Title: International Standards And Electronic Commerce
1International Standards AndElectronic Commerce
- Frank Farance, Farance Inc.New York, NY, USA1
212 486 4700frank_at_farance.comhttp//www.farance.
com
2A Technical Rationale For International Standards
- Review problem before proposing solution
- Several perspectives, stakeholders
- Catalog problems
- Better understanding of problem
- Better solutions
- Useful, interoperable, widely adopted standards
3Many Possibilities For Poor, Incomplete Solutions
- DONT review problem before proposing solution
gt - Just propose solutions not just Java, XML, PKI
- Just use credit cards over Internet
- Integration problems
- Cultural problems
- Solutions based on market share, not needs
- Proprietary solutions
4Many Possibilities For Poor, Incomplete Solutions
- DONT incorporate several perspectives and
stakeholders gt - Optimum for one class of consumers, not all
- Optimum for one industry, not many
- Optimum for one country, not many
- Optimum for one set of laws/regulations
- Optimum for one type of network, not many
- Optimum for one type of currency/instrument
- Optimum for one type of transaction
5Many Possibilities For Poor, Incomplete Solutions
- DONT catalog problems gt
- Integration issues as solutions are broadly
adopted security, fraud/audit , nomadicity,
currency, legal, consumer protection, usability - May abort solution if unworkable
- May become too expensive to be practical
6Many Possibilities For Poor, Incomplete Solutions
- DONT strive for better understanding of problem
gt - Take first solution that works somewhat gt
penalty large commitment to poor solution - Revise technology/solutions every 3-5 years gt
penalty high maintenance, incompatible - Dont anticipate related technologies security,
data interchange, cultural/user adaptation gt
penalty very expensive rework
7Activity within ISO/IEC JTC1 (Information
Technology)
- Business Team on Electronic Commerce
- Focus identify work items for new standards
developed report and proposal - Responsive, non-traditional gathering of
international industry players - National, regional, industry, cross-sectoral
interests - Chair Ulrich Hartmann, Siemens, Germany
8Review Existing Systems, Reports, and
Specifications
- CommerceNet's Architectural Framework for
Internet Commerce (eCo System) - EBES/EWOS Building Blocks for Electronic Commerce
- Electronic Commerce Promotion Council of Japan
(ECOM) common platform for Consumer-EC
9Review Existing Systems, Reports, and
Specifications
- Java Electronic Commerce Framework (JECF)
- Object Management Group (OMG) Electronic Commerce
Reference Model - Open Trading Protocol (OTP)
- Secure Electronic Market Place for Europe (SEMPER)
10Review Existing Systems, Reports, and
Specifications
- CEN/TC 224 - ISO/TC 68/SC 6, Group for
Standardization on Electronic Commerce - JTC 1/SC 27 ad hoc Group GII Security
- Organisation for Economic Co-operation and
Development (OECD), Measuring Electronic
Commerce OCDE/GD(97)185 - Consumer Requirements In Electronic Commerce,
Norway
11Review Existing Systems, Reports, and
Specifications
- Measuring Information Society 1997, Information
Society Activity Centre, of the European
Commission. - Eurobarometer 16000 interviews in all European
Union countries, measuring interest in new
information and communication technologies
12ISO/IEC JTC1 CAW (Cultural Adaptation Workshop)
- Information technology systems that address
differing needs of users, cultures, regulations
Localization (L10N) vs. Internationalization
(I18N) - Not specific to electronic commerce
- Important area because it defines the semantics
of the transactions - http//www.itscj.ipsj.or.jp/caw
13ANSI IISP (Information Infrastructure Standards
Panel)
- Coordinates US GII activity
- Identifies cross-industry standards needs
- Origin White House NII initiative by Vice
President Al Gore now global perspective - 160 standards needs identified in many areas
security, nomadicity, electronic publications,
multimedia, networking, appliances, etc.
http//www.ansi.org/iisp
14Next Step Catalog Problems
- Review problem before proposing solution
- Several perspectives, stakeholders
- Catalog problems
- Better understanding of problem
- Better solutions
- Useful, interoperable, widely adopted standards
15Main Areas of Standardization
- User interfaces
- Basic functions
- Definition and encoding of data and other objects
16User Interfaces
- Icons
- Dialogue design principles
- Customer profiles
17Basic Functions
- Trading protocols
- Payment methods
- Security mechanisms
- Identification and authentication
- Auditing and recordkeeping
18Definition and Encoding of DataAnd Other Objects
- IT-enablement of existing standards
- Techniques for defining message semantics
- Localization (L10N)
- Registration authorities
- Value domains
19Trading ProtocolsThe Transaction
- Financial Events debits and credits associated
with the accounting systems of the parties of the
transaction - Business Process customary steps and flow of a
certain type of business - Information Bundles information attached to the
steps of the business process and/or to the
financial events
20Payment Methods
- Existing Work CyberCash, CyberCoin, DigiCash
ecash, E-check, e-COMM, Electronic Purse Systems
(e.g., Mondex, GeldKarte, Clip, prEN 1546), EMV,
Home Banking Computer Interface (HBCI), JEPI,
Millicent, Proton, Secure Electronic Transactions
(SET), Visa Cash - Standards Work ANSI X9, ECBS (European Committee
on Banking Stds)
21Security Mechanisms
- Integrity of Transactions and Information
- Digital Signatures
- Harmonize methods
- Need common signing method for consumer
- Key Management Infrastructure
- Standards Work JTC1/SC27, TC68, IETF PKIX, IEEE
P1363
22Identification, Authentication
- Confidentiality
- Anonymity
- Identifiers
- Authentication
- Standards Work JTC1/SC27, JTC1/SC31, JTC1/SC32,
TC68
23Auditing, Recordkeeping
- Still many open issues
- Internationalization (I18N) increases complexity
of harmonization How are systems audited across
country borders? - Too new to define
24Next Steps Current Activity
- Review problem before proposing solution
- Several perspectives, stakeholders
- Catalog problems
- Better understanding of problem
- Better solutions
- Useful, interoperable, widely adopted standards
25Years AwayCommon, Standard Solutions
- Review problem before proposing solution
- Several perspectives, stakeholders
- Catalog problems
- Better understanding of problem
- Better solutions
- Useful, interoperable, widely adopted standards
26Summary and Conclusions
- Review problem before proposing solution
- Mostly complete
- Still to come regulatory issues, cultural
issues, agreement on security/fraud/audit methods - Several perspectives, stakeholders
- Review is complete
- Catalog problems
- Complete localization issues are, well, local
27Summary and Conclusions
- Better understanding of problem
- Yes, but ... important issues still to resolve
- Affects integration, e.g., security, nomadicity
- Better solutions
- Useful, interoperable, widely adopted standards
28Electronic Commerce Links
- EBES / EWOS European Board on EDI
Standardization / European Workshop for Open
Systemshttp//www.cenorm.be/isss - ECOM (of Japan) Electronic Commerce Promotion
Council (of Japan)http//www.ecom.or.jp/eng/index
.htm
29Electronic Commerce Links
- e-COMMhttp//www.e-comm.fr/anglais/sommaire.html
- EMV The Europay International, MasterCard
International and Visa International
Consortiumhttp//www.visa.com/cgi-bin/vee/nt/chip
/download.html?20 - JECF Java Electronic Commerce Framework
http/java.sun.com
30Electronic Commerce Links
- JEPI Joint Electronic Payment Initiative (from
CommerceNet and W3C)http//www.w3c.org - OBI Open Buying on the Internethttp//www.supply
works.com/obi/ - OECD Organisation for EconomicCo-operation and
Developmenthttp//www.oecd.org
31Electronic Commerce Links
- OMG Object Management Grouphttp//www.omg.org
- OTP Open Trading Protocolhttp//www.otp.org
- SEMPER Secure Electronic Market Place for Europe
http//www.semper.org - SET Secure Electronic Transactions http//www.set
co.org/
32Other Links
- Business Team on Electronic Commerce Report
JTC1/N5296 http//www.jtc1.org - ISO-IEC JTC1 CAW Cultural Adaptability
Workshophttp//www.itscj.ipsj.or.jp/caw - ANSI IISP American National Standards Institute,
Information Infrastructure Standards
Panelhttp//www.ansi.org/iisp
33Other Links
- Cross-Standards Collaboration Activity (links to
GII standards and consortia)http//www.GlobalColl
aboration.ORG - Frank Farance, Farance Inc.Phone 1 212 486
4700E-mail frank_at_farance.comhttp//www.farance.
com - This presentation at http//www.farance.com/ifip