Cloud Computing 95 Activity Generated There is a large amount of data being generated by machines which surpasses the data volume generated by humans. These include data from medical devices, censor data, surveillance videos, satellites, cell phone towers, industrial machinery, and other data generated by machines. These types of data are referred to as Activity Generated data. Public Data This data includes data that is publicly available like data published by governments, research data published by research institutes, data from weather and meteorological departments, census data, Wikipedia, sample open source data feeds, and other data which is freely available to the public. This type of publicly accessible data is referred to as Public Data. Archives Organizations archive a lot of data which is either not required anymore or is very rarely required. In today’s world, with hardware getting cheaper, no organization wants to discard any data, they want to capture and store as much data as possible. Other data that is archived includes scanned documents, scanned copies of agreements, records of ex-employees/completed projects, banking transactions older than the compliance regulations. This type of data, which is less frequently accessed, is referred to as Archive Data. 3.10 Types of Big Data Types of data frequently associated with Big Data analytical projects include web data, industry specific transaction data, machine generated/sensor data and text. Big Data could be found in three forms: 1. Structured 2. Unstructured 3. Semi-structured CU IDOL SELF LEARNING MATERIAL (SLM)
96 Internet Computing and Ethics 1. Structured Any data that can be stored, accessed and processed in the form of fixed format is termed as a ‘structured’ data. Over the period of time, talent in computer science have achieved greater success in developing techniques for working with such kind of data (where the format is well known in advance) and also deriving value out of it. However, nowadays, we are foreseeing issues when size of such data grows to a huge extent, typical sizes are being in the range of multiple zettabytes. Looking at these figures one can easily understand why the name ‘Big Data’ is given and imagine the challenges involved in its storage and processing. Data stored in a relational database management system is one example of a ‘structured’ data. An ‘Employee’ table in a database is an example of structured data. Employee_Id Employee_Name Gender Department Salary_in_Lacs 2365 Nimesh Kulkarni Male Finance 650000 3398 Pooja Joshi Female Admin 650000 7465 Manoranjan Roy Male Admin 500000 7500 Shashank Das Male Finance 500000 7699 Priya Rana Female Finance 550000 2. Unstructured Any data with unknown form or the structure is classified as unstructured data. In addition to the size being huge, unstructured data poses multiple challenges in terms of its processing for deriving value out of it. Typical example of unstructured data is, a heterogeneous data source containing a combination of simple text files, images, videos, etc. Nowadays, organizations have wealth of data available with them but unfortunately they don’t know how to derive value out of it since this data is in its raw form or unstructured format. Example of unstructured data is the output returned by ‘Google Search’. CU IDOL SELF LEARNING MATERIAL (SLM)
Cloud Computing 97 3. Semi-Structured Semi-structured data can contain both the forms of data. We can see semi-structured data as a structured in form but it is actually not defined with e.g., a table definition in relational DBMS. Example of semi-structured data is a data represented in XML file. Personal data stored in a XML file <rec><name>Nidhi Arora</name> <sex>female</sex> <age>35</age></rec> <rec><name>Nithya Namboodri</name> <sex>female</sex> <age>24</age></rec> <rec><name>Helly Shah</name> <sex>female</sex> <age>23</age></rec> <rec><name>Gaurav Mistry</name> <sex>male</sex> <age>25</age></rec> <rec><name>Sarvadip Vaishnav</name> <sex>male</sex> <age>28</age></rec> Please note that web application data, which is unstructured, consists of log files, transaction history files etc. OLTP systems are built to work with structured data wherein data is stored in relations (tables). CU IDOL SELF LEARNING MATERIAL (SLM)
98 Internet Computing and Ethics 3.11 Big Data Challenges The handling of big data is very complex. Some challenges faced during its integration include uncertainty of data Management, big data talent gap, getting data into a big data structure, syncing across data sources, getting useful information out of the big data, volume, skill availability, solution cost etc. 1. The Uncertainty of Data Management: One disruptive facet of big data management is the use of a wide range of innovative data management tools and frameworks whose designs are dedicated to supporting operational and analytical processing. The NoSQL (not only SQL) frameworks are used that differentiate it from traditional relational database management systems and are also largely designed to fulfil performance demands of big data applications such as managing a large amount of data and quick response times. There are a variety of NoSQL approaches such as hierarchical object representation (such as JSON, XML and BSON) and the concept of a key-value storage. The wide range of NoSQL tools, developers and the status of the market are creating uncertainty with the data management. 2. Talent Gap in Big Data: It is difficult to win the respect from media and analysts in tech without being bombarded with content touting the value of the analysis of big data and corresponding reliance on a wide range of disruptive technologies. The new tools evolved in this sector can range from traditional relational database tools with some alternative data layouts designed to maximize access speed while reducing the storage footprints, NoSQL data management frameworks, in-memory analytics, and as well as the hadoop system. The reality is that there is a lack of skills available in the market for big data technologies. The typical expert has also gained experience through tool implementation and its use as a programming model, apart from the big data management aspects. 3. Getting Data into Big Data Structure: It might be obvious that the intent of a big data management involves analyzing and processing a large amount of data. There are many people who have raised expectations considering analyzing huge data sets for a big data platform. They also may not be aware of the complexity behind the transmission, access, CU IDOL SELF LEARNING MATERIAL (SLM)
Cloud Computing 99 and delivery of data and information from a wide range of resources and then loading these data into a big data platform. The intricate aspects of data transmission, access and loading are only part of the challenge. The requirement to navigate transformation and extraction is not limited to conventional relational data sets. 4. Syncing Across Data Sources: Once you import data into big data platforms you may also realize that data copies migrated from a wide range of sources on different rates and schedules can rapidly get out of the synchronization with the originating system. This implies that the data coming from one source is not out of date as compared to the data coming from another source. It also means the commonality of data definitions, concepts, metadata and the like. The traditional data management and data warehouses, the sequence of data transformation, extraction and migrations all arise the situation in which there are risks for data to become unsynchronized. 5. Extracting Information from the Data in Big Data Integration: The most practical use cases for big data involve the availability of data, augmenting existing storage of data as well as allowing access to end-user employing business intelligence tools for the purpose of the discovery of data. This business intelligence must be able to connect different big data platforms and also provide transparency of the data consumers to eliminate the requirement of custom coding. At the same time, if the number of data consumers grow, then one can provide a need to support an increasing collection of many simultaneous user accesses. This increment of demand may also spike at any time in reaction to different aspects of business process cycles. It also becomes a challenge in big data integration to ensure the right-time data availability to the data consumers. 6. Miscellaneous Challenges: Other challenges may occur while integrating big data. Some of the challenges include integration of data, skill availability, solution cost, the volume of data, the rate of transformation of data, veracity and validity of data. The ability to merge data that is not similar in source or structure and to do so at a reasonable cost and in time. It is also a challenge to process a large amount of data at a reasonable speed so that information is available for data consumers when they need it. The CU IDOL SELF LEARNING MATERIAL (SLM)
100 Internet Computing and Ethics validation of data set is also fulfilled while transferring data from one source to another or to consumers as well. This is all about the big data integration and some challenges that one can face during the implementation. These points must be considered and should be taken care of if you are going to manage any big data platform. 3.12 Approach – Big Data Analytic Applications Many analytic applications have emerged around structured and multi-structured data. The following table also shows some examples of industry use cases for Big Data Analytics. Table 3.1: Industry and its Use Cases Industry Use Case Financial Services Improved risk decisions “Know your customer” 360° customer insight Fraud Detection Programmatic Trading Insurance Driver Behaviour analysis (smart box) Broker Document analysis to deepen insight on insured risks to improve risk management HealthCare Medical Records analytics to understand why patients are being re-admitted Disease surveillance Genomics Manufacturing ‘Smart’ product usage and health monitoring Improved customer service by analysing service records Field service optimization Production and distribution optimization by relating reported service problems to detect early warnings in product quality and by analysing sensor data Oil and Gas Sensor data analysis in wells, rigs and in pipelines for health and safety, risk, cost management, production optimization Telecommunications Network analytics and optimization from device, sensor and GPS inputs to enhance social networking and promotion opportunities Utilities Smart meter data analyses, grid optimization, customer insight from social networks Web data, sensor data and text data have emerged as popular data sources for big data analytical projects. CU IDOL SELF LEARNING MATERIAL (SLM)
Cloud Computing 101 3.13 Summary Cloud computing is the availability of computing resources and services over the internet. In other words, cloud computing allows you to use resources and services online instead of having to build and maintain the infrastructures necessary. Cloud computing has many benefits. For one, it works on a pay-for-use basis. This means that you only pay for resources that you are using and only spend exactly as much as you need, not a penny more. Secondly, something that is very appealing is the elasticity of the resources. You can increase or decrease your usage any time you want depending of your need of that resource. A third aspect of cloud computing is that services previously provided by IT administrators will be accessible to any user at any time. Cloud computing has following characteristics: 1) On-demand self-service, 2) Broad network access, 3) Resource pooling, 4) Rapid elasticity and 5) Measured service. Cloud has different models depends on scope private cloud, public cloud and hybrid cloud. Big Data Analytics is about analytical workloads that are associated with some combination of data volume, data velocity and data variety that may include complex analytics and complex data types. Big data 4 Vs of Volume, Velocity, Variety and Variability are commonly used to categories different aspects of big data. They are a helpful lens through which to view and understand the nature of the data and the software platforms that is available to exploit them. Big data has 3 types – structured, semi-structured, non-structured. Following are sources of big data: Enterprise Data, Transactional Data, Social Media, Activity Generated, Public Data, Archives. 3.14 Key Words/Abbreviations Big data: Big data is a term that describes the large volume of data – both structured and unstructured – that inundates a business on a day-to-day basis. Resource Pooling: Resource pooling is an IT term used in cloud computing environments to describe a situation in which providers serve multiple clients, customers or “tenants” with provisional and scalable services. CU IDOL SELF LEARNING MATERIAL (SLM)
102 Internet Computing and Ethics IAAS: Infrastructure as a Service PAAS: Platform as a Service SAAS: Software as a Service 3.15 Learning Activity 1. Explain types of Big-Data. ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 2. Explain Service Models of cloud computing. ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 3.16 Unit End Questions (MCQ and Descriptive) A. Descriptive Types Questions 1. What is cloud computing? 2. Mention the activities of different types of activities involved and safety involved. 3. Compare and contrast different types of cloud. 4. What is the difference between cloud and Internet? 5. Explain the open challenges of cloud computing. 6. What is Big Data? 7. What are different types of Big data? 8. Explain different characteristics of Big data. 9. What are sources of big data? 10. Explain Big data challenges 11. List out various applications of Big data. 12. Categorize various cloud computing services. Give examples of SAAS services. CU IDOL SELF LEARNING MATERIAL (SLM)
Cloud Computing 103 13. Compare SAAS and PAAS and their characteristics 14. Elucidate with examples the different services offered by various cloud companies B. Multiple Choice/Objective Type Questions 1. ________ can be defined as a software that is deployed on a host service and is accessible via Internet which is highly scalable and offered as services. (a) SaaS (b) IaaS (c) PaaS (d) Paas 2. ________ is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. (a) SaaS (b) IaaS (c) PaaS (d) Paas 3. ___________ is a way to rent hardware, operating systems, storage and network capacity over the Internet (a) SaaS (b) IaaS (c) PaaS (d) Paas 4. _________ Cloud is a mixture of public and private clouds. (a) Public (b) Private (c) Community (d) Hybrid 5. Data which is less frequently accessed, is referred to as __________ Data. (a) Active (b) Archive (c) Public (d) Social Answers 1. (a), 2. (b), 3. (c), 4. (d), 5. (b) 3.17 References 1. https://apprenda.com/library/cloud/introduction-to-cloud-computing/ 2. http://www.contrib.andrew.cmu.edu/~warda/cloudcomp.pdf 3. “Cloud computing- A Practical Approach” by Toby Velte. CU IDOL SELF LEARNING MATERIAL (SLM)
104 Internet Computing and Ethics UNIT 4 INTERNET SECURITY Structure: 4.0 Learning Objectives 4.1 Introduction 4.2 Internet Security 4.3 Privacy Versus Security 4.4 Ethical Issues 4.5 Cybercrime 4.6 Types of Cybercrimes 4.7 Cyber Law 4.8 Virus: Introduction 4.9 Types of Virus 4.10 Detection 4.11 Malware 4.12 Summary 4.13 Key Words/Abbreviations 4.14 Learning Activity 4.15 Unit End Questions (MCQ and Descriptive) 4.16 References CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 105 4.0 Learning Objectives After studying this unit, you will be able to: Describe the basics of internet security and ethical issues Define cybercrime and how they are categorized Explain virus, their types and how to detect them Define malwares and their types 4.1 Introduction Internet security is a catch-all term for a very broad issue covering security for transactions made over the Internet. Generally, Internet security encompasses browser security, the security of data entered through a Web form, and overall authentication and protection of data sent via Internet Protocol. Cybercrime is “acts that are punishable by the Information Technology Act” would be unsuitable as the Indian Penal Code also covers many cybercrimes, such as email spoofing and cyber defamation, sending threatening emails etc. A simple yet sturdy definition of cybercrime would be “unlawful acts wherein the computer is either a tool or a target or both”. 4.2 Internet Security Internet security is a branch of computer security that deals specifically with internet-based threats. These include hacking, where unauthorized users gain access to computer systems, email accounts or websites; viruses and other malicious software (malware), which can damage data or make systems vulnerable to other threats; and identity theft, where hackers steal personal details such as credit card numbers and bank account information. You can protect yourself from these threats with strong internet security. Internet security relies on particular resources and criteria for safeguarding the data that is communicated or transferred online. The safeguarding techniques include different kinds of encryption such as Pretty Good Privacy (PGP). Besides, the other features of a secure Web setup CU IDOL SELF LEARNING MATERIAL (SLM)
106 Internet Computing and Ethics can include firewalls that prevent undesired traffic, and anti-spyware, anti-malware, and anti-virus programs that work from particular networks or devices to watch online traffic for malicious attachments. 4.3 Privacy Versus Security Privacy Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing. Internet privacy is the privacy and security level of personal data published via the Internet. It is a broad term that refers to a variety of factors, techniques and technologies used to protect sensitive and private data, communications, and preferences. Security Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats. This defense includes detection, prevention and response to threats through the use of security policies, software tools and IT services. Privacy Versus Security Privacy is often defined as having the ability to protect sensitive information about personally identifiable information, while protection is really a security component. Others define it as the right to be left alone. Still, this doesn’t cover today’s privacy in a data-centric world, hence the confusion. In the industry, privacy really focuses on the following concepts: What data should be collected? What are the permissible uses? With whom might it be shared? CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 107 How long should the data be retained? What granular access control model is appropriate? We typically define security as the protection against unauthorized access, with some including explicit mention of integrity and availability. Security controls are put in place to control who can access the information, while privacy is more granular, controlling what and when they can access specific data. For example, if you bank with a national financial institution, all of the tellers in the country may be provisioned (i.e., granted security access) to access your account detail. This provides the flexibility for you, the customer, to visit a branch in your hometown, a branch on the west coast during a business trip or a Florida branch when vacationing. But privacy is another layer. While the teller may be provisioned to view all customers’ account detail, privacy only allows access when a business need exists; such as a customer walking into a branch in another city to access their accounts. But privacy disallows that same teller viewing their neighbours account balance or perhaps the balance of a famous person, just because they are interested – despite their access privileges granting them access. 4.4 Ethical Issues Most ethical and legal issues in computer system are in the area of individual’s right to privacy versus the greater good of a larger entity i.e. a company or a society. For example, tracking how employees use computers, crowd surveillance, managing customer profiles, tracking a person’s travel with passport and so on. A key concept in resolving this issues is to find out, what is a person’s expectation of privacy. Classically, the ethical issues in security system are classified into following 4 categories: Privacy: This deals with the right of an individual to control personal information. It is the protection of personal or sensitive information. Privacy is subjective. Different people have different ideas of what privacy is and how much privacy they will trade for safety or convenience. Accuracy: This talks about the responsibility for the authenticity, fidelity an accuracy of the information. Property: This determines who the owner of the information is and who controls access. CU IDOL SELF LEARNING MATERIAL (SLM)
108 Internet Computing and Ethics Accessibility: This deals with the issue of the type of information, an organization has the right to collect. And in that situation, it also expects to know the measures which will safeguard against any unforeseen eventualities. When dealing with legal issues, we need to remember that there is hierarchy of regulatory bodies that govern the legality of information security. 4.5 Cybercrime Cybercrime is any criminal activity that involves a computer, networked device or a network. While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them, while others use computers or networks to spread malware, illegal information, images or other materials. Some cybercrimes do both -- i.e., target computers to infect them with viruses, which are then spread to other machines and, sometimes, entire networks. A primary impact from cybercrime is financial, and cybercrime can include many different types of profit-driven criminal activity, including ransomware attacks, email and internet fraud and identity fraud, as well as attempts to steal financial account, credit card or other payment card information. Cybercriminals may target private personal information, as well as corporate data for theft and resale. 4.6 Types of Cybercrimes Cybercrime ranges across a spectrum of activities. At one end are crimes that involve fundamental breaches of personal or corporate privacy, such as assaults on the integrity of information held in digital depositories and the use of illegally obtained digital information to blackmail a firm or individual. Also at this end of the spectrum is the growing crime of identity theft. Midway along the spectrum lie transaction-based crimes such as fraud, trafficking in child pornography, digital piracy, money laundering, and counterfeiting. These are specific crimes with specific victims, but the criminal hides in the relative anonymity provided by the Internet. CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 109 Here are common types of attacks cybercriminals have been known to use: Distributed DoS attacks (DDoS) are often used to shut down systems and networks. This type of attack uses a network’s own communications protocol against it by overwhelming its ability to respond to connection requests. DoS attacks are sometimes carried out simply for malicious reasons or as part of a cyberextortion scheme, but they may also be used to distract the victim organization from some other attack or exploit carried out at the same time. Infecting systems and networks with malware is used to damage the system or harm users by, for example, damaging the system, software or data stored on the system. Ransomware attacks are similar, but the malware acts by encrypting or shutting down victim systems until a ransom is paid. Phishing campaigns are used to infiltrate corporate networks by sending fraudulent email to users in an organization, enticing them to download attachments or click on links that then spread viruses or malware to their systems and through their systems to their company’s networks. Credentials attacks, where the cybercriminal aims to steal or guess user IDs and passwords for the victim’s systems or personal accounts, can be carried out through the use of brute force attacks by installing key sniffer software or by exploiting vulnerabilities in software or hardware that can expose the victim’s credentials. Cybercriminals may also attempt to hijack a website to change or delete content or to access or modify databases without authorization. For example, an attacker may use an SQL injection exploit to insert malicious code into a website, which can then be used to exploit vulnerabilities in the website’s database, enabling a hacker to access and tamper with records or gain unauthorized access to data, such as customer passwords, credit card numbers, personally identifiable information (PII), trade secrets, intellectual property and other sensitive information. Cybercriminals often carry out their activities using malware and other types of software, but social engineering is often an important component for executing most types of CU IDOL SELF LEARNING MATERIAL (SLM)
110 Internet Computing and Ethics cybercrime. Phishing email is an important component to many types of cybercrime, but especially so for targeted attacks, like business email compromise (BEC), in which the attacker attempts to impersonate, via email, a business owner in order to convince employees to pay out bogus invoices. 4.7 Cyber Law Cyber Law also called IT Law is the law regarding Information-technology including computers and internet. It is related to legal informatics and supervises the digital circulation of information, software, information security and e-commerce. IT law does not consist a separate area of law rather it encloses aspects of contract, intellectual property, privacy and data protection laws. Intellectual property is a key element of IT law. The area of software licence is controversial and still evolving in Europe and elsewhere. According to Ministry of Electronic and Information Technology, Government of India: Importance of Cyber Law 1. It covers all transaction over internet. 2. It keeps eyes on all activities over internet. 3. It touches every action and every reaction in cyberspace. Area of Cyber Law Cyber laws contain different types of purposes. Some laws create rules for how individuals and companies may use computers and the internet while some laws protect people from becoming the victims of crime through unscrupulous activities on the internet. The major areas of cyber law include: 1. Fraud: Consumers depend on cyber laws to protect them from online fraud. Laws are made to prevent identity theft, credit card theft and other financial crimes that happen online. A person who commits identity theft may face confederate or state criminal charges. They might also encounter a civil action brought by a victim. Cyber lawyers work to both defend and prosecute against allegations of fraud using the internet. CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 111 2. Copyright: The internet has made copyright violations easier. In early days of online communication, copyright violations was too easy. Both companies and individuals need lawyers to bring actions to impose copyright protections. Copyright violation is an area of cyber law that protects the rights of individuals and companies to profit from their own creative works. 3. Defamation: Several personnel use the internet to speak their mind. When people use the internet to say things that are not true, it can cross the line into defamation. Defamation laws are civil laws that save individuals from fake public statements that can harm a business or someone’s personal reputation. When people use the internet to make statements that violate civil laws, that is called Defamation law. 4. Harassment and Stalking: Sometimes online statements can violate criminal laws that forbid harassment and stalking. When a person makes threatening statements again and again about someone else online, there is violation of both civil and criminal laws. Cyber lawyers both prosecute and defend people when stalking occurs using the internet and other forms of electronic communication. 5. Freedom of Speech: Freedom of speech is an important area of cyber law. Even though cyber laws forbid certain behaviours online, freedom of speech laws also allow people to speak their minds. Cyber lawyers must advise their clients on the limits of free speech including laws that prohibit obscenity. Cyber lawyers may also defend their clients when there is a debate about whether their actions consist of permissible free speech. 6. Trade Secrets: Companies doing businesses online often depend on cyber laws to protect their trade secrets. For example, Google and other online search engines spend lots of time developing the algorithms that produce search results. They also spend a great deal of time developing other features like maps, intelligent assistance and flight search services to name a few. Cyber laws help these companies to take legal action as necessary in order to protect their trade secrets. 7. Contracts and Employment Law: Every time you click a button that says you agree to the terms and conditions of using a website, you have used cyber law. There are terms and conditions for every website that are somehow related to privacy concerns. CU IDOL SELF LEARNING MATERIAL (SLM)
112 Internet Computing and Ethics Advantages of Cyber Law Organizations are now able to carry out e-commerce using the legal infrastructure provided by the Act. Digital signatures have been given legal validity and sanction in the Act. It has opened the doors for the entry of corporate companies for issuing Digital Signatures Certificates in the business of being Certifying Authorities. It allows Government to issue notification on the web thus heralding e-governance. It gives authority to the companies or organizations to file any form, application or any other document with any office, authority, body or agency owned or controlled by the suitable Government in e-form by means of such e-form as may be prescribed by the suitable Government. The IT Act also addresses the important issues of security, which are so critical to the success of electronic transactions. 4.8 Virus: Introduction Definition: A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and performs malicious actions. A computer virus is a program that spreads between computers by hiding itself within a – seemingly innocent – document or application. A worm, on the other hand, is a program that replicates and travels without “infecting” anything else on a system. Many modern specimens of malevolent code, however, use a mixture of tricks to cheat their way onto computer systems, blurring the line between worms and viruses. The terms are now often used interchangeably. The term ‘computer virus’ was first formally defined by Fred Cohen in 1983. Computer viruses never occur naturally. They are always induced by people. Once created and released, however, their diffusion is not directly under human control. After entering a computer, a virus attaches itself to another program in such a way that execution of the host program triggers the CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 113 action of the virus simultaneously. It can self-replicate, inserting itself onto other programs or files, infecting them in the process. Not all computer viruses are destructive though. However, most of them perform actions that are malicious in nature, such as destroying data. 4.9 Types of Virus A computer virus is one type of malware that inserts its virus code to multiply itself by altering the programs and applications. The computer gets infected through the replication of malicious code. Computer viruses come in different forms to infect the system in different ways. Some of the most common viruses are, 1. Boot Sector Virus 2. Direct Action Virus 3. Resident Virus 4. Multipartite Virus 5. Polymorphic Virus 6. Overwrite Virus 7. Spacefiller Virus Boot Sector Virus – This type of virus infects the master boot record and it is challenging and a complex task to remove this virus and often requires the system to be formatted. Mostly it spreads through removable media. Direct Action Virus – This is also called non-resident virus, it gets installed or stays hidden in the computer memory. It stays attached to the specific type of files that it infect. It does not affect the user experience and system’s performance. Resident Virus – Unlike direct action viruses, resident viruses get installed on the computer. It is difficult to identify the virus and it is even difficult to remove a resident virus. Multipartite Virus – This type of virus spreads through multiple ways. It infects both the boot sector and executable files at the same time. CU IDOL SELF LEARNING MATERIAL (SLM)
114 Internet Computing and Ethics Polymorphic Virus – These type of viruses are difficult to identify with a traditional anti- virus program. This is because the polymorphic viruses alters its signature pattern whenever it replicates. Overwrite Virus – This type of virus deletes all the files that it infects. The only possible mechanism to remove is to delete the infected files and the end-user has to lose all the contents in it. Identifying the overwrite virus is difficult as it spreads through emails. Spacefiller Virus – This is also called “Cavity Viruses”. This is called so as they fill up the empty spaces between the code and hence does not cause any damage to the file. #File infectors: Few file infector viruses come attached with program files, such as .com or .exe files. Some file infector viruses infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files. Consequently, when the particular program is loaded, the virus is also loaded. Besides these, the other file infector viruses come as a completely included program or script sent in email attachments. #Macro viruses: As the name suggests, the macro viruses particularly target macro language commands in applications like Microsoft Word. The same is implied on other programs too. In MS Word, the macros are keystrokes that are embedded in the documents or saved sequences for commands. The macro viruses are designed to add their malicious code to the genuine macro sequences in a Word file. However, as the years went by, Microsoft Word witnessed disabling of macros by default in more recent versions. Thus, the cybercriminals started to use social engineering schemes to target users. In the process, they trick the user and enable macros to launch the virus. Since macro viruses are making a comeback in the recent years, Microsoft quickly retaliated by adding a new feature in Office 2016. The feature enables security managers to selectively enable macro use. As a matter of fact, it can be enabled for trusted workflows and blocked if required across the organization. CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 115 #Overwrite Viruses: The virus design purpose tends to vary and Overwrite Viruses are predominantly designed to destroy a file or application’s data. As the name says it all, the virus after attacking the computer starts overwriting files with its own code. Not to be taken lightly, these viruses are more capable of targeting specific files or applications or systematically overwrite all files on an infected device. On the flipside, the overwrite virus is capable of installing a new code in the files or applications which programs them to spread the virus to additional files, applications, and systems. #Polymorphic Viruses: More and more cybercriminals are depending on the polymorphic virus. It is a malware type which has the ability to change or mutate its underlying code without changing its basic functions or features. This helps the virus on a computer or network to evade detection from many antimalware and threat detection products. Since virus removal programs depend on identifying signatures of malware, these viruses are carefully designed to escape detection and identification. When a security software detects a polymorphic virus, the virus modifies itself thereby, it is no longer detectable using the previous signature. #Resident Viruses: The Resident virus implants itself in the memory of a computer. Basically, the original virus program is not required to infect new files or applications. Even when the original virus is deleted, the version stored in memory can be activated. This happens when the computer OS loads certain applications or functions. The resident viruses are troublesome due to the reason they can run unnoticed by antivirus and antimalware software by hiding in the system’s RAM. #Rootkit Viruses: The rootkit virus is a malware type which secretly installs an illegal rootkit on an infected system. This opens the door for attackers and gives them full control of the system. The attacker will be able to fundamentally modify or disable functions and programs. Like other sophisticated CU IDOL SELF LEARNING MATERIAL (SLM)
116 Internet Computing and Ethics viruses, the rootkit virus is also created to bypass antivirus software. The latest versions of major antivirus and antimalware programs include rootkit scanning. #System or Boot-record Infectors: The Boot-record Infectors infect executable code found in specific system areas on a disk. As the name implies, they attach to the USB thumb drives and DOS boot sector on diskettes or the Master Boot Record on hard disks. Boot viruses are no more common these days as the latest devices rely less on physical storage media. There are some other type of viruses: Viruses and Worms A computer virus is a program that spreads between computers by hiding itself within a – seemingly innocent – document or application. A worm, on the other hand, is a program that replicates and travels without “infecting” anything else on a system. Many modern specimens of malevolent code, however, use a mixture of tricks to cheat their way onto computer systems, blurring the line between worms and viruses. The terms are now often used interchangeably. The first worms appeared in the 1970s and spread slowly between computers connected to the same network. They simply displayed an annoying message on the screen of each infected machine. The first computer virus, called Elk Cloner, was written in 1982 and infected computers via floppy disks. Trojans and Zombies But viruses and worms no longer just provide a way for malevolent hackers to gain notoriety. Today’s viral code can contaminate computers at lightning speed, spreading via email, peer-to- peer file-sharing networks and even instant messaging programs. The most successful ones cause serious damage, forcing companies around the globe to close down while infected computers are cleaned up. CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 117 A string of recent specimens have been designed to snatch passwords or credit card information and install programs that can be used to remotely control infected machines. These programs are known as trojan horses. There is evidence that virus writers can earn large amounts of money by leasing access to networks of compromised computers – often referred to as “botnets”. These groups of remote- controlled “zombies” have been used to extort money from websites, by threatening to crash them with a denial-of-service (DoS) attack. This involves overloading a server with bogus page requests, so that real messages cannot get through. Spam Spammers have also begun using bonnets’ to forward unsolicited bulk email advertising, or spam, through scores of zombie PCs. This makes it far more difficult for spam hunters to block the messages at source and catch the culprits. Once considered a fairly minor problem, spam is rapidly spiraling out of control, and much more than half of all email messages are now thought to consist of unwanted advertising messages. To combat computer scientists’ best efforts to stem the tide of junk email, the spammers have had to become more cunning and sophisticated. More recently, spam (spam by instant messenger) and spit (spam by internet telephony) have joined the fray. Phishing Spam’s more sinister cousin is the phishing email. This is a con trick that arrives as an email and tries to trick a recipient into handing over money or sensitive personal information like their bank account details or a username and password. The simplest phishing tricks try to dupe a target into sending money as part of a get-rich- quick scheme. But phishing tricksters are also getting more devious and recent scams pose as customer service emails and send users to bogus banking or commercial websites where they are invited to “re-enter” their account information. CU IDOL SELF LEARNING MATERIAL (SLM)
118 Internet Computing and Ethics Some genuine sites have even proven vulnerable to software glitches that can be exploited to capture information from regular users. Phishing is especially threatening because it can be used to steal a person’s digital identity. Spyware Along with spam and phishing, spyware represents the third of an unhappy trinity of internet pests. These insidious and clandestine programs typically find their way onto a computer system alongside another, often free, software application, although some can also exploit software bugs to get onto a machine. The programs are used to serve up unwanted adverts, change system settings and gather information on a user’s online behaviour for marketing purposes. 4.10 Detection Cybercrime detection acts like a smart lock, and so detection of cybercrime (picking the lock) involves monitoring computers, computer networks, and network servers that play important roles in information systems. Regrettably, there is no cut-and-dried way for detecting cyber-crime. Today, a large number of cybercrimes are detected by chance. However, recent experience has shown some more or less informal methods by which an individual can detect cyber-crime. 1. Reviewing: Audit the system frequently. Be attentive to any irregularities in the system. As of now, it is generally the uncertainties of employees or managers that lead to the capturing of a perpetrator. Most of the computer crimes do not draw from from distant “hackers,” but normally comes from employees or people the operator knows. Most computer crimes are done by employees working on large network systems in organizations managing a lot of computerized cash. Apparently, banks, large firms, government offices and universities are susceptible, and, known the size of the organizations, it can take months to detect with any certainty. 2. Checking Mistakes: Check for mistakes. Many authorities claim that cyber criminals can get too gluttonous and begin to get careless. Employees who are aware of this crime often get nervous and turn the perpetrator in. These similarities have been seen to happen CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 119 with family members of the cyber-criminal too. The probability of this working are greater if employees know clearly that cybercrime will result in full prosecution. 3. Email Inspection: Some types of cybercrime, such as cyber-stalking or cyber defamation, are carried out by email and can be detected and tracked by investigating the email header. The email header is info that travels with every mail, including the Internet Protocol (IP) address of the dispatcher and the date and time at which the message was sent. Using this information, law enforcement agency officials get hold of the address and telephone number of the sender from the internet service provider. 4. Network Intrusion Detection Systems: Cybercrime, such as network intrusion – where a cyber criminal breaks into a computer network for changing or stealing sensitive data – are more difficult to detect and track. Organizations utilize network intrusion detection systems, which unreceptively supervise the traffic on their networks for irregular activity, but skilled cyber criminals can avoid detection by manipulating the traffic stream such that detection systems do not see tell-tale interference patterns, or signatures. 5. Using government: Make full use of government agencies to help detect cybercrime. It happens frequently that audits by the IRS or investigations by police turn up the continuation of cybercrime that had gone undetected for a long while. Things like inventory shortages and abnormalities in the allotment of income within the organization can be signals that crime is being committed over the network. Nonetheless, it is generally hunches that reveal computer crime, when it is detected. 4.11 Malware Malware, meaning malicious software, includes viruses, worms and Trojans. Although “virus” is used colloquially to refer to various malware types, its meaning is quite specific. A virus is a program that replicates itself throughout a system. It can spread to other computers, but needs user involvement since it requires a host file to spread. An individual must download the virus from the internet or connect infected storage media, such as a USB drive, to his computer. A worm replicates itself and spreads more actively. CU IDOL SELF LEARNING MATERIAL (SLM)
120 Internet Computing and Ethics Malware comes in many different forms. Some specifically target users’ financial information by installing key loggers onto victims’ computers. Malware samples can also reach users via a number of delivery methods, including phishing attacks and malicious software packages that exploit unpatched software vulnerabilities. Once installed, attackers can use the malware to spy on online activities, steal personal and financial information or hack into other systems. Malware has become one of the biggest online threats and it’s been used in some of the world’s largest cyber-attacks including WannaCry, NotPetya and Cryptolocker. 4.12 Summary Information is a critical part of any organization and investing on the right service provider keeps your business in safe hands in the ever-expanding IoT (Internet of Things) world. A scalable and customized cyber security-driven business model includes disaster-recovery capabilities and secures data and the underlying infrastructure of the organization, thus building a safe barrier for the information even before it is attacked and saving the organization from a loss of billions of dollars that could result from the security threat. Cybercrime would be any criminal activity that has been made using computer, network device, or network. It can be malware that could be injected in someone’s device to track their activity on it, phishing websites that are made to hack peoples accounts and know credentials of various accesses. 4.13 Key Words/Abbreviations Ethical Issues: A problem or situation that requires a person or organization to choose between alternatives that must be evaluated as right (ethical) or wrong (unethical). Virus: A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself Malware: The term malware is a contraction of malicious software. Put simply, malware is any piece of software that was written with the intent of damaging devices, stealing data, and generally causing a mess. Viruses, Trojans, spyware, and ransomware are among the different kinds of malware. CU IDOL SELF LEARNING MATERIAL (SLM)
Internet Security 121 4.14 Learning Activity 1. What is Cybercrime? ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 2. What is Internet security? ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 3. Explain Virus. ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 4.15 Unit End Questions (MCQ and Descriptive) A. Descriptive Types Questions 1. Explain Importance of Internet security. 2. Differentiate between privacy and security. 3. List out various ethical issues. 4. What is cybercrime? Explain various cybercrimes. 5. What is virus? Explain different type of virus. 6. Explain various ways of cybercrime detection 7. Write note on Malware. B. Multiple Choice/Objective Type Questions 1. Privacy concerns have been articulated from the beginnings of ________ computer sharing. (a) small-scale (b) large-scale (c) main frame (d) super CU IDOL SELF LEARNING MATERIAL (SLM)
122 Internet Computing and Ethics 2. ________ is about the responsibility for the authenticity, fidelity an accuracy of the information. (a) Privacy (b) Protection (c) Accuracy (d) Security 3. ________ may also attempt to hijack a website to change or delete content or to access or modify databases without authorization (a) Cyber criminals (b) Cyber Laws (c) Cyber Issues (d) Hackkers 4. _______ violation is an area of cyber law that protects the rights of individuals and companies to profit from their own creative works. (a) Fraud (b) Defamation (c) Harassment (d) Copyright 5. A _______ is a program that replicates itself throughout a system (a) Worm (b) Syware (c) Virus (d) Malware Answers 1. (b), 2. (c), 3. (a), 4. (d), 5. (c) 4.16 References 1. https://www.techopedia.com/definition/23548/internet-security 2. http://www.tezu.ernet.in/wsc/pdf/notes/W03-Cyber-crime.pdf 3. “Internet and Web Technologies” by Raj Kamal. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 123 UNIT 5 E-COMMERCE FUNDAMENTALS - 1 Structure: 5.0 Learning Objectives 5.1 Introduction 5.2 The E-commerce Environment 5.3 Benefits of E-commerce 5.4 Limitations of E-commerce 5.5 Applications of E-commerce 5.6 Summary 5.7 Key Words/Abbreviations 5.8 Learning Activity 5.9 Unit End Questions (MCQ and Descriptive) 5.10 References 5.0 Learning Objectives After studying this unit, you will be able to: Describe the basics of e-commerce various application of it List advantages and disadvantages of e-commerce List the limitations of e-commerce CU IDOL SELF LEARNING MATERIAL (SLM)
124 Internet Computing and Ethics 5.1 Introduction Electronic Commerce is the process by which businesses and consumers buy and sell goods and services through an electronic medium. Electronic commerce emerged in the early 1990s, and its use has increased at a rapid rate. Today, the majority of companies have an online presence. In fact, having the ability to conduct business through the Internet has become a necessity. Everything from food and clothes to entertainment and furniture can be purchased online. Two familiar examples of electronic commerce companies are eBay and Amazon. Both of these companies allow consumers to purchase a variety of goods and services online from businesses and other consumers, while eBay also hosts online auctions. Consumers on these sites typically have numerous payment options, as well as choices for how their products are delivered. Purchasing of any produce like a pair of shoes over the Internet Or any asset like computer is part in electronic commerce also known as E-commerce. 5.2 The E-commerce Environment Every business requires an infrastructure to support its customers and operations. This includes facilities, equipment, and processes to support all the functional areas of your business. Choosing the correct infrastructure to match your business strategies enables your operations to run. If an element of your infrastructure is out of sync with your strategies, you will likely feel the pain in every aspect of your business. Suppose if your value proposition is to provide the lowest prices every day, then your infrastructure should be focused being the low cost provider. You can accomplish this in various ways, but you need to ensure that your cost of goods sold and overhead expenses — which include infrastructure costs — are as low as possible. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 125 Most E-commerce businesses are small, with fewer than 25 employees. If you look at all the functional areas of the business that must be managed on a daily basis, it will be hard to find and afford an in-house staff with all the skills required be successful. When deciding on your business infrastructure and operations, be sure to evaluate what your core strengths are. Know what you do well and know what you do not do well. They are equally important. Look to outsource part time activities or ones that require high levels of skill or specialization. Here are seven important infrastructure decisions that E-commerce businesses face. 1. Marketing: Of all the infrastructure elements, marketing may be the most important. To succeed, your website must be found. Once visitors are on your site, you need to keep them there and compel them to buy from you. That’s the job of your marketing team. Whether its website design, social media, search marketing, merchandising, email, or other forms of advertising, it’s all about marketing. To effectively manage marketing activities in-house is very challenging. Most small E-commerce businesses outsource some element of marketing. 2. Facilities: A key competitive advantage that E-commerce businesses have over brick- and-mortar stores is the investment in their physical offices and warehouses. In many cases, you can host your business out of a home office and your basement or garage. If you drop ship or outsource fulfillment, you may be able to do that for a long period of time. Even when you grow to have many employees, you can set up your offices in class B or C space, as you have no need for a fancy store in the right location. A word of advice is to keep your options flexible. Try to find an office park that has a wide variety of spaces in different sizes. You may be able to start in a smaller space and move up to a larger one without penalty, as your needs change. 3. Customer Service: There are many choices today for delivering high-quality customer service. You can manage those activities in-house or outsource to a third party. Basic customer service for sales and post-sales activities can be handled using email, and by CU IDOL SELF LEARNING MATERIAL (SLM)
126 Internet Computing and Ethics providing an 800 number for more extensive phone support. A customer-management system will make those activities easier, but for smaller companies it is not a requirement. Live chat will impact your operations as someone needs to be available during specified hours of operation. Be sure to gauge the impact of that on your organization, if you decide to handle those activities in house. 4. Information Technology: Choosing the right e-commerce platform is one of the most important decisions you will make in your business. Do you want to build and host your own system, outsource the development and then manage the system going forward, or use a hosted, software-as-a-service platform that is more turnkey and externally managed? If you build and host your own system, you may need more cash upfront and skilled administrators and developers on your staff. By using a SaaS platform, you will not need to host or manage the system in-house, but you may still need web developers on staff. Choosing to outsource the development and hosting will reduce your staffing costs, but you will incur higher costs for any future enhancements or changes to your websites. There are pros and cons to any approach. Just be sure to think through the impacts on both your staffing and your cash flow and bottom line before you move forward. 5. Fulfillment: Another key decision is whether you will manage your own inventory or outsource those activities to a fulfillment house or through drop shipping arrangements with your suppliers. Managing your own inventory will provide you with a high level of control, but you will tie up your cash in inventory, warehouse space, and your own fulfillment staff. In some industries — like the jewelry supply industry that my previous business was in managing your own inventory was the most logical choice. We had no alternative for drop shipping, and most items were purchased in bulk and were very small. We did not trust preparation and fulfillment to an outside service. Select the best fulfillment option to meet your needs. Be sure to understand the costs involved and analyze the other options before moving forward. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 127 6. Finance and Administration: As with other business operations, you will need to decide if you want to manage your finance and administration activities in-house, outsource, or a hybrid of the two. If your e-commerce platform is tightly integrated to your accounting system, you may have very little need for an in-house bookkeeper. If you use separate systems for your website, order management and accounting, you may need more help for data entry and making sure that the information is properly managed. Many e-commerce companies use outside services for vendor payments, payroll, and other basic accounting activities. They decide to focus on the sales, marketing, and customer service. This allows them to maintain a focus on growing their businesses, instead of paying an internal accountant — or doing that work yourself as the business owner. On the administration side, you need a leadership team and provide direction to them. Good communication is important, whether you have 3 or 100 employees. Whether you choose to be more authoritative or democratic in your management style is up to you. But choose a style and stay consistent. Be sure that everyone understands their roles, as well as the overall business strategies. You may need to adjust your approach as your business evolves. 7. Human Resources: Many small-business owners avoid the human resources function. Recruiting, setting up compensation, maintaining compliance and other HR activities are specialized and time consuming. You may choose to bring the resources in-house to manage those activities, but also evaluate outsourcing them. There are many individuals and agencies well equipped to take on your HR activities. 5.3 Benefits of E-commerce 1. Enhances convenience: Customers can make orders for goods at their own convenience and from the comfort of their homes without having to travel to the business premise. Orders are also delivered to them at their most ideal locations. It’s the best shopping option for people who are always busy. CU IDOL SELF LEARNING MATERIAL (SLM)
128 Internet Computing and Ethics 2. Allows for product and price comparison: Again, when making purchases, customers want to get the best deals. This business model allows for product and price comparison by consumers so that the best products are bought at the fairest prices. They can also enjoy extra benefits like discounts, coupons, items on sale and also get the best deals. 3. Easy fund-raising for start-ups ventures: So many people have the desire to venture into business but lack sufficient funds to set up shop. Leasing a physical store can be quite expensive. E-commerce makes it easier for start-ups to do business and grow. 4. Efficient: Resources are used efficiently since most of the business services are automated. Business owners sometimes spend a lot of resources meeting business needs and this eats into profits. E-commerce thrives on efficiency. 5. Customer reach: It’s easier to reach many customers on the internet. Using social media links and good search engine optimization strategies, an online business can increase brand awareness and grow its customer base. 6. Prompt payments: Payments are fast since online stores use electronic or mobile transactions payment methods. The mobile wallet system for merchant accounts drive up sales and increase revenue generation. 7. Ability to sell different products: The flexibility of conducting business over the internet makes it possible for entrepreneurs to display and sell several products and also cater to a wider demographic. Advantages of E-commerce The advantages of e-commerce can be broadly classified into three major categories: Advantages to Organizations Advantages to Consumers Advantages to Society Advantages to Organizations 1. Cost for Inventory Management is reduced: With e-commerce; Because of using automated inventory management with web-based management systems, a cost to CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 129 manage the inventory of goods is reduced by suppliers. This way indirectly saves their operational costs. 2. Global Market Reach: Ecommerce allows the supplier to lift up their sales in the meantime decreases the investment costs as a result it allows them to achieve global market segment 3. Observing the Consumers’ activity: By monitoring the consumers’ interests and buying habits with e-commerce the suppliers can fit their offers based on the consumers’ expectations and also maintains the constant relationship with them. 4. Cost for Establishing Store Front is reduced: Using the e-commerce as their business operation; the suppliers can prevent the overhead costs for constructing the physical store front. 5. Labour Costs are reduced: With e-commerce the labour costs will be reduced because the sellers can automate their online store fronts. Advantages to Consumers 1. Wide range of products and services: Electronic commerce through internet enables the customers to choose a product or service of their choice from any vendor anywhere in the world. Due to space constraint, a vendor can stock only a minimum amount of goods in the physical store. A virtual store enables a business organization to stock a lot of goods without considering the inventory cost. Hence, a business also provides a lot of choice to consumers to choose a product of his /her choice. 2. Convenience: Customers can buy any product from anywhere in the world without moving away from their workplace or home through internet. Due to bad weather, people may restrict their shopping even if necessity arises. E-commerce provides convenience to buy goods or services. 3. Saves money: The cost incurred by the business on the middlemen generally falls on the consumer. Since the middlemen are eliminated, the customer is free from bearing the CU IDOL SELF LEARNING MATERIAL (SLM)
130 Internet Computing and Ethics cost of the middlemen. To attract customers and to combat competitors, several business organizations offer product and services at cheaper price. Certain goods like e-books, music audio clips, software can be purchased and delivered through internet. It saves cost for the buyers. 4. Saves time: Time saving is one of the prime benefits of online shopping. Time taken for selection, buying and paying for an online product may not take more than 15 minutes; the products are delivered to customers’ door steps within a week. It saves delivery time for the buyers. 5. Adequate information: Internet is used as a main vehicle to conduct transactions in e- business. Internet allows customers to search for product information, compare the prices and benefits and finally evaluate its value before committing purchase. Through internet, customers can get their queries clarified and track their delivery status when the goods are being sent to them. If any doubts arise while handling the products, the customers can easily contact the business through internet. Advantages to Society 1. Provides job opportunities: E-commerce bridges the gap between the job seekers and job givers in the society. Human resources are able to get themselves placed in any organization by posting resumes through internet. Some organizations also permit people to work from their home. E-commerce through internet provides a global wide network to identify and train human resource too. 2. Promotes cordial relationship: E-commerce enables people to send gifts, greetings and gift vouchers to friends and relatives anywhere in the world. This promotes cordial relationship between and among individuals in the society. 3. Provides a wealth of information: People through internet are able to access any information, say from tourism to financial products. Access of global information at lower cost, just by click of a button enhances the knowledge of the people and helps them to transform into a part of a knowledge-based society. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 131 4. Provides Entertainment: E-commerce helps people to download music, videos and go through latest updates and reviews. It permits people to book tickets to the movies online. 5. Less pollution: People can buy any product or service from any location through internet without travelling from their respective home or workplace. Business associates can contact each other from their locations. It reduces traffic and reduces air pollution and contributes to lessen global warming. 6. Online education: E-commerce enables the students’ community to learn and acquire knowledge through online. Students can complete assignments and download information at anytime. Discussions with the tutors and with other students can take place with the help of internet. Students can enroll themselves in any online educational institution and acquire global exposure at a lower cost. Online education gives an opportunity for every student to participate in virtual classroom without considering their status, gender and role differences in the society. 7. Health care: Medical care and counselling are also provided through internet to the needed people. Doctors and nurses can get professional information and update themselves with the latest health care technologies through internet. This equips the doctors to provide good health care to their patients at a lower cost. 5.4 Limitations of E-commerce 1. Poor quality products: You don’t physically see and inspect whatever you are paying for before it’s delivered. Customers, therefore, run the risk of falling victim to false marketing and buying poor quality products from the virtual shop. 2. Impulsive purchases: Online stores display a large number of products and due to the convenience of shopping, Customers can find themselves making bad financial decisions through impulsive purchases. CU IDOL SELF LEARNING MATERIAL (SLM)
132 Internet Computing and Ethics 3. Internet scammers: The internet is a good thing but some people have decided to use it for all the wrong reasons. Scammers have made this type of business model unattractive for some consumers. 4. Lack of after sales support: As a result of lack of physical premises, customers find it hard to access after sales support. It can take up to several days before any help is accorded to a customer in need. 5. Fast changing business environment: Technology evolves so fast. Some entrepreneurs find it hard to keep up and lose a lot of business in the process. This may make business growth unattainable. 6. Loss of personal touch: Business is all about relationships. This business model erodes the personal touch between a customer and the business owner. Cultivating loyalty can thus be a problem since there are many such businesses that provide different options. 7. Delivery of goods can get delayed: It takes time before the goods ordered for are delivered. Sometimes the delivery delays and this inconveniences the customer. This is different from physical business premises where customers walk out with the products bought. Disadvantages of E-commerce The disadvantages of e-commerce can be broadly classified into two major categories: Technical disadvantages Non-technical disadvantages Technical Disadvantages There can be lack of system security, reliability or standards owing to poor implementation of e-commerce. The software development industry is still evolving and keeps changing rapidly. In many countries, network bandwidth might cause an issue. Special types of web servers or other software might be required by the vendor, setting the e-commerce environment apart from network servers. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 133 Sometimes, it becomes difficult to integrate an e-commerce software or website with existing applications or databases. There could be software/hardware compatibility issues, as some e-commerce software may be incompatible with some operating system or any other component. Non-technical Disadvantages Initial cost − The cost of creating/building an e-commerce application in-house may be very high. There could be delays in launching an e-Commerce application due to mistakes, and lack of experience. User resistance − Users may not trust the site being an unknown faceless seller. Such mistrust makes it difficult to convince traditional users to switch from physical stores to online/virtual stores. Security/ Privacy − It is difficult to ensure the security or privacy on online transactions. Lack of touch or feel of products during online shopping is a drawback. E-commerce applications are still evolving and changing rapidly. Internet access is still not cheaper and is inconvenient to use for many potential customers, for example, those living in remote villages. 5.5 Applications of E-commerce The most common Applications of E-commerce are as follows: Retail and Wholesale E-commerce has a number of applications in retail and wholesale. E-retailing or on-line retailing is the selling of goods from Business-to-Consumer through electronic stores that are designed using the electronic catalogue and shopping cart model. Cybermall is a single Website that offers different products and services at one Internet location. It attracts the customer and the seller into one virtual space through a Web browser. CU IDOL SELF LEARNING MATERIAL (SLM)
134 Internet Computing and Ethics Marketing Data collection about customer behaviour, preferences, needs and buying patterns is possible through Web and E-commerce. This helps marketing activities such as price fixation, negotiation, product feature enhancement and relationship with the customer. Finance Financial companies are using E-commerce to a large extent. Customers can check the balances of their savings and loan accounts, transfer money to their other account and pay their bill through on-line banking or E-banking. Another application of E-commerce is on-line stock trading. Many Websites provide access to news, charts, information about company profile and analyst rating on the stocks. Manufacturing E-commerce is also used in the supply chain operations of a company. Some companies form an electronic exchange by providing together buy and sell goods, trade market information and run back office information such as inventory control. This speeds up the flow of raw material and finished goods among the members of the business community. Various issues related to the strategic and competitive issues limit the implementation of the business models. Companies may not trust their competitors and may fear that they will lose trade secrets if they participate in mass electronic exchanges. Auctions Customer-to-Customer E-commerce is direct selling of goods and services among customers. It also includes electronic auctions that involve bidding. Bidding is a special type of auction that allows prospective buyers to bid for an item. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 135 5.6 Summary E-commerce or Electronic Commerce means buying and selling of goods, products, or services over the internet. E-commerce is also known as electronic commerce or internet commerce. These services provided online over the internet network. Transaction of money, funds, and data are also considered as E-commerce. These business transactions can be done in four ways: Business to Business (B2B), Business to Customer (B2C), Customer to Customer (C2C), Customer to Business (C2B). The standard definition of E-commerce is a commercial transaction which is happened over the internet. Online stores like Amazon, Flipkart, Shopify, Myntra, Ebay, Quikr, Olx are examples of E-commerce websites. By 2020, global retail e-commerce can reach up to $27 Trillion. Let us learn in detail about what is the advantages and disadvantages of E-commerce and its types. 5.7 Key Words/Abbreviations Information Technology: Information technology (IT) is the use of any computers, storage, networking and other physical devices, infrastructure and processes to create, process, store, secure and exchange all forms of electronic data. Typically, IT is used in the context of enterprise operations as opposed to personal or entertainment technologies. The commercial use of IT encompasses both computer technology and telephony. 5.8 Learning Activity 1. How Marketing is used in E-commerce environment? ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- 2. List and explain benefits of E-commerce. ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- CU IDOL SELF LEARNING MATERIAL (SLM)
136 Internet Computing and Ethics 5.9 Unit End Questions (MCQ and Descriptive) A. Descriptive Types Questions 1. Explain E-commerce and its importance of E-commerce in today’s world. 2. What are the components of E-commerce environment? 3. What are Limitations of E-commerce? 4. What are benefits of E-commerce? 5. List out application of E-commerce. 6. Explain the Possible Drawbacks of Electronic Commerce with real life examples. 7. Elucidate the technical and non-technical disadvantages of E-commerce. 8. How should merchants promote their e-commerce sites? 9. Exemplify the advantages of e-commerce to society, consumer and organization with real life examples. 10. Explain in brief about E-commerce opportunities for Industries. 11. Outline the reasons why a business may wish to adopt e-commerce. 12. Illustrate the real life examples of all e-commerce business models. 13. Elucidate the term traditional commerce. B. Multiple Choice/Objective Type Questions 1. How many infrastructure decisions are there that e-commerce businesses face. (a) Seven (b) Four (c) Eight (d) Five 2. The mobile __________ system for merchant accounts drive up sales and increase revenue generation. (a) Application (b) Wallet (c) Software (d) Payment CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 1 137 3. Many ____________ owners avoid the human resources function. (a) Large-scale-business (b) Co-operate (c) Company (d) Small-business 4. Of all the infrastructure elements, __________ may be the most important. (a) Customer Service (b) Information Technology (c) Marketing (d) Finance and Administration 5. __________ are used efficiently since most of the business services are automated (a) Resources (b) Sources (c) Auctions (d) Finance Answers 1. (a), 2. (b), 3. (d), 4. (c), 5. (a) 5.10 References 1. https://www.toppr.com/guides/business-environment/emerging-trends-in-business/ electronic-commerce/ 2. https://searchdatacenter.techtarget.com/definition/IT 3. “E-commerce” by Shivani Arora. CU IDOL SELF LEARNING MATERIAL (SLM)
138 Internet Computing and Ethics UNIT 6 E-COMMERCE FUNDAMENTALS - 2 Structure: 6.0 Learning Objectives 6.1 Introduction 6.2 E-portals 6.3 E-auctions 6.4 Business Models for E-commerce 6.5 Summary 6.6 Key Words/Abbreviations 6.7 Learning Activity 6.8 Unit End Questions (MCQ and Descriptive) 6.9 References 6.0 Learning Objectives After studying this unit, you will be able to: Define various terms used in e-commerce Describe various Business models used in e-commerce 6.1 Introduction The E-commerce marketplace or the online e-commerce marketing is a place or a website where one can find different brands of products coming from multiple vendors, shops or person showcased on the same platform. CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 2 139 An enterprise information portal (e-portal) is a single gateway through which to gain access to all the information, data, systems, and processes used by stakeholders of an organization. The marketplace owner is responsible for attracting customers and the processed transactions, while the third party vendors deal with the manufacturing and shipping. Online Marketplace streamlines the production process through one simple portal, where the manufacturers sell their products directly to the consumers, therefore, avoiding the stagnant process of stocks holding. 6.2 E-portals What is an E-portal? An enterprise information portal (e-portal) is a single gateway through which to gain access to all the information, data, systems, and processes used by stakeholders of an organization. Stakeholders of an organization may include employees, customers, investors, or business partners (suppliers, distributors, resellers, agents, franchisees and so on). The user’s experience of the e-portal is uniquely tailored to his or her individual needs, and the user can access the e-portal via the corporate intranet (typically employees only), extranets, or the Internet. Website that serves as a gateway or a main entry point (‘cyber door’) on the internet to a specific field-of-interest or an industry. A portal provides at least four essential services: (1) search engine(s), (2) email, (3) links to other related sites, and (4) personalized content. It may also provide facilities such as chat, members list, free downloads, etc. Portals such as AOL, MSN, Netcenter, and Yahoo, earn their revenue from membership fees and/or by selling advertising space on their webpages. Also called portal site or web portal. 6.3 E-auctions The electronic auction (e-Auction) is an e-business between auctioneers and bidders, which takes place on an electronic marketplace. An e-Auction, also known as a ‘reverse auction’. “Reverse auctions create an environment where suppliers bid against each other for a contract. This environment encourages competition CU IDOL SELF LEARNING MATERIAL (SLM)
140 Internet Computing and Ethics with the result that goods and services are offered at their current market value (Improvement and Development Agency).” Buyer Supplier Buyer 1 6 Buyer Buyer 2 5 Buyer Buyer 3 4 Fig. 6.1: E-auctions The auctioneer offers his goods, commodities or services on an auction site on the internet. Interested parties can submit their bid for the product to be auctioned in certain specified periods. The auction is transparent, all interested parties are allowed to participate the auction in a timely manner. 6.4 Business Models for E-commerce E-commerce business models can generally be categorized into the following categories. Business - to - Business (B2B) Business - to - Consumer (B2C) Consumer - to - Consumer (C2C) Consumer - to - Business (C2B) Business - to - Government (B2G) Government - to - Business (G2B) Government - to - Citizen (G2C) CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 2 141 Business - to - Business A website following the B2B business model sells its products to an intermediate buyer who then sells the product to the final customer. As an example, a wholesaler places an order from a company’s website and after receiving the consignment, sells the end product to the final customer who comes to buy the product at one of its retail outlets. Business Organization Supplies Orders Order Processing Wholesaler Website Sells Customer Fig. 6.2: B2B Business - to - Consumer A website following the B2C business model sells its products directly to a customer. A customer can view the products shown on the website. The customer can choose a product and order the same. The website will then send a notification to the business organization via email and the organization will dispatch the product/goods to the customer. CU IDOL SELF LEARNING MATERIAL (SLM)
142 Internet Computing and Ethics Business Organization Supplies Orders Order Processing Customer Website Fig. 6.3: B2C Consumer - to - Consumer A website following the C2C business model helps consumers to sell their assets like residential property, cars, motorcycles, etc., or rent a room by publishing their information on the website. Website may or may not charge the consumer for its services. Another consumer may opt to buy the product of the first customer by viewing the post/advertisement on the website. Website Processes Order Places money for particular service Business Receives products Customer Organization Receives money Fig. 6.4: C2C Consumer - to - Business In this model, a consumer approaches a website showing multiple business organizations for a particular service. The consumer places an estimate of amount he/she wants to spend for a particular service. For example, the comparison of interest rates of personal loan/car loan CU IDOL SELF LEARNING MATERIAL (SLM)
E-commerce Fundamentals - 2 143 provided by various banks via websites. A business organization who fulfills the consumer’s requirement within the specified budget, approaches the customer and provides its services. Website Processes Order Places money for particular service Business Receives products Customer Organisation Receives money Fig. 6.5: C2B Business - to - Government B2G model is a variant of B2B model. Such websites are used by governments to trade and exchange information with various business organizations. Such websites are accredited by the government and provide a medium to businesses to submit application forms to the government. Business Organization Website Government Fig. 6.6: B2G Government - to - Business Governments use B2G model websites to approach business organizations. Such websites support auctions, tenders, and application submission functionalities. Government Website Business Organization Fig. 6.7: G2B CU IDOL SELF LEARNING MATERIAL (SLM)
144 Internet Computing and Ethics Government - to - Citizen Governments use G2C model websites to approach citizen in general. Such websites support auctions of vehicles, machinery, or any other material. Such website also provides services like registration for birth, marriage or death certificates. The main objective of G2C websites is to reduce the average time for fulfilling citizen’s requests for various government services. Government Website Citizen Fig. 6.8: G2C 6.5 Summary Business transactions that take place on the internet are called e-commerce, short for “electronic commerce.” Popular examples of e-commerce generally involve buying and selling online, but the e-commerce universe contains other types of activities as well. Basically, any form of business transaction conducted electronically can be referred to as e-commerce. Those involved in the transactions can represent multiple combinations of customers, businesses, vendors or other suppliers, or government agencies. E-commerce has experienced considerable growth since the dawn of the internet as a commercial enterprise. Its advantages include eliminating time and geographical limitations, streamlining operations, and lowering costs. 6.6 Key Words/Abbreviations Search engine: A search engine is a web-based tool that enables users to locate information on the World Wide Web. Auctions: An auction is a sales event wherein potential buyers place competitive bids on assets or services either in an open or closed format. Portal: A website or web page providing access or links to other sites. CU IDOL SELF LEARNING MATERIAL (SLM)
Search
Read the Text Version
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
