Building an Ecommerce Web Site: A Systematic Approach

1
Building an E-commerce Web Site A Systematic
Approach

• Planning the systems development life cycle
• Systems analysis identify business objectives,
  system functionality, and information
  requirements
• System design hardware and software platforms
• Building the system in-house vs. Outsourcing
• Testing the system
• Implementation and maintenance

2
Systems Analysis Business Objectives, System
Functionality, and Information Requirements
3
A Logical and Physical Design for a Simple Web
Site
Simple Data Flow Diagram This data flow diagram
describes the flow of information requests and
responses for a simple Web site
4
A Logical and Physical Design for a Simple Web
Site
Simple Physical Design A physical design
describes the hardware and software needed to
realize the logical design
5
Building the System In-house Vs. Outsourcing

• Outsourcing
• Hiring an outside vendor to provide the services
  you cannot perform with in-house personnel
• Co-location
• When a firm purchases or leases web server (and
  has total control over its operation) but locates
  the server in a vendors physical facility
• The vendor maintains the facility, communications
  lines, and the machinery

6
The Spectrum of Tools for Building Your Own
E-commerce Site
7
Key Players Hosting/co-location Service

• Page 187, table 4.2

8
Testing the System

• Unit testing
• Involves testing the sites program modules one
  at a time
• System testing
• Involves testing the site as a whole, in a way
  the typical user will in using the site
• Acceptance testing
• Verifies that the business objectives of the
  system as originally conceived are in fact working

9
Implementation and Maintenance

• Benchmarking
• A process in which the site is compared with
  those of competitors in terms of response speed,
  quality of layout, and design
• Maintenance is on-going
• 20 devoted to debugging code and responding to
  emergency situations
• 20 concerned with changing reports, data files,
  and links to backend databases
• 60 devoted to general administration and making
  changes and enhancements to the system

10
Web Server Software

• Site management tools
• Verify that links on pages are still valid and
  also identify orphan files
• Dynamic page generation tools
• The contents of a web page are stored as objects
  in a database, rather than being hard-coded in
  HTML

11
Key Players in Web Server Software
12
Basic Functionality Provided by Web Servers
13
Web Application Servers

• Software programs that provide the specific
  business functionality required of a web site
• Include
• Catalog display
• Transaction processing
• Audio/video server
• Auction server
• B2B server

14
Application Servers and Their Function
15
E-commerce Merchant Server Software Functionality

• Software that provides the basic functionality
  need for online sales, including
• An online catalog that list products available on
  a web site
• Order taking via an online shopping cart that
  allows shoppers to set aside desired purchases in
  preparation for checkout, review what they have
  selected, edit their selections as necessary, and
  the actually make the purchase by clicking a
  button
• Online credit card processing verifies the
  shoppers credit card and then puts through the
  debit to the card

16
Widely Used Midrange and High-end E-commerce
Suites

• Page 199, table 4.5

17
Tools for Interactivity and Active Content

• Common gateway interface
• A set of standards for communication between a
  browser and a program running on a server that
  allows for interaction between the user and the
  server
• Active server pages
• A proprietary software development tool that
  enables programmers using microsofts IIS package
  to build dynamic pages

18
Tools for Interactivity and Active Content

• Java
• Is a programming language that allows programmers
  to create interactivity and active content on the
  client machine -- thereby saving considerable
  load on the server
• Java server pages (JSP)
• Like CGI and ASP, a web page coding standard that
  allows developers to dynamically generate web
  pages in response to user requests
• Javascript
• A programming language invented by netscape that
  is used to control the objects on an HTML page
  and handle interactions with a browser

19
Tools for Interactivity and Active Content

• Active X
• A programming language created by microsoft to
  compete with java
• Vbscript
• A programming language invented by microsoft to
  compete with javascript
• Coldfusion
• An integrated server-side environment for
  developing interactive web applications

20
Personalization Tools

• Personalization
• The ability to treat customers base on their
  personal qualities and prior history with your
  site
• Customization
• The ability to change the product to better fit
  the needs of the customer
• News from MSNBC
• Customized e-commerce tries again

21
Web design dos
22
Web design dos
23
Web design donts

• It is easier to describe what irritates people
  about Web sites than to describe how to design a
  good Web site
• In general the worst e-commerce sites
• Make it difficult to find information about their
  products
• Make it difficult to complete purchases
• Have missing pages or broken links
• Have a confusing navigation structure
• Have annoying graphics or sounds that u cant
  turn off

24
Rule of thumbs 4 good design

• Keep the purpose of the site clear and focused
• Make it easy for the user to find what they need
• Make proper use of color and graphics
• Make sure your site is adaptable to different
  users
• Be consistent in your design

25
What BOO.com did wrong

• No development plan
• The concept for the web site was extraordinary
  ambitious
• Web site design failure

26
Dimensions of E-commerce Security
27
A Typical E-commerce Transaction
28
Vulnerable Points in an E-commerce Environment

• Page 239, Figure 5.4

29
Seven Security Threats to E-commerce Sites

• Malicious code
• includes a variety of threats such as viruses,
  worms, Trojan horses, and bad applets
• virus is a computer program that has the ability
  to replicate or make copies of itself, and spread
  to other files
• worm is designed to spread from computer to
  computer
• Trojan horse appears to be benign, but then does
  something other than expected

30
Examples of Malicious Code

• Page 241
• Table 5.2

31
Seven Security Threats to E-commerce Sites

• Hacking and cybervandalism
• hacker is an individual who intends to gain
  unauthorized access to a computer system
• cracker is the term typically used within the
  hacking community to demote a hacker with
  criminal intent
• cybervandalism is intentionally disrupting,
  defacing, or even destroying a site

32
Seven Security Threats to E-commerce Sites

• Hacking and cybervandalism
• white hats are good hackers that help
  organizations locate and fix security flaws
• black hats are hackers who act with the intention
  of causing harm
• grey hats are hackers who believe they are
  pursuing some greater good by breaking in and
  revealing system flaws

33
Seven Security Threats to E-commerce Sites

• Credit card fraud
• Different from traditional commerce
• Hackers target files on merchant server
• Spoofing
• Misrepresenting oneself by using fake email
  addresses or masquerading as someone else

34
Seven Security Threats to E-commerce Sites

• Denial of Service Attacks
• Flooding a Web site with useless traffic to
  inundate and overwhelm the network
• Distributed Denial of Service attack uses
  numerous computers to attack the target network
  from numerous launch points

35
Seven Security Threats to E-commerce Sites

• Sniffing
• A type of eavesdropping program that monitors
  information traveling over a network
• Insider Jobs
• Employees with access to sensitive information
• Sloppy internal security procedures
• Able to roam throughout an organizations system
  without leaving a trace