ecommerce Fundamentals - Glossary

Back to root Glossary
A comprehensive introduction to the underlying technologies of e-commerce is given through this glossary and course. This glossary explores the full range of technologies, protocols, and techniques necessary for building successful ecommerce sites. This glossary and course begins with an overview of the internet and the Web, then quickly moves on to explain server-side programming techniques, cryptography and internet security, and how to take advantage of leading-edge technologies such as mobile agents, XML, and data mining tools. Placing this technical know-how in business context, we then walk readers through actual ecommerce applications, from Internet payment systems to Web advertising and publishing. A running case study depicting a Virtual Book Store (VBS) .

Asymmetric key algorithms

Asymmetric key algorithms, also known as public-key cryptography, are fundamental to modern secure communication. These algorithms utilize two distinct but mathematically related keys: a public key, which can be widely distributed, and a private key, which is kept secret. The essential components of asymmetric key algorithms include:
  1. Key Pair Generation: The process begins with the creation of a key pair, consisting of a public key and a private key. These keys are generated simultaneously using the same algorithm and are mathematically linked. The strength of the encryption depends on the key size and the algorithm's complexity.
  2. Public Key: The public key is used for encrypting data or verifying digital signatures. It can be shared openly without compromising security. This key is designed such that, while it can be used to encrypt data or verify a signature, it cannot be feasibly used to derive the corresponding private key or decrypt data.
  3. Private Key: The private key is kept confidential and is used for decrypting data encrypted with the corresponding public key or for creating digital signatures. The security of the entire system hinges on keeping this key private.
  4. Encryption and Decryption: In an encryption scenario, a sender uses the recipient's public key to encrypt data. Once encrypted, the data can only be decrypted by the recipient's private key, ensuring confidentiality during transmission. Conversely, the sender's private key is used to encrypt data, which can then be decrypted by anyone with the sender's public key, typically used in digital signature scenarios.
  5. Digital Signatures: Asymmetric key algorithms can also be used for digital signatures. The sender creates a signature by encrypting the data (or its hash) with their private key. The recipient, or any other party, can verify the signature by decrypting it with the sender's public key, ensuring the integrity and authenticity of the message.
  6. Algorithm Complexity: The security of asymmetric cryptography relies on complex mathematical problems, such as factoring large prime numbers or calculating discrete logarithms. These problems provide a one-way function, easy to perform in one direction (key generation and encryption) but extremely difficult to reverse (deriving the private key from the public key).
  7. Key Distribution and Management: While the public key can be freely distributed, the private key must be securely stored and managed. The integrity of the public key must also be ensured, often through the use of digital certificates and public key infrastructure (PKI).
  8. Computational Resources: Asymmetric algorithms typically require more computational resources than symmetric key algorithms, making them slower for bulk data encryption. They are often used in conjunction with symmetric algorithms in hybrid systems for efficiency.

In summary, asymmetric key algorithms hinge on the dual concepts of a public key for encryption or signature verification and a private key for decryption or signature creation, underpinned by complex mathematical problems that ensure security. Their application ranges from secure communication to digital signatures and key exchange mechanisms in various cryptographic protocols.
A computable set of steps to achieve a desired result.
asymmetric encryption
A type of encryption that uses one key to encrypt a message and another to decrypt the message. (Also, public-key encryption)
asymmetric key algorithm
An algorithm used for asymmetric encryption.
The process by which the receiver of a digital message can be confident of the sender's identity. The process used to prove the sender's authenticity is called the digital signature process.
The process of giving individuals access to system objects based on their identity.
banner ads
Clickable advertisements found on frequently visited Web sites.
An attachment to an electronic message used for security purposes. A digital certificate is commonly used to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply.
certificate authority (CA)
A trusted third-party organization or company that issues digital certificates used to create digital signatures and public/private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be.
Ciphers are algorithms used to encrypt and decrypt plaintext messages.
Text that has been encrypted by some encryption system.
The process of a visitor clicking on a Web advertisement and going to the advertiser's Web site. The click rate measures the number of times an ad is clicked.
A network architecture in which each computer or process on the network is either a client, a PC or a workstation for users, or a server, computers dedicated to managing files, devices, or network traffic.
Pieces of information sent out by Web servers and saved by browsers. Upon subsequent contacts with the same server, the browser will present the cookie.
Copyright is a form of protection provided to the authors of "original works of authorship," including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished. The copyright protects the form of expression rather than the subject matter of the writing.
Copyright Act
In general, the 1976 Copyright Act gives the owner of copyright the exclusive right to reproduce the copyrighted work, to prepare derivative works, to distribute copies or phonorecords of the copyrighted work, to perform the copyrighted work publicly, or to display the copyrighted work publicly.
Cross-selling is the action or practice of selling an additional product or service to an existing customer. In practice, businesses define cross-selling in many different ways
The science of recovering plaintext messages without knowledge of the key.
The science of encrypting and decrypting plaintext messages
Data Encryption Standard (DES)
A symmetric key algorithm that is fast and simple to implement.
digital envelope
A type of security that uses two layers of encryption to protect a message. First, the message itself is encoded using symmetric encryption, and then the key to decode the message is encrypted using public-key encryption. This technique overcomes one of the problems of public-key encryption, which is that it is slower than symmetric encryption.
digital signature
A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. Digital signatures are accomplished through the use of message digests. A message digest is text that has been passed through a hash algorithm, such as MD5. Theoretically, once text has passed through a hashing algorithm, the original message can never be retrieved. However, it is possible to compare message digest values during the login process.
digital wallet
Encryption software that works like a physical wallet during electronic commerce transactions. A wallet can hold a user's payment information, a digital certificate to identify the user, and shipping information to speed transactions.
domain name
A name that identifies one or more IP addresses. Domain names are used in URLs to identify particular Web pages. For example, in the URL, the domain name is
Business conducted online.
Electronic Data Interchange (EDI)
EDI is a messaging protocol meant to ensure that data sent between normally incompatible computers retains its integrity and is formatted consistently. This standard is popular with financial institutions and large businesses who need to communicate large volumes of detailed, repetitive information over company networks. A complete EDI message is called a transaction set. Each message (that is, transaction set) contains information that provides a universal method for formatting documents. In a sense, EDI is a universal translator for documents.
Electronic publishing (EP)
The use of computers rather than traditional print mechanisms to produce and distribute information.
The process of using algorithms, keys and protocols to convert plain text transmissions (which are readable by humans) into cipher text data streams (which are not readable). In regards to e-commerce, encryption usually occurs between clients and servers via SSL.
A business-to-business Web site that allows secure access between a company's intranet and designated, authenticated users from remote locations.
A security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.
Each time you click a glossary term, you'll see a window like this displaying the term and its definition. To see the entire glossary, click Show All Terms.
graphical user interface (GUI)
A program interface that takes advantage of the computer's graphics capabilities to make the program easier to use.
A user who breaks into sites for malicious purposes.
hash algorithm
A numeric function that mixes the ordering of input values with the goal of getting an even distribution. (Also, hash function)
To generate a number from a string of text. The hash number is smaller than the text string.
An element in an electronic document that links to another place in the same document or to an entirely different document. Typically, you click on the hyperlink to follow the link.
HyperText Markup Language (HTML)
The authoring language used to create documents on the World Wide Web.
Short for Internet Engineering Task Force, the main standards organization for the Internet. The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.
An advertisement's appearance on an accessed Web page. For example, if you see two ads on a Web page, that's two impressions. Advertisers use impressions to measure the number of views their ads receive, and publishers often sell ad space according to impressions.
intellectual property
Products such as written materials, musical compositions, trademarks, and other things that are protected by copyright, trademark, or patent law.
inter-company commerce
Transactions conducted between two separate companies that have contracted with each other.
Intra-company commerce
Transactions conducted between two divisions or departments within the same company.
A network internal to your company that provides Internet-related solutions, including email, Web sites, HTTP-based transactions, document download (for example, employee forms such as vacation, grievance, and so forth), paging, andextensive information searches. Some corporate intranets provide training programs, goods and services, and access to special offers and deals with other corporations and organizations.
An Internet Service Provider, a company that provides access to the Internet.
Lanham Act
A 1964 law that was an important early step toward U.S. trademark legislation.
MD5 is one in the series (including MD2 and MD4) of message digest algorithms developed by Ron Rivest. It involves appending a length field to a message and padding it to a multiple of 512-bit blocks. Each of these 512-bit blocks is fed through a four-round process to result in a 128-bit message digest.
message digest
The representation of text in the form of a single string of digits, created using a formula called a one-way hash function. Encrypting a message digest with a private key creates a digital signature, which is an electronic means of authentication.
To send data to a specific list of recipients.
The ability to demonstrate that an information exchange or financial transaction took place.
one-way encryption
A type of encryption in which information is encrypted once and cannot be decrypted. One-way encryption is typically used for creating message digests.
A patent for an invention is the grant of a property right to the inventor, issued by the Patent and Trademark Office. The term of a new patent is 20 years from the date on which the application for the patent was filed in the United States or, in special cases, from the date an earlier related application was filed, subject to the payment of maintenance fees. U.S. patent grants are effective only within the U.S., U.S. territories, and U.S. possessions.
payment gateway
The system (usually software) that interfaces between the merchant and the merchant's bank to perform credit card authorizations.
A message before encryption or after decryption, that is, in its usual form that anyone can read, as opposed to its encrypted form, ciphertext.
public-key encryption
A cryptographic system that uses two keys--a public key known to everyone and a private or secret key known only to the recipient of the message.
push publishing
A means of reaching an audience by automatically delivering information, such as news headlines or product updates, directly to a user's computer in a customized format at designated times.
A standard for public-key cryptosystems named after its inventors, Ron Rivest, Avi Shamir, and Rick Adleman, who developed it in 1978 while working at MIT. Its security is based on factoring very large prime numbers. The size of the key used in RSA is completely variable, but for normal use, a key size of 512 bits is common. In applications where key compromise would have serious consequences or where the security must remain valid for many years into the future, 1024-bit and 2048-bit keys are used.
Secure Electronic Transactions (SET)
A standard enabling secure credit card transactions on the Internet.
Secure Hash Algorithm (SHA)
This function was developed by the National Institute of Standards and Technology (NIST) and is based heavily on Ron Rivest's MD series of algorithms. The message is first padded with MD5, then fed through four rounds, which are more complex than the ones used in MD5. The resulting message digest is 160 bits long.
Secure Sockets Layer (SSL)
A technology embedded in Web servers and browsers that encrypts traffic.
Secure/Multipurpose Internet Mail Extension (S/MIME)
A specification for secure electronic mail. S/MIME was designed to add security to email messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption). S/MIME assumes that both the sender and receiver of secure email messages have public/private key pairs and uses the concept of a digital envelope.
service mark
The Lanham Act defines a service mark as one "used in the sale or advertising of service to identify the services of one person and distinguish them from the services of another."
shopping cart
A shopping cart is a piece of software that acts as an online store's catalog and ordering process. Typically, a shopping cart is the interface between a company's Web site and its deeper infrastructure, allowing consumers to select merchandise; review what they have selected; make necessary modifications or additions; and purchase the merchandise.
Unsolicited electronic junk mail, usually sent to a great number of people for solicitation purposes.
Supply chain management
The virtual integration of partners on the supply and process chains.
symmetric encryption
A type of encryption in which the same key is used to encrypt and decrypt the message.
A high-speed (1.5 mbps) connection to the Internet using dial-up leased lines. In some localities, T1 lines can be leased for $3,000.00 per month or less.
targeted email
Email sent as the result of market research and carefully compiled information obtained from a marketing campaign. In spite of such care, many users today still consider target email to be "spam" (that is, the electronic equivalent of junk mail).
A trademark is a word, name, symbol, or device that is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others.
value-added network (VAN)
A value-added network (VAN) enables companies to exchange electronic data interchange (EDI) transactions. A VAN offers multiple services. Foremost among these is its ability to receive, store and then forward EDI messages (called a transaction set). In a sense, a VAN acts as a post office for such messages, because it also helps route the messages through an appropriate path to the destination. When recipients are ready, the VAN can forward messages to them. Therefore, a VAN coordinates activity between busy EDI networks. Finally, a VAN provides additional security, because it acts as a buffer between each organization participating on the network.
value-added resellers (VARs)
An entity that purchases equipment from another company, then customizes and markets the equipment.
virtual enterprise
An organization unconstrained by geographic location, and a membership intersecting several traditional organizations. An organization that can do business almost entirely in the electronic world.
virtual private network (VPN)
A VPN is an encrypted datastream that exists between two computers. A VPN can exist between a standard client host and a server, between a client and a firewall, or between two firewalls. A VPN allows two parties to use encryption in order to freely communicate across public networks, such as the Internet.
Web server
A central computer system that hosts a Web site and enables remote clients to access the pages of the site.
Web storefront
The part of a virtual enterprise that allows a client/end user to interact with the server-side elements, usually in the form of buying and selling
World Intellectual Property Organization (WIPO)
The World Intellectual Property Organization (WIPO) is an intergovernmental organization with headquarters in Geneva, Switzerland. WIPO is responsible for the promotion of the protection of intellectual property throughout the world through cooperation among nations, and for the administration of various multilateral treaties dealing with the legal and administrative aspects of intellectual property.