THEORY EXAMINATION (SEM–VI) 2016-17 E-BUSINESS STRATEGIES

E-BUSINESS STRATEGIES – NIT066

B.Tech (SEM VI) | Section-wise Solved Answers

SECTION – A

(10 × 2 = 20 marks)

(a) Advantages of web commerce

Web commerce allows businesses to operate 24×7, reach a global audience, reduce operational costs, and provide faster transactions with better customer convenience.

(b) EDI and its benefits

EDI (Electronic Data Interchange) is the electronic exchange of business documents between organizations in a standardized format.
It reduces paperwork, improves speed, minimizes errors, and enhances efficiency.

(c) S-HTTP

S-HTTP (Secure HTTP) is a protocol used to secure HTTP transactions by providing encryption and authentication for individual messages.

(d) Prevention of double spending in electronic cash

Double spending is prevented using online verification, digital signatures, and centralized clearing systems that validate each transaction before approval.

(e) Need for computer security and types of risks

Computer security is required to protect data and systems from unauthorized access, misuse, and damage.
Types of risks include viruses, hacking, data theft, identity theft, and denial-of-service attacks.

(f) Password sniffing

Password sniffing is a technique where attackers capture data packets on a network to obtain login credentials transmitted in plain text.

(g) Payment system participants

Participants include the customer, merchant, issuing bank, acquiring bank, payment gateway, and clearing authority.

(h) S-MIME vs MIME

MIME supports multimedia email content.
S-MIME adds security features such as encryption, authentication, and digital signatures to MIME.

(i) Gopher and WAIS

Gopher is a menu-driven system used to retrieve documents from servers.
WAIS (Wide Area Information Server) is used for searching text-based databases over networks.

(j) Role of spiders and search engines

Spiders (crawlers) scan web pages and collect information.
Search engines index this information and help users retrieve relevant web content.

SECTION – B

(Attempt any five – 5 × 10 = 50 marks)

(a) Need for migration to open EDI

Open EDI allows businesses to exchange data across different platforms and organizations without rigid standards. It improves interoperability and flexibility.

(b) SEPP architecture and processing steps

SEPP (Secure Electronic Payment Protocol) ensures secure online payments.
It includes authentication, encryption, message integrity, and non-repudiation.
The architecture consists of customer, merchant server, payment gateway, and bank systems.

(c) CERT and FIRST

CERT (Computer Emergency Response Team) responds to cybersecurity incidents and vulnerabilities.
FIRST is an international forum of CERT teams sharing threat intelligence.

(d) Payment processing overview

Payment processing includes customer registration, purchase request, payment authorization, verification by bank, and confirmation to merchant.

(e) MIME vs S-MIME

MIME supports multimedia content in emails.
S-MIME provides confidentiality, integrity, authentication, and non-repudiation using cryptographic techniques.

(f) MOSS and its security services

MOSS (Mail Order/Internet Secure System) provides encryption, authentication, digital signatures, and message integrity for secure transactions.

(g) Internet tools for commerce

Important tools include email, FTP, WWW, search engines, online payment gateways, and electronic catalogs.

(h) Internet access and role of RAs & NAP

Registration Authorities (RAs) verify user identity.
Network Access Points (NAPs) connect different internet service providers and enable traffic exchange.

SECTION – C

(Attempt any two – 2 × 15 = 30 marks)

(3) Security requirements in internet monetary payment

Confidentiality is ensured using encryption, integrity using hash functions, authentication using digital certificates, and interoperability through standardized protocols.

(4)

(i) Conventional vs public key encryption
Conventional encryption uses a single secret key, while public key encryption uses a public-private key pair.
Encryption schemes can be broken using brute force, cryptanalysis, or social engineering.

(ii) Security tools
Examples include firewalls, antivirus software, intrusion detection systems, and digital certificates.

(5) Technologies essential for web servers

Web servers require operating systems, HTTP servers, database servers, scripting languages, security protocols (SSL/TLS), and load-balancing mechanisms.