ecommerce Website Implementation - Glossary
Electronic commerce, commonly known as e-commerce or eCommerce, consists of the buying and selling of products or services over electronic systems such as the Internet and other computer networks. The amount of trade conducted electronically has grown extraordinarily with widespread Internet usage. The use of commerce is conducted in this way, spurring and drawing on innovations in electronic funds transfer, supply chain management, Internet marketing, online transaction processing and automated data collection systems.
Modern electronic commerce uses the World Wide Web at least at some point in the transaction's lifecycle, although it can encompass a wider range of technologies such as e-mail as well.
- Access control
- Determines where a person or network host is allowed to enter a system.
- A special apparatus used by a merchant bank to query issuers (card holder banks) to see if a card holder's account is valid.
- Services and options that most e-commerce customers expect. These include shopping carts, free email, stock quotes, and simultaneous help desk support.
- Asymmetric encryption
- Encryption that creates a public key and a private key. The private key remains secret, on your computer. You can freely disseminate the public key.
- Establishes a person's identity.
- The amount of data received over a period of time.
- Bandwidth throttling
- The ability to control the bandwidth a particular virtual server uses.
- Banner ad
- An advertisement inserted within an HTML page.
- Banner advertising
- The use of clickable advertisements found on frequently visited Web sites.
- The normative activity for e-commerce servers.
- An individual item of measurement in regard to a Web server element, such as percentage of RAM usage, hard drive access, and
- Areas in the server where system queues get backed up and cause performance degradation.
- The ability to market the image of a product consistently.
- Browser compatibility
- When creating a Web site, you must make sure that the site is available to users in your target market. Sometimes, this
requires making the site's presentation as generic as possible. In other markets, you may find that specializing in the latest technologies is
the only way to attract users.
- Business design goal
- You must map your front-end and back-end concerns to specific goals for your product and market niche.
- Card holder
- A person ready to buy goods and services with a credit card.
- Certificate authority (CA)
- A respected, trusted body that creates and manages certificates. A certificate authority signs other people's certificates and acts as a trusted third party. You can obtain personal, software publisher, server, and certificate authority certificates, depending on your needs.
- Cookies are small variables that store data about the current user. Cookies are set by the Web server, and are subsequently sent by the client browser with each request that matches the domain and path attributes (if set) set for the cookie. Unless explicitly set to
persist via the Expires cookie attribute, a cookie will be destroyed when the user closes their browser. Cookies may be used to track and store
information such as user name, user password and what parts of the site were visited.
- Copyright law
- Copyright is a form of protection provided to the authors of "original works of authorship," including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished. The copyright protects the form of expression rather than the subject matter of the writing.
- The central processing unit or CPU is sometimes referred to as the processor or central processor. The CPU is where most calculations take place. In terms of computing power, the CPU is the most important element of a computer system.
- Creating cipher text from plain text.
- Customer relationship management software
- CRM software allows you to discover the cost-effectiveness of a site, track users, and ensure accountability.
- A daemon is a process that is not associated with any terminal and which is dedicated to handling a particular task.
- Data confidentiality
- Using algorithms that make information remain secret.
- Data integrity
- A service for ensuring that information cannot be altered.
- Database management system
- Programs that control the organization, storage and retrieval of data for multiple users. Examples of database management systems are Oracle, Sybase, and Datacom.
- Design evaluation
- Checking up on the currency of the site to make sure it looks current and professional.
- Digital cash
- The use of proprietary software to convert "real" money into information easily transferred over a public network.
- Digital certificate
- A way to prove your identity. You can use it to encrypt and decrypt messages from individuals and servers. In technical terms, it is a public key that has been signed by a certificate authority.
- Digital certificates
- The use of one-way and asymmetric encryption to authenticate code or email.
- Digital signature
- Use of a one-way hash algorithm and a private key to provide a stamp of approval on an electronic document or network transmission.
- Digital signatures
- The use of one-way and asymmetric encryption to create signatures on transactions.
- Conducting business on-line.
- Encryption is the process of transforming a file using a mathematical function or technique so that the contents of the file
are protected from unwanted viewing.
- Enterprise resource planning
- ERP (enterprise resource planning) is the practice of using client/server technology, mainframes, and relational databases to manage all aspects of a business. As the name suggests, it involves planning the business, but it also covers ways to manage the manufacturing process, make purchases, as well as manage the important parts of its business, including project planning, human resource planning, supply chain management, inventory management, and order tracking. ERP is designed to lower supply chain costs, reduce the need for large amounts of inventory and enable a manager to conduct real-time checks of his/her company's manufacturing and business processes. The most popular ERP suite of programs is sold by a German company named Systems, Applications and Products in Data Processing (SAP). Its latest product, the R/3 series, traditionally worked with mainframes, but is now heavily involved in the client/server model, including Linux.
- Extended logging
- The ability to obtain extra information from visitors through the use of reverse DNS lookup and cookies.
- File transfer protocol
- The File Transfer Protocol, or FTP, is the set of communication rules that computers use to exchange files.
- A firewall is a series of applications and hardware that filters and audits outside network traffic as it passes into your network.
- To access all the items in the course glossary, click the Show All Terms button below.
- Hash function
- A smaller numerical representation of the plaintext. A hash of a message is encrypted using one way encryption to becomes the signature for that message.
- A single instance of Web access. Vernacular term for site access from an end user.
- Input/output system, also called I/O (pronounced eye-oh). I/O refers to any operation, program, or device whose purpose is to enter data into or extract data from a computer.
- Intellectual property
- Products such as written materials, musical compositions, trademarks and other things that are protected by copyright,
trademark, or patent law.
- Intrusion detection software
- Software that scans an internal network for security threats.
- IP address
- An IP address is a number that is used to uniquely identify computers connected to the Internet.
- A financial institution, such as a bank, that provides a credit card to a customer.
- Legacy system
- A computer system or application that continues to be used when the cost of replacing or redesigning it is prohibitive.
- Log file
Files that record end user access to a Web server or any other log-enabled server.
The e-commerce site ready to sell goods and services. A merchant must establish a relationship with an acquirer before
- A financial institution that offers accounts to merchants. These accounts enable transactions between the card holder and themerchant.
- Software systems and utlities that provide a service and sit between the client and backend databases or legacy systems.
- Network interface card (NIC)
- A network interface card is an expansion board that connects a computer to a network. Most NICs are designed for a particular type of network, protocol, and media, although some can serve multiple networks.
- The ability to prove that a transaction has in fact occurred.
A one way encryption algorithm produces ciphertext that cannot be taken BACK tothe original plaintext.
Online transaction processing
The ability to process credit card information, track users, and bill related parties automatically.
Open Buying on the Internet (OBI)
The Open Buying on the Internet (OBI) Consortium is a non-profit organization dedicated to developing open standards for
business-to-business Internet commerce.
Many entrepreneurs choose to borrow space from an already-existing Internet service provider (ISP). You can either cohost or
colocate. Cohosting means that you are borrowing hard drive space on a machine. Colocating means that you provide your own machine but use the
ISP's Internet connection.
The use of a type of firewall device that processes network traffic on a packet-by-packet basis. Packet filter devices allow or
block packets, and are typically implemented through standard routers.
Software operated by the merchant that relays data between the merchant and the merchant bank. It is the interface between the
e-commerce site and the bank.
The ability to determine bottlenecks, as well as determine that the system is able to handle its load.
A movement interested in standardizing the creation, transport, and storage of keys. This standard was developed to improve the
ability to use certificates across vast networks.
A clearinghouse that a visitor can treat as a "one stop shopping" experience. A portal provides services, as well as
links to areas of interest on the Web.
Public key algorithm
The use of a key pair. The first half of the pair, or private key, stays secret. The second half, or public key, is freely
distributed. Digital certificates and signatures use this form of algorithm.
Public key encryption
The use of asymmetric algorithms to ensure effective key exchange.
Creates certificate authorities.
What happens when you lose trust in a certificate.
Secure Electronic Transaction (SET)
A method of information exchange that allows businesses and clients an extra level of protection while conducting
Secure hash algorithm (SHA)
A specific one-way encryption algorithm.
- Secure MIME (S/MIME)
- A specification for secure electronic mail. S/MIME was designed to add security to email messages in MIME format. The security
services offered are authentication (using digital signatures) and privacy (using encryption). S/MIME assumes that both the sender and receiver of
secure email messages have public/private key pairs and uses the concept of a digital envelope
- Secure Sockets Layer (SSL)
- An encryption method enabled by digital certificates.
- Security policy
- The foundational building block for a site's security.
- Selective disclosure
- The ability to reveal only portions of a digital certificate. As yet, this is not possible in an e-commerce setting.
Simple Mail Transfer Protocol (SMTP)
The Internet standard protocol to transfer electronic mail messages from one computer to another. It specifies how two mail
systems interact, as well as the format of control messages they exchange to transfer mail.
Analyzing hyperlinks, database connectivity, and user access.
You will have to hire staff to keep the site running, process orders, and (possibly) obtain products, and contact
Encryption that uses the same key to encrypt and decrypt information.
As you prepare your business plan, make sure that you understand the nature of your Web site.
A merchant can delegate responsibilities to other organizations to save time and expense.
- Attacks, such as IP spoofing, packet sniffing, and social engineering, designed to thwart access control and authentication.
- Traffic analysis software
- Automated software that determines statistics and puts them into human readable form.
- A trust relationship is a logical link that combines two domains into a single administrative unit. With appropriate trust relationships in place, users from a trusted domain can access resources in a trusting domain transparently.
- Trust chaining
- The ability for businesses to work together and process only that information they need. Each business along the chain must trust the other implicitly for the entire process to work.
- The repository for digital cash. Wallet software resides on a client's computer. The client must "fill" a wallet before using it on an e-commerce site. Also, the e-commerce site has to support the particular wallet software the client is using.
Network Security Essentials