Electronic Commerce Lecture 8. e e -Consumers Internet TCP/IP Needs currencies smartcard Web Server...
-
Upload
evelyn-craig -
Category
Documents
-
view
214 -
download
0
Transcript of Electronic Commerce Lecture 8. e e -Consumers Internet TCP/IP Needs currencies smartcard Web Server...
Electronic Commerce
Lecture 8
ee-Consumers
Inte
rnet
TC
P/I
P
Needs
currencies smartcard
WebServer
HT
TP
For
m
Inp
ut
(CG
I)
Server-SideServer-SideProgrammingProgramming•SSISSI•ASP/JSPASP/JSP•CFMLCFML•ServletsServlets•……
Client-SideClient-SideProgrammingProgramming•JavaScriptJavaScript•VBScriptVBScript•AppletsApplets•……
Clients Servers
Server-SideServer-SideProgrammingProgramming•SSISSI•ASP/JSPASP/JSP•CFMLCFML•ServletsServlets
Client-SideClient-SideProgrammingProgramming•JavaScriptJavaScript•VBScriptVBScript•AppletsApplets
Servers
• Server-side programs
• Written in Java
• http://java.sun.com/products/servlet/
Web Server
JVMCGI Program
CGI Program
SSInclude Servlets (SSIS)
<servlet name=SERVLET_NAME
code=SERVLET.CLASS codebase=PATH_TO_YOUR_SERVLET_CLASS INIT_PARAM1=VALUE1 INIT_PARAM2=VALUE2 INIT_PARAM3=VALUE3…
> <param name=PARAM1 value=PARAM_VALUE1 param name=PARAM2 value=PARAM_VALUE2… >
</servlet>
SSI with Servlets
• Include embedding of Servlets in HTML documents
• Named Servlets will be invoked in the Server side (if they are not loaded)
• Servlets process the SSInclude requests and format necessary information to send along the HTML at the point of invocation.
A Sample Servlet
import java.io.*;import java.sql.*;import javax.servlet.*;import javax.servlet.http.*;
public class DBPhoneLookup extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
Connection con = null; Statement stmt = null; ResultSet rs = null; res.setContentType("text/html");
PrintWriter out = res.getWriter();
try { // Load (and therefore register) the
Oracle Driver
Class.forName("oracle.jdbc.driver.OracleDriver");
// Get a Connection to the database con = DriverManager.getConnection( "jdbc:oracle:thin:dbhost:1528:ORCL",
"user", "passwd"); // Create a Statement object stmt = con.createStatement(); // Execute an SQL query, get a ResultSet rs = stmt.executeQuery("SELECT
NAME, PHONE FROM EMPLOYEES");
// Display the result set as a list out.println("<HTML><HEAD><TITLE>Phonebook</TITLE></HEAD>"); out.println("<BODY>"); out.println("<UL>"); while(rs.next()) { out.println("<LI>" + rs.getString("name") + " " + rs.getString("phone")); } out.println("</UL>"); out.println("</BODY></HTML>"); } catch(ClassNotFoundException e) { out.println("Couldn't load database driver: " + e.getMessage()); } catch(SQLException e) { out.println("SQLException caught: " + e.getMessage()); } finally { // Always close the database connection. try { if (con != null) con.close(); } catch (SQLException ignored) { } } }}
Why Use servlets Over CGI
• Replacement of CGI
• Servlets are written in Java – platform independent (write once run
everywhere)– Hardware independent (WinNT to Unix) without
compiling or changing anything.
• Less resources intensive: CGI takes more memory and time
Servlets over CGI• Persistent: They are loaded once, multiple
threads of the same servlet will handle multiple client requests.
• Fast: Servlets run must faster than CGI scripts written in interpreted languages(Perl).
• More powerful database connectivity: JDBC to connect to different Databases.
• Extensible: since written in Java, brings all benefits of Java (robust, Object Oriented…)
Server-SideServer-SideProgrammingProgramming•SSI/PHP3SSI/PHP3•ASP/JSPASP/JSP•CFMLCFML•ServletsServlets
Client-SideClient-SideProgrammingProgramming•JavaScriptJavaScript•VBScriptVBScript•AppletsApplets
Servers
<html>
<body>
…
<%
On Error Resume Next
rs.MoveFirst
do while Not rs.eof
%>
………...
<%
rs.MoveNext
loop%>
………...
</body>
</html>
Active Server Page
Web Server
Web Browser
Request example3.asp
Establish a Connection with Database
DatabaseSend SQL Statement to database
Retrieve Data from Database by using RecordSets
Open RecordSet & Display Data in HTML Format
Extract Client’s Input(CGI)
Server-Side Program
1. Connect/Open
2. Extract/Update by SQL
3. Format
Inte
rnet
TC
P/I
P
Needs
e-consumers
VBPerlJava
ASPOr
CFML
WebServer
WebData
ProductInformation
Web Technology
WebServer
WebClient Internet
HttpHttp: HHyper TText TTransport PProtocol
Requests
Responses
Maintain State
• Hidden Fields in Forms• SessionID in URL• CookiesExamples:http://lw4fd.law4.hotmail.msn.com/cgi-bin/getmsg?disk=216.33.148.69_d514&login=sungchichu&f=33792&curmbox=ACTIVE&_lang=&msg=MSG949462271.14&start=422884&len=19988https://ww3.janus.com/cgi-bin/gx.cgi/
AppLogic+HomeStaticA?GXHC_gx_session_id_VJ_WEB=70f2fa69ad7e9e69
Web-based Enterprise Computing
• Client-server computing
• ODBC- & JDBC- compliant
• DBMS
• Static vs Dynamic HTML pages
• Java
• COM
• CORBA
• Drumbeat 2000
• X/Open
• Informix, Sybase, Oracle
• CGI programs (Unix shell scripts, C and/or Perl programs)
• HTTP• Applets vs Servlets• API• ASP vs JSP• Lotus Domino, Netscape
Enterprise, IIS, …• SQL• ColdFusion/CFML• XML
Inte
rnet
TC
P/I
P
Needs
e-consumers
WebServer
WebData
ProductInformation
NewProducts
CRM
Customer Relationship Management
• Augment quality of products• Maintain customer intimacy• Move from ‘cold’ order taking & bye to
partnership throughout the whole buying experience for the customer (deliver, product information, billing, installation, repair/return, renewal)
• Competitive advantage and the key core business process
Inte
rnet
TC
P/I
P
Needs
e-consumers
WebServer
WebData
ProductInformation Product Development
(R&D)
Suppliers
Manufacturing Plants
NewProduct
EDI
Data Mining
Chrysler(Source: MIS Quarterly, June 1995)
• Established electronic communication with a few suppliers in 1969– Not adequate– Suppliers did not have current information about
Chrysler’s requirements– Assembly plants did not know exactly the shipment
content– Keep large safety buffers– Costly emergency deliveries when shortage occurred
• 1990: EDI– Over 100$ saved per vehicle– Annual savings amounted to over $220 millions
EDI
• EDI uses syntax that is commonly known between the two communicating parties (compressed, predefined, sequenced)
• No one existing Internet-based tool could interpret all EDI transmissions
• Record keeping includes specific software to be kept along with it
• New users of EDI could not expect immediate deployment without specialized software
Channel &Customers
FrontOffice
BackOffice
Suppliers
e-Commerceee-Businessee-Business
The Extended Enterprise
ee-StoreERPERP CRMCRMSCMSCM CRMCRM
Issues
• How to encode information such that all parties involved will be able to use it?
• How to establish communication between disparate systems over the Internet (instead of private networks)?
• How could the company be reorganized to accept this reverse value chain?
Java & CORBA
• Java“Write Once, Run Any” language since its
announcement April 1995; a short 4 years and its technology is still in development
• CORBAObject-based broker to tie together disparity
information systesms; circa 1989;
CORBA
• Common Object Request Broker Adapter• Object Management Group (OMG), 1989• CORBA 1.1 in 1991, CORBA 3 in 1999• “…allows a distributed,
heterogeneous collection of objects to interoperate.”
• ORB, IDL, & IIOP (Internet Inter-ORB Protocol)
ORB ORB
IIOP IIOP
Client
Server
IDL
IDLServer
IDL
Internet
XML
• Extensible ML – again a descendant of SGML or a subset of
• Work on draft proposal begins July 1996 by the SGML (Standard General Markup Language) ERB (Editorial Review Board)
• XML specification 1.0 in February 1998 (by W3C)
• Participation by Microsoft and Netscape to support the new standard began the ascent to popular acceptance
Two Classes of XML Documents
• Well-formed: conform to XML standard; there exists a structure of its content
• Valid: conform, and adhere to DTD
• Validating vs Non-Validating XML processors/parsers
Creating XML Documents
• Start- and end-tags
• Attribute assignments
• Entity references
• Comments
• Processing instructions
• CDATA sections
• Document type declarations
Start- and End-Tags
• Naming conventions quite like variables in programming language, start with a letter, no spaces, …
• Nesting is allowed<district>
<building>McDonald’s
</building></district>
• Start- and End-Tags are required.– <foo>…</foo>– <foo/> for empty content within a tag
So?
• Standardize information storage in vertical markets
• Tools can be developed easily
• <address> means?
• Good for textual data – human-readable form; not good for floating point numbers (12,304,000.93 or 12 5/16)
XML/EDI
..only an estimated 125,000 organizations worldwide have an EDI system. Furthermore, there are only 80,000 EDI enabled businesses in the US. That works out to less than 2% of the 6.2 million businesses registered in the United States.
http://www.geocities.com/WallStreet/Floor/5815/executive.htm (15-12-99 13:00)
XML/EDI
• New users would adopt XML for interchange of data over the Internet, especially, e-merchants
• Tools are readily available to encode the data and interpret the data in XML format
• XML-encoded data could be either filtered to store in company specific formats and/or for viewing using common Internet-based tools (soon to be available; even in an email)
Other Standards
• http://www.onestandard.com : ??
• http://visualgenomics.com : Bioinformatic Sequence Markup Language (BSML)
• http://www.fpml.com : Financial products Markup Language
Data Mining
• “Knowledge Discovery in databases”• Find patterns (visiting periods), outliners• Analysis market basket (find i-itemset)
– What 2 items appear frequently in a transaction– What sequence of items that were ordered over
time– What items were ordered frequently during a
time period
Data Mining
• Cross Industry Standard Process for Data Mining (CRISP-DM)
http://www.ncr.dk/CRISP/• Consortium of European companies (NCR,
Integrated Systems Limited (ISL), Daimler Benz [now DaimlerChrysler?], OHRA Verzekering en Bankk Groep, B.V.) in July 1997
• First model Jan 1999
CRISP-DM
• Business Understanding– What does the business need and why do we
need the knowledge? Like requirement specification
• Data Understanding– Data collection, quality and quantity
• Data Preparation– Characteristics of datasets and filtering of data
CRISP-DM
• Modeling– Select the modeling technique; neural networks
• Evaluation– Outcome versus objectives
• Deployment– Accept, implement and fit to other business
processes
WAP Forumwww.wapforum.org
• Wireless Application Protocol
T-Business E-Business
e-consumers
Physical Network
HandheldWirelessDevice
Air Space
m-econsumers
Wireless World
• limited memory• restricted CPU• simple interface• low bandwidth• low battery life• high latency• unpredictable availability• unstable transmission• different standards (GSM)
Pre-Wintel World
• limited memory (640KB)• restricted CPU (8088)• simple interface (DOS)• low bandwidth (none)• low battery life (laptop?)• high latency (unbearable)• unpredictable availability• unstable transmission• different standards
WAP Forum
• Founded in June 1997 by Ericsson, Motorola, Nokia and Phone.com
• Now has over 100 members (mid-1999)
• Wireless subscribers reach 1 billion by 2004
• Protocol specification brings together existing Web technology in the wireless telecommunication domain
WAP Forum
• Accelerate needed infrastructure, network equipment, applications, and contents
• Device Independent
• Ease of use & pricing structure
• WML, WMLScript, WTA (Wireless Telephony Applications), microbrowser, WTLS (WirelessTransport Layer Security)
WAP Programming Model
Source: www.wapforum.org
WAP Protocol Stack
Source: www.wapforum.org
Mobile Computing
• Connected wherever you go
• Same environment wherever you are
• Same person whatever you use (smart card)
• Know wherever you are (location-aware systems)
• Any suggestions??
Web Security(based on article by Rubin & Geer, Jr., 9/1999 IEEE Computer)
• Web server configuration (Apache)– Misconfigure– Configuration files in server root directory
• Access to document tree
• Username/Password information
• Permissions
– Web Server should be run as a genuine user (as ‘www’), but not as nobody.
TCP Layers
Application
Transporthost-to-host
NetworkAccess
Physical
Internet
Application
Presentation
Session
Transport
Data Link
Physical
Network
HTTP
• Not a protocol for transferring hypertext
• But a protocol for transmitting information for making hypertext jumps easy
• A stateless protocol
• Transaction oriented : TCP connection is established for each transaction and terminated at the end of the transaction
HTTP Key Terms
• Cache : stores cacheable responses to reduce same future references
• Proxy : an intermediary program that acts on behalf of other clients
• Tunnel : an intermediary program that acts as a blind relay between two connections
• Connection : A transport layer virtual circuit between two programs