did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780130170378

Electronic Commerce Relationships : Trust by Design

by
  • ISBN13:

    9780130170378

  • ISBN10:

    0130170372

  • Edition: 1st
  • Format: Paperback
  • Copyright: 1999-11-01
  • Publisher: PRENTICE HALL
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $35.00

Summary

The heart of E-commerce is trust. This book focuses solely on building long-term relationships of trust between E-commerce buyers, sellers, and partners: specific ways to design trust into every E-commerce system and framework you build. Four expert authors present no-nonsense techniques for electronic commerce risk mitigation, trust, control, audit and security. They also present an insightful interpretation of the current state of E-commerce technology and where it's headed, specifically designed to help you anticipate new trust challenges you'll be facing in the next several years. Learn how to ensure control and security in E-commerce, while making sure these augment the relationship instead of intruding on it. Understand the elements of trust in E-commerce -- certainty, confidentiality, and privacy -- and learn how to build systems that deliver all three. Discover new audit and compliance techniques that recognize the fundamental differences between E-commerce and traditional business relationships. Finally, the book presents a detailed case study on the Secure Electronic Transaction (SET) standard for E-commerce credit card transactions.

Author Biography

Peter Keen is Chairman of Keen Innovations, and has served on the faculties of Harvard, MIT, and Stanford. Craigg Ballance is a Partner with E-Finity Group in Toronto, Canada. He has managed or participated in a wide variety of e-commerce projects for more than two decades. Sally Chan is Manager of Information Technology Audit at Royal Bank of Canada, and a member of Revenue Canada's Technical Advisory Group on Electronic Commerce. Steve Schrump is the Chief Technology Officer for Basis 100 Inc., a leading provider of global business-to-business e-commerce solutions for the financial services sector. He has held senior positions at three major e-commerce startups.

Table of Contents

Acknowledgments xiii
Introduction xv
Electronic Commerce and the Concept of Trust
1(18)
Definition of Trust
1(3)
The Basics of Trust
4(3)
Trust as a Foundation for Ec
7(7)
The Trusted System
9(1)
Complexity
10(1)
Interdependency
10(1)
The Trust Economy
11(1)
Telecommunications Networks
12(2)
Addressing New Risks
14(2)
Action Items for it Managers
16(3)
Understand the Business Environment
16(1)
Categorize and Respond to Specific Areas of Concern
17(1)
Monitor the Relationship
17(2)
The Dark Side of the Force: The Risks of Electronic Commerce
19(24)
Risks Common to all Distributed Networks
19(8)
Limitations of Traditional Risk Management
21(1)
New Awareness
22(5)
Technology-induced Risks: What's New
27(10)
Process-Oriented Technical Risks
27(1)
Public Communications Paths
28(3)
Automation Amplification
31(2)
Risk-Reduction Measures to Consider
33(2)
Uneven Quality of Black Box Processes
35(2)
What Control Professionals and Auditors Say
37(2)
Get the Big Picture
37(1)
Put Risk in the Right Context
38(1)
The Role of the it Manager in Risk Management
39(4)
Beyond Technology Risk
39(4)
Gaining Control of Electronic Commerce
43(18)
Control is More than Security
43(2)
Benefits and Importance of Control
43(2)
Control Objectives of a Trusted Commercial System
45(2)
Criteria of Control
46(1)
EC Controls: The Macro View
47(6)
Control Is an Evolutionary Process
48(5)
Steps to Create a Safe EC Environment
53(8)
Identification of ``Crown Jewels''
53(1)
Management Controls: People and Process
53(2)
Technology Dependent Controls (Tools)
55(2)
Role of the IT Manager: Point--Counterpoint
57(4)
Maintaining the Trust Bond: Certainty, Confidentiality, and Privacy
61(26)
Introduction
61(8)
Definitions and Implications for EC
62(1)
Protection
63(6)
EC Information Flow
69(1)
Corporate Data Flow and Interactions
69(4)
Data Flows Between Trading Partners
73(9)
Data-in-Transit
75(3)
Data with ISP
78(2)
Data at Client Sites, Server Site, and Outsourced Vendors
80(1)
Trans-Border Information Flow
81(1)
The Auditor's Perspective
82(5)
Confidentiality/Privacy Regulations: An International Sample
83(3)
Total Quality in the EC Transaction Factory
86(1)
Security: What Are You Protecting...and Why?
87(36)
Look after the Information First: Linking Security with Data Protection
89(8)
Value and Approach for Public Key Versus Private Key
90(7)
Framework for Building Confidence
97(9)
Understanding the Risks of Distributed Systems
98(5)
Cost of Risk Protection
103(1)
Risk Management
104(2)
Layers of Risk Protection
106(11)
Perimeter
106(3)
User Authentication
109(2)
Public Key Infrastructure (PKI)
111(1)
Other Authentication Techniques
112(1)
Access Control and Authorization
112(2)
Information Transformation Layers and Associated Security Schemes
114(3)
Social Aspects of Security
117(6)
Social Engineering
117(2)
Removable Data
119(1)
Legal Aspects
119(1)
Retaining Expertise
120(3)
Looking After Business: The Core Components of Electronic Commerce
123(28)
EC as a Catalyst for Change
124(1)
EC Defined
125(2)
Person to Person
125(1)
Person to Computer
126(1)
Computer to Computer
126(1)
EDI as the Primary Business-to-Business EC Component
127(1)
The EC Value Proposition
128(3)
Sales
128(1)
Customer Service
129(1)
Procurement
129(1)
Procurement Cards
130(1)
Information Management and Dissemination to Internal Resources
130(1)
Business Issues
131(1)
Technical Issues
132(8)
Communications
132(1)
Data Storage and Retrieval
133(3)
Message Conversion
136(2)
Application Interface
138(2)
EC in the Payments Business
140(1)
Future Direction and Implications for it Managers
141(4)
Extended Reach
142(1)
Micropayments
142(1)
Digital Cash
143(1)
Smart Cards
143(1)
Mondex
143(1)
Encrypted Credit Cards
144(1)
Electronic Checks
144(1)
Electronic Bill Presentment
145(1)
Implications of New EC Delivery Channels
145(6)
Key EC Issues for the IT Manager
146(1)
Factors for the IT Manager to Consider
147(1)
Steps for EC Success
148(3)
Business First and Safety First: Protecting Electronic Commerce Relationships
151(18)
From Systems Defense to Business Enhancement
152(3)
Putting Both Safety and Service First
154(1)
Key Players in EC Development
155(1)
Business Policy as Big Rules
155(7)
The Link Between Big Rules and Standards
157(2)
Determining Compelling Reasons for the Big Rules
159(1)
Questions for the Big Rule
160(1)
Choosing the Big Rules
161(1)
Relationship Design
162(5)
Reputation and Performance in an Online Relationship
165(1)
The Perfect EC Relationship
166(1)
Front-Ending
167(1)
Business Enhancement
168(1)
Auditing for a New Age, New Purpose, and New Commerce
169(20)
The Changing Role of the Internal Auditor
170(1)
Internal Control: Trends and Recent Developments
171(5)
Internal Control: Integrated Framework, 1994
171(1)
Guidance on Assessing Control, 1999
172(1)
Guidance on Control, 1995
173(1)
Control Objectives for Information and Related Technology, 1998 (CobiT)
174(2)
An Integrated Control Framework for EC
176(13)
The EC Control Environment
177(6)
The Payoff Idea
183(6)
External Audit Requirements and Regulatory Compliance
189(16)
Overview
189(1)
The External Auditor's Role
190(3)
What External Auditors Look For
190(3)
The Question of Corporate Governance: The Regulator's Role
193(5)
EDIC Electronic Banking: Safety and Soundness Examination Procedures, 1998 (U.S.)
194(1)
Independent Report on ``Electronic Commerce and Canada's Tax Administration'', 1998
195(1)
CDIC Standards of Sound Business and Financial Practices: Internal Control 1994 (Canada)
196(1)
Financial Aspects of Corporate Governance, 1992 (U.K.)
197(1)
External Requirements Harmonization
198(1)
The Common Ground
198(1)
Action Items for Control Designers
199(1)
Apply Safety Tools
199(1)
Add New Control Self-Assessment Topics
200(1)
Promote Quality Documentation
200(1)
Action Items for EC Professionals
200(5)
Trends to Follow and Opportunities to Take
205(16)
How to Plan when you can't Predict
206(4)
The Near Term
210(3)
Transforming the Nature of Security with Agents
210(2)
ANSI and Internet/Extranet Growth
212(1)
The Medium Term
213(3)
Safe Payments
214(2)
The Unknown Time Frame
216(2)
Digital Cash
216(1)
Changes in Payment Mechanisms
216(2)
The Death of Copyright
218(1)
Recommendations to Managers
218(3)
Appendix Electronic Commerce in Action: The Case for Secure Electronic Transaction (SET) 221(14)
1. What is SET?
222(4)
2. Why SET at all?
226(1)
3. Risk Profile with Implementing a SET Payment System
226(2)
SET Payment Cardholders
226(1)
SET Merchants
227(1)
SET Payment Gateways
227(1)
4. The Trust Dimension: The Public Key Infrastructure
228(1)
5. SET Implementation Issues
228(4)
Ventor Products May Not Be Fully Certified at Time of Implementation or Self-Audit
228(2)
Merchant Sign-Up Process Change
230(1)
Certificate Management
230(1)
Performance
231(1)
Backup of SET-Sensitive Files
231(1)
Managing Vendors and Outsourcing Partners
231(1)
Self-Audits and Independent Audits
232(1)
6. What SET Does Not Cover
232(3)
Index 235(10)
The Authors 245

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program