E Commerce Fundamentals and Applications

专注高清外文教科书 酷比的小店 shop100211415.taobao.com This Page Intentionally Left Blank This Page Intentionally Left Blank e S HENRY CHAN, RAYMOND LEE, THARAM DILLON The Hong Kong Polytechnic University ELIZABETH CHANG The University of Newcastle, Australia JOH Chichester New York Weinheim Brisbane Singapore Toronto Copyright 0 2001 by John Wiley & Sons Ltd Baffins Lane, Chichester, West Sussex, PO19 lUD, England National 01243 779777 International (+44) 1243 779777 e-mail (for orders and customer service enquiries): cs-books@wiley.co.uk Visit our Home Page on http://www.wiley.co.uk or http://www.wiley.com All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright, Licensing Agency, 90 Tottenham Court Road, London, W1P 9HE, UK, without the permission in writing of the Publisher, with the exception of any material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the publication. damage occasioned to any person or property through using the material, instructions, methods or ideas contained herein, or acting or refraining from acting as a result of such use. The authors and Publisher expressly disclaim all implied warranties, including merchantability of fitness for any particular purpose. There will be no duty on the authors of Publisher to correct any errors or defects in the software. Designations used by companies to distinguish their products are often claimed as trademarks. In all instances where John Wiley & Sons is aware of a claim, the product names appear in initial capital or capital letters. Readers, however, should contact the appropriate companies for more complete information regarding trademarks and registration. AMAZON.com is the registered trademark of Amazon.com, Inc. Henry Chan, Raymond Lee, Tharam Dillon and Elizabeth Chang have asserted their right under the Copyright, Designs and Patents Act 1988 to be identified as the authors of this work. Neither the authors nor John Wiley & Sons Ltd accept any responsibility or liability for loss or Other Wiley Editorial Ofices John Wiley & Sons, Inc., 605 Third Avenue, New York, NY 10158-0012, USA Wiley-VCH Verlag GmbH Pappelallee 3, D-69469 Weinheim, Germany John Wiley & Sons (Australia) Ltd, 33 Park Road, Milton, Queensland 4064, Australia John Wiley & Sons (Canada) Ltd, 22 Worcester Road Rexdale, Ontario, M9W 1L1, Canada John Wiley & Sons (Asia) Pte Ltd, 2 Clementi Loop #02-01, Jin Xing Distripark, Singapore 129809 British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library ISBN 0 471 49303 1 Typeset in 10/12.5pt Sabon by TechBooks Ltd., New Delhi, India Printed and bound in Great Britain by Biddles Ltd, Guildford and King’s Lynn. This book is printed on acid-free paper responsibly manufactured from sustainable forestry, for which at least two trees are planted for each one used for paper production. This Page Intentionally Left Blank This Page Intentionally Left Blank Preface 1 Introduction 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 Electronic commerce and physical commerce The DIGITAL phenomenon Looking at e-commerce from different perspectives Different types of e-commerce Examples of the types of e-commerce 1.5.1 Amazon*: B2C e-commerce 1.5.2 eBay: C2C e-commerce 1.5.3 Trading process network: B2B e-commerce 1.5.4 Priceline : C2B e-commerce Some e-commerce scenarios 1.6.1 Retailing 1.6.2 Servicing 1.6.3 Publishing 1.6.4 Supply chain management Changes brought by e-commerce Advantages of e-commerce Myths about e-commerce development and implementation 1.9.1 Myth 1: e-commerce is about building a web page 1.9.2 Myth 2: the successful implementation of an e-commerce system relies on web programmers 1.9.3 Myth 3: e-commerce project is about translating the traditional business model into an electronic business model xix 1 2 3 4 6 8 8 9 10 10 11 11 12 12 13 13 14 14 16 16 17 viii CONTENTS 1.10 System model and road map of this book 1.11 Summary References Recommended Reading PART 1 Technologies (fundamentals) 2 Internet and world wide web 2.1 An Overview of the internet 2.2.1 Basic network architecture 2.1.2 Layered model 2.1.3 Link layer 2.1.4 Network layer 2.1.5 Transport layer 2.1.6 Application layer 2.1.7 Next generation internet 2.2 Brief history of the web 2.3 Web system architecture 2.4 Uniform resource locator 2.5 2.6 Hypertext Transfer Protocol ( m P ) Overview of the hypertext transfer protocol 2.6.1 HTTP request 2.6.2 Server response Generation of dynamic web pages 2.7 2.8 Cookies 2.9 HTTNl.1 2.10 Example 2.11 Summary References Recommended Reading 3 Client-side programming 3.1 3.2 Important factors in client-side or web programming Web page design and production 3.2.1 Define the audiences and the information requirements 3.2.2 Develop the logical design of the web site 18 21 23 23 25 27 28 28 29 29 32 35 36 38 38 39 40 41 42 42 44 46 48 49 51 52 52 53 55 56 61 61 61 CONTENTS IX 3.2.3 Develop the perceptual design 3.2.4 Content creation 3.2.5 Programming 3.2.6 Basic structure of an HTML document 3.5.1 Heading 3.5.2 Paragraph 3.5.3 Font 3.5.4 3.5.5 Horizontal rule 3.5.6 Lists Posting and hosting the site 3.3 Overview of HTML 3.4 3.5 Basic text formatting Other special tags for formatting text 3.6 Links 3.7 Images 3.8 ImageMap 3.9 Tables 3.10 Frames 3.11 Form 3.11.1 Textbox 3.11.2 Password textbox 3.11.3 Checkbox 3.11.4 Radio button 3.11.5 Submit button 3.11.6 File input field 3.11.7 Hidden form field 3.11.8 Textarea 3.11.9 Select menu 3.12.1 External style sheets 3.12.2 Embedded style sheets 3.12.3 Inline style 3.13.1 What is JavaScript? 3.13.2 Basic structure of JavaScript 3.13.3 A simple JavaScript example 3.13.4 Form validation using JavaScript References Recommended Reading 3.12 Cascading style sheets 3.13 JavaScript 3.14 Summary 62 63 63 63 63 64 66 67 67 68 68 68 68 69 71 72 73 75 79 80 80 80 81 81 81 81 82 82 82 83 84 85 86 86 87 88 89 92 93 93 X CONTENTS 4 Server-side programming I: servlet fundamentals 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 Revisiting the three-tier model Common gateway interface (CGI) 4.2.1 CGI fundamentals 4.2.2 CGI languages Active server page (ASP) Overview of Java servlet Java servlet architecture Overview of the servlet API Building the virtual bookstore - step by step Your first servlet - welcome to VBS Compilation and execution of servlets An interactive servlet program example: topics of interest Topics of interest: Cookie approach Summary References Recommended Reading 5 Server-side programming II: database connectivity 5.1 Introduction 5.2 Relational database systems 5.2.1 What is a relational database? 5.2.2 A brief overview of relational databases: an example of book ordering 5.2.3 Basic SQL statements 5.3.1 What is JDBC? 5.3.2 Layered infrastructure of JDBC 5.3.3 The JDBC drivers 5.3.4 JDBC API A JDBC program example: simple servlet book query 5.4.1 Preparing for your first JDBC program 5.4.2 Simple Book Query - ServletBookquery 5.4.3 ServletBookquery - program summary An advanced book query: ServletBookquerymulti Advanced JDBC servlet: VBS advance book search engine 5.6.1 VBS advance book search engine 5.6.2 How does the SearchEngine.java work? 5.3 JDBC perspectives 5.4 5.5 5.6 95 96 98 98 100 100 101 103 103 105 107 109 110 115 122 123 123 125 125 126 126 127 128 134 134 134 134 136 137 137 138 143 144 151 151 152 CON JfNTS xi 5.7 Summary References Recommended Reading 6 Server-side programming III: session tracking 6.1 Introduction 6.1.1 A realistic case in session tracking: Shopping in VBS 6.1.2 Issues involved in implementing the Shopping Cart object in the internet environment 6.2 Traditional session tracking techniques 6.2.1 Hidden form field 6.2.2 URL rewriting 6.2.3 H'ITP user authentication 6.2.4 Cookies 6.2.5 Comparison of the above session tracking methods The servlet session tracking API 6.3.1 Introduction 6.3.2 How the servlet session tracking API works 6.3.3 Some common methods for servlet session tracking 6.3.4 A simple session tracking example 6.3.5 A simple shopping cart example A practical case: VBS shopping cart 6.4.1 What is a shopping cart? 6.4.2 Basic functions of the shopping cart object References Recommended Reading 6.3 6.4 6.5 Summary 7 Basic cryptography for enabling e-commerce 7.1 Security concerns 7.2 Security requirements 7.3 Encryption 7.4 Two basic principles for private key encryption 7.4.1 Data encryption standard 7.4.2 Other symmetric key encryption algorithm 7.5 The key distribution problem 7.6 Diffie-Hellman key exchange Protocol 7.7 Public key encryption 155 156 156 159 160 160 161 161 162 170 175 175 176 177 177 178 179 180 185 19.5 195 196 201 202 202 203 204 204 20.5 207 208 208 209 209 210 xii 7.8 7.9 7.10 7.11 7.12 7.13 7.14 7.15 7.16 7.17 CONTENTS RSA encryption algorithm Hybrid encryption Other public key encryption methods Stream cipher and block cipher Message digest 7.12.1 MD5 message digest algorithm 7.12.2 Other message digest algorithms Message authentication code Digital signature Digital signature standard Authentication 7.16.1 Public key infrastructure 7.16.2 Digital certificate 7.16.3 X.509: A digital certificate framework 7.16.4 Certificate chaidverification path 7.16.5 An hierarchical trust system 7.16.6 Challenge and response authentication protocol 7.16.7 Certificate revocation Summary References Recommended Reading 8 Internet security 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 IPSec protocol Setting up security associations The authentication header (AH) service The encapsulating security payload (ESP) service Preventing replay attack Application of IPSec: virtual private network Firewalls Different types of firewalls 8.8.1 Packet filtering router 8.8.2 Application gatewaylproxy server 8.8.3 Circuit level gateway Examples of firewall systems 8.10 Secure socket layer (SSL) 8.10.1 SSL handshake protocol 8.10.2 SSL record protocol 8.10.3 The SSL change cipher spec protocol and the alert protocol 210 213 213 214 214 215 216 216 217 219 219 220 220 221 222 223 224 225 225 226 226 229 230 23 1 232 233 234 235 236 237 237 23 8 239 240 242 244 247 247 CONENTS ... Xlll 8.11 Putting everything together 8.12 Summary References Recommended Reading 9 Advanced technologies for e-commerce 9.1 Introduction to mobile agents 9.1.1 Overview of mobile agents 9.1.2 9.1.3 A simple programming example 9.1.4 Overview of MAGICS WAP: the enabling technology for mobile commerce 9.2.1 The WAP model 9.2.2 WAP architecture 9.2.3 9.3.1 HTML and XML 9.3.2 Syntax of XML documents 9.3.3 9.3.4 9.3.5 Applications of XML 9.3.6 9.4 Data mining Typical life cycle of an Aglet 9.2 Benefits of WAP to e-commerce 9.3 XML (extensible Markup Language) Displaying XML Documents - style sheets Processing XML documents and programming interfaces Architecture for XML and some features 9.4.1 Association rules 9.4.2 Decision trees 9.4.3 Web mining References Recommended XML Web sites PART 2 Applications 10 Internet payment systems 10.1 Characteristics of payment systems 10.2 4C payment methods 10.3 SET Protocol for credit card payment 10.3.1 SET network architecture 10.3.2 SET digital certificate system 248 248 249 249 25 1 252 253 254 256 262 263 264 265 267 267 267 267 271 271 273 275 277 278 279 280 281 282 283 285 286 286 287 288 289 xiv CON TENTS 11 10.3.3 10.3.4 Digital envelope 10.3.5 SET protocol 10.3.6 Purchase initiation 10.3.7 Purchase request 10.3.8 Payment authorization 10.3.9 Payment capture 10.4 E-cash 10.4.1 Blind signature 10.4.2 10.5.1 Deposit-and-clear 10.5.2 Cash-and-transfer 10.5.3 Lockbox 10.5.4 Direct fund transfer 10.6.1 Millicent 10.6.2 Payword Dual signature generation and verification Payment by e-cash over the internet 10.5 E-check 10.6 Micropayment system 10.7 Overview of smart card 10.8 Overview of Mondex 10.9 10.10 Summary Putting it all together for payments in the VBS References Recommended Reading Consumer-oriented e-commerce 11.1 Introduction 11.2 Traditional retailing and e-retailing 11.2.1 Traditional retailing 11.2.2 E-retailing 11.3.1 To the customer 11.3.2 To the business 11.4.1 For traditional retailing 11.4.2 For e-retailing 11.5.1 Specialized e-stores 11.3 Benefits of e-retailing 11.4 Key success factors 11.5 Models of e-retailing 289 292 293 293 294 29.5 297 298 298 299 301 301 301 303 303 303 303 305 306 309 310 311 311 312 315 316 317 317 318 319 319 320 321 321 322 324 324 CONTENTS xv 12 13 11.5.2 Basic features of an e-retailing system 11.5.3 Specialization by function 11.5.4 Generalized e-stores 11.5.5 E-malls 11.5.6 Direct selling by the manufacturer 11 .5 .7 Supplementary distribution channel 11.5.8 Brokers or intermediaries 11.6 Features of e-retailing 11.6.1 The future of e-retailing 11.7 Developing a consumer-oriented e-commerce system 11.7.1 The emergent business model as the basis of e-commerce system development 11.7.2 Process-oriented e-commerce development approach 11.7.3 Steps in the development methodology 11.8 The PASS model 11.9 Summary References Recommended Reading Business-oriented e-commerce 12.1 Features of B2B e-commerce 12.2 Business models 12.2.1 E-procurement and buyer-oriented e-commerce systems 12.2.2 Buy-side e-commerce - intercompany activities of procurement 12.2.3 Sell-side e-commerce 12.2.4 Virtual markets 12.2.5 Collaborative supply chain management 12.3.1 Intercompany integration 12.3.2 B2B e-commerce communication using XML 12.3.3 Intracompany integration References Recommended Reading 12.3 Integration 12.4 Summary E-services 13.1 Categories of e-services 13.2 'Web-enabled services 331 331 333 334 335 336 338 343. 341 341 342 344 345 346 346 347 347 349 351 352 353 353 357 360 365 367 367 368 3 70 371 371 371 373 374 3 75 xvi 13.3 13.4 13.5 13.6 13.7 CONTENTS 13.2.1 E-banking 13.2.2 E-stocktrading and e-investing 13.2.3 E-education Matchmaking services 13.3.1 Travel services 13.3.2 E-employment and e-jobs 13.3.3 Others Information-selling on the web E-entertainment Auctions and other specialized services 13.6.1 C2C auction sites 13.6.2 B2B auctions Summary References 14 Web advertising and web publishing 24.1 Traditional versus internet advertising 14.2 Internet advertising techniques and strategies 14.2.1 E-mail 14.2.2 Banners 14.2.3 Targeted advertising techniques 14.3 Business models for advertising and their revenue streams 14.4 Pricing models and measurement of the effectiveness of advertisements 14.5 Web publishing - goals and criteria 14.6 Web site development methodologies 14.6.1 Definition of an audience 14.6.2 Categories of systems 14.6.3 Overview of design methodology Logical design of the user interface I - abstract user interface object Logical design of the user interface I1 - flow of interaction 14.8.1 Illustrative example Usability testing and quality assurance 14.9.1 Usability testing 14.9.2 Functional and system testing 14.9.3 Web feature testing 14.7 14.8 14.9 14.10 Web Presence and visibility 375 377 378 379 379 381 381 383 384 384 386 386 387 388 3 89 390 392 392 392 396 398 399 400 401 402 402 403 407 411 414 414 414 419 42 1 423 CONTENTS mi 14.11 Summary References Recommended Reading 15 Step-by-step Exercises for Building the VBS 15.1 15.2 15.3 15.4 15.5 15.6 15.7 15.8 15.9 Introduction 15.1.1 Typical e-shopping scenario 15.1.2 VBS - system overview Exercise 1 - VBS homepage design (weeks 1 and 2) 15.2.1 Objectives 15.2.2 Program instructions 15.2.3 Program hints Exercise 2 - Form validation using Javascript (weeks 3 and 4) 15.3.1 0 bjectives 15.3.2 Program instructions 15.3.3 Program hints Exercise 3 - search engines (weeks 5-7) 25.4.1 VBS - system flow 15.4.2 Objectives 15.4.3 Search engine: program flow Exercise 3A- quick search 15.5.1 Program instructions 15.5.2 Program hints Exercise 3B - category search 15.6.1 Objective 15.6.2 Program instructions 15.6.3 Program hints Exercise 3C - advanced search 15.7.1 Objective 15.7.2 Program instructions 15.7.3 Program hints Exercise 4 - access control (weeks 8 and 9) 15.8.1 Objective 15.8.2 Program structure Exercise 4A - CartLogin 15.9.1 Objective 15.9.2 Program instructions 15.9.3 Program hints 424 424 425 427 427 428 429 430 430 430 432 432 432 432 434 434 434 436 437 438 438 439 441 441 441 441 442 442 443 444 445 445 446 447 447 449 449 xviii CONTENTS 15.10 Exercise 4B - create a new customer account 15.10.1 0 bjective 15.10.2 Program instructions 15.10.3 Program hints 15.11 Exercise 4C - change password 15.11.1 Objectives 15.11.2 Program instructions 15.11.3 Program hints 15.12.1 Objective 15.12.2 Program instructions 15.12.3 Program hint 15.13 Exercise 5 - virtual Shopping (CartServices) (weeks 10 and 1.1) 15.13.1 Objective 15.13.2 Program structure 15.13.3 CartServices: system flow 15.13.4 Program instruction 15.14 Exercise 6 - e-payment (week 12) 15.14.1 Objective 15.14.2 Program structure 15.14.3 Program instruction 15.14.4 Program hints 15.12 Exercise 4D - CartLogout 449 449 45 1 45 1 452 452 453 454 454 454 454 454 455 455 455 457 457 459 459 460 460 462 Index 463 Over the last few centuries, human beings have experienced two major revolutions: the industrial revolution and the electronic revolution. The former transformed our society from being agriculturally based to industrially based, whereas the latter trans- formed our society from being mechanically based to electronically based. As we enter the 21st century, we are seeing the beginning of a new revolution, namely the network revolution. It interconnects different parts of the world, enabling the seamless flow of information. The Internet is the engine of this revolution and electronic commerce (e-commerce) is its fuel. In understanding the evolution of the Internet and the World Wide Web, one can distinguish four phases, namely 1. The evolution of interconnections between different computing nodes: This allowed the provision of specialized functions such as e-mail and file transfer services. hyperlinked web pages that could be accessed through browsers. This has facilitated the process of information retrieval and dissemination on the internet, and accelerated the growth of it explosively. databases, and payment gateways: This allowed the development of integrated e-commerce systems for order processing, payments, and dynamically updated information on web pages. 2. The introduction of the World Wide Web: This allowed the creation of 3. The integration of the client-side web pages with backend applications, xx PREFACE 4. The integrat