Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Internet and eBusiness
Transcript of Internet and eBusiness
In the part eBusiness the basic elements of eBusiness will be discussed and the impacts on the "classic" business processes will be analyzed.
After a terminological clarification the economic changes as a whole will be regarded.
The discussion about the most important sections is attached.
To top this part off an analyzis about the so-called "Web 2.0" and (shortly) the mCommerce is done.
In the first part of the lecture the technical basics of communication on the Internet will be discussed.
Besides a brief historic summary of the development, the most important services of the Internet will be discussed.
In the final part new developments, commonly described as Web 2.0, will be addressed.
In the last part of the lecture the safety requirements of a secure communication on the Internet and its realization will be discussed.
Essential element hereby is an introduction in cryptography.
"Cryptography" is the science of encryption of information. It has always been a big issue and it is scientifically valid but only since the modern times.
In this part you will learn how computers communicate on the Internet, thus the exchange of data. At this, you will understand in particular the basic characteristics of the TCP/IP protocol and how these can be derived from the requirements.
You know the different possibilities of a connection to the Internet and how computers are addressed on the Internet. You understand the essentials of the domain name systems.
In 1969 a project started in the USA by the ARPA (Advanced Research Projects Agency) for the development of a new network technology. The goal, in view of the fact of the cold war at that time, is to ensure the ongoing communication within a network even when parts of the network are broken down. With the common procedure until then of a central communication through a server, this can not be guaranteed.
The technical solution consists in the development of the protocols TCP and IP. Their basic characteristics are:
splitting the data stream into (small) data packages
sending of the packages independently of each other
"free path selection" - meaning neither a central server nor sender and receiver predetermine the "way" of the data packages in the network
Rather the connected computers (router) organize the communication themselves.
The first realization is named "ARPANET" and it connected four mainframes at American universities.
In 1974 the TCP/IP protocol was officially dismissed.
TCP/IP - Protocol
TCP/IP is usually listed together although these are actually two protocols, namely the TCP (Transmission Control Protocol) and IP (Internet Protocol).
They represent the basic communication layer on the internet and can be classified in the OSI reference model on the third level (IP) and the fourth level (TCP). They are inserted between superordianted (applications/services) and subordinated (network connectivity) protocols.
The essential tasks of the
splitting of a randomly long data stream in separate segments
sending of these segments via the IP protocol
repeated sending of segments that are defect or that did not reach the receiver at all
eliminating duplicated segments
assembling of the data stream in chronological order
passing on of the data stream to the superordinated program/protocol
manages the transfer of the data packages between the internet routers. Due to its meaning, we will go further into the information in the head of the IP data packages.
The most important fields in the header of the package of the IP-Protocol are:
IP address of the sender
IP address of the receiver
unique number for every package
TTL (Time to Life)
Problem of the protocol Version 4: the limited amount of IP addresses. The increasing amount of users but especially the fact that more and more devices are directly connected to the Internet have depleted the available addresses.
Not only, but especially this circumstance should be corrected by the Version 6 in introduction.
Most important innovation in this context:
the length of the IP address is increased from 32 bit to
What is actually a "protocol"?
Protocols define the structure and the type of the data stream between the computers, in a way they determine the "language" between the computers.
Important: in a real communication not only one protocol is normally used, but several. Each has its specific task. All of them together provide the so-called "protocol stack".
A widely spread model for such a grading of protocols is the
. It shows
Each protocol takes over the data to be transported from the superordinated protocol and adds for its task the necessary control data in the so-called "header" of the data package.
One of the central requirements of the internet protocol is the possibility to clearly identify all connected computers worldwide. For that to happen each one gets a clear address, the
In version 4 (IPv4) it is
They are centrally allocated worldwide. In different countries there are regional allocation centers, the so-called
NIC = Network Information Center
In order to simplify the addressing mechanism users using a dial-in access to the Internet receive a
from the provider out of a pool of unique addresses.
Thereby, addresses can switch between users with the result that a clear identification through the IP address by a third party (e.g. an online shop) is not possible. The providers have to save the allocation of the addresses to the clients for law enforcement authorities for currently 6 months.
In Version 4 the IP address is 32 bit "long", therefore consists of 32 "0"-s and "1"-s.
In order to better remember and note such address, the so-called "
decimal dot notation
" is used.
For this purpose the 32 bit are divided in 4 byte (each 8 bit) and it takes down each byte as a whole decimal number. The numbers are separated by dots. The single numbers can (due to the 8 bit) only be in the range between 0 and 255.
Also in the decimal dot notation the IP addresses are still very unhandy for users. That is why an
was introduced, the domain name service. It administrates "names" for servers that are connected to the internet. It is certain that the names have to be allocated in a clear way again worldwide and to an IP address.
Before the actual communication with the TCP/IP the domain names are translated in the corresponding IP address.
The domain names are also structured by separating dots in order that a hierarchical system of subdomains is created.
The outermost right part is either a
or one of the agreed
gTLD = "global Top Level Domain"
Well-known country codes:
.de = Germany
.fr = France
.uk = Great Britain
but also "exotic" examples such as:
.vu = South Pacific Republic Vanuatu
Certainly the most famous and most prevalent gTLD:
.com = commercial
.net = network
.org = organisations
in the last years added:
.name = for private persons
.biz = companies
Large companies or organisations have a permanent, fixed connection to the internet. Then they need a fixed, distinct IP address and a domain name.
Most of the private users however connect to the internet via service providers, the so-called ISP = Internet Service Provider. Then, they are allocated a temporary IP number. In doing so, we currently distinguish 4 technical types of connections:
- in comparison very slow (up to 60 kbit/sec)
- only quite spread in Germany; allows parallel phoning
- today the most used form; 50-100 Mbit/sec is common; usual variant
(Asymmetric Digital Subscriber Line)
==> higher download speed than upload speed
mobile phone device
- with UMTS also packet-based and with acceptable bit rate; new standard LTE increases transfer speed significantly
Mistakenly the "Internet" is often equated with the "WWW". This is wrong. The internet is the underlying network on which all kinds of applications / services were developed. Partly these have already disappeared and without a doubt the WWW is dominating today in order that this also represents a core theme. Besides, we also go into email and shortly into the services mailing list, Usenet, Ftp, IRC and Telnet.
You should understand for each what the technical basis of the services are and what they are used for.
SMTP = Simple Mail Transport Protocol.
It is based on the transmission of a 7 bit ASCII text. With that neither binary contents or attachments (e.g. pictures) nor the German "Umlaute" can be transmitted.
In order to solve this problem the extension
MIME = Multipurpose Internet Mail Extension
was developed. This contains the usage of different coding possibilites in order to translate Non-7-bit data to 7-bit ASCII text. The most important:
Usage of page description language
in order to define certain formattings.
in order to code especially linguistic signs beyond 7 bit ASCII
in order to code binary data
as analogue procedure to base64
Hypertext Markup Language
is one of the developed page description languages for the WWW.
With check words that are written in angle brackets formattings, links and even multimedia elements can be included. The HTML text itself is a 7 bit ASCII. Example:
Content-Type: text/html; charset=us-ascii
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>Dies ist Text mit Formaten (<b>fett</b> und <font color="#FF0000">rot</font>) <br> </html>
This coding is especially suitable for texts with non 7-bit ASCII characters.
It keeps all 7-bit characters the way they are and replaces the others by a
combination of three 7-bit ASCII characters
. Here, the first character is (as "identification") always the "
"-sign. Afterwards follows the hexadecimal code of the character to be coded.
ASCII code of ü : 252
Hex : FC
quoted printable : „=FC“
It should be noted that at this the usage of the respective language tables is certainly important. In this example the font "iso-8859-1".
base64 is especially suitable for the coding of
data. In these the whole byte, thus the whole 8 bit are used. The main idea of coding is the following:
you divide 3 byte = 3*8 bit = 24 bit in
4 pieces with each 6 bit
each possible 6 bit value is allocated a character from an alphabet with
64 7-bit ASCII characters
these characters are then transmitted
Example for a solution:
value character value character value character value character
0 A 17 R 34 i 51 z
1 B 18 S 35 j 52 0
2 C 19 T 36 k 53 1
3 D 20 U 37 l 54 2
4 E 21 V 38 m 55 3
5 F 22 W 39 n 56 4
6 G 23 X 40 o 57 5
7 H 24 Y 41 p 58 6
8 I 25 Z 42 q 59 7
9 J 26 a 43 r 60 8
10 K 27 b 44 s 61 9
11 L 28 c 45 t 62 +
12 M 29 d 46 u 63 /
13 N 30 e 47 v
14 O 31 f 48 w (pad) =
15 P 32 g 49 x
16 Q 33 h 50 y
are a service based on email, therefore does not use its own protocol. Often it is mistakenly equated with newsletters. But this is only the "passive" variant in which you subscribe to a
and then automatically receive emails.
In mailing lists the users usually can generate posts also by themselves that are then distributed automatically to all subscribed users.
The administration and distribution is done by special programs, the so-called
. Well-known listervers are:
The latter is also used by our faculty.
There are two types of emails to the listserver:
(e.g. for subscribing and unsubscribing to a list)
(that are sent to a particular list)
The Usenet is best characterized as "
Technically it consists of a system of interconnected Usenet servers that manage news and exchange with the
NNTP = Network News Transport Protocol
The news are contentwise classified in
. Their names again are hierarchically structured and separated with dots.
The main groups (left part) are:
news usenet information
talk politics and similar
alt alternative groups
FTP - IRC - Telnet
These three services should be dealt with only briefly.
FTP = File Transfer Protocol
allows working on the data system of an external computer and especially downloading and uploading of data.
IRC = Internet Relay Chat
offers a synchronous communication. "
" means that sender and receiver are simultaneously online and the inputs of the opponent are practically seen at about the same time. The opposite is "
" communication, as with e.g. emails.
allows the logging in on an external computer per input window. With this, orders can be obeyed and e.g. the password of an account can be changed.
WWW = World Wide Web
is meanwhile without question next to emails the most important service of the internet worldwide.
As basis can be considered:
Further topics are the used
Eventually, developments that are summarized by the term "
" are to be discussed.
A Hypertext contains the possibility to include references in the text that refer to other documents. These references (often refered to as "
") can be dialed-in interactively. Thereby, this possibility is way beyond the classic footer or references.
Links can refer to:
another position of the same document
another document on the same computer
another document on another computer.
HTML = Hypertext Markup Language
is the "language" in which web pages are programmed.
It is a
, that means the structure of a page is defined by passwords.
HTML was developed by Tim Berners-Lee and significantly contributed to the spreading of the web.
In HTML the markups are written in angle brackets and are referred to as "
<H1> = headline of the first order
<p> = a paragraph
<br> = a line break
The enitre HTML code is an ASCII text file.
http = Hypertext Transport Protocol is the protocol which defines the transmission of web pages (analogous to SMTP with emails).
The details are not important for this lecture.
URL = Uniform Resource Locator
describes - worldwide unique - documents on the WWW.
It consists of the following parts:
(e.g. http:// )
(either as IP address or as domain name; e.g. www.hs-niederrhein.de)
(subdirectories are separated by "/")
a jump discontinuity in a document is defined by the "
"-sign defines a home directory of the given user name
See that there are standard values for protocol, port number, directory and document names, often only the domain name in the browser needs to be inserted for the homepage.
Pictures are not directly covered in HTML files, but only as references (link).
Because of the limited transmission rates, separate formats were developed that reduce the data volume.
The most important are:
(Jpeg) - lossy, very strongly reducing the amount of data, for pictures suitable format
- loss-free, for drawings, logos etc. suitable format with the possibility to illustrate small animations
(pronounced "ping") - quite modern format as a sort of symbiosis of jpg and gif
The most important features :
file compression LZW (lossless)
maximum amount of colors = 256 (color palette)
one color index may be defined as „transparent“
an image file may contain several "sub images"
their arrangement and timing can be set
the display can follow serial or in the „interlaced mode“
The most important features:
Jpeg - file compression (lossy) in image frames of 8x8 pixels
only RGB – true color image or grey scale picture
image quality and compression degree are working in opposite direction and can be set by the author
Greatly enlarged image detail of a JPEG picture with great image compression.
The block structure is clearly recognizable.
In order to present advanced multimedia contents in the WWW apart from text and (simple) images, a wide range of formats has been developed. For display they normally require a "
". By this, a software is meant that is installed additionally to the browser and is thereby integrated in this one. It then takes over the playing of multimedia contents. This can be in the browser window itself or in a separate window.
Important formats and applications:
play-back with Adobe Flash-Player (free of charge)
today not very well accepted and in part replaced by HTML 5 standard
developed by Apple
Example - 360° display inside the pyramid in front of the Louvre:
There are different video formats on the WWW. Widely spread are:
avi - Microsoft video format
rm - real player format, the (free of charge) RealPlayer also plays back many other formats
divx - Open Source video format with its own player
flv - Flash video format
Popular video portal: Youtube
By "Streaming Media" we understand the fact that not a complete multimedia file (e.g. video) exists, but recently a "stream" of data has to be transmitted. For internet radio, live television or other live cameras it is necessary.
In order to compensate the variations in the transmission rate, normally a data buffer is used.
Example - WDR audio player:
The PDF (Portable Document Format) format, developed by Adobe, is as such no multimedia format. But it is often put to use as format for the display of complex documents because the appearance is fixed and not dependent on the browser or the operating system.
The display program, the Acrobat Reader, is free of charge.
Also VRML = Virtual Reality Modelling Language is as such no multimedia format. It is an alternative to HTML for description of threedimensional scenes.
For the display a plugin is necessary, for example the Cortona Player.
Example - 3D scenes of the campus MG:
The standard mechanism: client (own PC) sends request per URL to the server - this sends the requested document back - client illustrates it in the browser (or via plugin) - has deficits on both the client side and the server side.
On the server side are not always completed documents present, for example with search requests. Here, the relevant results in the data base have to be researched first, in dependence of the search keyword.
On the client side, more interactive possibilities to modify the downloaded page are desired.
That is why extensions have been developed which we can separate into server-sided (running on the server) and client-sided (running on the client).
Server side extensions:
Client side extensions
Economy as a whole
Since about 2000 there is the differentiation between
. eBusiness is the broad term and includes all economic processes whereas eCommerce is sales-oriented. They both have in common the usage of electronic communication networks - today normally the Internet.
Summarized in a good way in the "
+ eCRM (Customer Relationship Management)
+ eKnowledge Management
We distinguish three networks in eBusiness. Basis of all three is the same technology: the on TCP/IP based Internet communication. Though, through different placing of
different user groups emerge.
: internal network of the company. Access only for company employees. Usage for internal Knowledge Management and Groupware.
: Access for selected external partners to particular data. Usage especially in the Supply Chain Management.
: worldwide access for all Internet users.
The business connections are matrix-shaped divided in sender and receiver of information. In doing so, the abbreviations of the type "S2E" are used.
The most important:
: Business to Consumer - Onlineshop of a company
: Business to Business - Supply Chain Management; eProcurement; ...
: Consumer to Consumer - direct business connections between end customer, e.g. eBay
: Business to Adminstration - digital preparation of an offer at a public tendering
: digital tax declaration of a private person
In the wake of eBusiness serious transformations of the whole economic structure take place.
Basis for a theoretical apprehension can be provided by the so-called
transaction cost analysis
Hereby, the impact on the
, the so-called "
convergence of media
" and the specific characteristics of the "
" are regarded.
Transaction Cost Analysis
The developed theory by Williamson of the Transaction Cost Analysis recognizes that a great part of the costs of economic activity persists through the transactions between the market participants. This amount increases steadily. The reduction of this portion of costs has therefore a major importance.
Every economic transaction can be divided in several phases, e.g.:
In all phases the transformation to electronic processing can reduce costs. This applies in particular for the first two phases in which search and communication costs are especially high.
Convergence of Media
By "Convergence of Media" we understand the increasing development that the classicly seperated economy sectors "Information Technology" (Computer), "Telecommunication" (Telephone) and "Media" (Television and Newspapers) collapse and will be transacted by the Internet.
Internet Radio is a standard by now. All television channels provide media libraries and live streams on the Internet. Newspaper publishers suffer from steady loss of subscribers of printed media and complete their offerings through online services.
Calling via the Internet (VOIP - Voice over IP) or mobile replaces the classic landlines. Smartphones integrate internet access, telephone, music player, ... in a single device.
The term "
" marks important basic characteristics of an economy that is based on the Internet.
On the one side, it can be referred to the scientist Negroponte who postulated the transition of "
atoms to bits
". This expresses that the value of information steadily increases and that the handling and the economic activity of bits fundamentally differs from the classic goods.
The second characteristic is expressed by the
. It shows the value of a network as:
V ~ n**2 - n
Basically, the value is dependent on the square of the number of users. This results from the number of possible communication connections between the members. Consequence:
every market participant has to aim for a significant market share
there is quite often the situation of "the winner takes it all", so only the dominant offerers become prevalent (Example: facebook).
The term was invented by Porter. We can differentiate between the
The internal supply chain divides a company in supply chain activities. Porter distinguishes between primary and secondary activities.
Today, products are not only created and distributed by individual companies, but by several companies. Thereby, the companies interlink the internal supply chain to the external supply chain via points of intersection. eBusiness changes these supply chains.
On the one hand, increasingly the linear supply chains become
On the other hand, the participants of the external supply chain are changing. The following effects are important:
: steps of the supply chain are dropped; an example is the omission of intermediaries and wholesalers through direct sale to the end customer
: new, internet specific intermediate stages emerge; examples are internet portals like Amazon
: intermediate stages modify their service offer with due regard to eBusiness requirements; examples are the modified services of logistics
How do the business forms and types of income change through eBusiness?
have had a major boost which have clear advantages at the realization on the internet
electronic market places
have replaced the classic forms
have specific, positive as well as for the provider negative characteristics
in digital markets is considerably more flexible and more important
forms of proceeds
gain in importance
Electronic auctions have many advantages compared to conventional auctions:
lower transaction costs
more dynamic auction forms (fun)
number of participants practically unlimited
- increasingly higher bids, all bids can be seen by every bidder
- decreasing bids; winner is bidder who stops the auction clock
First Price Sealed Auction
- sealed proposals; maximum price gets the fall of the hammer
- sealed proposals; maximum price gets the fall of the hammer at the price of the second highest bid
Digital goods have several specific characteristics that differentiate from the traditional, real goods. These are partially advantageous for the provider, but also partially problematic.
new and second-hand products are identical
marginal costs for production are almost zero
easy reproducibility and difficulty of securing of authenticity and integrity
barely capacity restrictions (storage, duplication, distribution)
very cheap availability (download)
Important conclusions: solution to copyright problems, price differentiation and constant change of products (versions) are necessary.
Especially with digital goods a price differentiation is important. This can be effected by means of:
- the seller offers a product or product variants at different prices
- buyers determine the price accepted by them, vendor may defer to that
The advantage of price differentiation is a higher market coverage (see diagram).
different programm versions ("home", "business", "professional")
user segments ("student version", regional variation)
time-dependent ("last minute", "early booker",...)
Andreas Meier, Henrik Stormer: eBusiness & eCommerce – Managing the digital Value Chain, Springer-Verlag, 2009
Often products or services are offered for free on the Internet (e.g. Google search). This is only possible when the suppliers can realize other types of revenue. These are often particularly important in eBusiness. As revenue options we can classify:
(musical work, shirt, ...)
(banner advertisement, "sponsered links" when searching, ...)
(user data, analysis of user behavior, ...)
Also with payment procedures and means of payment there are specific requirements in eBusiness. As payment method we can distinguish:
cash on delivery
cash in advance
Online used classic means of payment
Internet adapted classic means of payment
Basically we also classify the payment variant into the amount of money of the transaction. This is:
Picopayment: 1/100 Cent - 10 Cent (database retrieval, cost per minute...)
Micropayment: 1 Cent - 10 € (digital newspapers, bigger data retrieval...)
Macropayment: > 20 € (merchandise purchase)
Especially with digital variants specific dangers have to be considered:
Double Spending - token based (means of payment spent twice)
Counterfeiting - counterfeit money
Overspending - notation (exceedance of predefined limit)
Refutability - impossible to refuse spending
Unauthorized Use - theft
we understand the usage of information and communication technologies for the electronic support and integration of
Reduction of the price of the product
Lower process costs
Lower cycle time
Lower warehousing costs
Extra high cost benefits come along in the field of
because a lot of order processes are available here, therefore the amount of process costs is extremely high.
Electronic catalogues offer a number of advantages compared to printed catalogues. These are:
dynamic and interactive,
can be updated at any time,
do not need "media disruption" because they are created electronically anyway,
can include a practically unlimited amount of products,
allow a customer-specific individualisation (one-to-one Marketing) and
allow the direct integration of the order process.
Depending on who creates and maintaines the catalogue, it can be distinguished:
- the vendor creates the catalogue (most common variant, conditional for the buyer but the finding of several catalogues)
- the buyer creates the catalogue (interesting for larger companies because search costs are minimized)
catalogue - a service provider creates the catalogue (besides the cost aspects, especially the possibility of comparison of prices, customer reviews, etc.)
The development of the electronic catalogue is the electronic market. It includes not only the offer of the products, but all services that go along with the procurement process (offer, contract, payment, ...).
Also it can be distinguished between:
independent operators (e.g. Amazon)
community of buying companies as operators (e.g. buying platform of automobile manufacturers)
dependent on crafting operators (e.g. mySAP; the dependence occurs by the transaction of specific software products)
It is an important success factor to be able to make personalized offers to the customer. The following options are important:
- suggests the user automatically to choose a similar product of better quality in case of an order of a product
- suggests complementary goods to the product the customer is currently interested in
- leads the customer by means of hyperlinks to other products resp. product groups within an electronic catalgue
- replacement offer for products that are out of stock
eMarketing, often also refered to as "online marketing", is today an important element of every marketing activities of large companies.
Important partial aspects in the lecture:
Online promotional forms and the crucial differences to "classic" advertisement
The individualization today is regarded as crucial success criteria. It can refer to different aspects:
individual offers and prices
individual products (see also "Web 2.0" for this)
individual assortments (compilations)
How can such an individualization take place? On the one hand through the identification of the user (client has already bought, logs in, etc.), on the other hand through data analysis. Mentioned here:
By comparison of the recent user behavior with the deposited buying habits of many users in the database, individual products can be suggested to the user.
Types of advertisement:
„classic“ online advertisement (banner, interstitials, ...)
Search Engine Marketing (SEM) - principal source of income of Google; display of advertisement link to particular search words; different types of payments
Affiliate Marketing - network of advertisement placing websites is brought together through the Affiliate with advertisement supplier
Types of payments:
pay per view - every display
pay per click - the click on the advertisement link
pay per conversion - every generated revenue
Common advertisement formats in the WWW:
Skyscraper - large rectangles at the right edge
Interstitials - whole screen
Popup Banner - new appearing window
Video - strongly growing amount; made possible by wide spreading of large bandwidths
Especially successful: so-called "
" advertisement, thus the simultaneous advertisement in several media (online, television, print).
A huge advantage of online advertisement is the direct success control. With classic advertisement the advertising effort (e.g. advertisement in a newspaper), the contact to the customer and the (possible) reaction of the customer is time-wise as well as spatially separated and therefore difficult to allocate.
By the interactive online medium these separations do not apply.
A new form of online marketing is the so-called "Viral Marketing".
It describes the targeted triggering and control of buzz marketing with the objective of commercialisation of companies and their performances (products and services).
innovative (often funny) form that is not perceived as disturbing by customers
often to be realized with very low budget
not completely to be controlled
distribution barrier has to be exceeded
mCommerce is the digital initiation, negotiation and/or handling of transactions between economic subjects via mobile terminals. It is attraktive because of the large spreading of mobile terminals. The most important characteristics:
- cell phone is mobile and can be used anywhere as long as network connection exists (anywhere)
- the high accessiblity makes it possible to continuously receive recent information (anytime)
- all cell phones with a SIM card in the GSM standard assign a clear user identification
- network providers may determine the position of a cell phone user currently up to less than 100 meters sharp
- therefore permanently online, “instant connectivity”
The term "Web 2.0" became popular in 2005 by Tim O'Reilly. It designates on the one hand new technologies, but also on the other hand modified usage possibilities and as a consequence thereof modified roles of the users. Synonym: "the do it yourself Internet".
Whereas in the times of the "1. Web" there was a clear separation of authors (with praticular knowledge) and consumers, now these separation lines cancel out. The consumer becomes a "prosumer" - a coinage of "producer" and "consumer".
The most popular applications:
- combination of "producer" and "consumer"
- include the client in the product development process
- commerce with and in social networks
User generated content
- content generated by the users themselves
- develop products with the help of customers
The most important requirements of a secure communication on the Internet are:
These requirements are not implemented through the standard communication technology (TCP/IP) because when developing the internet these requirements were not defined.
The solution is therefore the integration of
measures, especially the
Basically the following process flow takes place:
the sender encodes with a
(function) the cleartext (this can be any digital data file) by usage of a
and generates thus the "
the ciphertext is transmitted by an unsecure channel. Hereby, it cannot be prevented that unauthorized persons may have access on it.
the receiver decodes the ciphertext with a cipher (possibly the same as with the sender) with the aid of a key (possibly the same as with the sender) and receives the cleartext.
Important: the cipher functions are commonly known. The "secret" is the key.
Example of an enryption
Lehrveranstaltungen für „Schnupperstudium"
Prof. Dr. Hardt
First of all we can distinguish between:
: every letter (Byte) is encrypted independently
: a block of plaintext (typically 64 bit) is encrypted as a whole
The second variant is a sight safer and the only one in use today.
Very important differentiation concerns:
: a common key is used for encryption and decryption
: another key is used for decryption than for encryption
the common key must be exchanged via a secure way between sender and receiver
for each communication relation a different key is needed
easy to implement (in hardware)
if the key is long enough: secure
DES = Data Encryption Standard - especially because of the short key of 54 bit not secure anymore
IDEA = International Data Encryption Algorithm - 128 bit key; considered as secure
Public Key Encryption
There are two separated keys that are generated as a
and belong together:
- it may be puclicly known and it may be used for encryption
- it is never passed on and is used for decryption
neither from the public key nor from the encrypted message the private key can be determined
only with the private key, so neither with e.g. the used public keys for the encryption, the message can be decrypted
The "public key" encryption indeed solves the problem of the large amount of keys and especially the problem of the transmission of the common symmetric key, but the following things remain open:
the "public key" procedure is especially elaborate with huge amounts of data
the claims of integrity and authentication are still not solved
That is why we combine the symmetric and the "public key" encryption and use in addition the specific features of the
A hash function generates from a data set a
. This identifies the data set uniquely and is therefore also often designated as "
". It does not describe an encryption because the data set from the hash value cannot be regained.
The most important characteristics:
independent of the size of the data set, the hash value always has a
, typically 512 bit.
The hash function is a
, i.e. from the hash value the original data set cannot be computed.
The hash function is
, i.e. two different data sets generate different hash values
Thereby the following procedure results from sending a confidential message from A (Alice) to receiver B (Bob).
On the side of Alice:
a new, randomly symmetric key is generated
this one is encrypted with the public key of Bob
the message is encrypted with the symmetric key
the hash value of the message is computed
the hash value is encrypted with the private key of Alice
the encrypted key, the encrypted message and the encrypted hash value are transmitted
On the side of Bob:
the encrypted symmetric key is decrypted with Bob's private key (a)
with the hereby decrypted symmetric key the message is decrypted (b)
from this decrypted message the Hash value is computed
the encrypted hash value is decrypted with the public key of Alice (c)
the two hash values are compared and inspected for identity (d)
(a) and (b) guarantee confidentiality, (c) authentication and (d) integrity
In the depicted procedure still remains a "gap", namely the question if the public key really belongs to the person or the organisation who gives it out.
The certification of this undertakes the
. These are hierarchically organized in order that a chain of digital certificates results.
The so-called "master certificates" are directly lodged in the browsers (or other communications software).
for translating my German presentation.
denial of service attacks
Principle: infects other code which is executed on a computer
Types of computer virus:
Application – virus
Boot sector – virus
Macro – virus
Infection component => tries to infect further systems
Impact component => causes some damage on infected system
A computer worm is a small application program, which replicates itself on existing networks (often by Email).
In addition it may damage some software components of infected systems.
Trojans (or „Trojan Horse“):
Application with unknown functions
Application with so called „back doors“
developed for „remote maintenance“
today perhaps one of the most common threats
takes control of the infected system
may use the system for attacks on other web based server
may spy the infected system