CYBER SECURITY ASSINGMENT

QUESTION 1: Benefits of EDI (Electronic Data Interchange)

ANSWER:
1. Lower operating costs
EDI lowers your operating expenditure by at least 35% by eliminating the costs of paper, printing,
reproduction, storage, filing,
postage, and document retrieval. It drastically reduces administrative, resource and maintenance costs.
EDI support can lower
other costs as well, such as Matson Logistics who reduced their ASN fines 12% by switching to a more
efficient EDI solution.
2. Improve business cycle speeds
Time is of the essence when it comes to order processing. EDI speeds up business cycles by
61% because it allows for process
automation that significantly reduce, if not eliminate, time delays associated with manual processing
that requires you to enter,
file, and compare data. Inventories management is streamlined and made more efficient with real-time
data updates.
3. Reduce human error and improve record accuracy
Aside from their inefficiency, manual processes are also highly prone to error, often resulting from
illegible handwriting, keying
and re-keying errors, and incorrect document handling. EDI drastically improves an organization’s data
quality and eliminates the
need to re-work orders by delivering at least a 30% to 40% reduction in transactions with errors.
4. Increase business efficiency
Because human error is minimized, organizations can benefit from increased levels of efficiency. Rather
than focusing on menial
and tedious activities, employees can devote their attention to more important value-adding tasks. EDI
can also improve an
organization’s customer and trading partner relationship management because of faster delivery of
goods and services, as well as
5. Enhance transaction security
EDI enhances the security of transactions by securely sharing data across a wide variety of
communications protocols and security standards.
6. Paperless and environmentally friendly
The migration from paper-based to electronic transactions reduces CO2 emissions, promoting corporate
social responsibility.
While many businesses are enjoying the advantages of EDI, some companies are still hesitant to try it
because of a few limitations.

QUESTION 2: Services offered by internet?

ANSWER:
Internet Services allows us to access huge amount of information such as text, graphics, sound and
software over the internet. Following diagram shows the four different categories of internet services.
 INTERNET SERVICES

INFORMATION
COMMUNICATION
RETRIEVAL WEB SERVICES WORLD WIDE WEB
SERVICE
SERVICE

1.Communication services
There are various Communication Services available that offer exchange of information with
individuals or groups. The following are the brief introduction to these services:
a. Electronic mail: Used to send electronic over the internet
b. Telnet: Used to log on to a remote computer that is attached to internet
c. Newsgroup: offers a forum for people to discuss topics of common interests
d. Internet Relay Chat (IRC): allows the people from all over the world to communicate in real
time
e. Mailing Lists: Used to organize group of interest users to share common information
through e-mail
f. Internet Telephony (VoIP): Allows the internet users to talk across Internet to any PC
equipped to receive the call
g. Instant Messaging: Offers real time chart between individuals and group of people. E.g.,
Yahoo, messenger, MSN messenger.
2. Information Retrieval Services
There exist several Information retrieval services offering easy access to information present on
the internet. The following are a brief introduction to these services:
a. File Transfer Protocol (FTP): Enable the users to transfer files
b. Archie: its updated database of public FTP sites and their content. It helps to search a file by
its name
c. Gopher: Used to search, retrieve and display documents on remote sites
d. Very Easy Oriented Netwide Index to Computer Achieved (VERONICA): VERONICA is gopher-
based resource. It allows access to the information resource stored on gopher’s services
3. Web services
Web services allow exchange of information between applications on the web. Using web
services, applications can easily interact with each other. The web services are offered using concept
of Utility Computing.
4. World Wide Web (WWW)
WWW is also known as W3. It offers a way to access documents spread over the several servers
over the internet. These documents may contain texts, graphics, audio, video, hyperlinks. The hyperlinks
allow the users to navigate between the documents.

QUESTION 3: Security Mechanism in E-Commerce.

ANSWER:
Security is an essential part of any transaction that takes place over the internet. Customers will lose
his/her faith in e-business if its security is compromised. Following are the essential requirements for
safe e-payments/transactions −
 Confidentiality − Information should not be accessible to an unauthorized person. It should not be
intercepted during the transmission.
 Integrity − Information should not be altered during its transmission over the network.
 Availability − Information should be available wherever and whenever required within a time limit
specified.
 Authenticity − There should be a mechanism to authenticate a user before giving him/her an access
to the required information.
 Non-Reputability − It is the protection against the denial of order or denial of payment. Once a
sender sends a message, the sender should not be able to deny sending the message. Similarly, the
recipient of message should not be able to deny the receipt.
 Encryption − Information should be encrypted and decrypted only by an authorized user.
 Auditability − Data should be recorded in such a way that it can be audited for integrity
requirements.

QUESTION 4: What is Digital Signature?

ANSWER:
Digital signatures are the public-key primitives of message authentication. In the physical world, it is
common to use handwritten signatures on handwritten or typed messages. They are used to bind
signatory to the message. Similarly, a digital signature is a technique that binds a person/entity to the
digital data. This binding can be independently verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret key known only by
the signer. In real world, the receiver of message needs assurance that the message belongs to the
sender and he should not be able to repudiate the origination of that message. This requirement is very
crucial in business applications, since likelihood of a dispute over exchanged data is very high.

QUESTION 5: Secure Electronic Transaction (SET) Protocol

ANSWER:
Secure Electronic Transaction or SET is a system which ensures security and integrity of electronic
transactions done using credit cards in a scenario. SET is not some system that enables payment but it is
a security protocol applied on those payments. It uses different encryption and hashing techniques to
secure payments over internet done through credit cards. SET protocol was supported in development
by major organizations like Visa, Mastercard, Microsoft which provided its Secure Transaction
Technology (STT) and Netscape which provided technology of Secure Socket Layer (SSL). SET protocol
restricts revealing of credit card details to merchants thus keeping hackers and thieves at bay. SET
protocol includes Certification Authorities for making use of standard Digital Certificates like X.509
Certificate.