etika dan privasi

Ch01 Data Item. Elementary description of things, events, activities and transactions that are recorded, classified and stored but are not organized to convey any specific meaning. Information. Data organized so that they have meaning and value to the recipient. Knowledge. Data and/or information organized and processed to convey understanding, experience, accumulated learning and expertise as they apply to a current problem or activity. Information Technology Architecture. A high-level map or plan of the information assets in an organization, which guides current operations and is a blueprint for future directions. Information Technology Infrastructure. The physical facilities, IT components, IT services and IT management that support an entire organization. Information System (IS). Collects, processes, stores, analyzes and disseminates information for a specific purpose. Computer-based Information System (CBIS). An information system that uses computer technology to perform some or all of its intended tasks. Hardware is a device such as a processor, monitor, keyboard or printer Software is a program or collection of programs that enable hardware to process data. Database is a collection of related files or tables containing data. Network is a connecting system (wireline or wireless) that permits different computers to share resources. Procedures are the set of instructions about how to combine the above components in order to process information and generate the desired output. People are those individuals who use the hardware and software, interface with it, or uses its output. Application program is a computer program designed to support a specific task , a business process or another application program. Information Systems that support specific functional areas and operations include: Functional Area Information System Transaction Processing System (TPS) Enterprise Resource Planning (ERP) System Interorganizational Information System Electronic Commerce Systems Functional area information systems or departmental information systems Function: Support the activities within specific functional areas. Example: System for processing payroll. Transaction processing system (TPS) Function: Process transaction data from business events. Example: Walmart checkout point-of-sale terminal. Enterprise Resource Planning System (ERP) Function: Integrate all functional areas of the organization. Example: Oracle, SAP Interorganizational information systems (IOS) are information systems that connect two or more organizations and support interorganizational operations such as supply chain management. Function: Manage flows of products, services and information among organizations. Example: Walmart Retail Link System connecting suppliers to Walmart. Supply chain describes the flow of materials, information, money and services from raw material suppliers through factories and warehouses to the end customers. Electronic Commerce Systems Function: Enable transactions among organizations and between organizations and customers. Business-to-Business (B2B) Business-to-Consumer (B2C) Example: www.dell.com Knowledge workers are professional employees such as financial and marketing analysts, engineers, lawyers and accountants. They create information and knowledge about a specific subject area and integrate it into an organization. Act as advisors to middle managers and executives. Office Automation System (OAS) Function: Support daily work activities of individuals and groups. Example: Microsoft Office Support: Clerical staff, lower and middle managers and knowledge workers. Management Information System (MIS) Function: Produce reports summarized from transaction data, usually in one functional area. Example: Report on total sales of each customer. Supports: Primarily for middle managers, sometimes for lower level managers as well. Decision Support System (DSS) Function: Provide access to data and analysis tools. Example: “What if” analysis of changes in a budget. Supports: Primarily for Middle managers and knowledge workers Expert System (ES) Function: Mimic human expert in a particular area and make a decision. Example: Credit card approval analysis. Supports: Knowledge workers Executive Information System (EIS) Function: Present structured, summarized information about aspects of business important to executives. Example: Status of production by product. Supports: Top managers of the organization. Which IT Resources are Managed and By Whom? During the early 1950s, Information Systems Department (ISD) managed ALL of the only computing resource, the mainframe. Today, computing resources are located through the organization and almost all employees use computers in their work. This system is known as end user computing. The major categories of information resources are hardware, software, databases, networks, procedures, security facilities and physical buildings. The Role of the IS Department The ISD is responsible for corporate-level and shared resources and for using IT to solve end users’ business problems. End users are responsible for their own computing resources and departmental resources. ISD and end users work together as partners to manage the IT resources. ISD has changed from a purely technical support role to a more managerial and strategic one. Director of ISD has changed from a technical manager to a senior executive called the chief information officer (CIO). Traditional Major IS Functions Managing systems development and systems project management. Managing computer operations, including the computer center. Staffing, training and developing IS skills. Provide technical services. Infrastructure planning, development and control. New (Consultative) IS Functions Initiating and designing specific strategic IS. Incorporating the Internet and e-commerce into the business. Managing system integration including the Internet, intranets and extranets. Educating the non-IS managers about IT Educating the IS staff about the business Supporting end user computing. Partnering with the executives. Managing outsourcing. Proactively using business and technical knowledge to “seed” innovative ideas about IT. Creating business alliances with vendors and IS departments in other organizations. IT Offers Career Opportunities The demand for traditional IT staff – such as programmers, business analysts, systems analysts and designers – is substantial. In addition, well-paid jobs in Internet and e-commerce, mobile commerce, network, security, object-oriented programming, telecommunications and multimedia design are available too. Ch02 Doing Business in the Digital Economy The digital economy is an economy based on digital technologies, including communication networks (the Internet, intranets, and extranets), computers, software, and other related technologies. Also called the Internet economy, the new economy, or the Web economy . Digital infrastructures provide a global platform over which people and organizations interact, communicate, collaborate, and search for information. A huge number of digitizable products; that is products that can be converted to digital format. Most common are: books, movies, magazines, TV and radio programming, electronic games, music CDs and computer software. Consumers and firm conducting financial transaction digitally. Physical goods such as home appliances and automobiles that contain embedded computer chips and connectivity capabilities. Businesses increasingly perform their basic functions: buying and selling goods and services, servicing customers, and collaborating with business partners electronically. This process is known as electronic business (E-business) or electronic commerce (E-commerce). New Economy vs. Old Economy Three Types of Business Pressures Market Pressures: The Global Economy and Strong Competition The Changing Nature of the Workforce Powerful Customers Technology Pressures: Technological Innovation and Obsolescence Information Overload Societal Pressures: Social Responsibility Government Regulation and Deregulation Protection Against Terrorist Attacks. Ethical Issues Organizational Responses Strategic Systems provide advantages that enable organizations to increase market share and/or profits, to better negotiate with suppliers, or prevent competitors from entering their markets. Customer Focus is the difference between attracting and keeping customers by providing superb customer service to losing them to competitors. Make-to-Order is a strategy of producing customized products and services. Mass Customization is producing a large quantity of items, but customizing them to fit the desire of each customer. E-business and E-commerce is the strategy of doing business electronically. Competitive Advantage and Strategic Information Systems Competitive Advantage: An advantage over competitors in some measure such as cost, quality, or speed, leads to control of a market and to larger- than average profits. Strategic Information Systems (SIS) provide a competitive advantage by helping an organization to implement its strategic goals and to increase its performance and productivity. Porter’s Competitive Forces Model The best-known framework for analyzing competitiveness is Michael Porter’s competitive forces model (Porter, 1985). Model is used to develop strategies to increase their competitive edge. Demonstrates how IT can make a company more competitive. Strategies for Competitive Advantage Cost Leadership. Produce products and/or services at the lowest cost in the industry. Differentiation. Offer different products, services or product features. Innovation. Introduce new products and services, add new features to existing products and services or develop new ways to produce them. Operational Effectiveness. Improve the manner in which internal business processes are executed so that a firm performs similar activities better than its rivals. Customer-orientation. Concentrate on making customers happy. 2.4 Why Should You Learn about Information Technology (IT)? IT is essential for work in organizations. IT will reduce the number of middle managers. IT will change the manager’s job. IT impacts employees at work. IT impacts employees’ health and safety. IT is used by all departments. IT provides opportunities for people with disabilities. IT provides quality-of-life improvements. Improvements in health care. Crime fighting and other benefits. Ch03 Ethical Issue and Information Security Ethics. A branch of philosophy that deals with what is considered to be right and wrong. A Code of Ethics is a collection of principles that are intended to guide decision making by members of an organization. The Four Categories of Ethical Issues Privacy Issues involves collecting, storing and disseminating information about individuals. Accuracy Issues involves the authenticity, fidelity and accuracy of information that is collected and processed. Property Issues involves the ownership and value of information. Accessibility Issues revolve around who should have access to information and whether they should have to pay for this access. Protecting Privacy Privacy. The right to be left alone and to be free of unreasonable personal intrusions. Two rules have been followed fairly closely in past court decision in many countries: The right of privacy is not absolutes. Privacy must be balanced against the needs of society The public’s right to know is superior to the individual’s right of privacy. Electronic Surveillance. The tracking of people‘s activities, online or offline, with the aid of computers. Personal Information in Databases. Information about individuals is being kept in many databases: banks, utilities co., govt. agencies, …etc.; the most visible locations are credit-reporting agencies. Information on Internet Bulletin Boards and Newsgroups. Electronic discussions such as chat rooms and these other sites appear on the Internet, within corporate intranets, and on blogs. A blog (Weblog) is an informal, personal journal that is frequently updated and intended for general public reading. Privacy Codes and Policies. An organization’s guidelines with respect to protecting the privacy of customers, clients, and employees. International Aspects of Privacy. Privacy issues that international organizations and governments face when information spans countries and jurisdictions. 3.2 Threats to Information Security Unintentional Threats Human errors can occur in the design of the hardware and/or information system. Also can occur in programming, testing, data collection, data entry, authorization and procedures. Contribute to more than 50% of control and security-related problems in organizations. Environmental hazards include earthquakes, severe storms, floods, power failures or strong fluctuations, fires (most common hazard), explosions, …etc. Computer system failures can occur as the result of poor manufacturing or defective materials. Intentional Threats Typically, criminal in nature. Cybercrimes are fraudulent activities committed using computers and communications networks, particularly the Internet. Average cybercrime involves about $600,000 according to FBI. Hacker. An outside person who has penetrated a computer system, usually with no criminal intent. Cracker. A malicious hacker. Social engineering. Computer criminals or corporate spies get around security systems by building an inappropriate trust relationship with insiders. Espionage or Trespass The act of gaining access to the information an organization is trying to protect by an unauthorized individual. Industrial espionage occurs in areas where researching information about the competition goes beyond the legal limits. Governments practice industrial espionage against companies in other countries. Shoulder surfing is looking at a computer monitor or ATM screen over another person’s shoulder. Information Extortion When an attacker or formerly trusted employee steal information from a computer system and then demands compensation for its return or an agreement not to disclose it. Sabotage or Vandalism A popular type of online vandalism is hacktivist or cyberactivist activities. Hacktivist or cyberactivist use technology for high-tech civil disobedience to protest operations, policies, or actions of an individual, an organization, or a government agency. Cyberterrorism is a premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents. Cyberwar. War in which a country’s information systems could be paralyzed from a massive attack by destructive software. Theft is the illegal taking of property that belongs to another individual or organization. Identity Theft Crime in which someone uses the personal information of others, usually obtained from the Internet, to create a false identity and then commits fraud. Fastest growing white-collar crime. Biggest problem is restoring victim’s damaged credit rating. Software Attacks Malicious software (malware) designed to damage, destroy, or deny service to the targeted systems. Most common types of software attacks are viruses, worms, Trojan horses, logic bombs, back doors, denial-of-service, alien software, phishing and pharming. Viruses. Segments of computer code that performs unintended actions ranging from merely annoying to destructive. Worms. Destructive programs that replicate themselves without requiring another program to provide a safe environment for replication. Trojan horses. Software progams that hide in other computer programs and reveal their designed behavior only when they are activated. Logic bombs. Designed to activate and perform a destructive action at a certain time. Back doors or trap doors. Typically a password, known only to the attacker, that allows access to the system without having to go through any security. Denial-of-service. An attacker sends so many information requests to a target system that the target cannot handle them successfully and can crash the entire system. Alien Software Pestware. Clandestine software that uses up valuable system resources and can report on your Web surfing habits and other personal information. Adware. Designed to help popup advertisements appear on your screen. Spyware. Software that gathers user information through the user’s Internet connection without their knowledge (i.e. keylogger, password capture). Spamware. Designed to use your computer as a launch pad for spammers. Spam. Unsolicited e-mail, usually for purposes of advertising. Cookies. Small amount of information that Web sites store on your computer, temporarily or more-or-less permanently. Web bugs. Small, usually invisible, graphic images that are added to a Web page or e-mail. Phishing. Uses deception to fraudulently acquire sensitive personal information such as account numbers and passwords disguised as an official-looking e-mail. Pharming. Fraudulently acquires the Domain Name for a company’s Web site and when people type in the Web site url they are redirected to a fake Web site. Compromises to Intellectual Property Intellectual property. Property created by individuals or corporations which is protected under trade secret, patent, and copyright laws. Trade secret. Intellectual work, such as a business plan, that is a company secret and is not based on public information. Patent. Document that grants the holder exclusive rights on an invention or process for 20 years. Copyright. Statutory grant that provides creators of intellectual property with ownership of the property for life of the creator plus 70 years. Piracy. Copying a software program without making payment to the owner. 3.3 Protecting Information Resources Risk. The probability that a threat will impact an information resource. Risk management. To identify, control and minimize the impact of threats. Risk analysis. To assess the value of each asset being protected, estimate the probability it might be compromised, and compare the probable costs of it being compromised with the cost of protecting it. Risk mitigation is when the organization takes concrete actions against risk. It has two functions: (1) implement controls to prevent identified threats from occurring, and (2) developing a means of recovery should the threat become a reality. Risk Mitigation Strategies Risk Acceptance. Accept the potential risk, continue operating with no controls, and absorb any damages that occur. Risk limitation. Limit the risk by implementing controls that minimize the impact of threat. Risk transference. Transfer the risk by using other means to compensate for the loss, such as purchasing insurance. Controls Controls evaluation. Identifies security deficiencies and calculates the costs of implementing adequate control measures. General controls. Established to protect the system regardless of their application. Physical controls. Physical protection of computer facilities and resources. Access controls. Restriction of unauthorized user access to computer resources; use biometrics and passwords controls for user identification. Communications (networks) controls. To protect the movement of data across networks and include border security controls, authentication and authorization. Firewalls. System that enforces access-control policy between two networks. Encryption. Process of converting an original message into a form that cannot be read by anyone except the intended receiver. All encryption systems use a key. Symmetric encryption. Sender and the recipient use the same key. Public-key encryption. Uses two different keys: a public key and a private key. Certificate authority. Asserts that each computer is identified accurately and provides the public keys to each computer. Virtual Private Networking. Uses the Internet to carry information within a company and among business partners but with increased security by uses of encryption, authentication and access control. Application controls. Controls that protect specific applications and include: input, processing and output controls. Information systems auditing. Independent or unbiased observers task to ensure that information systems work properly. Types of Auditors and Audits Internal. Performed by corporate internal auditors. External. Reviews internal audit as well as the inputs, processing and outputs of information systems. Audit. Examination of information systems, their inputs, outputs and processing. IS Auditing Procedure Auditing around the computer means verifying processing by checking for known outputs or specific inputs. Auditing through the computer means inputs, outputs and processing are checked. Auditing with the computer means using a combination of client data, auditor software, and client and auditor hardware. Disaster Recovery Planning Disaster recovery. The chain of events linking planning to protection to recovery, disaster recovery plan. Disaster avoidance. Oriented towards prevention, uninterrupted power supply (UPS). Hot sites. External data center that is fully configured and has copies of the organization’s data and programs. Ch04. 4.1 Managing Data Difficulties of Managing Data. Amount of data increases exponentially. Data are scattered and collected by many individuals using various methods and devices. Data come from many sources including internal sources, personal sources and external sources. Data security, quality and integrity are critical. Clickstream data. Data that visitors and customers produce when they visit a Website. An ever-increasing amount of data needs to be considered in making organizational decisions. Data Life Cycle Data Hierarchy Bit (a binary digit): a circuit that is either on or off. Byte: group of 8 bits, represents a single character. Field: name, number, or characters that describe an aspect of a business object or activity. Record: collection of related data fields. File (or table): collection of related records. Database: a collection of integrated and related files. 4.2 Database Approach Database management system (DBMS) provides all users with access to all the data. DBMSs minimizes the following problems: Data redundancy: the same data stored in many places. Data isolation: applications cannot access data associated with other applications. Data inconsistency: various copies of the data do not agree. DBMSs maximize the following issues: Data security. Data integrity: data meets certain constraints, no alphabetic characters in zip code field. Data independence: applications and data are independent of one another, all applications are able to access the same data. Designing the Database Data model. Diagram that represents the entities in the database and their relationships. Entity is a person, place, thing or event. Attribute is a characteristic or quality of a particular entity. Primary key is a field that uniquely identifies that record. Secondary keys are fields that have identifying information but may not identify with complete accuracy. Entity-Relationship Modeling Database designers plan the database design in a process called entity-relationship (ER) modeling. ER diagrams consists of entities, attributes and relationships. Entity classes are a group of entities of a given type, i.e. STUDENT. Instance is the representation of a particular entity, i.e. STUDENT(John Smith, 123-45-6789, …). Identifiers are attributes unique to that entity instance, i.e. StudentIDNumber. 4.3 Database Management Systems Database management system (DBMS) is a set of programs that provide users with tools to add, delete, access and analyze data stored in one location. Online transaction processing (OLTP) is when transactions are processed as soon as they occur. Relational database model is based on the concept of two-dimensional tables. Popular examples of relational databases are Microsoft Access and Oracle. Query Languages Structured query language (SQL) is the most popular query language used to request information. Query by example (QBE) is a grid or template that a user fills out to construct a sample or description of the data wanted. Relational Database Management Systems Normalization is a method for analyzing and reducing a relational database to its most streamlined form for: Mimimum redunancy; Maximum data integrity; Best processing performance. Normalized data is when attributes in the table depend only on the primary key. Virtual Databases Software applications that provide a way of managing many different data sources as though they were all one large database. Benefits of virtual databases include: Lower development costs; Faster development time; Less maintenance; Single point of entry into a company’s data. 4.4 Data Warehousing Data warehouse is a repository of historical data organized by subject to support decision makers in the organization and include: Online analytical processing which involves the analysis of accumulated data by end users; Multidimensional data structure which allows data to be represented in a three-dimensional matrix (or data cube). Benefits of Data Warehousing End users can access data quickly and easily via Web browsers because they are located in one place. End users can conduct extensive analysis with data in ways that may not have been possible before. End users have a consolidated view of organizational data. Data Marts & Data Mining Data mart is a small data warehouse, designed for the end-user needs in a strategic business unit (SBU) or a department. Data mining involves searching for valuable business information in a large database, data warehouse, or data mart. Used to predict trends and behaviors. Identify previously unknown patterns. Data Mining Applications Retailing and sales. Predict sales, prevent theft and fraud, determine correct inventory levels and distribution schedules. Banking. Forecast levels of bad loans, fraudulent credit card use, predict credit card spending by new customers, etc. Manufacturing and production. Predict machinery failures, find key factors to help optimize manufacturing capacity. Insurance. Forecast claim amounts, medical coverage costs, predict which customers will buy new insurance policies. Policework. Track crime patterns, locations, criminal behavior; identify attributes to assist in solving criminal cases. Health care. Correlate demographics of patients with critical illnesses, develop better insight to identify and treat symptoms and their causes. Marketing. Classify customer demographics to predict how customers will respond to mailing or buy a particular product. 4.5 Data Visualization Technologies Geographic Information Systems (GIS) is a computer-based system for capturing, integrating, manipulating and displaying data using digitized maps. Find locations for new restaurants. Emerging GIS applications integrated with global positioning systems (GPSs). Virtual Reality is interactive, computer-generated, three-dimensional graphics delivered to the user through a head-mounted display. 4.6 Knowledge Management Knowledge management (KM) is a process that helps organizations manipulate important knowledge that is part of the organization’s memory, usually in an unstructured format. Knowledge is information that is contextual, relevant and actionable; information in action. Intellectual capital (or intellectual assets) is another term often used for knowledge. Explicit knowledge deals with more objective, rational and technical knowledge. Tacit knowledge is the cumulative store of subjective or experiential learning. Knowledge management systems (KMSs) use modern information technologies – Internet, intranets, extranets, data warehouses - to systemize, enhance and expedite intrafirm and interfirm knowledge management. Best practices are the most effective and efficient ways of doing things, readily available to a wide range of employees. Knowledge Management System Cycle Create knowledge. Determine new ways. Capture knowledge. Identify as valuable. Refine knowledge. Make it actionable. Store knowledge. Store in a reasonable format. Manage knowledge. Verify it is relevant, accurate. Disseminate knowledge. Made available.  Ch05 5.1 Types of Networks Computer network is a system that connects computers via communications media so that data can be transmitted among them. Local area network (LAN) connects two or more devices in a limited geographical region. Local Area Network (LAN) LAN consists of the following components: LAN file server is a repository of various software and data files for the network. Nodes are the client machines on the LAN. Wired or wireless communication media that connects the devices. LAN network interface card (NIC) is a special adapter that links an individual device to the communication medium and specifies: The rate of data tramsmission; The size of the message units; Addressing information attached to each message; The network topology. Network operating system (NOS) manages the server and routes and manages communications on the network. Network Topologies Star, all network nodes connect to a single computer, typically the file server. Bus, all network nodes connect to the bus, which is a single communications channel, such as twisted pair, coaxial calbe, or fiber optic cable. Ring, network nodes are connected to adjacent nodes to form a closed loop. Wide Area Network (WAN) Wide area networks (WANs) are networks that cover large geographic areas. WANs typically connect multiple LANs. WANs have large capacity and combine multiple channels (fiber optic, satellite, microwave, etc.). WANs provided by common carriers, such as telephone companies (Sprint, AT&T, etc.). Value-added network (VAN) are private, data-only networks managed by outside third-parties that provide these networks to multiple organizations. Enterprise Networking Enterprise network is an organization’s interconnected network of multiple LANs and also can include multiple WANs. Backbone networks are corporate high-speed central networks to which multiple smaller networks such as LANs called embedded LANs and smaller WANs connect. 5.2 The Internet Internet (“the Net”) is a global WAN that connects approximately 1 million internal organizational computer networks in more that 200 countries on all continents. ARPANET An experimental project started by the U.S. Department of Defense (DoD) in 1969 To share data, exchange messages, transfer files. Internet Technologies Intranet is a network designed to serve the internal informational needs of a single organization. Extranet connects part of the intranets of different organizations and allows for secure communications among business partners over the Internet using virtual private networks. Virtual private network (VPNs) are private communications networks that use the internet for transmission. Tunneling encrypts the data packet to be sent, and places it inside another packet; which provides confidentiality, authentication and integrity of the message. Darknets Darknets are private networks that run on the Internet but are open only to users who belong to the network. Three major uses: Freedom of speech where censorship exists; Corporate security to protect sensitive data; Copyright infringement - file-sharing software. Operations of the Internet Internet Protocol (IP) the set of rules used to send and receive packets from one machine to another over the Internet. Packet switching is a transmission technology that breaks up blocks of text into small, fixed bundles of data called packets. Assessing the Internet Connecting via an Online Service by opening an account with an Internet Service Provider. Internet Service Provider (ISP) is a company that offers Internet connections for a fee. Examples are AOL, Comcast, Verizon. Network access points (NAPs) are an exchange point for Internet traffic. NAPs are key components of the Internet backbone. Connecting via Other Means by making assess to the Internet cheaper, faster and easier. Internet Kiosks are terminals located in public places like libraries and airports for people who do not have computers. Internet assess from cell phones, pagers and even connecting via satellite. Addresses on the Internet Each computer on the Internet has an assigned address, called an IP address. (i.e. 135.62.128.91) Domain Name System (DNS) the naming system for IP addresses of companies. Domain names consist of multiple parts, separated by dots, which are read from right to left. (i.e. www.internic.com) The Future of the Internet Internet2 develops and deploys advanced network applications such as remote medical diagnosis, digital libraries, distance education, onine simulation and virtual libraries www.Internet2.edu Next Generation Internet (NGI) government sponsored initiative aimed at creating an Internet that is fast, always on, everywhere, natural, intelligent, easy and trusted. www.ngi.gov vBNS is a high-speed network designed to support the academic Internet2 and the NGI initiatives. 5.3 The World Wide Web World Wide Web (the Web, WWW, W3) is a system of universally accepted standards for storing, retrieving, formatting and displaying information via a client/server architecture and a graphical user interface. Home page is a text and graphical screen display that welcomes the user and explains the organization that has established the page. Web site is all the pages of the organization. Webmaster the person in charge of the organization’s Web site. Uniform resource locator (URL) points to an address of a specific resource on the Web. Hypertext transport protocol (HTTP) is the communications standard used to transport pages across the Web portion of the Internet. Browsers provide a graphical front end that enable users to point-and-click their way across the Web, a process called surfing. Provide a uniform interface regardless of operating system. Leading browsers are Microsoft’s Internet Explorer, Mozilla’s Firefox, Netscape Navigator. 5.4 Network Applications Network applications support businesses and other types of organizations in all types of functions including those in the following major categories: Discovery Communications Collaboration Web services Discovery Discovery allows users to browse and search data sources, in all topic areas, on the Web. Search engine is a computer program that searches for specific information by key words and reports the result. Directory is a hierarchically organized collection of links to Web pages. Metasearch engines search several engines at once and integrate the findings of the various search engines to answer queries posted by users. www.dogpile.com Software agents are computer programs that carry out a set of routine computer tasks on behalf of the user and in so doing employ some sort of knowledge of the user’s goals. Web-browsing-assisting agents offer the use of a tour of the Internet. www.netcaptor.com FAQ agents make it easy to find answers on the Internet. www.ask.com Intelligent-indexing agents (also called Web robots and spiders) carry out massive autonomous searches of the Web for a user. Toolbars is a horizontal row or vertical column of selectable image icons or buttons. www.toolbar.google.com Discovery of material in foreign languages use an automatic translation of Web pages to find information in different languages. babelfish.altavista.com Portals Portal is a Web-based, personalized gateway to information and knowledge that provides relevant information from different IT systems and the Internet using advanced search and indexing techniques. Commercial (public) portals offer content for diverse communities and are most popular portals on the Internet Affinity portals support communities such as a hobby group or a political party. Mobile portals are accessible from mobile devices. Corporate portals offer a personalized single point of access through a Web browser Industrywide portals for entire industries. Communication Electronic mail (e-mail) is the largest-volume application running on the Internet. Web-based call centers (customer call center) are services that provide effective personalize customer contact as an imporant part of Web-based customer support. Electronic chat room is a virtual meeting place where groups of regulars come to “gab”. Voice Communication Internet telephony (VoIP) voice-over IP digitizes your analog voice signals, sections them into packets, and sends them over the Internet. Weblog is a personal Web site, open to the public, where the creator expresses feelings or opinions. Wiki is a Web site on which anyone can post material and make changes quickly, without using difficult commands. Collaboration Collaboration refers to efforts of two or more entities (individuals, teams, groups or organizations) who work together to accomplish certain tasks. Work group refers specifically to two or more individuals who act together to perform some task. Virtual group (team) is when group members are in different locations. Virtual collaboration is the use of digital technologies that enable organizations or individuals to collaboratively plan, design, develop, manage and research products, services and innovative applications. Workflow technologies facilitate the movement of information as it flows through the sequence of steps that make up an organization’s work procedures. Includes workflow management and workflow systems. Groupware Groupware refers to software products that support groups of people who share a common task or goal and who collaborate to accomplish it. Teleconferencing is the use of electronic communication that allows two or more people at different locations to hold a simultaneous conference. Videoconference is when participants in one location can see participants at other locations and share data, voice, pictures, graphics and animation by electronic means. Web conferencing is videoconferencing conducted over the Internet. Real-time collaboration tools support synchronous communication of graphical and text-based information i.e. computer-based whiteboards. Web services are applications, delivered over the Internet, that users can select and combine through almost any device (from personal computer to mobile phones). It is able to expose and describe itself to other applications, tell what services it does. It can be located by other applications via an online directory. It can be invoked by the originating application by using standard protocols. E-Learning and Distance Learning E-Learning refers to learning supported by the Web. Virtual classrooms in which all coursework is done on-line and classes do not meet face-to-face. Distance learning (DL) refers to any learning situation in which teachers and students do not meet face-to-face. Benefits of E-Learning Self-paced and self-initiated learning has been shown to increase content retention. Online materials offer the opportunity to deliver very current content of high quality and consistent. Students have the flexibility of learning from any place at any time at their own pace. Learning time generally is shorter, and more people can be trained due to faster training time. Training cost can be reduced, and savings can be made on facility space as well. Drawbacks of E-Learning Instructors may need training to be able to teach electronically. The purchase of additional multimedia equipment may be necessary. Students must be computer literate and may miss the face-to-face interaction with instructors. There are issue with assessing students’ work, as instructors really do not know who completed assignments. E-Learning Advanced e-learning support environments, such as Blackboard and WebCT, allow instructors to take advantage of new content and delivery technologies. Virtual universities are online universities from which students take classes from home or at an off-site location, via the Internet. Ch06. E-Business and E-Commerce Electronic commerce (e-commerce, EC) describes the buying, selling, transferring or exchanging of products, services or information via computer networks, including the Internet. E-business is a broader definition of EC, including buying and selling of goods and services, and also servicing customers, collaborating with partners, conducting e-learning and conducting electronic transactions within an organization. Pure vs. Partial EC depends on the degree of digitization involved. The product can be physical or digital; The process can be physical or digital; The delivery agent can be physical or digital. Brick-and-mortar organizations are purely physical organizations. Virtual organizations are companies that are engaged only in EC. i.e. pure EC Click-and-mortar organizations are those that conduct some e-commerce activities, yet their business is primarily done in the physical world. i.e. partial EC Types of E-Commerce Business-to-consumers (B2C) Business-to-business (B2B) Consumer-to-consumer (C2C) Business-to-employee (B2E) E-government Mobile Commerce (m-commerce) refers to e-commerce that is conducted in a wireless environment. i.e. using cell phone to shop over the Internet Business model is the method by which a company generates revenue to sustain itself. Major E-Commerce Mechanisms Auction is a competitive process in which either a seller solicits bids from buyers or a buyer solicits bids from sellers. Forward auctions are auctions that sellers use as a channel to many potential buyers. Reverse auctions one buyer, usually an organization, wants to buy a product or service. Electronic storefront is a Web site on the internet representing a single store. Electronic mall (cybermall, e-mall) is a collection of individual shops under one Internet address. Electronic marketplace (e-marketplace) is a central, virtual market space on the Web where many buyers and many sellers can conduct electronic commerce and electronic business activities. Benefits and Limitations of E-Commerce Benefits to organizations Makes national and international markets more accessible Lowering costs of processing, distributing, and retrieving information Benefits to customers Access a vast number of products and services around the clock – 24/7 Benefits to Society Ability to easily and conveniently deliver information, services and products to people in cities, rural areas and developing countries. Technological Limitations Lack of universally accepted security standards Insufficient telecommunications bandwidth Expensive accessibility Nontechnological Limitations Perception that EC is unsecure Unresolved legal issues Lacks a critical mass of sellers and buyers 6.2 B2C Electronic Commerce Electronic Storefront has its own URL at which buyers can place orders. Electronic Malls (Cybermall or e-mall) is a collection of individual shops under one Internet address. Referral malls in which you are transferred to a participating storefront Electronic shopping cart enables you to gather items from various vendors and pay for them in one transaction. Online Service Industries Cyberbanking (electronic banking) conducting various banking activities outside of a physical banking location. Online Securities Trading uses computers to trade stocks, bonds and other financial instruments. Online Job Market advertises available positions, accept resumes and takes applications via the Internet. Travel Services plan, explore and arrange almost any trip economically over the Internet. Real Estate view, sort and organize properties according to your preferences and decision criteria. Really Simple Syndication (RSS) information that you request, called a feed, comes to you daily through a piece of software called a newsreader. Issues in E-tailing Channel conflict with regular distributors is faced by click-and-mortar companies when they sell directly to customers online. Multichanneling is a process that integrates a companies online and offline channels. Order fulfillment includes not only providing customers with what they ordered and doing it on time, but also providing all related customer service. Online Advertising Advertising is an attempt to disseminate information in order to influence a buyer-seller transaction. Advertising methods Banners are simply electronic billboards. Pop-up ad appears in front of the current browser window. Pop-under ad appears underneath the active window. E-mail is when Marketers develop or purchase a list of e-mail addresses and send advertisements via e-mail. Spamming is the indiscriminate distribution of electronic ads without the permission of the receiver. Permission marketing asks consumers to give their permission to voluntarily accept online advertising and e-mail. Viral marketing refers to online “word-of-mouth” marketing. 6.3 B2B Electronic Commerce Sell-side marketplaces are where organizations attempt to sell their products or services to other organizations electronically from their own private e-marketplace. Buy-side marketplaces are where organizations attempt to buy needed products or services from other organizations electronically. E-Procurement is using electronic support to purchase goods and materials, sourcing, negotiating with suppliers, paying for goods and making delivery arrangements. Group purchasing is when the orders of many buyers are combined so that they constitute a large volume. Electronic Exchanges Many buyers and sellers; open to all business organizations; exchanges are for both indirect materials and direct materials. Vertical exchanges connects buyers and sellers in a given industry. Horizontal exchanges connect buyers and sellers across many industries and are used mainly for MRO materials. Functional exchanges are where needed services such as temporary help or extra office space are traded on an “as-needed” basis. Electronic hubs are used to facilitate communications and coordination among business partners, frequently along the supply chain. 6.4 Electronic Payments Electronic payment systems enable you to pay for goods and services electronically. Electronic checks (e-checks) are similar to paper checks and are used mostly in B2B. Electronic credit cards allow customers to charge online payments to their credit card account. Purchasing cards are the B2B equivalent of electronic credit cards and are typically used for unplanned B2B purchases. Electronic cash Stored-value money cards allow you to store a fixed amount of prepaid money and then spend it as necessary. Smart cards contain a chip called a microprocessor that can store a considerable amount of information and are multipurpose – can be used as a debit card, credit card or a stored-value money card. Person-to-person payments are a form of e-cash that enables two individuals or an individual and a business to transfer funds without using a credit card. 6.5 Ethical and Legal Issues Ethical Issues Privacy Stored and transferred personal information Tracking (i.e. cookies) Ethical Issues Disintermediation Value-added services that require expertise Job loss Legal Issues Specific to E-commerce Fraud on the Internet i.e. stocks, investments, business opportunities, auctions. Domain Names problems with competition. Cybersquatting refers to the practice of registering domain names solely for the purpose of selling them later at a higher price. Taxes and other Fees when and where (and in some cases whether) electronic sellers should pay business license taxes, franchise fees, gross-receipts taxes, excise taxes, …etc. Copyright protecting intellectual property in e-commerce and enforcing copyright laws is extremely difficult. Ch07 Wireless, Mobile Computing and Mobile Commerce 7.1 Wireless Technologies Wireless devices are small enough to easily carry or wear, have sufficient computing power to perform productive tasks and can communicate wirelessly with the Internet and other devices. Include PDAs, cellular phones, smart phones. Wireless Application Protocol (WAP) is the standard that enables wireless devices with tiny display screens, low bandwidth connections and minimal memory to access Web-based information and services. Microbrowsers are Internet browsers with a small file size that can work within low-memory constraints of wireless devices and the low bandwidths of wireless networks. Pager is a one-way, wireless messaging system; it alerts the user when it receives an incoming message. Wireless Transmission Media Microwave transmission systems are widely used for high-volume, long-distance, point-to-point communication. Point-to-point has two characteristics: first, the transmitter and receiver must be in view of each other (called line-of-sight); and second, the transmission itself must be tightly directed from transmitter to receiver. Satellite transmission systems make use of communication satellites; three types of satellites, each in a different orbit: Geostationary (GEO) Medium-earth-orbit (MEO) Low-earth-orbit (LEO) Footprint is the area of earth’s surface reached by a satellite’s transmission – overcomes the limitations of microwave data relay stations. Broadcast transmission allows satellites to send signals to many receivers at one time. Propagation delay is a brief pause in transmissions from GEO satellites which make two-way telephone conversations difficult. Types of Orbits Geostationary earth orbit (GEO) orbits 22,300 miles directly above the equator and maintains a fixed position; excellent for TV signals. Medium earth orbit (MEO) are located 6,000 miles above the earth’s surface and move; used for GPS and are less expensive. Low earth orbit (LEO) are 400 to 700 miles above the surface and move much quicker so they require many to have adequate coverage; use for telephone. Global Positioning Systems GPS is a wireless system that uses satellites to enable users to determine their position anywhere on the earth; supported by 24 shared satellites worldwide. Internet over Satellite (IOS) IOS allows users to access the Internet via GEO satellites from a dish mounted on the side of their homes. Only option available in some areas. Can have a propagation delay or be disrupted by environmental conditions. Radio Radio transmission uses radio-wave frequencies to send data directly between transmitters and receivers. Satellite radio (digital radio) offers uninterrupted, near CD-quality music that is beamed to your radio from space. (XM satellite radio uses GEO; Sirius uses MEO) Infrared light is red light that is not commonly visible to human eyes; common uses in remote control units for TVs, VCRs, DVDs, CD players. 7.2 Wireless Computer Networks and Internet Access IEEE standards for wireless computer networks include: IEEE 802.15 (Bluetooth) for wireless personal area networks (PANs) and 802.15.4 (Zigbee). IEEE 802.11 (Wi-Fi) for wireless local area networks (WLANs) IEEE 802.16 (Wi-Max) for wireless metropolitan area networks (WMANs) IEEE 802.20 (proposed) for wireless wide area networks (WWANs). Bluetooth Bluetooth is used to create small PANs: can link up to 8 devices within a 10-meter area; uses low-power, radio-based communications; can transmit up to 1 Mbps. Personal area network (PAN) is a computer network used for communication among computer devices (e.g., telephones, PDAs, smart phones) close to one person. Zigbee Zigbee targets applications that need low data transmission rates and low power consumption: moves data only one-fourth as fast as Bluetooth; Can handle hundreds of devices at once; most promising application is meter reading. Current focus is to wirelessly link sensors that are embedded into industrial controls, medical devices, smoke and intruder alarms and building and home automaton. Wireless Local Area Networks (WLANs) WLAN requires a transmitter with an antenna, called a wireless access point, that connects to a wired LAN or to satellite dishes that provide an Internet connection. Wireless network interface card (NIC) is needed to communicate wirelessly and has a built-in radio and antenna. Hotspot a wireless access point that provides service to a number of users within a small geographical perimeter (up to a couple hundred feet). IEEE standard for WLANs is the 802.11 family, known as Wi-Fi, for Wireless Fidelity. 802.11a can transmit up to 54 Mbps within 30 meters; 802.11b can transmit up to 11 Mbps within 30-50 meters; 802.11g – 54 Mbps, 50 meters. Benefits are low cost and simple Internet access. Problems with Wi-Fi Roaming – users cannot roam from hotspot to hotspot if the hotspots use different Wi-Fi network services. Security – because Wi-Fi uses radio waves, it is difficult to protect. Cost – commercial Wi-Fi services are low cost but not free and each service has its own fees and separate accounts for users to logon. WiMax Worldwide Interoperability for Microwave Access, popularly known as WiMax, is the name for IEEE standard 802.16. Wireless access range of up to 31 miles; Data transfer rate of 75 Mbps; Secure system that offers voice and video. 7.3 Mobile Computing and Mobile Commerce Mobile computing refers to real-time, wireless connection between a mobile device and other computing environments, such as the Internet or an intranet and have 2 major characteristics that differentiate it from other forms of computing. 1 Mobility – users carry a mobile device and can initiate a real-time contact with other systems from wherever they happen to be. 2 Broad reach – users can be reached instantly when they carry an open mobile device. The 2 characteristics, mobility and broad reach, create five value-added attributes that break the barriers of geography and time: Ubiquity; Convenience; Instant connectivity; Personalization; Localizations of products and services. Mobile Commerce M-commerce refers to e-commerce (EC) transactions that are conducted in a wireless environment especially via the Internet. The development of m-commerce is driven by the following factors: Widespread availability of mobile devices No need for a PC The “Cell phone culture” Declining prices Bandwidth improvement Mobile Commerce Applications Financial Services Mobile Banking Wireless Electronic Payment Systems Micropayments Mobile (Wireless) Wallets Wireless Bill Payments Intrabusiness Applications Accessing Information Mobile Portal aggregates and provides content and services for mobile users that include news, sports, email, entertainment, travel and restaurant information; community services; and stock trading. Voice Portal is a Web site with an audio interface and can also be accessed through a standard or cell phone. Location-based Applications Shopping from Wireless Devices – online vendors allow customers to shop from wireless devices. Location-based Advertising is when marketers know the current locations and preferences of mobile users, they can send user-specific advertising messages to wireless devices about nearby shops, malls and restaurants. Location-based Services provide information to customers about local services and conditions via cell phones. Wireless Telemedicine Telemedicine is the use of modern telecommunications and information technologies for the provision of clinical care to individuals located at a distance and for the transmission of information to provide that care. Telemedicine Applications Storing and transferring digital images from one location to another. Allowing a patient in one location to consult with a medical specialist in another in real time through videoconferencing. Using robots to perform remote surgery, in most cases, the patient is in a rural area and the specialist is in an urban area. Wireless technology has advanced the ways in which prescriptions are filled. Mobile communications has provided a valuable telemedicine application for emergency situations that arise during airplane flights. Telemetry Applications Telemetry is the wireless transmission and receipt of data gathered from remote sensors. Technicians can use telemetry to identify maintenance problems in equipment; Doctors can monitor patients and control medical equipment from a distance; Car manufacturers use telemetry for remote vehicle diagnosis and preventive maintenance. 7.4 Pervasive Computing Pervasive Computing (Ubiquitous computing) is invisible “everywhere computing” that is embedded in the objects around us – the floors, the lights, our cars, washing machine, microwave oven, cell phones, clothes, and so on. (e.g., smart home, smart appliances) Radio Frequency Identification RFID Technology allows manufacturers to attach tags with antennas and computer chips on goods and then track their movement through radio signals. Auto-ID create a network that connects computers to objects, an Internet of “things”. This Internet of things will provide the ability to track individual items as they move from factories to store shelves to recycling facilities. The problem with RFID has been the expense. Wireless Sensor Networks (WSNs) Wireless Sensor Networks are networks of interconnected, battery-powered, wireless sensors called motes that are placed into the physical environment. Motes collect data from many points over an extended space. Each mote contains processing, storage, and radio frequency sensors and antennaes. Motes provide information that enables a central computer to integrate reports of the same activity from different angles within the network. Mesh Network is composed of motes, where each mote wakes up for a fraction of a second when it has data to transmit and then relays that data to its nearest neighbor. An advantage is if one mote fails, another one can pick up the data. Very efficient and reliable. 7.5 Wireless Security Four major threats Rogue access point is an unauthorized access point to a wireless network. War driving is the act of locating WLANs while driving around a city or elsewhere. Eavesdropping refers to efforts by unauthorized users to try to access data traveling over wireless networks. RF (Radio frequency) jamming is when a person or a device intentionally or unintentionally interferes with your wireless network transmissions. To avoid those previously mentioned threats implement the following solutions: Detect unauthorized access points with devices from NetStumbler; Block your SSIDs; Encrypt wireless transmissions with Wi-Fi Protected Access (WPA); Know who is using your network and what they are doing on it; Automatically shift to a different wireless channel when there is interference.