs. They could run analytics on
this data to identify patterns in employee behavior and use the insights
to boost their productivity

Privacy of internet
Internet privacy involves the right or mandate of
personal privacy concerning the storing, re-purposing, provision to third
parties, and displaying of information pertaining to oneself
via Internet.Internet privacy is a subset of data privacy. Privacy concerns
have been articulated from the beginnings of large-scale computer
sharing and especially relate to mass surveillance enabled by the
emergence of computer technologies.
Privacy can entail either personally identifiable information (PII) or non-
PII information such as a site visitor's behavior on a website. PII refers
to any information that can be used to identify an individual. For example,
age and physical address alone could identify who an individual is without
explicitly disclosing their name, as these two factors are unique enough to
identify a specific person typically. Other forms of PII may soon
include GPS tracking data used by apps , as the daily commute and routine
information can be enough to identify an individual.

Coperate email privacy

Email privacy refers to keeping emails secured, either while in transit or

while they're stored in a server. The process of sending an email involves
many hardware and software systems like the email clients, ISPs, and
servers. The emails processed through these systems are susceptible to
unauthorized attacks at various stages.

Businesses need to have privacy protocols in place to avoid attackers

from intercepting emails. Email tampering, spam, phishing,
and spoofing attacks can be avoided if these protocols are ingrained in
the email system of the business.

Computer crime

Computer crime is an act performed by a knowledge computer

user, sometimes called a “hacker”, that illegally browses or steals a
company’s or individual’s private information. Sometimes, this person or
group of individuals may be malicious and destroy or otherwise corrupt
the computer or data files.

Computer crime laws

Computer crime law deals with the broad range of criminal offenses
committed using a computer or similar electronic device. Nearly all of
these crimes are perpetrated online. The internet provides a degree of
anonymity to offenders, as well as potential access to personal, business,
and government data. Many computer crimes are committed as a means of
stealing money or valuable information, although financial gain is not
always the objective. In fact, some of the most notorious incidents of
computer crime involved hackers seeking "bragging rights" by overcoming
government or corporate cyber security measures.

Laws concerning computer crimes have been enacted at the state and
federal levels. In 1986, Congress passed the Computer Fraud and Abuse
Act (CFAA). This law has been amended and expanded as internet
technology has advanced, and it continues to form the basis for federal
prosecutions of computer-related criminal activities. Other relevant
federal statutes include the Electronic Communications Privacy Act
(ECPA), the Identity Theft Enforcement and Restitution Act of 2008
(ITERA), and certain provisions of the USA PATRIOT Act.

Types of computer crime

1. Phishing and Scam:

Phishing is a type of social engineering attack that targets the user and
tricks them by sending fake messages and emails to get sensitive
information about the user or trying to download malicious software and
exploit it on the target system.
2. Identity Theft
Identity theft occurs when a cybercriminal uses another person’s
personal data like credit card numbers or personal pictures without their
permission to commit a fraud or a crime.
3. Ransomware Attack
Ransomware attacks are a very common type of cybercrime. It is a type
of malware that has the capability to prevent users from accessing all of
their personal data on the system by encrypting them and then asking for
a ransom in order to give access to the encrypted data.
4. Hacking/Misusing Computer Networks
This term refers to the crime of unauthorized access to private
computers or networks and misuse of it either by shutting it down or
tampering with the data stored or other illegal approaches.
5. Internet Fraud
Internet fraud is a type of cybercrimes that makes use of the internet
and it can be considered a general term that groups all of the crimes that
happen over the internet like spam, banking frauds, theft of service, etc.
Other Types of Cybercrime
Here are another 9 types of cybercrimes:
1. Cyber Bullying
It is also known as online or internet bullying. It includes sending or
sharing harmful and humiliating content about someone else which causes
embarrassment and can be a reason for the occurrence of psychological
problems. It became very common lately, especially among teenagers.
2. Cyber Stalking
Cyberstalking can be defined as unwanted persistent content from
someone targeting other individuals online with the aim of controlling and
intimidating like unwanted continued calls and messages.
3. Software Piracy
Software piracy is the illegal use or copy of paid software with violation
of copyrights or license restrictions.

An example of software piracy is when you download a fresh non-

activated copy of windows and use what is known as “Cracks” to obtain a
valid license for windows activation. This is considered software piracy.

Not only software can be pirated but also music, movies, or pictures.
4. Social Media Frauds
The use of social media fake accounts to perform any kind of harmful
activities like impersonating other users or sending intimidating or
threatening messages. And one of the easiest and most common social
media frauds is Email spam.
5. Online Drug Trafficking
With the big rise of cryptocurrency technology, it became easy to
transfer money in a secured private way and complete drug deals without
drawing the attention of law enforcement. This led to a rise in drug
marketing on the internet.

Illegal drugs such as cocaine, heroin, or marijuana are commonly sold and
traded online, especially on what is known as the "Dark Web".
6. Electronic Money Laundering
Also known as transaction laundering. It is based on unknown companies or
online business that makes approvable payment methods and credit card
transactions but with incomplete or inconsistent payment information for
buying unknown products.

It is by far one of the most common and easy money laundering methods.
8. Cyber Extortion
Cyber extortion is the demand for money by cybercriminals to give back
some important data they've stolen or stop doing malicious activities such
as denial of service attacks.
9. Intellectual-property Infringements
It is the violation or breach of any protected intellectual-property rights
such as copyrights and industrial design.
9. Online Recruitment Fraud
One of the less common cybercrimes that are also growing to become
more popular is the fake job opportunities released by fake companies for
the purpose of obtaining a financial benefit from applicants or even
making use of their personal data.

Threats

A cybersecurity threat is the threat of a malicious attack by an individual

or organization attempting to gain access to a network, corrupt data, or
steal confidential information.

No company is immune from cyber-attacks and data breaches. Some

cyber-attacks can even destroy computer systems.As cyber threats
become increasingly sophisticated, your business must implement security
precautions to keep your data
safe
 Types of threats

Malware

The most common cyberattack is malicious software, more commonly

known as malware. Malware includes spyware, ransomware, backdoors,
trojans, viruses, and worms.

 Spyware is software that allows attackers to obtain information

about your computer activities by transmitting data covertly from your
hard drive.
 Ransomware is designed to encrypt files on a device, rendering any
files (and the systems that rely on them) unusable. Usually, malicious
actors demand a cash ransom in exchange for decryption.
 A backdoor circumvents routine authentication procedures to
access a system. This gives the attacker remote access to resources
within an application, such as databases and file servers; and allows
malicious actors to issue system commands and update malware remotely.
 Trojans are malware or code that acts as a legitimate application
or file to trick you into loading and executing the malware on your device.
A trojan’s goal is to damage or steal your organization’s data or inflict
some other harm on your network.
 A computer virus is a malicious piece of computer code designed to
spread from device to device. These self-copying threats are usually
intended to damage a machine or steal data.
 Worms are malware that spreads copies of themselves from
computer to computer without human interaction and do not need to
attach themselves to a software program to cause damage.

Malware is usually installed into the system when the user opens a
malicious link or email. Once installed, malware can block access to critical
components of your network, damage your system, and export
confidential information to destinations unknown.

Attack on computers

A cyber attack is an assault launched by cybercriminals using one or more

computers against a single or multiple computers or networks. A cyber
attack can maliciously disable computers, steal data, or use a breached
computer as a launch point for other attacks. Cybercriminals use a variety
of methods to launch a cyber attack, including malware, phishing,
ransomware, denial of service, among other methods

Hacking

Hacking is the activity of identifying weaknesses in a computer system or

a network to exploit the security to gain access to personal data or
business data. An example of computer hacking can be: using a password
cracking algorithm to gain access to a computer system.

Who is a Hacker?
A Hacker is a person who finds and exploits the weakness in computer
systems and/or networks to gain access. Hackers are usually skilled
computer programmers with knowledge of computer security.

Types of Hackers

Hackers are classified according to the intent of their actions. The

following list classifies types of hackers according to their intent:

Ethical Hacker (White hat): A security hacker who gains access to

systems with a view to fix the identified weaknesses. They may also
perform penetration Testing and vulnerability assessments.

Cracker (Black hat): A hacker who gains unauthorized access to

computer systems for personal gain. The intent is usually to steal
corporate data, violate privacy rights, transfer funds from bank accounts
etc.
Grey hat: A hacker who is in between ethical and black hat hackers.
He/she breaks into computer systems without authority with a view to
identify weaknesses and reveal them to the system owner.
Script kiddies: A non-skilled person who gains access to computer
systems using already made tools.
Hacktivist: A hacker who use hacking to send social, religious, and
political, etc. messages. This is usually done by hijacking websites and
leaving the message on the hijacked website.
Phreaker: A hacker who identifies and exploits weaknesses in telephones
instead of computers.
Computer viruses

A computer virus is a program which can harm our device and files and
infect them for no further use. When a virus program is executed, it
replicates itself by modifying other computer programs and instead
enters its own coding. This code infects a file or program and if it
spreads massively, it may ultimately result in crashing of the device.

Types of computer viruses

 Boot Sector Virus

 Direct Action Virus
 Polymorphic Virus
 Macro Virus
 Overwrite Virus
 Multiparty Virus
 Memory Resident Virus
 Web Scripting Virus

How do computer viruses spread?

Viruses can be spread several ways, including via networks, discs, email
attachments or external storage devices like USB sticks. Since
connections between devices were once far more limited than today, early
computer viruses were commonly spread through infected floppy disks.

Viruses problem

Your computer may be infected if you recognize any of these malware

symptoms:

 Slow computer performance

 Erratic computer behavior

 Unexplained data loss

 Frequent computer crashes

Computer virus protection

When you arm yourself with information and resources, you’re wiser
about computer security threats and less vulnerable to threat tactics.
Take these steps to safeguard your PC with the best computer virus
protection:

 Use antivirus protection and a firewall

 Get antispyware software

 Always keep your antivirus protection and antispyware software up-

to-date

 Update your operating system regularly.

 Increase your browser security settings.

 Avoid questionable Websites.

 Only download software from sites you trust.

 Carefully evaluate free software and file-sharing applications before

downloading them.

 Don't open messages from unknown senders.

 Immediately delete messages you suspect to be spam

Encryption
Encryption is a way of scrambling data so that only authorized
parties can understand the information. In technical terms, it is the
process of converting human-readable plaintext to incomprehensible text,
also known as ciphertext. In simpler terms, encryption takes readable
data and alters it so that it appears random. Encryption requires the use
of a cryptographic key: a set of mathematical values that both the sender
and the recipient of an encrypted message agree on.

Decryption

Decryption is the process of transforming data that has been

rendered unreadable through encryption back to its unencrypted form. In
decryption, the system extracts and converts the garbled data and
transforms it to texts and images that are easily understandable not only
by the reader but also by the system. Decryption may be accomplished
manually or automatically. It may also be performed with a set of keys or
passwords.
Secret-key Cryptography

In this cryptography method (also known as symmetric-key cryptography),

the single key needed to encrypt and decrypt messages is a shared secret
between the communicating parties. The biggest problem with this
method is that the secret key must be communicated through an external
mechanism separate from the communication channel over which the
encrypted text flows. In addition, secret-key systems do not support
digital signatures. These limitations are addressed in public-key
cryptography (see separate entry).

DES

Data encryption standard (DES) has been found vulnerable to very

powerful attacks and therefore, the popularity of DES has been found
slightly on the decline. DES is a block cipher and encrypts data in blocks
of size of 64 bits each, which means 64 bits of plain text go as the input
to DES, which produces 64 bits of ciphertext. The same algorithm and
key are used for encryption and decryption, with minor differences. The
key length is 56 bits.

Public Key Encryption : Asymmetric is a form of Cryptosystem in which

encryption and decryption are performed using different keys-Public
key (known to everyone) and Private key (Secret key). This is known
as Public Key Encryption.

Required for works

 One algorithm is used for encryption and a related algorithm is used

for encryption and a related algorithm decryption with pair of keys,
one for encryption and other for decryption.
 Receiver and Sender must each have one of the matched pair of keys
(not identical)thm decryption with pair of keys, one for encryption
and other for decryption.
 Receiver and Sender must each have one of the matched pair of keys
(not identical)
Required for security

 One of the two keys must be kept secret.

 If one of the key is kept secret, it is very impossible to decipher
message.
 Knowledge of the algorithm plus one of the keys plus samples of
cipher-text must be impractical to determine the other key.

RSA

RSA algorithm is an asymmetric cryptography algorithm. Asymmetric

actually means that it works on two different keys i.e. Public
Key and Private Key. As the name describes that the Public Key is given
to everyone and the Private key is kept private.

Authentication and Authorization.

Authentication Authorization

Determines whether users are Determines what users can and

who they claim to be cannot access

Challenges the user to validate Verifies whether access is allowed

credentials (for example, through policies and rules
through passwords, answers to
security questions, or facial
recognition)

Usually done before Usually done after successful

authorization authentication

Generally, transmits info Generally, transmits info through

through an ID Token an Access Token

Generally governed by Generally governed by the OAuth

the OpenID Connect (OIDC) 2.0 framework
protocol
 Authentication Authorization

Example: Employees in a Example: After an employee

company are required to successfully authenticates, the
authenticate through the system determines what
network before accessing their information the employees are
company email allowed to access

In short, access to a resource is protected by both authentication and

authorization. If you can't prove your identity, you won't be allowed into
a resource. And even if you can prove your identity, if you are not
authorized for that resource, you will still be denied access.

Firewalls

Network security

The role of a Firewall in network security is to ensure network security

by inhibiting the external threats coming from potent sources such as
hackers and avoid any kind of connection between the two. Along with it,
it guards the internal infrastructure of the network by occluding the
viruses and malware. Such hazardous agents damage the internal
software and sometimes even disclose confidential data (such as
passwords) to potential attackers.

Computer Security

As per research, an unprotected computer system when connected to the

internet is susceptible to attack from external agencies in just the first
fifteen minutes. The role of Firewalls in computer security is crucial.
Most often, they prevent the computer systems from spam emails which
may sometimes contain Trojans and malware. Along with all the roles
mentioned before, Firewalls also prevent the computer systems by
operating as proxy servers.
Personal Firewall

Desktop Firewall or Personal Firewall is a software program intended to

prevent the single computer system connected to the internet from the
suspicious external agents. Firewall software is very useful for the users
having cable internet connections because these connections use a static
IP address which is very easily vulnerable to potential attackers.

Importance Of Firewall In E-Commerce

The business models which deal with the customers on the internet and
allow them to buy and sell things over the same require a stringent
security service. Since millions of people are involved in daily transactions
on the e-commerce website, it becomes extremely crucial for the
administrators to ensure safe transactions. If the Firewall security on
the e-commerce website is not healthy, hackers may find their way inside
the servers which may lead to loss of data, capital, and trust.

The servers of the large-scale e-commerce website must be guarded

against any kind of malicious agent. All the incoming traffic and access
must pass through the Firewall.

The importance of Firewalls in e-commerce is similar to that of its role in

organizations. It ensures safe trading transactions along with the
confidentiality of the data thereby helping the business to stay intact.

Digital signature

As the name implies, digital signatures are a modern alternative to signing

documents with pen and paper. It is a cryptographic implementation of e-
signatures used to prove data integrity, authenticity, and non-repudiation
of communication passed over the internet.

It uses an advanced mathematical technique to check the integrity and

authenticity of digital documents. It helps us overcome impersonation and
tampering with digital records by verifying that the contents of
documents are not altered.
Digital signatures are used legally and financially. They are also used as
software distribution, email service providers, and areas where digital
documents' integrity and authenticity are important.

E-Mail

Electronic mail (email or e-mail) is a method of exchanging messages

("mail") between people using electronic devices. Email was thus conceived
as the electronic (digital) version of, or counterpart to, mail, at a time
when "mail" meant only physical mail (hence e- + mail). Email later became
a ubiquitous (very widely used) communication medium, to the point that in
current use, an email address is often treated as a basic and necessary
part of many processes in business, commerce, government, education,
entertainment, and other spheres of daily life in most countries.
Email is the medium, and each message sent therewith is also called
an email.

Email Security
Email security is a term for describing different procedures and
techniques for protecting email accounts, content, and communication
against unauthorized access, loss or compromise. Email is often used to
spread malware, spam and phishing attacks. Attackers use deceptive
messages to entice recipients to part with sensitive information, open
attachments or click on hyperlinks that install malware on the victim’s
device. Email is also a common entry point for attackers looking to gain a
foothold in an enterprise network and obtain valuable company data.
Email encryption involves encrypting, or disguising, the content of email
messages to protect potentially sensitive information from being read by
anyone other than intended recipients. Email encryption often includes
authentication.