Digital Business and Information Systems Fundamentals

Posted by Anonymous and classified in Language

Written on August 20, 2025 in English with a size of 50.02 KB

E-commerce Security Requirements

E-commerce security refers to the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. Because financial transactions and sensitive information (like credit card numbers, passwords, and personal details) are involved, strong security is essential in e-commerce systems.

Key E-commerce Security Requirements:

Authentication: Ensures that the parties involved (both buyer and seller) are who they claim to be.
Authorization: Grants specific permissions to authenticated users.
Confidentiality: Ensures that data is accessible only to authorized individuals.
Integrity: Ensures that data is not altered during transmission or storage.
Non-Repudiation: Prevents parties from denying their actions.
Availability: Ensures that services and data are available when needed.
Privacy: Protects user data from unauthorized collection, use, or disclosure.
Auditability: Ability to track user activities and system events.

Information Systems: TPS, MIS, DSS, ESS Differences

Understanding the distinct roles of Transaction Processing Systems (TPS), Management Information Systems (MIS), Decision Support Systems (DSS), and Executive Support Systems (ESS) is crucial for effective organizational management.

Transaction Processing Systems (TPS)

Processes routine, daily transactions.
Used at the operational level (clerks, staff).
Handles detailed, current data.
Examples: Billing, payroll, order processing.
Supports structured decisions.
Outputs: Transaction records, receipts.

Management Information Systems (MIS)

Provides summarized reports for middle managers.
Used by middle management.
Handles summarized, periodic data.
Examples: Monthly sales reports, inventory status.
Supports structured decisions.
Outputs: Reports, summaries.

Decision Support Systems (DSS)

Supports semi-structured decision-making.
Used by senior and middle management.
Utilizes analytical models and data.
Examples: What-if analysis, forecasting.
Supports semi-structured decisions.
Outputs: Charts, simulations, interactive tools.

Executive Support Systems (ESS)

Helps top executives make strategic decisions.
Used by top-level executives.
Aggregates internal and external data.
Examples: Market trend analysis, strategic dashboards.
Supports unstructured decisions.
Outputs: Graphical dashboards, trend reports.

Wireless Network Security: Risks & E-commerce Protection

Security Risks in Wireless Networks:

Unauthorized Access: Hackers can connect to open or weakly protected Wi-Fi networks.
Eavesdropping: Attackers can intercept data being transmitted wirelessly.
Man-in-the-Middle (MitM) Attacks: An attacker intercepts and possibly alters communication between two parties.
Denial of Service (DoS): Flooding the network to make it unavailable to legitimate users.
Rogue Access Points: Fake Wi-Fi access points trick users into connecting, exposing their data.

Protection of E-commerce Transactions on Wireless Networks:

Strong Authentication: Use of strong passwords, One-Time Passwords (OTPs), biometrics, or Multi-Factor Authentication (MFA).
Use of SSL/TLS Encryption: Ensures secure communication between browser and server (HTTPS).
Virtual Private Network (VPN): Encrypts all data transmitted over the wireless network.
Firewall and Antivirus: Protects devices from unauthorized access and malware.
Secure Wi-Fi Configuration: Use WPA3 encryption, change default router settings, and hide SSID.

Pure vs. Partial E-commerce Models Explained

Pure E-commerce

In pure e-commerce, the entire business process is conducted online, including product display, ordering, payment, and delivery (especially for digital goods).

Fully digital from start to end.
Usually involves digital products or services.
Examples: Downloading an eBook from Amazon, buying music or software online and receiving it instantly through download.

Partial E-commerce

In partial e-commerce, only part of the transaction (e.g., ordering and payment) is done online, while physical delivery or service consumption is required offline.

Combination of online and offline steps.
Typically involves physical goods or services.
Examples: Ordering clothes from Flipkart or Daraz and getting them delivered by courier; booking a hotel room online but physically staying in the hotel later.

LTE (4G) vs. 3G UMTS: Key Differences

LTE (4G)

Full Name: Long Term Evolution
Generation: 4th Generation (4G)
Speed: 100 Mbps to 1 Gbps (theoretical); 10–50 Mbps (practical)
Latency: Much lower (~10–50 ms)
Access Technology: OFDMA (Orthogonal Frequency Division Multiple Access)
Switching: Fully Packet-switched (IP-based)
Voice Support: Uses VoIP (Voice over LTE) for calls

3G UMTS

Full Name: Universal Mobile Telecommunications System
Generation: 3rd Generation (3G)
Speed: Up to 2 Mbps (typical: 384 kbps to 2 Mbps)
Latency: Higher (~100–500 ms)
Access Technology: WCDMA (Wideband CDMA)
Switching: Circuit-switched + Packet-switched
Voice Support: Native voice support using circuit-switching

IDS vs. IPS: E-commerce Network Security Roles

Intrusion Detection System (IDS)

Function: Detects and alerts.
Deployment: Monitors traffic passively (out-of-band).
Action: Sends alerts to administrators for manual action.
Considerations: Can cause alert fatigue; no traffic interruption.
Response Time: Slower, depends on administrator response.

Intrusion Prevention System (IPS)

Function: Detects and blocks/prevents.
Deployment: Inline with traffic (in-band).
Action: Automatically blocks or drops malicious traffic.
Considerations: Risk of false positives may block legitimate traffic.
Response Time: Immediate, real-time response.

How IDS and IPS Complement Each Other in Securing E-commerce Networks

IDS provides continuous monitoring and detailed logging, helping identify new or subtle attacks and raising awareness. IPS acts as a frontline defense to stop attacks immediately, preventing damage or data breaches.

Together, IDS and IPS create a layered security approach for e-commerce networks: IDS detects suspicious behavior and provides insights for improvement, while IPS enforces security by blocking threats as they happen.

(Note: A diagram illustrating their complementary roles would typically show IDS monitoring traffic and alerting, while IPS is inline, actively blocking threats.)

SEO for E-commerce: Importance & Benefits

Search Engine Optimization (SEO) is the process of optimizing a website to improve its visibility and ranking on search engines like Google. This involves using relevant keywords, quality content, proper site structure, backlinks, and fast loading times.

Why SEO is Crucial for E-commerce Websites:

Increases Organic Traffic: Makes the site easier to find, attracting unpaid visitors.
Improves User Experience: Enhances navigation and content relevance, leading to better user satisfaction.
Builds Trust and Credibility: Higher search rankings often translate to greater user trust.
Boosts Sales and Conversions: Attracts potential customers actively searching for products, leading to more sales.
Reduces Advertising Costs: By attracting free, unpaid traffic, it lessens the reliance on paid advertising.

L-Commerce & E-commerce Limitations

L-Commerce (Location-Based Commerce) is a subset of e-commerce that uses mobile devices and location information to offer personalized services or products to users based on their geographic location.

Limitations and Barriers of E-commerce:

Security Concerns: Risk of fraud, hacking, and data theft.
Lack of Trust: Customers may hesitate to buy from unknown online sellers.
Payment Issues: Limited payment options or unreliable payment gateways.
Delivery Problems: Delays, damaged goods, or lack of logistics infrastructure.
Legal and Regulatory Issues: Different laws across countries create complexity.
Technology Limitations: Poor internet access or slow speeds in some regions.
Cultural Barriers: Language differences and buying habits vary by region.

ACH & Cryptography Fundamentals

a) Automated Clearing House (ACH)

ACH is an electronic network for processing financial transactions in batches. It enables direct deposits, bill payments, and fund transfers between banks efficiently and securely without paper checks.

b) Cryptography and its Types

Cryptography is the science of securing communication by converting information into unreadable formats to prevent unauthorized access.

Types of Cryptography:

Symmetric Key Cryptography: Uses the same key for both encryption and decryption (e.g., AES).
Asymmetric Key Cryptography: Uses a pair of keys (public and private) for encryption and decryption (e.g., RSA).
Hash Functions: Converts data into a fixed-size hash, used for integrity verification (e.g., SHA-256).

Bitcoin: Advantages & Disadvantages for Payments

Bitcoin is a decentralized digital cryptocurrency that allows peer-to-peer transactions without intermediaries like banks. It uses blockchain technology to ensure secure, transparent, and tamper-proof transactions.

Advantages of Using Bitcoin for Payment:

Decentralized: No central authority controls it, reducing censorship.
Low Transaction Fees: Often lower compared to traditional banking systems.
Fast International Transfers: Cross-border payments are quicker.
Privacy: Transactions can be relatively anonymous.
Security: Uses cryptography and blockchain to secure transactions.

Disadvantages of Using Bitcoin for Payment:

Price Volatility: Bitcoin’s value can fluctuate widely.
Limited Acceptance: Not all merchants accept Bitcoin.
Regulatory Uncertainty: Some countries restrict or ban its use.
Irreversible Transactions: No way to reverse mistaken or fraudulent payments.
Technical Complexity: Users need some technical knowledge to manage wallets securely.

Wireless Communication & Wi-Fi Popularity

Wireless Communication is the transfer of information between two or more points without using physical cables, relying instead on electromagnetic waves like radio waves, infrared, or microwaves.

Features of Wi-Fi that Made it Popular:

Wireless Convenience: Enables devices to connect to the internet without physical cables.
High Speed: Offers fast data transfer rates suitable for most internet activities.
Mobility: Allows users to stay connected within a range while moving freely.
Easy Installation: Simple to set up without complex wiring.
Multiple Device Support: Connects several devices simultaneously.
Cost-Effective: Reduces costs on wiring and maintenance.
Compatibility: Supported by most laptops, smartphones, and tablets.
Security Protocols: Supports encryption standards like WPA3 for secure connections.

CRM Systems: Fostering Customer Relationships

Customer Relationship Management (CRM) systems help businesses get closer to their customers by:

Centralizing Customer Data: Keeping all customer information in one place for better understanding.
Personalizing Interactions: Tailoring marketing, sales, and service based on customer preferences and history.
Improving Customer Service: Tracking customer issues and responding quickly and efficiently.
Enhancing Communication: Using emails, calls, and social media to engage customers regularly.
Analyzing Behavior: Gaining insights into buying patterns to anticipate needs and offer relevant products.
Building Loyalty: Fostering long-term relationships through targeted promotions and support.

Malware Types: Virus, Worm, and Trojan Horse

Virus

Malicious program that attaches itself to files and spreads when files are shared or executed.
Needs human action (e.g., opening an infected file) to spread.
Can corrupt files, steal data, or damage the system.
Examples: File infectors, macro viruses.

Worm

Self-replicating malware that spreads independently across networks without user action.
Spreads automatically through networks without user help.
Consumes bandwidth and resources, causing network slowdown or crashes.
Examples: SQL Slammer, Code Red.

Trojan Horse

Malware disguised as legitimate software to trick users into installing it.
Does not self-replicate; relies on the user to install it.
Creates backdoors, steals data, or damages the system stealthily.
Examples: Fake antivirus software, keyloggers disguised as applications.

Encryption & Decryption: Symmetric vs. Asymmetric Keys

Encryption is the process of converting plain, readable data (plaintext) into an unreadable format (ciphertext) using an algorithm and a key, to prevent unauthorized access.

Decryption is the reverse process, converting ciphertext back into plaintext using a key, so authorized users can read the data.

Symmetric Key Encryption:

Uses one secret key for both encryption and decryption.
Both sender and receiver must share the same key securely.
It is fast and suitable for encrypting large amounts of data.
Key management can be difficult because the key must be kept secret and shared securely.
Examples: AES (Advanced Encryption Standard), DES (Data Encryption Standard).

Asymmetric Key Encryption:

Uses a pair of keys: a public key (for encryption) and a private key (for decryption).
The public key is shared openly, but the private key is kept secret.
Allows secure communication without sharing secret keys in advance.
Slower than symmetric encryption, often used to securely exchange symmetric keys.
Examples: RSA, ECC (Elliptic Curve Cryptography).

Virtual Currency & Its Market Types

Virtual Currency is a type of digital money used within specific online communities or platforms, not issued by any central bank but accepted for online transactions.

Types of Virtual Currencies:

Cryptocurrencies: Decentralized digital currencies using blockchain technology, e.g., Bitcoin, Ethereum.
Centralized Virtual Currencies: Issued and controlled by a single organization, used within specific platforms or games, e.g., Facebook Credits, in-game currencies.
Loyalty Points: Rewards given by companies that can be used as currency within their ecosystem, e.g., airline miles, store points.
Stablecoins: Cryptocurrencies pegged to a stable asset like USD to reduce volatility, e.g., Tether (USDT), USD Coin (USDC).

E-commerce Website Promotion Strategies

To establish a strong market presence, e-commerce websites can utilize various promotion strategies:

Search Engine Optimization (SEO): Improve website ranking on search engines to attract organic traffic.
Social Media Marketing: Use platforms like Facebook, Instagram, and Twitter to engage customers and run ads.
Pay-Per-Click (PPC) Advertising: Run paid ads on Google, social media, and other platforms to drive targeted traffic.
Content Marketing: Publish blogs, videos, and informative content to provide value and attract customers.
Email Marketing: Send newsletters, offers, and personalized messages to build customer loyalty.
Affiliate Marketing: Partner with influencers or websites that promote products for a commission.
Referral Programs: Encourage existing customers to refer new customers with rewards.
Online Marketplaces: List products on platforms like Amazon, eBay to reach wider audiences.
Customer Reviews and Testimonials: Showcase positive feedback to build trust and credibility.
Mobile Optimization: Ensure the website is mobile-friendly, as many users shop via smartphones.

C2C & B2B E-commerce Models

C2C (Consumer-to-Consumer) E-commerce:

In C2C, consumers sell products or services directly to other consumers, usually via a third-party platform that facilitates the transaction.

Example: eBay, where individuals sell used goods to other individuals.

B2B (Business-to-Business) E-commerce:

In B2B, transactions happen between businesses, such as manufacturers selling to wholesalers or wholesalers selling to retailers.

Example: Alibaba, where companies buy raw materials or products in bulk from other businesses.

M-Commerce: Benefits for Business, Users, & Society

M-Commerce (Mobile Commerce) refers to buying and selling goods and services through wireless handheld devices like smartphones and tablets.

Benefits of M-Commerce:

For Organizations:

Expands market reach beyond physical stores.
Enables real-time promotions and customer engagement.
Improves operational efficiency via mobile payments and inventory management.

For Individuals:

Convenience to shop anytime, anywhere.
Access to personalized offers and location-based services.
Faster payment options like mobile wallets.

For Society:

Promotes digital inclusion by enabling remote access to services.
Supports economic growth by increasing e-commerce adoption.
Reduces environmental impact by minimizing travel for shopping.

Enterprise Applications in Organizations

Enterprise Applications are large-scale software systems that support business processes and information flow across an organization. They help improve efficiency, decision-making, and collaboration.

Usage in Organizations:

ERP (Enterprise Resource Planning): Integrates all departments (finance, HR, supply chain) into a single system for unified management.
CRM (Customer Relationship Management): Helps manage customer data, sales, and service to improve relationships and retention.
SCM (Supply Chain Management): Manages procurement, inventory, and logistics to optimize the supply chain.
Business Intelligence: Analyzes data to support strategic decisions.
Collaboration Tools: Facilitate communication and teamwork across departments and locations.

Digital Signatures: Requirements & Working

A digital signature is a cryptographic technique that verifies the authenticity and integrity of a digital message or document. It is like a handwritten signature but provides higher security by ensuring the message is from the claimed sender and has not been altered.

Requirements of Digital Signature in Secure Transactions:

Authentication: Confirms the identity of the sender.
Integrity: Ensures the message has not been altered during transmission.
Non-repudiation: Prevents the sender from denying the transaction or message.
Confidentiality: Though not directly provided by the signature, it complements encryption to protect data privacy.
Uniqueness: The signature should uniquely correspond to the signer.

How Digital Signature Works:

The sender creates a hash (digest) of the message using a hash function.
The sender encrypts the hash with their private key to create the digital signature.
The message along with the digital signature is sent to the receiver.
The receiver decrypts the digital signature using the sender’s public key to get the hash.
The receiver generates a new hash from the received message and compares it with the decrypted hash.
If both hashes match, the signature is verified, confirming message integrity and authenticity.

Cryptocurrency in Nepal & Virtual Currency Comparison

Cryptocurrency is a digital or virtual currency that uses cryptography for security and operates independently of a central bank, often based on blockchain technology.

Legal Provisions in Nepal:

The Nepal Rastra Bank (central bank) has banned cryptocurrencies like Bitcoin in Nepal.
Trading, mining, and use of cryptocurrencies are illegal and considered a financial offense.
The government has warned against using or investing in cryptocurrencies due to risks like fraud and money laundering.

Cryptocurrency vs. Virtual Currency:

Cryptocurrency:
- Decentralized, no central authority.
- Uses blockchain for transparency and security.
- Often unregulated or banned in some countries.
- Examples: Bitcoin, Ethereum.
Virtual Currency:
- Can be centralized or controlled by an entity.
- May not use blockchain, often platform-specific.
- Usually limited to specific platforms or communities.
- Examples: Facebook Credits, in-game currencies.

SEO: Importance for Website Growth

Search Engine Optimization (SEO) is the process of optimizing a website to improve its visibility and ranking on search engine results pages (SERPs) like Google, to attract organic (non-paid) traffic.

Importance of SEO for Website Growth:

Increases Visibility: Higher ranking means more people find your site.
Drives Targeted Traffic: Attracts users actively searching for relevant products or information.
Builds Credibility and Trust: Users trust sites that appear on the first page of search results.
Cost-Effective Marketing: Organic traffic reduces the need for expensive ads.
Improves User Experience: SEO best practices enhance site usability and performance.
Competitive Advantage: Staying ahead of competitors in search rankings brings more customers.
Supports Long-Term Growth: Consistent SEO efforts yield sustainable website traffic.

E-commerce Interaction Models: H2C, H2R, C2C

H2C (Human-to-Computer)

Interaction where humans provide input or commands directly to computers (e.g., filling online forms).
Example: A user entering information on a website to place an order.

H2R (Human-to-Robot)

Interaction where humans communicate with automated systems or robots to perform tasks.
Example: Using chatbots or virtual assistants for customer support.

C2C (Consumer-to-Consumer)

Transactions directly between consumers through a platform.
Example: eBay, where individuals sell items to other individuals.

E-commerce Advantages: Ubiquity, Richness, Information Density

Properties like ubiquity, richness, and information density significantly enhance e-commerce compared to traditional commerce:

Ubiquity:

E-commerce is available everywhere and anytime via the internet, unlike traditional commerce limited by physical locations and hours. This convenience increases customer reach and sales opportunities.

Richness:

E-commerce can deliver rich information through multimedia—videos, images, detailed descriptions, and interactive content—enhancing customer experience beyond what traditional stores offer.

Information Density:

E-commerce provides a large amount of accurate, timely, and detailed information (like prices, product specifications, reviews), which helps customers make better purchase decisions and reduces information asymmetry.

International Information Systems: Outsourcing & Offshoring

International Information System (IIS): An IIS is a system that manages information and communication across global operations of multinational companies, supporting international business activities.

Outsourcing:

Delegating certain business processes or IT functions to an external organization, often in the same or a different country, to reduce costs or focus on core activities.

Offshoring:

Relocating business processes or services to another country, typically to take advantage of lower labor costs, favorable regulations, or a skilled workforce.

E-commerce Security: Availability, Authentication, Authorization

Availability:

Ensures that e-commerce systems and data are accessible and usable whenever needed by legitimate users.

Enforcement: Use redundant servers, backup systems, load balancing, and protection against DoS attacks to keep websites and services up and running.

Authentication:

The process of verifying the identity of users accessing the system (e.g., customers, employees).

Enforcement: Use strong passwords, multi-factor authentication (MFA), biometrics, or digital certificates to confirm user identities.

Authorization:

Determines what resources or actions an authenticated user is allowed to access or perform.

Enforcement: Implement role-based access control (RBAC) and permissions to restrict users’ access to only what they need.

E-Checking: Mechanism & Benefits

E-Checking is an electronic payment method that allows customers to make payments directly from their bank accounts via the internet, similar to writing a paper check but in digital form.

Working Mechanism:

Customer initiates payment on the e-commerce site using their bank account details.
The payment system securely sends the transaction request to the bank.
The bank verifies the account balance and authorization.
Funds are electronically transferred from the customer’s account to the merchant’s account.
Both parties receive confirmation of payment.

E-commerce Website Design Criteria

When designing an e-commerce website, several key criteria should be considered to ensure a successful and user-friendly experience:

User-Friendly Navigation: Easy to browse categories, search products, and access information.
Responsive Design: Compatible with different devices (desktop, tablet, mobile) for seamless viewing.
Fast Loading Speed: Minimizes wait time to keep customers engaged and reduce bounce rates.
Clear Call-to-Action (CTA): Buttons like “Buy Now” or “Add to Cart” should be visible and intuitive.
Secure Payment Gateway: Ensure safe transactions with SSL encryption and trusted payment options.
Attractive and Consistent Layout: Professional and visually appealing design to build trust and brand identity.
Detailed Product Information: Include comprehensive descriptions, high-quality images, customer reviews, and specifications.
Customer Support Access: Provide easy access to help via chat, email, or phone.
Easy Checkout Process: Implement minimal steps to complete a purchase, with options like guest checkout.
SEO Friendly: Optimized for search engines to attract organic traffic.
Privacy Policy and Terms: Clearly state policies to build customer confidence and ensure legal compliance.

Wireless Communication Security Issues

Wireless communication faces several security challenges due to its open nature:

Eavesdropping: Unauthorized interception of data transmitted over wireless networks.
Unauthorized Access: Attackers connect to wireless networks without permission, possibly gaining access to sensitive information.
Man-in-the-Middle (MitM) Attacks: Intercepting and altering communication between two parties without their knowledge.
Denial of Service (DoS): Flooding the network with excessive traffic to make it unavailable to legitimate users.
Rogue Access Points: Fake wireless access points set up by attackers to trick users into connecting.
Session Hijacking: Taking control of a user’s active session to steal information or impersonate them.
Weak Encryption: Use of outdated or weak encryption protocols (like WEP) makes data vulnerable.
Device Theft: Physical loss or theft of wireless devices can lead to data breaches.

L-Commerce: Impact on Online Business & Applications

L-Commerce uses the geographic location of customers (usually through mobile devices) to provide personalized services, offers, or products based on their current or past locations. It enhances user engagement by delivering relevant and timely information.

How L-Commerce Helps Online Business:

Personalized Marketing: Sends location-specific offers, increasing the chance of purchase.
Improved Customer Engagement: Businesses can connect with customers nearby in real time.
Enhanced User Experience: Offers relevant content based on the user’s location and preferences.
Increased Sales: Drives foot traffic to physical stores via targeted promotions.
Efficient Delivery: Location data helps optimize logistics and delivery services.

Applications of L-Commerce:

Location-based advertising (e.g., coupons sent when near a store).
Navigation and local search services (e.g., finding nearby restaurants or stores).
Ride-sharing services (e.g., Uber, Lyft).
Location-aware social networking and check-ins.
Real-time tracking and delivery updates in e-commerce.

Wireless Technologies: ADSL, WiMAX, WLAN, WMAN

ADSL (Asymmetric Digital Subscriber Line)

Type: Wired broadband internet technology.
Description: Uses existing telephone lines to provide high-speed internet access. Download speed is higher than upload speed (asymmetric).
Range: Local (home/office).
Speed: Moderate (up to 24 Mbps).
Connectivity: Wired.

WiMAX (Worldwide Interoperability for Microwave Access)

Type: Wireless broadband technology.
Description: Provides high-speed internet over long distances, typically used for metropolitan area networks.
Range: Metropolitan area (~30 miles / 50 km).
Speed: High (up to 70 Mbps).
Connectivity: Wireless.

WLAN (Wireless Local Area Network)

Type: Wireless network technology.
Description: Typically used within homes, offices, and cafes. Common standard is Wi-Fi.
Range: Short range (~100 meters).
Speed: High (varies, commonly up to 600 Mbps with modern Wi-Fi).
Connectivity: Wireless.

WMAN (Wireless Metropolitan Area Network)

Type: Wireless network.
Description: Designed to cover a metropolitan area; WiMAX is one example. Other WMAN technologies may include LTE and Wi-Fi mesh networks at larger scales.
Range: Metropolitan area (~up to 50 km).
Speed: High (varies).
Connectivity: Wireless.

Contribution to E-commerce Connectivity:

WiMAX: Enables broadband internet in areas without wired infrastructure. Supports mobile internet access for businesses and customers, especially in underserved or rural areas, enhancing e-commerce reach.
WLAN: Provides local wireless internet access for devices like laptops and smartphones. Critical for customers and employees to access e-commerce platforms in shops, offices, and public spaces without cables.
WMAN: Supports wireless broadband connectivity across cities, enabling mobile commerce and internet access in public places, improving customer engagement and business operations in e-commerce.

Malware Attacks: Technical vs. Non-Technical

Technical Malware Attacks:

Exploits system/software vulnerabilities.
Uses code, scripts, or technical tools.
Examples: Viruses, worms, trojans, ransomware.
Requires technical skills (hacking, coding).
Defense: Firewalls, antivirus, patching.

Non-Technical Malware Attacks:

Exploits human behavior and trust.
Uses social engineering and deception.
Examples: Phishing, baiting, pretexting, social engineering.
Relies on psychological manipulation and communication skills.
Defense: User awareness, training, and caution.

Examples of Non-Technical Attacks:

Phishing

Description: Fake emails or messages appear to come from legitimate sources (e.g., banks, e-commerce sites).
Example: A fake email claiming to be from PayPal asks the user to click a link and "verify" their account.
Effect on E-commerce:
- Leads to stolen customer login credentials or payment information.
- Damages brand trust if attackers impersonate the company.
- Can result in financial loss and customer data breaches.

Impact on E-commerce Operations:

Customer Trust: Loss of trust can lead to reduced sales and negative reviews.
Revenue: Financial losses from fraud, chargebacks, or service disruption.
Brand Reputation: Brand may be viewed as unsafe or unreliable.

Expert Systems: Components & Characteristics

An expert system is a computer program that simulates the decision-making ability of a human expert. It provides solutions, advice, or diagnoses in specialized areas.

Components of an Expert System:

Knowledge Base: Stores facts, rules, and heuristics about the domain.
Inference Engine: Applies logical rules to the knowledge base to deduce new information or make decisions.
User Interface: Allows users to interact with the system, input data, and receive explanations or solutions.
Explanation Facility: Explains the reasoning process or how a conclusion was reached.
Knowledge Acquisition Module: Helps in updating or adding new knowledge to the system.

Characteristics of an Expert System:

Domain-Specific: Focuses on a narrow area of expertise.
Reasoning Capability: Uses inference rules to draw conclusions.
Explains Reasoning: Can explain why and how decisions are made.
User-Friendly: Provides easy interaction for non-experts.
Consistency: Gives consistent answers, unlike human experts who might vary.
Explicit Knowledge Base: Knowledge is codified and stored clearly.

Internet, Intranet, Extranet: Key Differences

Internet:

Access: Public and open to everyone.
Users: Anyone (global users).
Purpose: Global communication and information sharing.
Security: Lower (requires external security measures).
Examples: Google, YouTube.

Intranet:

Access: Private, only for internal employees.
Users: Organization members only.
Purpose: Internal communication and data sharing.
Security: High (within the organization).
Examples: Company’s HR or finance portal.

Extranet:

Access: Private, shared with trusted outsiders.
Users: Partners, vendors, or clients.
Purpose: Secure external collaboration with third parties.
Security: High with restricted access.
Examples: Supplier accessing an inventory system.

Social Networks & Social Media Types

A social network is an online platform or website that enables people to create profiles, connect with friends, family, colleagues, and share content such as messages, photos, videos, and updates.

Types of Social Media:

Social Networking Sites: Platforms focused on building personal or professional connections.
- Examples: Facebook, LinkedIn.
Microblogging Sites: Allow users to share short updates or posts.
- Examples: Twitter, Tumblr.
Media Sharing Platforms: Focused on sharing multimedia content like photos and videos.
- Examples: Instagram, YouTube, TikTok, Snapchat.
Discussion Forums: Platforms for group discussions and topic-based conversations.
- Examples: Reddit, Quora, Stack Overflow.
Bookmarking and Content Curation Sites: Users save, organize, and share content links.
- Examples: Pinterest, Flipboard.

E-commerce: Definition, Significance, & Models

E-commerce refers to the buying and selling of goods and services, or the transmitting of funds or data, over electronic networks, primarily the Internet.

Significance of E-commerce in Today's Business World:

Global Reach: Businesses can reach customers worldwide.
24/7 Availability: Shops are open round-the-clock without physical presence.
Cost Reduction: Lower costs in operations and marketing compared to traditional retail.
Convenience: Customers can shop anytime, anywhere with easy payment and delivery options.
Personalization: Data allows for tailored recommendations and targeted advertising.
Competition: Encourages innovation and better services among businesses.

Internet & E-commerce Security Requirements

Internet and e-commerce applications require robust security measures, fulfilled by various hardware and software systems:

Key Security Requirements:

Confidentiality: Protect data from unauthorized access or disclosure.
- Fulfillment: Encryption (SSL/TLS), VPNs, firewalls, access control systems.
- Example: HTTPS for secure website transactions.
Integrity: Ensure data is not altered or tampered with during transmission or storage.
- Fulfillment: Hashing algorithms, digital signatures, checksums.
- Example: SHA-256 for file verification.
Authentication: Verify the identity of users and systems.
- Fulfillment: Password systems, biometrics, Two-Factor Authentication (2FA).
- Example: OTP via SMS, fingerprint scanners.
Authorization: Grant access rights to authenticated users only.
- Fulfillment: Role-Based Access Control (RBAC), Access Control Lists (ACLs).
- Example: Admin panel restrictions.
Non-repudiation: Ensure sender or receiver cannot deny a transaction or communication.
- Fulfillment: Digital signatures, audit logs.
- Example: Signed e-contracts.

Examples in E-commerce:

SSL Certificates: Encrypt data between browser and server to maintain confidentiality.
Firewalls & IDS: Monitor and block unauthorized traffic.
Payment Gateways: Use tokenization and encryption for secure payment processing.
Authentication Systems: Allow customers to create accounts with 2FA for enhanced security.

E-commerce Security Defense Strategies

Implementing robust security defense strategies is crucial for protecting e-commerce systems from attacks and threats:

Key Strategies:

Encryption: Use SSL/TLS for secure data transmission to protect confidentiality.
Authentication & Authorization: Implement strong user authentication (password policies, Multi-Factor Authentication) and role-based access control.
Firewalls & Intrusion Detection Systems (IDS): Monitor and filter malicious traffic.
Regular Software Updates: Patch vulnerabilities promptly to close security gaps.
Secure Payment Processing: Use PCI-DSS compliant payment gateways and tokenization for sensitive financial data.
Data Backup and Recovery: Implement regular backups and disaster recovery plans to minimize data loss and ensure business continuity.
Security Awareness Training: Educate staff about phishing, social engineering, and general security best practices.
Web Application Firewalls (WAF): Protect against common web attacks like SQL injection and cross-site scripting.
Monitoring and Logging: Track user activities and system access for anomaly detection and forensic analysis.

Cashless Transactions in Nepal: Trends, Benefits, & Challenges

The use of electronic payment systems has significantly increased in Nepal in recent years, driving a trend towards cashless transactions.

Trend of Cashless Transactions in Nepal:

Rapid growth in mobile banking and e-wallets (e.g., eSewa, Khalti, IME Pay).
Increased use of digital payments for utilities, shopping, and government services.
Banks and financial institutions promote QR code payments, internet banking, and card payments.

Benefits of Digital Payment Systems and Cashless Economy:

Convenience: Quick, anytime, anywhere transactions without physical cash handling.
Cost Efficiency: Reduced costs in printing, transporting, and managing cash.
Transparency: Easier to track and audit transactions, reducing corruption and tax evasion.
Financial Inclusion: Provides access to banking for unbanked populations via mobile devices.
Economic Growth: Facilitates e-commerce, SME growth, and formalization of the economy.

Downsides/Challenges:

Digital Divide: Limited access in rural/remote areas with poor internet or tech literacy.
Cybersecurity Risks: Increased vulnerability to fraud, hacking, and identity theft.
Transaction Failures: Technical glitches can disrupt payments.
Dependence on Infrastructure: Requires stable electricity and internet, which can be inconsistent.
Privacy Concerns: Risk of misuse of personal data if not properly regulated.

Supply Chain Management (SCM) & Nike Example

SCM (Supply Chain Management) is the management of the flow of goods and services from raw materials to finished products delivered to the customer. It involves planning, sourcing, manufacturing, logistics, and coordination among suppliers and distributors.

Supply Chain Management of Nike Sneakers:

Sourcing: Nike sources components like laces, eyelets, uppers, and soles from different suppliers worldwide.
Manufacturing: These parts are sent to factories where sneakers are assembled.
Quality Control: Inspections ensure components and finished shoes meet standards.
Distribution: Finished sneakers are shipped to warehouses, then to retail stores or directly to customers.
Inventory Management: Nike tracks stock levels to avoid overstocking or shortages.
Customer Delivery: Sneakers reach the end consumer through retail outlets or e-commerce channels.

I-Way (Information Superhighway) & Components

I-Way (Information Superhighway) refers to a global communication system that provides high-speed access to a wide range of information and services via networks like the Internet.

Components of I-Way:

Users: Individuals, businesses, or organizations accessing the network.
Networks: The infrastructure (Internet, intranets, extranets) connecting users and services.
Gateways: Devices or software enabling communication between different networks or protocols.
Servers: Machines hosting data, applications, and services accessible via the network.
Services: Applications like email, web browsing, video conferencing, and online transactions.
Access Devices: Devices like computers, smartphones, and tablets used to connect to the I-Way.

SEO Cycle & Role of Bots

SEO is the process of improving a website’s visibility and ranking in search engine results to attract organic (non-paid) traffic.

Cycle of SEO:

Keyword Research: Identify relevant search terms customers use.
On-Page Optimization: Optimize content, meta tags, headings, and images with keywords.
Technical SEO: Improve site speed, mobile-friendliness, sitemap, robots.txt, and URL structure.
Content Creation: Develop high-quality, relevant content regularly.
Link Building: Gain backlinks from reputable websites to increase authority.
Monitoring & Analysis: Track rankings, traffic, and user behavior using tools like Google Analytics.
Adjustment: Refine SEO strategy based on data and algorithm changes.

Use of Bots in SEO:

Search Engine Crawlers (Bots): Automated programs used by search engines (like Googlebot) to scan and index web pages.
Role in SEO: They analyze website content, follow links, evaluate site structure and load times, which affect rankings.
Webmaster Tools: Site owners use bots for site audits and indexing requests.
SEO Bots: Some SEO tools use bots to simulate search engine behavior for analysis and competitor research.

Related entries:

Tags: