Ecommerce Fundamentals

ecommerce Fundamentals - Glossary

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A comprehensive introduction to the underlying technologies of e-commerce is given through this glossary and course.
This glossary explores the full range of technologies, protocols, and techniques necessary for building successful e-commerce sites.
This glossary and course begins with an overview of the Internet and the Web, then quickly move on to explain server-side programming techniques, cryptography and Internet security, and how to take advantage of leading-edge technologies such as mobile agents, WAP, XML, and data mining tools.
Placing this technical know-how in business context, the authors then walk readers through actual e-commerce applications, from Internet payment systems to Web advertising and publishing. A running case study depicting a Virtual Book Store (VBS) .

algorithm: A computable set of steps to achieve a desired result.
asymmetric encryption: A type of encryption that uses one key to encrypt a message and another to decrypt the message. (Also, public-key encryption)
asymmetric key algorithm: An algorithm used for asymmetric encryption.
authentication: The process by which the receiver of a digital message can be confident of the sender's identity. The process used to prove the sender's authenticity is called the digital signature process.
authorization: The process of giving individuals access to system objects based on their identity.
banner ads: Clickable advertisements found on frequently visited Web sites.
certificate: An attachment to an electronic message used for security purposes. A digital certificate is commonly used to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply.
certificate authority (CA): A trusted third-party organization or company that issues digital certificates used to create digital signatures and public/private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be.
cipher: Ciphers are algorithms used to encrypt and decrypt plaintext messages.
ciphertext: Text that has been encrypted by some encryption system.
clickthrough: The process of a visitor clicking on a Web advertisement and going to the advertiser's Web site. The click rate measures the number of times an ad is clicked.
client/server: A network architecture in which each computer or process on the network is either a client, a PC or a workstation for users, or a server, computers dedicated to managing files, devices, or network traffic.
cookie: Pieces of information sent out by Web servers and saved by browsers. Upon subsequent contacts with the same server, the browser will present the cookie.
copyright: Copyright is a form of protection provided to the authors of "original works of authorship," including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished. The copyright protects the form of expression rather than the subject matter of the writing.
Copyright Act: In general, the 1976 Copyright Act gives the owner of copyright the exclusive right to reproduce the copyrighted work, to prepare derivative works, to distribute copies or phonorecords of the copyrighted work, to perform the copyrighted work publicly, or to display the copyrighted work publicly.
cryptanalysis: The science of recovering plaintext messages without knowledge of the key.
cryptography: The science of encrypting and decrypting plaintext messages
Data Encryption Standard (DES): A symmetric key algorithm that is fast and simple to implement.
digital envelope: A type of security that uses two layers of encryption to protect a message. First, the message itself is encoded using symmetric encryption, and then the key to decode the message is encrypted using public-key encryption. This technique overcomes one of the problems of public-key encryption, which is that it is slower than symmetric encryption.
digital signature: A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. Digital signatures are accomplished through the use of message digests. A message digest is text that has been passed through a hash algorithm, such as MD5. Theoretically, once text has passed through a hashing algorithm, the original message can never be retrieved. However, it is possible to compare message digest values during the login process.
digital wallet: Encryption software that works like a physical wallet during electronic commerce transactions. A wallet can hold a user's payment information, a digital certificate to identify the user, and shipping information to speed transactions.
domain name: A name that identifies one or more IP addresses. Domain names are used in URLs to identify particular Web pages.
For example, in the URL http://www.distributednetworks.com/index.php, the domain name is distributednetworks.com.
E-commerce: Business conducted online.
Electronic Data Interchange (EDI): EDI is a messaging protocol meant to ensure that data sent between normally incompatible computers retains its integrity and is formatted consistently. This standard is popular with financial institutions and large businesses who need to communicate large volumes of detailed, repetitive information over company networks. A complete EDI message is called a transaction set. Each message (that is, transaction set) contains information that provides a universal method for formatting documents. In a sense, EDI is a universal translator for documents.
Electronic publishing (EP): The use of computers rather than traditional print mechanisms to produce and distribute information.
encryption: The process of using algorithms, keys and protocols to convert plain text transmissions (which are readable by humans) into cipher text data streams (which are not readable). In regards to e-commerce, encryption usually occurs between clients and servers via SSL.
Extranet: A business-to-business Web site that allows secure access between a company's intranet and designated, authenticated users from remote locations.
firewall: A security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.
Glossary: Each time you click a glossary term, you'll see a window like this displaying the term and its definition. To see the entire glossary, click Show All Terms.
graphical user interface (GUI): A program interface that takes advantage of the computer's graphics capabilities to make the program easier to use.
hacker: A user who breaks into sites for malicious purposes.
hash algorithm: A numeric function that mixes the ordering of input values with the goal of getting an even distribution. (Also, hash function)
hashing: To generate a number from a string of text. The hash number is smaller than the text string.
hyperlink: An element in an electronic document that links to another place in the same document or to an entirely different document. Typically, you click on the hyperlink to follow the link.
HyperText Markup Language (HTML): The authoring language used to create documents on the World Wide Web.
IETF: Short for Internet Engineering Task Force, the main standards organization for the Internet. The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.
impression: An advertisement's appearance on an accessed Web page. For example, if you see two ads on a Web page, that's two impressions. Advertisers use impressions to measure the number of views their ads receive, and publishers often sell ad space according to impressions.
intellectual property: Products such as written materials, musical compositions, trademarks, and other things that are protected by copyright, trademark, or patent law.
inter-company commerce: Transactions conducted between two separate companies that have contracted with each other.
Intra-company commerce: Transactions conducted between two divisions or departments within the same company.
Intranet: A network internal to your company that provides Internet-related solutions, including email, Web sites, HTTP-based transactions, document download (for example, employee forms such as vacation, grievance, and so forth), paging, and extensive information searches. Some corporate intranets provide training programs, goods and services, and access to special offers and deals with other corporations and organizations.
ISP: An Internet Service Provider, a company that provides access to the Internet.
Lanham Act: A 1964 law that was an important early step toward U.S. trademark legislation.
MD5: MD5 is one in the series (including MD2 and MD4) of message digest algorithms developed by Ron Rivest. It involves appending a length field to a message and padding it to a multiple of 512-bit blocks. Each of these 512-bit blocks is fed through a four-round process to result in a 128-bit message digest.
message digest: The representation of text in the form of a single string of digits, created using a formula called a one-way hash function. Encrypting a message digest with a private key creates a digital signature, which is an electronic means of authentication.
narrowcast: To send data to a specific list of recipients.
nonrepudiation: The ability to demonstrate that an information exchange or financial transaction took place.
one-way encryption: A type of encryption in which information is encrypted once and cannot be decrypted. One-way encryption is typically used for creating message digests.
patent: A patent for an invention is the grant of a property right to the inventor, issued by the Patent and Trademark Office. The term of a new patent is 20 years from the date on which the application for the patent was filed in the United States or, in special cases, from the date an earlier related application was filed, subject to the payment of maintenance fees. U.S. patent grants are effective only within the U.S., U.S. territories, and U.S. possessions.
payment gateway: The system (usually software) that interfaces between the merchant and the merchant's bank to perform credit card authorizations.
plaintext: A message before encryption or after decryption, that is, in its usual form that anyone can read, as opposed to its encrypted form, ciphertext.
public-key encryption: A cryptographic system that uses two keys--a public key known to everyone and a private or secret key known only to the recipient of the message.
push publishing: A means of reaching an audience by automatically delivering information, such as news headlines or product updates, directly to a user's computer in a customized format at designated times.
RSA: A standard for public-key cryptosystems named after its inventors, Ron Rivest, Avi Shamir, and Rick Adleman, who developed it in 1978 while working at MIT. Its security is based on factoring very large prime numbers. The size of the key used in RSA is completely variable, but for normal use, a key size of 512 bits is common. In applications where key compromise would have serious consequences or where the security must remain valid for many years into the future, 1024-bit and 2048-bit keys are used.
Secure Electronic Transactions (SET): A standard enabling secure credit card transactions on the Internet.
Secure Hash Algorithm (SHA): This function was developed by the National Institute of Standards and Technology (NIST) and is based heavily on Ron Rivest's MD series of algorithms. The message is first padded with MD5, then fed through four rounds, which are more complex than the ones used in MD5. The resulting message digest is 160 bits long.
Secure Sockets Layer (SSL): A technology embedded in Web servers and browsers that encrypts traffic.
Secure/Multipurpose Internet Mail Extension (S/MIME): A specification for secure electronic mail. S/MIME was designed to add security to email messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption). S/MIME assumes that both the sender and receiver of secure email messages have public/private key pairs and uses the concept of a digital envelope.
service mark: The Lanham Act defines a service mark as one "used in the sale or advertising of service to identify the services of one person and distinguish them from the services of another."
shopping cart: A shopping cart is a piece of software that acts as an online store's catalog and ordering process. Typically, a shopping cart is the interface between a company's Web site and its deeper infrastructure, allowing consumers to select merchandise; review what they have selected; make necessary modifications or additions; and purchase the merchandise.
spam: Unsolicited electronic junk mail, usually sent to a great number of people for solicitation purposes.
Supply chain management: The virtual integration of partners on the supply and process chains.
symmetric encryption: A type of encryption in which the same key is used to encrypt and decrypt the message.
T1: A high-speed (1.5 mbps) connection to the Internet using dial-up leased lines. In some localities, T1 lines can be leased for $3,000.00 per month or less.
targeted email: Email sent as the result of market research and carefully compiled information obtained from a marketing campaign. In spite of such care, many users today still consider target email to be "spam" (that is, the electronic equivalent of junk mail).
trademark: A trademark is a word, name, symbol, or device that is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others.
value-added network (VAN): A value-added network (VAN) enables companies to exchange electronic data interchange (EDI) transactions. A VAN offers multiple services. Foremost among these is its ability to receive, store and then forward EDI messages (called a transaction set). In a sense, a VAN acts as a post office for such messages, because it also helps route the messages through an appropriate path to the destination. When recipients are ready, the VAN can forward messages to them. Therefore, a VAN coordinates activity between busy EDI networks. Finally, a VAN provides additional security, because it acts as a buffer between each organization participating on the network.
value-added resellers (VARs): An entity that purchases equipment from another company, then customizes and markets the equipment.
virtual enterprise: An organization unconstrained by geographic location, and a membership intersecting several traditional organizations. An organization that can do business almost entirely in the electronic world.
virtual private network (VPN): A VPN is an encrypted datastream that exists between two computers. A VPN can exist between a standard client host and a server, between a client and a firewall, or between two firewalls. A VPN allows two parties to use encryption in order to freely communicate across public networks, such as the Internet.
Web server: A central computer system that hosts a Web site and enables remote clients to access the pages of the site.
Web storefront: The part of a virtual enterprise that allows a client/end user to interact with the server-side elements, usually in the form of buying and selling.
World Intellectual Property Organization (WIPO): The World Intellectual Property Organization (WIPO) is an intergovernmental organization with headquarters in Geneva, Switzerland. WIPO is responsible for the promotion of the protection of intellectual property throughout the world through cooperation among nations, and for the administration of various multilateral treaties dealing with the legal and administrative aspects of intellectual property.