ELECTRONIC DATA INTERCHANGE (EDI)

EDI is the concept of businesses electronically communicating information that was traditionally
communicated on paper, such as purchase orders and invoices. Technical standards for EDI exist to
facilitate parties transacting such instruments without having to make special arrangements.
EDI documents generally contain the same information that would normally be found in a paper
document used for the same organizational function.

CLIENT-SERVER ARCHITECTURE
The Internet has brought revolutionary change in the world of technologies, bringing the entire
globe interconnected. But it follows some specific architecture and structure for communication.
The popular is the client-server architecture which is a computing model, where the server hosts,
distributes and controls the majority of the resources as well as services to be used by the client.
Such structural designs are made up of one or more client systems connected to central or main
servers through a network, which we usually know as an Internet connection. All such systems
associated with it share computing resources.

The client-server architecture is also termed as a network-computing structure because every

request and their associated services are distributed over a network. So now the question is how
the thing works? In the client-server architecture, when the client computer sends a request for
data to the server through the internet, the server accepts the requested, process it and deliver the
data packets requested back to the client. One special feature is that the server computer has the
potential to manage numerous clients at the same time. Also, a single client can connect to
numerous servers at a single timestamp, where each server provides a different set of services to
that specific client.

Client-server architecture, architecture of a computer network in which many clients (remote

processors) request and receive service from a centralized server (host computer).
Clients are often situated at workstations or on personal computers, while servers are located
elsewhere on the network, usually on more powerful machines. This computing model is
especially effective when clients and the server each have distinct tasks that they routinely
perform.
The client-server model describes how a server provides resources and services to one or
more clients.
Examples of servers include web servers, mail servers, and file servers. Each of these servers
provide resources to client devices, such as desktop computers, laptops, tablets,
and smartphones. Most servers have a one-to-many relationship with clients, meaning a single
server can provide resources to multiple clients at one time.
When a client requests a connection to a server, the server can either accept or reject the
connection. If the connection is accepted, the server establishes and maintains a connection with
the client over a specific protocol. For example, an email client may request
an SMTP connection to a mail server in order to send a message. The SMTP application on the
mail server will then request authentication from the client, such as the email address and
password. If these credentials match an account on the mail server, the server will send the email
to the intended recipient.
Online multiplayer gaming also uses the client-server model.

Client/Server Architecture The client/server architecture significantly decreased

network traffic by providing a query response rather than total file transfer. It allows
multi-user updating through a GUI front end to a shared database. Remote Procedure
Calls (RPCs) or standard query language (SQL) statements are typically used to
communicate between the client and server.
The following are the examples of client/server architectures.
1) Two tier architectures A two-tier architecture is where a client talks directly to a
server, with no intervening server. It is typically used in small environments(less than 50
users).
In two tier client/server architectures, the user interface is placed at user's desktop
environment and the database management system services are usually in a server that is
a more powerful machine that provides services to the many clients. Information
processing is split between the user system interface environment and the database
management server environment.
2) Three tier architectures The three tier architecture is introduced to overcome the
drawbacks of the two tier architecture. In the three tier architecture, a middleware is used
between the user system interface client environment and the database management
server environment.
These middleware are implemented in a variety of ways such as transaction processing
monitors, message servers or application servers. The middleware perform the function
of queuing, application execution and database staging. In addition the middleware adds
scheduling and prioritization for work in progress.
The three tier client/server architecture is used to improve performance for large number
of users and also improves flexibility when compared to the two tier approach.
The drawback of three tier architectures is that the development environment is more
difficult to use than the development of two tier applications.

WORLD WIDE WEB

The World Wide Web is a distributed collection of hypermedia documents/objects that are inter-
linked together. Web servers store the information, and web clients or browsers access this
information. English scientist Tim Berners-Lee invented the World Wide Web in 1989. The World Wide
Web has been central to the development of the Information Age and is the primary tool billions of people use
to interact on the Internet.
Web resources may be any type of downloaded media, but web pages are hypertext media that have
been formatted in Hypertext Markup Language (HTML). Such formatting allows for embedded hyperlinks that
contain URLs and permit users to navigate to other web resources. In addition to text, web pages may
contain images, video, audio, and software components that are rendered in the user's web browser as coherent
pages of multimedia content.

The World Wide Web, or Web, consists of a worldwide collection of electronic documents
(Web Pages)
A Web Site is a collection of related Web Pages and associated items.
Various types of WEB SITES are: PORTAL, NEWS, INFORMATIONAL,
BUSINESS/MARKETING, BLOG, WIKI, ONLINE SOCIAL NETWORK, EDUCATIONAL,
ENTERTAINMENT etc.
A Web Server is a computer that delivers requested Web pages to your computer.
A Web browser, or browser, allows users to access Web pages.
Example: Internet Explorer, Firefox, Opera, Safari and Google Chrome.
A Home Page is the first page that a web site displays. Web Pages provide links to other related
pages.
A Web Page has a unique address called a URL or Web Address.
(URL – UNIFORM RESOURCE LOCATOR)
Tabbed browsing allows you to open and view multiple Web Pages in a single Web browser
window.

A Search Engine is helpful in locating items such as: IMAGES, VIDEOS, AUDIOS, NEWS,
MAPS, PEOPLE, BLOGS etc.

Hypertext Markup Language (HTML) is the standard markup language for creating web
pages and web applications.

CLIENT SERVER NETWORK SECURITY PROBLEMS /

EMERGING CLIENT SERVER SECURITY THREATS

Security problems in a client-server environment:

-Physical security: when unauthorized user gains physical access to computers by guessing
the passwords of various users.
-Software security: A software security breach occurs when program are compromised and
made to execute operations which they should not be legally be doing.
-Inconsistent usage: Assembling is a growing problem due to the complexity of the software
and security gets compromised.
-Physical security: when unauthorized user gains physical access to computers by guessing
the passwords of various users.
-Software security: A software security breach occurs when program are compromised and
made to execute operations which they should not be legally be doing.
-Inconsistent usage: Assembling is a growing problem due to the complexity of the software
and security gets compromised.

VARIOUS TRANSFER PROTOCOLS

• HTTP
– Hyper-Text Transfer Protocol
– Allows transfer of requests for web pages from clients and the retrieved web
pages from servers to clients for display.

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed,

collaborative, hypermedia information systems. HTTP is the foundation of data communication
for the World Wide Web, where hypertext documents include hyperlinks to other resources that
the user can easily access, for example by a mouse click or by tapping the screen in a web browser.
HTTP was developed to facilitate hypertext and the World Wide Web.
 –
• S-HTTP
– Secure HTTP
– An extension of HTTP that provides various security features such as client
server authentication.
– Also allows web clients and servers to specify privacy capabilities.

SHTTP (Secure Hypertext Transmission Protocol) is more advanced version of HTTP that
provide security through encryption. HTTPS (Hypertext Transmission Protocol Secure) is
normal HTTP over SSL/TLS. SHTTP encrypt data transfer, but does not authentic client.

• FTP
– File Transfer Protocol
– A common mechanism of communicating files between computers connected
to the Internet. IT is an Internet standard that permits file uploading and
downloading with other computers on the Internet.

The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of computer
files between a client and server on a computer network.

File Transfer Protocol (FTP) is a client/server protocol used for transferring files to or
exchanging files with a host computer. It may be authenticated with user names and passwords.
Anonymous FTP allows users to access files, programs and other data from the Internet without
the need for a user ID or password. Web sites are sometimes designed to allow users to use
'anonymous' or 'guest' as a user ID and an email address for a password. Publicly available flies
are often found in a directory called pub and can be easily FTPed to a user’s computer. FTP is
also the Internet standard for moving or transferring files from one computer to another using
TCP or IP networks.
File Transfer Protocol is also known as RFC 959.

E-commerce payment system

An e-commerce payment system facilitates the acceptance of electronic payment for online
transactions. Also known as a sample of Electronic Data Interchange (EDI), e-commerce
payment systems have become increasingly popular due to the widespread use of the internet-
based shopping and banking.
Over the years, credit cards have become one of the most common forms of payment for e-
commerce transactions.
It would be difficult for an online retailer to operate without supporting credit and debit cards
due to their widespread use. Increased security measures include use of the card verification
number (CVN) which detects fraud by comparing the verification number printed on the
signature strip on the back of the card with the information on file with the cardholder's issuing
bank.
Also online merchants have to comply with stringent rules stipulated by the credit and debit card
issuers (Visa and MasterCard), this means that merchants must have security protocol and
procedures in place to ensure transactions are more secure. This can also include having a
certificate from an authorized certification authority (CA) who provides PKI (Public-Key
infrastructure) for securing credit and debit card transactions.
Credit cards constitute a popular method of online payment but can be expensive for the
merchant to accept because of transaction fees primarily. Debit cards constitute an excellent
alternative with similar security but usually much cheaper charges. Besides card-based
payments, alternative payment methods have emerged and sometimes even claimed market
leadership. Wallets like PayPal and Alipay are playing major roles.
Bank payments
This is a system that does not involve any sort of physical card. It is used by customers who have
accounts enabled with Internet banking. Instead of entering card details on the purchaser's site, in
this system the payment gateway allows one to specify which bank they wish to pay from. Then
the user is redirected to the bank's website, where one can authenticate oneself and then approve
the payment. Typically there will also be some form of two-factor authentication.
PayPal
PayPal is a global e-commerce business allowing payments and money transfers to be made
through the Internet. Online money transfers serve as electronic alternatives to paying with
traditional paper methods, such as cheques and money orders.
Three basic categories of Credit card payment on online - MAESTRO, VISA and
MASTERCARD.