CHAPTER 12: ELECTRONIC COMMERCE Explorer, has made accessing the Internet a

SYSTEMS simple task. The Internet thus became the

domain of everyday people with PCs rather
Electronic commerce involves the electronic than just scientists and computer hackers. As
processing and transmission of data. This a result, the Web has grown exponentially
broad definition encompasses many diverse and continues to grow daily.
activities, including the electronic buying and
selling of goods and services, online delivery Packet Switching
of digital products, electronic funds transfer The Internet employs communications
(EFT), electronic trading of stocks, and direct technologies based on packet switching.
consumer marketing. Electronic commerce is Figure 12-1 illustrates this technique,
not an entirely new phenomenon; many whereby messages are divided into small
companies have engaged in electronic data packets for transmission. Individual packets
interchange (EDI) over private networks for of the same message may take different
decades. routes to their destinations. Each packet
contains address and sequencing codes so
Internet Commerce
they can be reassembled into the original
Internet commerce has enabled thousands of complete message at the receiving end.
business enterprises of all sizes, as well as
millions of consumers, to congregate and The choice of transmission path is
interact in a worldwide virtual shopping mall. determined according to criteria that achieve
Along with enormous opportunities, optimum utilization of the long-distance
however, the electronic marketplace has lines, including the degree of traffic
engendered unique risks. congestion on the line, the shortest path
between the end points, and the line status
INTERNET TECHNOLOGIES of the path (that is, working, failed, or
The Internet was originally developed for the experiencing errors). Network switches
U.S. military and later became used widely provide a physical connection for the
for academic and government research. Over addressed packets only for the duration of
recent years, it has evolved into a worldwide the message; the line then becomes available
information highway. This growth is to other users. The first international
attributed to three factors. First, in 1995, standard for wide area packet switching
national commercial telecommunications networks was X.25, which was defined when
companies such as MCI, Sprint, and UUNET all circuits were analog and very susceptible
took control of the backbone elements of the to noise. Subsequent packet technologies,
Internet and have continued to enhance such as frame relay and SMDS (Switched
their infrastructures. Large Internet service Multimegabit Data
providers (ISPs) can link into these backbones Service), were designed for today’s almost
to connect their subscribers, and smaller ISPs error-free digital lines.
can connect directly to the national
backbones or into one of the larger ISPs. Virtual Private Networks
Second, online services like CompuServe and A virtual private network (VPN) is a private
America Online connect to the Internet for e- network within a public network. For years,
mail, which enables users of different common carriers have built VPNs, which are
services to communicate with each other. private from the client’s perspective, but
Third, the development of graphics-based physically share backbone trunks with other
Web browsers, such as Microsoft’s Internet users. VPNs have been built on X.25 and
frame-relay technologies. Today, Internet Internet user visits a Web site, his or her
based point of entry is typically the site’s
VPNs are of great interest. Maintaining homepage. This HTML document serves as a
security and privacy in this setting, however, directory to the site’s contents and other
requires encryption and authentication pages. Through browsers, the Web provides
controls discussed later in the chapter. point-and-click access to the largest
collection of online information in the world.
Extranets
Another variant on Internet technology is the The Web has also become a multimedia
extranet. This is a password-controlled delivery system that supports audio, video,
network for private users rather than the videoconferencing, and three-dimensional
general public. Extranets are used to provide animation. The ease of Web page creation
access between trading partner internal and navigation via browsers has driven the
databases. Internet sites containing unprecedented growth of the Web. In 1994,
information intended for private there were approximately 500 Web sites in
consumption frequently use an extranet the world; today there are millions.
configuration.
Internet Addresses
World Wide Web The Internet uses three types of addresses
The World Wide Web (Web) is an Internet for communications: (1) e-mail addresses, (2)
facility that links user sites locally and around Web site URL
the world. In 1989, Tim Berners-Lee of the Addresses, and (3) Internet protocol (IP)
European Center for Nuclear Research in addresses of individual computers attached
Geneva developed the Web as a means of to a network.
sharing nuclear research information over
the Internet. The fundamental format for the E-MAIL ADDRESS. The format for an e-mail
Web is a text document called a Web page address is USER NAME@DOMAIN NAME. For
that has embedded HyperText Markup example, the address of the author of this
Language (HTML) codes that provide the textbook is [email protected]. There are no
formatting for the page as well as hypertext spaces between any of the words. The user
links to other pages. The linked pages may be name (or in this case, the user identification
stored on the same server or anywhere in [ID]) is jah0. A domain name is an
the world. HTML codes are simple organization’s unique name combined with a
alphanumeric characters that can be typed top-level domain (TLD) name. In the previous
with a text editor or word processor. Most example, the unique name is lehigh and the
word processors support Web publishing TLD is edu. Following are examples of TLD
features that allow text documents to be names:
converted to HTML format. Web pages are .com commercial
maintained at Web sites, which are .net network provider
computer servers that support HyperText .org nonprofit organization
Transfer Protocol (HTTP). The pages are .edu education and research
accessed and read via a Web browser such as .gov government
Internet Explorer. .mil military agency
.int international intergovernmental
To access a Web site, the user enters the
Uniform Resource Locator (URL) address of URL ADDRESS. The URL is the address that
the target site in the Web browser. When an defines the path to a facility or file on the
Web. URLs are typed into the browser to look at the meaning of this term. Protocols
access Web site home pages and individual are the rules and standards governing the
Web pages and can be embedded in design of hardware and software that permit
Web pages to provide hypertext links to users of networks, which different vendors
other pages. The general format for a URL is have manufactured, to communicate and
protocol prefix, domain name, subdirectory share data.
name, and document name. The entire URL The general acceptance of protocols within
is not always needed. For example, to access the network community provides both
the South-Western Publishing home page, standards and economic incentives for the
only the following protocol and domain manufacturers of hardware and software.
name are required: Products that do not comply with prevailing
http://www.cengage.com/accounting/hall protocols will have little value to prospective
The protocol prefix is http:// and the domain customers.
name is www.cengage.com/accounting/hall
From this home page, the user can activate The data communications industry borrowed
hyperlinks to other pages as desired. The the term protocol from the diplomatic
user can go directly to a linked page by community. Diplomatic protocols define the
providing the complete address and rules by which the representatives of nations
separating the address components with communicate and collaborate during social
slashes. For example, and official functions. These formal rules of
http://www.cengage.com/accounting/hall conduct are intended to avoid international
problems that could arise through the
IP ADDRESS. Every computer node and host misinterpretation of ambiguous signals
attached to the Internet must have a unique passed between diplomatic counterparts.
Internet Protocol The greatest potential for error naturally
(IP) address. For a message to be sent, the IP exists between nations with vastly dissimilar
addresses of both the sending and the cultures and conventions for behavior.
recipient nodes must be provided. Currently, Establishing a standard of conduct through
IP addresses are represented by a 32-bit data protocols, which all members of the
packet. The general format is four sets of diplomatic community understand and
numbers separated by periods. The practice, minimizes the risk of
decomposition of the code into its miscommunications between nations of
component parts varies depending on the different cultures.
class to which it is assigned. Class A, class B,
and class C coding schemes are used for An analogy may be drawn to data
large, medium, and small networks, communications. A communications network
respectively. To illustrate the coding is a community of computer users who also
technique, the IP address must establish and maintain unambiguous
128.180.94.109 translates into: lines of communication. If all network
members had homogeneous needs and
128.180 Lehigh University operated identical systems, this would not be
94 Business Department faculty server much of a problem; however, networks are
109 A faculty member’s office computer characterized by heterogeneous systems
(node) components. Typically, network users
employ hardware devices (PC, printers,
PROTOCOLS
monitors, data storage devices, modems, and
The word protocol has been used several
so on) and software (user applications,
times in this section. Let’s now take a closer
network control programs, and operating Manufacturers must, of course, construct
systems) that a variety of vendors produce. these products in accordance with
Passing messages effectively from device to established protocols.
device in such a multivendor environment
requires ground rules or protocols. The Layered Approach to Network Protocol
The first networks used several different
What Functions Do Protocols Perform? protocols that emerged in a rather
Protocols serve network functions in several haphazard manner. These protocols often
ways. provided poor interfaces between devices
First, they facilitate the physical connection that actually resulted in incompatibilities.
between the network devices. Through Also, early protocols were structured and
protocols, devices are able to identify inflexible, thus limiting network growth by
themselves to other devices as legitimate making system changes difficult. A change in
network entities and initiate (or terminate) a the architecture at a node on the network
communications session. could have an unpredictable effect on an
Second, protocols synchronize the transfer of unrelated device at another node. Technical
data between physical devices. This involves problems such as these can translate into
defining the rules for initiating a message, unrecorded transactions, destroyed audit
determining the data transfer rate between trails, and corrupted databases. Out of this
devices, and acknowledging message receipt. situation emerged the contemporary model
Third, protocols provide a basis for error of layered protocols. The purpose of a
checking and measuring network layered-protocol model is to create a
performance. This is done by comparing modular environment that reduces
measured results against expectations. For complexity and permits changes to one layer
example, performance measures pertaining without adversely affecting another.
to storage device access times, data
transmission rates, and modulation The data communication community,
frequencies are critical to controlling the through the International Standards
network’s function. Thus, the identification Organization, has developed a layered set of
and correction of errors depend on protocol protocols called the Open System Interface
standards that define acceptable (OSI). The OSI model provides standards by
performance. which the products of different
Fourth, protocols promote compatibility manufacturers can interface with one
among network devices. another in a seamless interconnection at the
To transmit and receive data successfully, the user level. This seven-layer protocol model is
various devices involved in a particular discussed in detail in the appendix.
session must conform to a mutually
acceptable mode of operation, such as INTERNET PROTOCOLS
synchronous, asynchronous and duplex, or Transfer Control Protocol/Internet Protocol
half-duplex. Without protocols to provide (TCP/IP) is the basic protocol that permits
such conformity, messages sent between communication between Internet sites. It
devices would be distorted and garbled. was invented by Vinton Cerf and Bob Kah
Finally, protocols promote network designs under contract from the U.S. Department of
that are flexible, expandable, and cost- Defense to network dissimilar systems. This
effective. Users are free to change and protocol controls how individual packets of
enhance their systems by selecting from the data are formatted, transmitted, and
best offerings of a variety of vendors. received. This is known as a reliable protocol
because delivery of all the packets to a
destination is guaranteed. If delivery is
interrupted by hardware or software failure, Security Protocols
the packets are automatically retransmitted. Secure Sockets Layer (SSL) is a low-level
encryption scheme used to secure
The TCP portion of the protocol ensures that transmissions in higher level
the total number of data bytes transmitted HTTP format.
was received.
Private Communications Technology (PCT) is
The IP component provides the routing a security protocol that provides secure
mechanism. Every server and computer in a transactions over the Web. PCT encrypts and
TCP/IP network requires an IP address, which decrypts a message for transmission. Most
is either permanently assigned or Web
dynamically assigned at start-up. The IP part Browsers and servers support PCT and other
of the TCP/IP protocol contains a network popular security protocols such as SSL.
address that is used to route messages to
different networks. Secure Electronic
Transmission is an encryption scheme
Although TCP/IP is the fundamental developed by a consortium of technology
communications protocol for the Internet, firms and banks
the following are some of the more common (Netscape, Microsoft, IBM, Visa, MasterCard,
protocols that are used for specific tasks. and so on) to secure credit card transactions.
Customers making credit card purchases over
File Transfer Protocols the Internet transmit their encrypted credit
File Transfer Protocol (FTP) is used to card number to the merchant, who then
transfer text files, programs, spreadsheets, transmits the number to the bank. The bank
and databases across the Internet. TELNET is returns an encrypted acknowledgment to the
a terminal emulation protocol used on merchant. The customer need not worry
TCP/IP-based networks. It allows users to run about an unscrupulous merchant decrypting
programs and review data from a remote the customer’s credit card number and
terminal or computer. TELNET is an inherent misusing the information.
part of the
TCP/IP communications protocol. While both Privacy Enhanced Mail (PEM) is a standard
protocols deal with data transfer, FTP is for secure e-mail on the Internet. It supports
useful for downloading entire files from the encryption, digital signatures, and digital
Internet; TELNET is useful for perusing a file certificates as well as both private and public
of data as if the user were actually at the key methods (which will be discussed later).
remote site.
Network News Transfer Protocol
Mail Protocols Network News Transfer Protocol (NNTP) is
Simple Network Mail Protocol (SNMP) is the used to connect to Usenet groups on the
most popular protocol for transmitting e-mail Internet. Usenet
messages. News reader software supports the NNTP
Other e-mail protocols are Post Office protocol.
Protocol and Internet Message Access
Protocol. HTTP and HTTP-NG
HTTP controls Web browsers that access the XBRL (discussed in Chapter 8) HTML does not
Web. When the user clicks on a link to a Web support the exchange of information in a
page, a connection is established and the relational form that can be automatically
Web page is displayed, then the connection imported into the receiving organization’s
is broken. internal database and analyzed.

Hyper-Text Transport Protocol–Next BENEFITS FROM INTERNET COMMERCE

Generation (HTTP-NG) is an enhanced
version of the HTTP protocol that maintains Virtually all types of businesses have
the simplicity of HTTP while adding benefited in some way from Internet
important features such as security and commerce. Some potentially significant
authentication. benefits include:

HTML-Hyper Text Markup Language (HTML)  Access to a worldwide customer

is the document format used to produce and/or supplier base.
Web pages. HTML defines the page layout,  Reductions in inventory investment
fonts, and graphic elements as well as and carrying costs.
hypertext links to other documents on the  The rapid creation of business
Web. partnerships to fill market niches as
they emerge.
HTML is used to lay out information for  Reductions in retail prices through
display in an appealing manner such as one lower marketing costs.
sees in magazines and newspapers. The  Reductions in procurement costs.
ability to lay out text and graphics (including  Better customer service.
pictures) is important in terms of appeal to
users in general. Even more pertinent is INTERNET BUSINESS MODELS
HTML’s support for hypertext links in text Not all organizations enjoy all the benefits
and graphics that enable the reader to previously listed. The benefits attained from
virtually jump to another document located electronic commerce will depend on the
anywhere on the World degree of organizational commitment to it as
Wide Web. a business strategy. This can occur on three
levels, discussed in the following section.
Advances in Internet technology and
connectivity have moved corporations INFORMATION LEVEL. At the information
toward disclosure of corporate financial level of activity, an organization uses the
information in a form compatible with Internet to display information about the
standard Web-browsing tools. In this way, company, its products, services, and business
investors and analysts may have access to policies. This level involves littlemore than
current corporate information. creating a Web site, and it is the first step
Dissemination of HTMLbased financial taken by most firms entering the Internet
reports, however, is limited to presentation marketplace. When customers access the
only. If the receiving organization wishes to Web site, they generally first visit the home
perform computer analysis on this page. This is an index to the site’s contents
information, such as comparing performance through other Web pages. Large
of several corporations within an industry, it organizations often create and manage their
must manually enter the financial data into Web sites internally. Smaller companies have
its system for processing. Unlike XML and their sites hosted on servers that an ISP
maintains. To be successful at this level, the transaction level, firms involved in this aspect
organization must ensure that: of electronic commerce are concerned that
(1) Information displayed on the Web site is products are delivered successfully and only
current, complete, and accurate; to legitimate customers.
(2) Customers can find the site and
successfully navigate through it; RISKS ASSOCIATED WITH ELECTRONIC
(3) An adequate hardware and software COMMERCE
infrastructure exists to facilitate quick access Reliance on electronic commerce poses
during high-usage periods; and concern about unauthorized access to
(4) Only authorized users access information confidential information. As LANs become
on the site. the platform for mission-critical applications
and data, proprietary information, customer
TRANSACTION LEVEL. Organizations involved data, and financial records are at risk.
at the transaction level use the Internet to Organizations connected to their customers
accept orders from customers and/or to and business partners via the Internet are
place them with their suppliers. This involves particularly exposed. Without adequate
engaging in business activities with total protection, firms open their doors to
strangers from remote parts of the world. computer hackers, vandals, thieves, and
These may be customers, suppliers, or industrial spies both internally and from
potential trading partners. Many of the risks around the world.
that are discussed later in the chapter relate
to this (and to the next) level of electronic The paradox of networking is that networks
commerce. Success in this domain involves exist to provide user access to shared
creating an environment of trust by resolving resources, yet the most important objective
the key concerns listed here: of any network is to control such access.
 Ensure that data used in the Hence, for every productivity argument in
transaction are protected from favor of remote access, there is a security
misuse. argument against it.
 Verify the accuracy and integrity of
business processes used by the Organization management constantly seeks
potential customer, partner, or balance between increased access and the
supplier. associated business risks.
 Verify the identity and physical In general, business risk is the possibility of
existence of the potential loss or injury that can reduce or eliminate an
customer, partner, or supplier. organization’s ability to achieve its
 Establish the reputation of the objectives. In terms of electronic commerce,
potential customer, partner, or risk relates to the loss, theft, or destruction
supplier. of data as well as the use of computer
programs that financially or physically harm
an organization.
The following sections deal with various
DISTRIBUTION LEVEL. Organizations
forms of such risk. This includes intranet risks
operating on the distribution level use the
posed by dishonest employees who have the
Internet to sell and deliver digital products to
technical knowledge and position to
customers. These include subscriptions to
perpetrate frauds, and Internet risks that
online news services, software products and
threaten both consumers and business
upgrades, and music and video products. In
entities.
addition to all the concerns identified at the
 1. INTRANET RISKS Access to Corporate Databases
Intranets consist of small LANs and large Intranets connected to central corporate
WANs that may contain thousands of databases increase the risk that an employee
individual nodes.3 will view, corrupt, change, or copy data.
Intranets are used to connect employees Social security numbers, customer listings,
within a single building, between buildings credit card information, recipes, formulas,
on the same physical campus, and between and design specifications may be
geographically dispersed locations. Typical downloaded and sold. Outsiders have bribed
intranet activities include e-mail routing, employees who have access privileges to
transaction processing between business financial accounts to electronically write off
units, and linking to the outside Internet. an account receivable or erase an
Unauthorized and illegal employee activities outstanding tax bill. A Computer Security
internally spawn intranet threats. Their Institute (CSI) study reported that financial
motives for doing harm may be vengeance fraud losses of this sort averaged $500,000.4
against the company, the challenge of A previous CSI study found that the average
breaking into unauthorized files, or to profit loss from corporate espionage was more
from selling trade secrets or embezzling than $1 million. Total losses from insider
assets. The threat from employees (both trade secret theft have been estimated to
current and former) is significant because of exceed $24 billion per year.
their intimate knowledge of system controls
and/or the lack of controls. Privileged Employees
We know from earlier chapters that an
Discharged employees, or those who leave organization’s internal controls are typically
under contentious circumstances, raise aimed at lower-level employees. According
particular concerns. to the CSI study, however, middle managers,
Trade secrets, operations data, accounting who often possess access privileges that
data, and confidential information to which allow them to override controls, are most
the employee has access are at greatest risk. often prosecuted for insider crimes.5
Information systems employees within the
Interception of Network Messages organization are another group empowered
The individual nodes on most intranets are with override privileges that may permit
connected to a shared channel across which access to mission-critical data.
travel user IDs, passwords, confidential e-
mails, and financial data files. The Reluctance to Prosecute
unauthorized interception of this information A factor that contributes to computer crime
by a node on the network is called sniffing. is many organizations’ reluctance to
The exposure is even greater when the prosecute the criminals.
intranet is connected to the Internet. According to the CSI study, this situation is
Network administrators routinely use improving. In 1996, only 17 percent of the
commercially available sniffer software to firms that experienced an illegal intrusion
analyze network traffic and to detect reported it to a law enforcement agency. In
bottlenecks. Sniffer software, however, can 2002, 75 percent of such crimes were
also be downloaded from the Internet. In the reported. Of the 25 percent that did not
hands of a computer criminal, sniffer report the intrusions, fear of negative
software can be used to intercept and view publicity was the most common cited
data sent across a shared intranet channel. justification for their silence.
Many computer criminals are repeat THEFT OF CREDIT CARD NUMBERS. The
offenders. Performing background checks on perception that the Internet is not secure for
prospective employees can significantly credit card purchases is considered to be the
reduce an organization’s hiring risk and avoid biggest barrier to electronic commerce.
criminal acts. In the past, employee Some Internet companies are negligent or
backgrounding was difficult to achieve even fraudulent in the way they collect, use,
because former employers, fearing legal and store credit card information. One
action, were reluctant to disclose negative hacker successfully stole 100,000 credit card
information to prospective employers. A no numbers with a combined credit limit of $1
comment policy prevailed. billion from an Internet service provider’s
customer files. He was arrested when he
The relatively new legal doctrine of negligent tried to sell the information to an undercover
hiring liability is changing this. This doctrine FBI agent.
effectively requires employers to check into
an employee’s background. Increasingly, Another fraud scheme involves establishing a
courts are holding employers responsible for fraudulent business operation that captures
criminal acts that employees, both on and off credit card information. For example, the
the job, perpetrated if a background check company may take orders to deliver flowers
could have prevented crimes. Many states on Mother’s Day. When the day arrives, the
have passed laws that protect a former company goes out of business and
employer from legal action when providing disappears from the Web. Of course, the
work-related performance information about flowers are never delivered, and the
a former employee when (1) the inquiry perpetrator either sells or uses the credit
comes from a prospective employer, (2) the card information.
information is based on credible facts, and
(3) the information is given without malice. THEFT OF PASSWORDS. One form of Internet
fraud involves establishing a Web site to
2. INTERNET RISKS steal a visitor’s password. To access the Web
This section looks at some of the more page, the visitor is asked to register and
significant risks associated with Internet provide an e-mail address and password.
commerce. First the risks related to Many people use the same password for
consumer privacy and transaction security different applications such as ATM services,
are examined. The risk to business entities e-mail, and employer-network access. In the
from fraud and malicious acts are then hopes that the Web site visitor falls into this
reviewed. pattern of behavior, the cyber-criminal uses
the captured password to break into the
A. RISKS TO CONSUMERS victim’s accounts.
As more and more people connect to the
Web, Internet fraud increases. Because of CONSUMER PRIVACY. Concerns about the
this, many consumers view the Internet as an lack of privacy discourage consumers from
unsafe place to do business. In particular, engaging in Internet commerce. One poll
they worry about the security of credit card revealed that:
information left on Web sites and the  Almost two-thirds of non-Internet
confidentiality of their transactions. Some of users would start using the Internet
the more common threats to consumers if they could be assured that their
from cyber criminals are discussed here.
 personal information was used. For example, the cookie may be used
protected. to create a profile of user preferences for
 Privacy is the number one reason marketing purposes. The profile could be
that individuals are avoiding based on the pages accessed or the options
Internet commerce. selected during the site visit, the time of day
or night of the visit, and the length of time
Many coalitions have been formed to lobby spent at the site. The profile could also
for stronger privacy measures. The Center for include the user’s e-mail address, zip code,
Democracy and Technology (CDT), Electronic home phone number, and any other
Frontier Foundation (EFF), and Electronic information the user is willing to provide to
Privacy Information Center (EPIF) are three the Web site.
prominent groups. One aspect of privacy
involves the way in which Web sites capture This type of information is useful to online
and use cookies. marketing firms that sell advertising for
thousands of Internet firms that sell goods
Cookies are files containing user information and services. The user profile enables the
that are created by the Web server of the marketing firm to customize ads and to
site being visited. target them to Internet consumers. To
illustrate, let’s assume a user visiting an
The cookies are then stored on the visitor’s online bookstore browses sports car and
computer hard drive. They contain the URLs automobile racing listings. This information is
of visited sites. When the site is revisited, the stored in a cookie and transmitted to the
user’s browser sends the specific cookies to online marketing firm, which then sends
the Web server. The original intent behind JavaScript ads for general automotive
the cookie was to improve efficiency in products to the bookstore’s Web page to
processing return visits to sites where users entice the visitor to click on the ads. Each
are required to register for services. For time the consumer visits the site, the
example, on the user’s first visit to a contents of the cookie will be used to trigger
particular Web site, the URL and user ID may the appropriate ads. User profile information
be stored as a cookie. On subsequent visits, can also be compiled into a mailing list,
the Web site retrieves the user ID, thus which is sold and used in the traditional way
saving the visitor from rekeying the for solicitation.
information.
COOKIES AND CONSUMER SECURITY.
Cookies allow Web sites to off-load the Another concern over the use of cookies
storage of routine information about vast relates to security. Cookies are text (.txt) files
numbers of visitors. that can be read with any text editor. Some
It is far more efficient for a Web server to Web sites may store user passwords in
retrieve this information from a cookie file cookies. If the passwords are not encrypted
stored on the user’s computer than to search (discussed later) before being stored, anyone
through millions of such records stored at with access to the computer can retrieve the
the Web site. Most browsers have cookies and the passwords. Thus, when
preference options to disable cookies or to multiple employees share a computer in the
warn the user before accepting one. workplace, all users of the computer may
review the cookies file, which is stored in a
The privacy controversy over cookies relates common directory.
to what information is captured and how it is
A related form of risk comes from criminal or attacks are: SYN flood, smurf, and distributed
malicious Web sites. As the user browses the denial of service (DDos).
site, a JavaScript program may be uploaded
to the user’s computer. The program secretly SYN Flood Attack. When a user establishes a
scans the hard drive for the cookies file and connection on the Internet through TCP/IP, a
copies it to the Web site, where it is three-way handshake takes place. The
reviewed for passwords and other personal connecting server sends an initiation code
data. called a SYN (SYNchronize) packet to the
receiving server. The receiving server then
B. RISKS TO BUSINESSES acknowledges the request by returning a
Business entities are also at risk from SYNchronize–ACKnowledge (SYN-ACK)
Internet commerce. IP spoofing, denial of packet. Finally, the initiating host machine
service attacks, and malicious programs are responds with an CK packet code. The SYN
three significant concerns. flood attack is accomplished by not sending
the final acknowledgment to the server’s
IP SPOOFING. IP spoofing is a form of SYN-ACK response, which causes the server
masquerading to gain unauthorized access to to keep signaling for acknowledgement until
a Web server and/or to perpetrate an the server times out.
unlawful act without revealing one’s identity.
To accomplish this, a perpetrator modifies The individual or organization perpetrating
the IP address of the originating computer to the SYN flood attack transmits hundreds of
disguise his or her identity. A criminal may SYN packets to the targeted receiver, but
use IP spoofing to make a message appear to never responds with an ACK to complete the
be coming from a trusted or authorized connection. As a result, the ports of the
source and thus slip through control systems receiver’s server are clogged with incomplete
designed to accept transmissions from communication requests that prevent
certain (trusted) host computers and block legitimate transactions from being received
out others. This technique could be used to and processed.
crack into corporate networks to perpetrate
frauds, conduct acts of espionage, or destroy Organizations under attack thus may be
data. For example, a hacker may spoof a prevented from receiving Internet messages
manufacturing firm with a false sales order for days at a time. If the target organization
that appears to come from a legitimate could identify the server that is launching the
customer. If the spoof goes undetected, the attack, a firewall could be programmed to
manufacturer will incur the costs of ignore all communication from that site.
producing and delivering a product that was Such attacks, however, are
never ordered. Difficult to prevent because they use IP
spoofing to disguise the source of the
DENIAL OF SERVICE ATTACK. A denial of messages. IP spoofing programs that
service attack (Dos) is an assault on a Web randomize the source address of the attacker
server to prevent it from servicing its have been written and publicly distributed
legitimate users. Although such attacks can over the Internet. Therefore, to the receiving
be aimed at any type of Web site, they are site, it appears that the transmissions are
particularly devastating to business entities coming from all over the Internet.
that are prevented from receiving and
processing business transactions from their Smurf Attack. A smurf attack involves three
customers. Three common types of Dos parties: the perpetrator, the intermediary,
and the victim. It is accomplished by each network firewall and thus eliminate the
exploiting an Internet maintenance tool intermediary’s role. In response to this move,
called a ping, which is used to test the state however, attackers have developed tools to
of network congestion and determine search for networks that do not disable
whether a particular host computer is broadcast addressing. These networks may
connected and available on the network. The subsequently be used as intermediaries in
ping works by sending an echo request smurf attacks. Also, perpetrators have
message (like a sonar ping) to the host developed tools that enable them to launch
computer and listening for a response smurf attacks simultaneously from multiple
message (echo reply). The ping signal is intermediary networks for maximum effect
encapsulated in a message packet that also on the victim.
contains the return IP address of the sender.
A functioning and available host must return Distributed Denial of Service. A distributed
an echo reply message that contains the denial of service (DDos) attack may take the
exact data received in the echo request form of a SYN flood or smurf attack. The
message packet. distinguishing feature of the DDos is the
sheer scope of the event. The perpetrator of
The perpetrator of a smurf attack uses a a DDos attack may employ a virtual army of
program to create a ping message packet so-called zombie or bot (robot) computers to
that contains the forged IP address of the launch the attack. Because vast numbers of
victim’s computer (IP spoofing) rather than unsuspecting intermediaries are needed, the
that of the actual source computer. attack often involves one or more Internet
The ping message is then sent to the Relay Chat (IRC) networks as a source of
intermediary, which is actually an entire zombies. IRC is a popular interactive service
subnetwork of computers. on the Internet that lets thousands of people
from around the world engage in real-time
By sending the ping to the network’s IP communications via their computers.
broadcast address, the perpetrator ensures
that each node on the intermediary network The problem with IRC networks is that they
receives the echo request automatically. tend to have poor security. The perpetrator
Consequently, each intermediary node sends can thus easily access the IRC and upload a
echo responses to the ping message, which malicious program such as a Trojan horse
are returned to the victim’s IP address, not (see the appendix in Chapter
that of the source computer. The resulting 16 for a definition), which contains DDos
flood echoes can overwhelm the victim’s attack script. This program is subsequently
computer and cause network congestion that downloaded to the PCs of the many
makes it unusable for legitimate traffic. thousands of people who visit the IRC site.
The attack program runs in the background
The intermediary in a smurf attack is an on the new zombie computers, which are
unwilling and unaware party. Indeed, the now under the control of the perpetrator.
intermediary is also a victim and to some These collections of compromised computers
extent suffers the same type of network are known as botnets. Via the zombie control
congestion problems the target victim program, the perpetrator has the power to
suffers. direct the DDos to specific victims and turn
on or off the attack at will. The DDos attack
One method of defeating smurf attacks is to poses a far greater threat to the victim than a
disable the IP broadcast addressing option at traditional SYN flood or smurf attack. For
instance, a SYN flood coming from thousands ciphertext is decoded (decrypted) back into
of distributed computers can do far more clear text.
damage than one from a single computer.
Also, a smurf attack coming from a The earliest encryption method is called the
subnetwork of intermediary computers all Caesar cipher, which Julius Caesar is said to
emanate from the same server. In time, the have used to send coded messages to his
server can be located and isolated by generals in the field. Like modern-day
programming the victim’s firewall to ignore encryption, the Caesar cipher has two
transmissions from the attacking site. fundamental components: a key and an
algorithm.
The DDos attack, on the other hand, literally
comes from sites all across the Internet. The key is a mathematical value that the
Thousands of individual attack computers are sender selects. The algorithm is the
harder to track down and turn off. procedure of shifting each letter in the clear
text message the number of positions that
the key value indicates. Thus, a key value of
SECURITY, ASSURANCE, AND TRUST þ3 would shift each letter three places to the
right. For example, the letter A in clear text
Trust is the catalyst for sustaining electronic would be represented as the letter D in the
commerce. Both consumers and businesses cipher text message. The receiver of the
are drawn to organizations that are cipher text message reverses the process to
perceived to have integrity. decode it and recreates the clear text, in this
case shifting each cipher text letter three
Organizations must convey a sense that they places to the left. Obviously, both the sender
are competent and conduct business fairly and receiver of the message must know the
with their customers, trading partners, and key.
employees. This is a two-pronged problem.
First, the company must implement the Modern-day encryption algorithms, however,
technological infrastructure and controls are far more complex, and encryption keys
needed to provide for adequate security. may be up to 128 bits in length. The more
Second, the company must assure potential bits in the key, the stronger the encryption
customers and trading partners that method. Today, nothing less than 128-bit
adequate safeguards are in place and algorithms are considered truly secure. Two
working. A large part of data security commonly used methods of encryption are
involves data encryption, digital private key and public key encryption.
authentication, and firewalls.
Advanced encryption standard (AES), also
1. ENCRYPTION known as Rijndael, is a private key (or
Encryption is the conversion of data into a symmetric key) encryption technique. The
secret code for storage in databases and U.S. government has adopted it as an
transmission over networks. encryption standard. To encode a message,
the sender provides the encryption algorithm
The sender uses an encryption algorithm to with the key, which produces the ciphertext
convert the original message (called message.
cleartext) into a coded equivalent (called
ciphertext). At the receiving end, the
This is transmitted to the receiver’s location, transmitted message originated with the
where it is decoded using the same key to authorized sender and that it was not
produce a clear text tampered with after the signature was
Message. Because the same key is used for applied.
coding and decoding, control over the key
becomes an important security issue. The The digital signature is derived from a
more individuals that need to exchange mathematically computed digest of the
encrypted data, the greater the chance that document that has been encrypted with the
the key will become known to an intruder sender’s private key. Both the digital
who could intercept a message and read it, signature and the text message are
change it, delay it, or destroy it. encrypted using the receiver’s public key and
transmitted to the receiver. At the receiving
To overcome this problem, public key end, the message is decrypted using the
encryption was devised. This approach uses receiver’s private key to produce the digital
two different keys: one for encoding signature (encrypted digest) and the clear
messages and the other for decoding them. text version of the message. Finally, the
The recipient has a private key used for receiver uses the sender’s public key to
decoding that is kept secret. The encoding decrypt the digital signal to produce the
key is public and published for everyone to digest. The receiver recalculates the digest
use. Receivers never need to share private from the clear text using the original hashing
keys with senders, which reduces the algorithm and compares this to the
likelihood that they fall into the hands of an transmitted digest. If the message is
intruder. One of the most trusted public key authentic, the two digest values will match. If
encryption methods is Rivest-Shamir- even a single character of the message was
Adleman (RSA). This method is, however, changed in transmission, the digest figures
computationally intensive and much slower will not be equal.
than private key encryption. Sometimes,
both private key and public key encryption Another concern facing the receiver is
are used together in what is called a digital determining if the expected sender actually
envelope. initiated a message.
For example, suppose that the supplier
2. DIGITAL AUTHENTICATION receives a purchase order addressed from
Encryption alone cannot resolve all security Customer A for 100,000 units of product,
concerns. For example, how does the which was actually sent from an unknown
supplier (receiver) know for sure that a computer criminal. Once again, significant
hacker did not intercept and alter a costs would accrue to the supplier if it acts
customer’s (sender) purchase order on this fraudulent order.
(message) for
1,000 units of product to read 100,000? If A digital certificate is like an electronic
such an alteration went undetected, the identification card that is used in conjunction
supplier would incur the labor, material, with a public key encryption system to verify
manufacturing, and distribution costs for the the authenticity of the message sender.
order. Litigation between the innocent Trusted third parties known as certification
parties may ensue. authorities (CAs) (for example, Veri-Sign, Inc.)
issue digital certificates, also called digital
A digital signature is an electronic IDs. The digital certificate is actually the
authentication technique that ensures the sender’s public key that the CA has digitally
signed. The digital certificate is transmitted The network-level firewall provides basic
with the encrypted message to authenticate screening of low-security messages (for
the sender. The receiver uses the example, e-mail) and routes them to their
CA’s public key to decrypt the sender’s public destinations based on the source and
key, which is attached to the message, and destination addresses attached. The
then uses the sender’s public key to decrypt application- level firewall provides high-level
the actual message. network security. These firewalls are
Because public key encryption is central to configured to run security applications called
digital authentication, public key proxies that perform sophisticated functions
management becomes an important internal such as verifying user authentication.
control issue.
4. SEALS OF ASSURANCE
Public key infrastructure (PKI) constitutes the In response to consumer demand for
policies and procedures for administering evidence that a Web-based business is
this activity. A PKI system consists of: trustworthy, a number of trusted third-party
1. A certification authority that issues and organizations are offering seals of assurance
revokes digital certificates. that businesses can display on their Web site
2. A registration authority that verifies the home pages. To legitimately bear the seal,
identity of certificate applicants. The process the company must show that it complies
varies depending on the level of certification with certain business practices, capabilities,
desired. It involves establishing one’s identity and controls.
with formal documents such as a driver’s
license, notarization, fingerprints, and
proving one’s ownership of the public key. Better Business Bureau
3. A certification repository, which is a The BBB is a nonprofit organization that has
publicly accessible database that contains been promoting ethical business practices
current information about current through self-regulation since 1912. The BBB
certificates and a certification revocation list has extended its mission to the Internet
of certificates that have been revoked and through a wholly owned subsidiary called
the reasons for revocation. BBBOnline, Inc. To qualify for the BBBOnline
seal, an organization must:
3. FIREWALLS  Become a member of the BBB.
A firewall is a system used to insulate an  Provide information about the
organization’s intranet from the Internet. It company’s ownership,
can be used to authenticate an outside user management, address, and phone
of the network, verify his or her level of number. This is verified by a
access authority, and then direct the user to physical visit to the company’s
the program, data, or service requested. In premises.
addition to insulating the organization’s  Be in business for at least 1 year.
network from external networks, firewalls  Promptly respond to customer
can also be used to protect LANs from complaints.
unauthorized internal access.  Agree to binding arbitration for
unresolved disputes with
A common configuration employs two customers.
firewalls: a network-level firewall and an The assurance BBB Online provides relates
application-level firewall. primarily to concern about business policies,
ethical advertising, and consumer privacy.
BBB Online does not verify controls over
transaction processing integrity and data
security issues.