Introduction
The internet can be defined as collection of interconnected computer systems that facilitate information sharing on a global platform. By its intrinsic ability to foster communication without geographic limitations, the internet has revolutionized the way we undertake daily activities, especially in business activities (Nissanoff 2006). The most significant business concepts related to internet business is E-Business and E-commerce. E-Business refers to the use of Information technology and digital communication systems to exchange electronic data and conduct business transactions in electronic form. E-commerce, on the other hand, refers to the process of buying and selling goods and services over the internet; in most cases, it uses the World Wide Web as a platform to carry out business transactions (Manzoor 2010).
The use of e-commerce to carry out business transactions facilitates reaching out of a wide customer base since the internet is widely available, and internet users are growing day by day. The basic elements of e-commerce include electronic transfer of funds, the use of online marketing, the processing of transactions using online methods, electronic data interchange. With technological innovations, the geographical orientations of the world have been greatly transformed by the internet. This creates the need for innovative business strategies (Laudon & Traver, 2010). This paper outlines the physical and logical technologies that enabled communication through the internet, the new business potentials and their online revenue models, the physical and logical procedures to deal with security breaches, and the illegal and unethical practices witnessed on the internet.
Physical and logical technologies that facilitated communication over the internet
The underlying communication infrastructure deployed by the internet comprises of the hardware components and an integration of various layers of software, which are in charge of controlling the hardware components of the digital communication system. Despite using the hardware to support the software layers, it is the software architecture that plays an integral role in fostering communication via the internet through its architectural design and standardization (Bordetsky & Hayes-Roth 2007). The layered software components provided a framework for the internet’s success in fostering global communication.
The universality of the internet communication protocols is based on internet standards, which are developed by the Internet Engineering Task Force (IETF) basing on the best current practices in internet technologies. The internet standards provide a description of the protocols deployed in internet communication, usually referred to as the Internet Protocol Suite, which specifies the communication protocols used in the implementation of the internet and other digital communication networks that use the same principles as the internet (Banks 2008). The Internet protocol suite comprises of two sets of protocols, which are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
The Internet Protocol Suite is a framework that is divided into layered protocols, comprising of four abstraction layers. The layered approach to the Internet protocol Suite serves to denote the scope of the environment under which the various services are functional. The top-most layer is the application layer, which specifies the various application components that the user requires to access the network components, for example, web-based applications and internet browsers (Maufer 1999). The application layer serves to hide the complexity of the communication system from the user. Adjacent to the application layer is the Transport layer, which serves to connect the applications to various hosts on the communication network. A typical example of an abstraction of the transport layer is the client-server computing model.
The transport layer deploys appropriate data exchange procedures to facilitate communication over the internet. Under the transport layer, there is the most fundamental layer that defines internet communication, which is the Internet layer and the Link layer. The internet Layer facilitates communication through the use of Internet Protocol (IP) addresses, which provides a framework through which computers on a network can identify and communicate with each other using transit networks (Forouzan 2003). The bottom-most layer, the Link layer offers connectivity amongst hosts that share a common network link, for example, a Local Area Network, or computers that use a common dial-up connection to access the internet. An important aspect of the TCP/IP is that its implementation is independent of the underlying hardware architecture (Deal 2008).
The most common element of the Internet Protocol Suite is the Internet Protocol, which is used in the implementation of addressing systems for all computers that have connectivity to the internet (Blackley et al 2003). IP is the key principle of internetworking; this means that it provides a platform for the establishment of the internet and communication over the internet. The earlier version of IP addressing, IP version 4 can only host up to 4.3 billion identified devices on the internet (Bordetsky & Hayes-Roth 2007). The increasing number of internet users saw the development of IP version 6 to accommodate the increasing traffic and IPv4 address exhaustion. The internet structure is a scale-free network that depends on the IP routing infrastructure and the World Wide Web for communication (Deal 2008).
The physical implementation of the internet can take various forms. For instance, A Local Area Network, which consists of interconnected computers within a limited domain such as an office or home network. A Wide Area Network (WAN) comprises various interconnected networks within a larger geographical domain such as cities, countries, or at the global level (Maufer 1999). The internet is a typical example of a wide area network.
The implementation of internet computing can be based on a computing architecture called the client-server architecture, whereby client machines share centralized resources that are accessible from servers. Other approaches to network implementation include Value Added Networks (VANs), Virtual Private Networks (VPNs), which serve to enhance internet security using tunneling and deployment of firewalls at the internet gateways (Deal 2008).
The new business potentials and their online revenue models
The internet provides a platform for the development of new business potentials. This is because the internet has revolutionized the tactical and commercial platforms for conducting businesses over the internet. Conducting business on the internet requires an analysis of the needs of internet users in order to adopt the most suitable revenue model for the business enterprise (Duane & Hoskisson 2008). The internet provides various platforms for conducting electronic business and electronic commerce.
Basing on significant innovations on aspects such as electronic funds transfer, online marketing, supply chain management, and online transaction processing (Chaudhury & Kuilboer 2002), the internet provides an environment for conducting virtual business depending on the business product line and the consumer needs. The onset of electronic commerce meant that business enterprises had to change their business models in order to address the changing needs of internet users. The deployment of business model that relies on the internet must put into consideration the functionalities of Web 2.0 such as web intelligence, dynamic web page content, automated scripting, and self-improving web-based systems (Duane & Hoskisson 2008).
One of the revenue models for selling on the web is the Web Catalogue model, whereby prospective buyers view information published on the web, and they can place their products good via the web site, mail, or telephone (Miller 2006). Examples of goods that are sold using this revenue model include computers, electronic devices, books, and so on.
The second type of online business revenue model is the Digital Content Sales Model, whereby the goods are exchanged in the form of digital data. The products sold under this category are mostly intellectual property, which is delivered in terms of information services. Examples of products under this category include digital data of published documents such as LexisNexis and ProQuest online database (Laudon & Traver 2010).
The third type of online business revenue model is the Advertising-supported model, that base on the principles of internet marketing. Business revenue models available on an online platform can be categorized into revenue from the standard Business-to-Business, Business-to-consumer, and consumer-to-consumer business models, and revenue from explicit, inventive business models (Nissanoff 2006). The conventional business models based on online buying and selling of products, while inventive business models generate revenue through placing various advertisements on their web pages, which can be charged using various approaches such as cost per click, cost per view, and so on. This revenue model is mainly used by Newspaper publishers, advertising sites, and web portals that place advertisements as a fee such as Google and Yahoo (Manzoor 2010).
The fourth type of business revenue model is the Advertising-Subscription Mixed model, whereby subscribers pay a given amount, and they do not encounter more advertising compared to the advertising-supported revenue model. The New York Times and the Wall Street Journal are a typical example of this model (Laudon & Traver 2010).
The Fee-for-Transaction model is another kind of online business revenue model that is based on the volume of transactions in terms of size and number. The business web site can charge a fee for hosting such transactions. The transactions conducted in this revenue model are far much cheaper compared to the conventional transaction service providers. After the completion of the transaction, the intermediary is eliminated from the value chain through a process known as disintermediation. A need to transact again causes the introduction of another intermediary. Products deployed in this revenue model include insurance brokers, online banking services, and automotive sales, and real estate services (Miller 2006).
The Fee-for-Service model revenue model entails charging a fee for every service delivered on the internet. The limitation with this model is that it is hard to ascertain whether a service was actually delivered to the user via the internet. In the United States, the issuance of professional services over the internet is allowed due to the difficulties in ascertaining the qualification of the practitioner who is offering the service over the internet. Some of the products that are used in this business revenue model include offering financial advice, online games, music, and other entertainment services that can be delivered on an online platform (Duane & Hoskisson 2008).
Companies cannot stick to one revenue model due to the changing needs of its internet users. As a result, e-commerce companies deploy revenue models in transition in order to address such matters effectively. Another potential issue with online revenue strategy is channel conflicts between the sales activities on a company’s website and sales activities relating to other outlets that have been placed on the company’s website (Laudon & Traver 2010).
Physical and logical procedures that deal with the security breaches
E-commerce security significantly depends on internet security and computer security. Computer security, whether physical or logical, is an essential element in dealing with security breaches and its associated consequences such as information theft, repudiation, and lack of authentication (Blackley et al. 2003). Computer network security is primarily implemented to curb security threats such as denial of service, unauthorized access, and confidentiality breaches.
This implies that valuable network assessment methodologies should be implemented to determine the level of network security and its vulnerability to potential network threats (Bissonette 2009). Presently, effective approaches to controlling security breaches could entail the use of network intrusion systems and the deployment of appropriate ethical hacking approaches that can be used to investigate the levels at which the network can identify potential threats and deploy appropriate control measures.
Problems concerning network security can be categorized into four basic areas: issues involving authentication, secrecy, and issues dealing with non- repudiation and primarily controlling integrity. The above network concepts are imperative in determining the effectiveness of a computer network towards handling the various computer network threats. In its broadest sense, authentication involves determining who has access to a computer network and the associated network resources. Network security is an important concept of computer networks that is aimed at the prevention of network intrusion. The profound use of the internet in itself poses a threat of network intrusion by unauthorized hackers (Bandt 2009).
The first and fundamental approach in enhancing the security of an information network is to foster physical security. Physical security simply means that access to the hardware components is restricted to authorized personnel only. For instance, only the network administrators have the right to access the server rooms. One effectual strategy of deploying physical security is to use deadbolt locks and measures that hinder physical access to critical information system hardware. Logical access to network resources should be limited within the organization perimeters, regulatory policies should be put in place to keep an eye on the flow of information in the organization’s information network (Wall 2007).
Stringent policies concerning disclosure of the organization’s information should be implemented. Authentication serves to limit access to actual information system of a business organization. This is critical as most security breaches in the current information age involve bypassing the authentication protocols in any information network. Authentication can be implemented using controlled access by means of passwords, which are secure and less prone to hacking algorithms such as hashing. Password security can be implemented using limited attempts, failure to which the information network detects such cases, and reports such circumstances as probable security breach (Wall 2007).
Another strategy that can be used to enhance the deal with security breaches and malicious hacking is the use of network penetration tools is to evaluate the vulnerability of the computer network. One of the possible solutions towards the prevention of computer network intrusion is to subject the network under potential threats in order to evaluate the weak points. Network penetration testing entails simulation of the potential attack by malicious software or attacker, which may be either hardware or software oriented. Such an approach usually involves ethical hacking, which serves to evaluate the level of computer security (Forouzan 2003).
Another effective procedure in ensuring information security over the internet is the use of the defense-in-depth strategy, which deploys the use of protection mechanisms, layered procedures, and information security policies that serve the sole purpose of enhancing the dependability of a computer network through the division of the defense into multiple layers. The most ignored common phenomenon by the majority of organizations is that major security breaches are usually from within the organization rather than by outsiders.
Defense in depth mechanism does not only delay the onset of the threats but also provides avenues that could be used to detect potential threats and help an organization to take necessary control measures to contain the threat, thereby decreasing the consequences associated with the computer network security breaches. The underlying principle behind the functionality of the defense in depth strategy is that it creates multiple layers between the hacker and the organization’s information; in the sense that the deeper the attacker attempts to gain access into the information system of the organization, the more difficult it becomes for the attacker to have access to the information. The multiple layer approach serves to prevent a direct attack on the organization’s network (Blackley et al 2003).
Furthermore, the defense-in-depth approach offers natural platforms for the deployment of effective intrusion detection methods that could both be hardware-oriented, software-oriented, or people-oriented. In an ideal world, the implemented defense in depth strategy should be able to delay potential security breaches and provide sufficient time so that the organization can respond to a threat, thereby decreasing its impacts, which could be in terms of cost, prevention of information theft and maintaining of the integrity of the information.
Managing a secure network is an important concept of the defense-in-depth strategy. Implementing network security involves the three basic attributes of network security:
- Access control; which involves monitoring the people on the network and the various network resources that are at their disposal
- Integrity; ensuring that the information network itself is reliable as a critical business requirement and potential threats should be addressed as early as possible
- Privacy; making sure that the network traffic is not accessible to everyone
Another approach in fostering network security involves the use of appropriate firewall software. Firewalls also serve to monitor the activity of the network; the access from particular sites could be limited, thereby increasing the security parameters of the information network.
Conclusion
The ability of the internet to foster effective and instant communication makes it one of the best environments for conducting business without limitations associated with geographic boundaries. This makes the development of the internet a key milestone in commerce. The challenge associated with e-business is the security of information transmitted between the business entities since the internet is a public network that is susceptible to malicious attackers. This implies that e-commerce companies have the need to deploy effective security measures on their communication frameworks to avoid unwanted attacks that may thwart the effectiveness of their e-commerce activities.
References
Bandt, A 2009, High-Risk Computer threats and how to fix them, PC World , 78-90.
Banks, M 2008, On the way to the web: the secret history of the internet and its founders, New York: Apress.
Bissonette, A 2009, Cyber Law: Maximizing Safety and Minimizing Risk in Classrooms, Oaks: Corwin Press.
Blackley, J, Peltier, J, & Pelitier, T 2003, Information Security Fundamentals, New York.
Bordetsky, A & Hayes-Roth, R 2007, Extending the OSI model for wireless battlefield networks: a design approach to the 8th Layer for tactical hyper-nodes, International Journal of Mobile Network Design and Innovation (IJMNDI) ,Vol. 2 5-12.
Chaudhury, A & Kuilboer, J 2002, e-Business and e-Commerce Infrastructure, New York: McGraw-Hill.
Deal, R 2008, Cisco Certified Network Associate study guide (exam 640-802,. New York: McGraw-Hill Professional.
Duane, I & Hoskisson, R 2008, Understanding Business Strategy: Concepts and Cases, New York: Cengage Learning.
Forouzan, B 2003, TCP/IP Protocol Suite, New york: McGraw-Hil.
Laudon, K & Traver, C 2010, E-Commerce 2011, Ontario: Pearson Education Canada.
Manzoor, A 2010, E-Commerce, New Jersey: Lap Lambert Academic Publishing.
Maufer, T 1999, IP Fundamentals, New York: Prentice Hall.
Miller, R 2006, The Legal and E-Commerce Environment Toda,. New york: Thomson Learning.
Nissanoff, D 2006, How the New Auction Culture Will Revolutionize the Way We Buy, Sell and Get the Things We Really Want, New York: The Penguin Press.
Wall, D 2007, Cybercrimes: The transformation of crime in the information age. New York: Cambridge University Press.