ecommerce Website Implementation - Glossary

Access control

Determines where a person or network host is allowed to enter a system.

Acquirer

A special apparatus used by a merchant bank to query issuers (card holder banks) to see if a card holder's account is valid.

Archetypes

Services and options that most e-commerce customers expect. These include shopping carts, free email, stock quotes, and simultaneous help desk support.

Asymmetric encryption

Encryption that creates a public key and a private key. The private key remains secret, on your computer. You can freely disseminate the public key.

Authentication

Establishes a person's identity.

Bandwidth

The amount of data received over a period of time.

Bandwidth throttling

The ability to control the bandwidth a particular virtual server uses.

Banner ad

An advertisement inserted within an HTML page.

Banner advertising

The use of clickable advertisements found on frequently visited Web sites.

Baseline

The normative activity for e-commerce servers.

Benchmark

An individual item of measurement in regard to a Web server element, such as percentage of RAM usage, hard drive access, and CPU utilization.

Bottleneck

Areas in the server where system queues get backed up and cause performance degradation.

Branding

The ability to market the image of a product consistently.

Browser compatibility

When creating a Web site, you must make sure that the site is available to users in your target market. Sometimes, this requires making the site's presentation as generic as possible. In other markets, you may find that specializing in the latest technologies is the only way to attract users.

Business design goal

You must map your front-end and back-end concerns to specific goals for your product and market niche.

Card holder

A person ready to buy goods and services with a credit card.

Certificate authority (CA)

A respected, trusted body that creates and manages certificates. A certificate authority signs other people's certificates and acts as a trusted third party. You can obtain personal, software publisher, server, and certificate authority certificates, depending on your needs.

Cookie

Cookies are small variables that store data about the current user. Cookies are set by the Web server, and are subsequently sent by the client browser with each request that matches the domain and path attributes (if set) set for the cookie. Unless explicitly set to persist via the Expires cookie attribute, a cookie will be destroyed when the user closes their browser. Cookies may be used to track and store information such as user name, user password and what parts of the site were visited.

Copyright law

Copyright is a form of protection provided to the authors of "original works of authorship," including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished. The copyright protects the form of expression rather than the subject matter of the writing.

CPU

The central processing unit or CPU is sometimes referred to as the processor or central processor. The CPU is where most calculations take place. In terms of computing power, the CPU is the most important element of a computer system.

Cryptography

Creating cipher text from plain text.

Customer relationship management software

CRM software allows you to discover the cost-effectiveness of a site, track users, and ensure accountability.

Daemon

A daemon is a process that is not associated with any terminal and which is dedicated to handling a particular task.

Data confidentiality

Using algorithms that make information remain secret.

Data integrity

A service for ensuring that information cannot be altered.

Database management system

Programs that control the organization, storage and retrieval of data for multiple users. Examples of database management systems are Oracle, Sybase, and Datacom.

Design evaluation

Checking up on the currency of the site to make sure it looks current and professional.

Digital cash

The use of proprietary software to convert "real" money into information easily transferred over a public network.

Digital certificate

A way to prove your identity. You can use it to encrypt and decrypt messages from individuals and servers. In technical terms, it is a public key that has been signed by a certificate authority.

Digital certificates

The use of one-way and asymmetric encryption to authenticate code or email.

Digital signature

Use of a one-way hash algorithm and a private key to provide a stamp of approval on an electronic document or network transmission.

Digital signatures

The use of one-way and asymmetric encryption to create signatures on transactions.

E-commerce

Conducting business on-line.

Encryption

Encryption is the process of transforming a file using a mathematical function or technique so that the contents of the file are protected from unwanted viewing.

Enterprise resource planning

ERP (enterprise resource planning) is the practice of using client/server technology, mainframes, and relational databases to manage all aspects of a business. As the name suggests, it involves planning the business, but it also covers ways to manage the manufacturing process, make purchases, as well as manage the important parts of its business, including project planning, human resource planning, supply chain management, inventory management, and order tracking. ERP is designed to lower supply chain costs, reduce the need for large amounts of inventory and enable a manager to conduct real-time checks of his/her company's manufacturing and business processes. The most popular ERP suite of programs is sold by a German company named Systems, Applications and Products in Data Processing (SAP). Its latest product, the R/3 series, traditionally worked with mainframes, but is now heavily involved in the client/server model, including Linux.

Extended logging

The ability to obtain extra information from visitors through the use of reverse DNS lookup and cookies.

File transfer protocol

The File Transfer Protocol, or FTP, is the set of communication rules that computers use to exchange files.

Firewall

A firewall is a series of applications and hardware that filters and audits outside network traffic as it passes into your network.

Glossary

To access all the items in the course glossary, click the Show All Terms button below.

Hash function

A smaller numerical representation of the plaintext. A hash of a message is encrypted using one way encryption to becomes the signature for that message.

Hit

A single instance of Web access. Vernacular term for site access from an end user.

I/O

Input/output system, also called I/O (pronounced eye-oh). I/O refers to any operation, program, or device whose purpose is to enter data into or extract data from a computer.

Intellectual property

Products such as written materials, musical compositions, trademarks and other things that are protected by copyright, trademark, or patent law.

Intrusion detection software

Software that scans an internal network for security threats.

IP address

An IP address is a number that is used to uniquely identify computers connected to the Internet.

Issuer

A financial institution, such as a bank, that provides a credit card to a customer.

Legacy system

A computer system or application that continues to be used when the cost of replacing or redesigning it is prohibitive.

Log file

Files that record end user access to a Web server or any other log-enabled server.

Merchant

The e-commerce site ready to sell goods and services. A merchant must establish a relationship with an acquirer before transacting online.

Merchant bank

A financial institution that offers accounts to merchants. These accounts enable transactions between the card holder and themerchant.

Middleware

Software systems and utlities that provide a service and sit between the client and backend databases or legacy systems.

Network interface card (NIC)

A network interface card is an expansion board that connects a computer to a network. Most NICs are designed for a particular type of network, protocol, and media, although some can serve multiple networks.

Nonrepudiation

The ability to prove that a transaction has in fact occurred.

One-way encryption

A one way encryption algorithm produces ciphertext that cannot be taken BACK tothe original plaintext.

Online transaction processing

The ability to process credit card information, track users, and bill related parties automatically.

Open Buying on the Internet (OBI)

The Open Buying on the Internet (OBI) Consortium is a non-profit organization dedicated to developing open standards for business-to-business Internet commerce.

Outsourcing

Many entrepreneurs choose to borrow space from an already-existing Internet service provider (ISP). You can either cohost or colocate. Cohosting means that you are borrowing hard drive space on a machine. Colocating means that you provide your own machine but use the ISP's Internet connection.

Packet filtering

The use of a type of firewall device that processes network traffic on a packet-by-packet basis. Packet filter devices allow or block packets, and are typically implemented through standard routers.

Payment gateway

Software operated by the merchant that relays data between the merchant and the merchant bank. It is the interface between the e-commerce site and the bank.

Performance testing

The ability to determine bottlenecks, as well as determine that the system is able to handle its load.

PKI

A movement interested in standardizing the creation, transport, and storage of keys. This standard was developed to improve the ability to use certificates across vast networks.

Portal

A clearinghouse that a visitor can treat as a "one stop shopping" experience. A portal provides services, as well as links to areas of interest on the Web.

Public key algorithm

The use of a key pair. The first half of the pair, or private key, stays secret. The second half, or public key, is freely distributed. Digital certificates and signatures use this form of algorithm.

Public key encryption

The use of asymmetric algorithms to ensure effective key exchange.

Registration authority

Creates certificate authorities.

Revocation

What happens when you lose trust in a certificate.

Secure Electronic Transaction (SET)

A method of information exchange that allows businesses and clients an extra level of protection while conducting business.

Secure hash algorithm (SHA)

A specific one-way encryption algorithm.

Secure MIME (S/MIME)

A specification for secure electronic mail. S/MIME was designed to add security to email messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption). S/MIME assumes that both the sender and receiver of secure email messages have public/private key pairs and uses the concept of a digital envelope

Secure Sockets Layer (SSL)

An encryption method enabled by digital certificates.

Security policy

The foundational building block for a site's security.

Selective disclosure

The ability to reveal only portions of a digital certificate. As yet, this is not possible in an e-commerce setting.

Simple Mail Transfer Protocol (SMTP)

The Internet standard protocol to transfer electronic mail messages from one computer to another. It specifies how two mail systems interact, as well as the format of control messages they exchange to transfer mail.

Site analysis

Analyzing hyperlinks, database connectivity, and user access.

Support staff

You will have to hire staff to keep the site running, process orders, and (possibly) obtain products, and contact customers.

Symmetric encryption

Encryption that uses the same key to encrypt and decrypt information.

Target market

As you prepare your business plan, make sure that you understand the nature of your Web site.

Third party

A merchant can delegate responsibilities to other organizations to save time and expense.

Threat

Attacks, such as IP spoofing, packet sniffing, and social engineering, designed to thwart access control and authentication.

Traffic analysis software

Automated software that determines statistics and puts them into human readable form.

Trust

A trust relationship is a logical link that combines two domains into a single administrative unit. With appropriate trust relationships in place, users from a trusted domain can access resources in a trusting domain transparently.

Trust chaining

The ability for businesses to work together and process only that information they need. Each business along the chain must trust the other implicitly for the entire process to work.

Wallet

The repository for digital cash. Wallet software resides on a client's computer. The client must "fill" a wallet before using it on an e-commerce site. Also, the e-commerce site has to support the particular wallet software the client is using.