Professional Documents
Culture Documents
Ans. The business model is essentially ruled by the following two parameters:
1. On the basis of value addition: Value addition is the addition of value to a product or
service because of the opportunities that it offers on the web.
2. On the basis of control: At the high end of control there is hierarchical control and at
the low end there is no control, so that it is self-organizing. Normally, the control is done
through the policies of the website. Based on these, nine types of transactions can be
identified as listed below:
• Brokerage
• Aggregator
• Info-mediary
• Community
• Value Chain
• Subscription
ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII
• Manufacturer
• Advertising
• Affiliate
ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII
open as'other sites are visited. The most troubling aspect of this type of bug is that
information can be stolen even if the site is "secured" with Secure Sockets Layer (SSL).
Spying on a visitor's hard drive and uploading files from the visitor's hard drive
This has been accomplished via bugs such as the "Freiburg Bug" which exploit file
upload holes in web browser software. These types of bugs also use a virtually invisible
frame generated 'by the malicious web site. As the visitor browses the web site, a
JavaScript program proceeds to examine the visitor's hard drive, and through file-sharing
techniques, any files with known names can then be uploaded to any site desired on the
Internet. The file name must be known in advance. Unfortunately for security reasons,
many common files reside on most computers, such as "cookies.txt" that may have
voluntarily supplied, unencrypted password information stored in it, although the storing
of unencrypted password data is rare. The only types of files that may be uploaded are
text, image or HTML files. The files may be scanned and uploaded, but they may not be
altered while they are on the visitor's hard drive.
Theft of customer data from selling agents and Internet Service Providers (ISP)
Customers purchasing goods and services on the Internet, including the use of an ISP to
have access to the Internet, typically pay with credit cards. Cyber cash payment methods
are another, less popular alternative. This credit card information is stored by the selling
agents and ISPs. Unfortunately for the customers, hackers are occasionally successful at
breaking into the selling agent's and the ISP's systems and obtaining the customers' credit
card data. Little, if anything, can be done by the consumer to, prevent this type of
exposure other than not using credit card information at all on the Internet. The risk,
however, is comparable if you use your credit card for any other purpose since corporate
databases containing non- Internet customer credit card information may also be
penetrated and stolen.
Privacy and the use of cookies
The issue of privacy on the Internet is of concern to many people. Many coalitions have
been formed to monitor and disseminate information regarding privacy issues on the
Internet and to proactively- lobby for greater privacy measures. A few of these groups are
the Center for Democracy and Technology (CDT), Electronic Frontier Foundation (EFF),
Electronic Privacy Information Center (EPIC), Privacy International, and Privacy Rights
Clearinghouse (PRC). So what information is kept about a visitor? The answer depends
on how much information the visitor divulges about him/herself and how he/she
configures the web browser preferences. Cookies were designed to allow web servers to
operate more efficiently, provide a better response time to repeat visitors to their sites,
and more accurately track how many different users (as opposed to repeat visitors) visit a
site. The use of cookies, however, has become a very controversial topic by privacy
groups preferring to have no information about web browsing activities be kept by the
web sites visited. Depending on which web browser is being used, cookies may be placed
in a single file or individual files. For many web sites, the only information recorded is a
unique identification number so that the site may track the number of first time and repeat
visitors. When a user initially visits a web site, the host site may assign a unique
identification code to that user and create a cookie that is placed on the visitor's
permanent storage device, such as a hard drive. While the cookie file is written to the
visitor's hard drive, no files from the hard drive may be read, altered or uploaded from
this procedure. In some instances, other information such as user ID and password are
ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII
placed in this file, but only if the individual offers this information by typing it into a
form. This information is encrypted by some sites, but not by all. The cookie file is a text
file (.txt) that is easily read. Although rare; if an unencrypted password is placed in this
file, the danger of the file being read by some other malicious mechanism is a potential
exposure. Even if a password is unencrypted in a-cookie file, it is possible that
information passed from it to a server is encrypted, such as during an SSL session.
On the web site server side, the assigned user identification number is stored. In many
cases, that is all that is stored. In other cases, time visited, length of the visit, items
clicked on, and user preference data given by the visitor may also be stored by the web
site server into a database. Privacy groups are concerned about these types of data
repositories being created and sold for marketing or other purposes. The main reason
given for the justification for the creation of cookies is one of efficiency. On subsequent
visits to this web site, once the cookie is read, the server can obtain any data stored about
the visitor without having to ask for it again. For example, cookies can process multiple
advertisements sequentially so that one is not repeated until a cycle is complete. Also, the
web site server does not have to store any of the visitor preference data on its computer,
and thus the potential to push data storage to the visitor exists. How long do cookies last?
Just like edible cookies, computer-generated cookies have expiration dates assigned.
Most sites either set their expiration dates for a very short (a couple of hours for shopping
carts) or a very long (several years) time period depending on the site's objectives. In
response to users demands for privacy, recent versions of web browsers have the
enhanced capability for users to customize their preferences to either refuse the receipt of
a cookie or to require permission before a cookie is accepted. Many web sites will not
allow you access, however, if you will not accept their cookie(s)! Further, you may edit
your cookie file if you wish to judiciously remove cookies so that you can anonymously
revisit web sites.
ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ