COMP315

Technologies for E-Commerce

Aims

  1. To introduce the environment in which e-commerce takes place, the main technologies for supporting e-commerce, and how these technologies fit together;
  2. To introduce security as a major issue in secure e-commerce, and to provide an overview of security issues;
  3. To introduce encryption as a means of ensuring security, and to describe how secure encryption can be delivered;
  4. To introduce issues relating to privacy; and
  5. To  introduce auction protocols and negotiation mechanisms as emerging e-commerce technologies

Syllabus

1.      Introduction (1 week)

  • What is e-commerce? What are the issues in delivering goods and services over the internet? What form do solutions to these problems take?
  • Frameworks for e-commerce; business to business, business to consumer.

2.      Ecommerce basics (3 weeks)

  • The history and architecture of the internet, internet protocols, web servers, ISPs.
  • How e-commerce makes use of the internet, how e-commerce fits into other IT functions, client side and server side processes.
  • Current technologies and their uses. Scripting languages, CGI, ASP, Active X, plugins,XML
  • Future technologies. Shopbots and Pricebots.
  • Electronic marketing, information finding, placement on search engines.
  • Auction mechanisms and interaction protocols.

3.      Web security (2 weeks)

  • The problem of web security; where the weak spots are, denial of service.
  • Host security, Site security, Web server security
  • How firewalls work, how they help.  User safety, secure transactions.

4.      Cryptography (3 weeks)

  • Cryptography basics, history of ciphers, symmetric key algorithms, public key algorithms.
  • Cryptography and the web, existing cryptography systems, RSA, PGP, DES.
  • Message digests, digital signatures, public key infrastructure, certification authorities, digital cash.
  • Secure Sockets Layer, SSLeay, using SSL to ensure secure transactions.
  • Java support for cryptography, Java Cryptography Architecture (JCS), JCE.

5.      Privacy issues (1 week)

  • Log files, cookies, anonymizers.
  • Wire tapping, key escrow and key recovery.

Recommended Texts

Andrew S. Tanenbaum [2002]: Computer Networks. (Prentice Hall)
William Stallings [2005]: Cryptography and Network Security - Principles and Practice. (Prentice Hall)

Learning Outcomes

Upon completing this module, a student will:

  1. understand the main technologies behind e-commerce systems and how these technologies interact;
  2. understand the security issues which relate to e-commerce;
  3. understand how encryption can be provided and how it can be used to ensure secure commercial transactions;
  4. understand implementation aspects of e-commerce and cryptographic systems;
  5. have an appreciation of privacy issues; and
  6. understand auction protocols and interaction mechanisms.

Learning Strategy

Teaching will be mainly by 30 hours of lectures, but will also include practical exercises.