Chapter SevenChapter Seven

E-Business RisksE-Business Risks

E-Business Model EvolutionE-Business Model Evolution

EDIEDI Web pagesWeb pages The online environmentThe online environment Distributed e-business and intranetsDistributed e-business and intranets Supply chain linkageSupply chain linkage Collaborative business (e.g., Web Services)Collaborative business (e.g., Web Services)

E-Business Protocols, Software, E-Business Protocols, Software, and Hardwareand Hardware

TCP/IPTCP/IP IP addressesIP addresses Client/server architecturesClient/server architectures

1 - 4

Internet Communication StandardsInternet Communication StandardsLayer Common Standards

5. Application layerHTTP, HTML (Web)IMAP, POP (e-mail)

4. Transport layerTCP

3. Network layer IP

2. Data link layerEthernet (LAN)PPP (dial-up via modem for MAN)

1. Physical layerCategory 5 twisted pair (LAN)Fiber optic cable (WAN)

The Languages of E-BusinessThe Languages of E-Business

HTMLHTML XMLXML XBRLXBRL ebXMLebXML

PrivacyPrivacy

Privacy vs confidentialityPrivacy vs confidentiality Privacy and security trade-offsPrivacy and security trade-offs Privacy policiesPrivacy policies Internet tracking toolsInternet tracking tools

Information System Security Information System Security and Availabilityand Availability

General network and telecommunications General network and telecommunications risks and controlsrisks and controls

Encryption – SSL, SET, S-HTTPEncryption – SSL, SET, S-HTTP Securing electronic paymentsSecuring electronic payments Securing the web serverSecuring the web server System availability and reliabilitySystem availability and reliability

Transaction Integrity and Transaction Integrity and Business PoliciesBusiness Policies

The integrity of transactions – complete, The integrity of transactions – complete, accurate, timely, authorizedaccurate, timely, authorized

Repudiation – origin and reception non-Repudiation – origin and reception non-repudiationrepudiation

Digital signatures and digital certificatesDigital signatures and digital certificates Electronic audit trailsElectronic audit trails

Specialized E-Business Specialized E-Business ApplicationsApplications

Electronic Data Interchange (EDI) – VAN Electronic Data Interchange (EDI) – VAN vs web-basedvs web-based

Collaborative CommerceCollaborative Commerce E-Mail Security and Privacy – spamming, E-Mail Security and Privacy – spamming,

spoofing, and e-mail policies and controlsspoofing, and e-mail policies and controls

Managing Third Party ProvidersManaging Third Party Providers

Third-party services – ISP’s, ASP’s, Third-party services – ISP’s, ASP’s, certificate authorities, and electronic certificate authorities, and electronic payment providerspayment providers

Independent evaluations of third partiesIndependent evaluations of third parties

Third Party Assurance ServicesThird Party Assurance Services

CPA Trust engagements CPA Trust engagements TRUSTeTRUSTe BBB OnlineBBB Online Veri-SignVeri-Sign