|
Items in cart [0] |
Questions? Call 888-624-8373 |
| Copyright © 2009. National Academy of Sciences. All rights reserved. Terms of Use and Privacy Statement |
Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 521
Page 521
59
Electronic Commerce
Dan Schutzer
Citibank Corporation
Electronic commerce is the ability to perform transactions
involving the exchange of goods or services between two or more
parties using electronic tools and techniques. It offers many
advantages over traditional paper-based commerce:
•
It provides the customer with more choices and
customization options by better integrating the design and
production processes with the delivery of products and
services;
•
It decreases the time and cost of search and
discovery, both in terms of customers finding products and services
(e.g., shopping, navigating) and companies finding customers (e.g.,
advertising, target marketing);
•
It expands the marketplace from local and regional
markets to national and international markets with minimal capital
outlay, equipment, space, or staff;
•
It reduces the time between the outlay of capital
and the receipt of products and services (or vice versa);
•
It permits just-in-time production and
payments;
•
It allows businesses to reduce overhead and
inventory through increased automation and reduced processing
times;
•
It decreases the high transportation and labor
costs of creating, processing, distributing, storing, and
retrieving paper-based information and of identifying and
negotiating with potential customers and suppliers;
•
It enables (through automated information)
production of a reliable, shareable historical database of design,
marketing sales, and payment information; and
•
It facilitates increased customer responsiveness,
including on-demand delivery.
A convergence of several factors has recently lifted electronic
commerce to a new level of utility and viability. These factors
include the increased availability of communications and
communications bandwidth, the reduced cost and increased
user-friendliness of computers and communications, the growth of
the Internet and online services, and the drive toward global
competitiveness.
Currently, online purchases account for only 4 percent of total
global purchases; online purchases via such precursors as the
Internet are practically nonexistent. But electronic commerce is
likely to grow dramatically over this decade. For example, it is
predicted that within 6 years, global shoppers will use the
national information infrastructure (NII) to purchase $500 billion
of goods and services; this represents almost 8 percent of current
purchases worldwide. And by 2005, the number of NII-based
transactions is expected to rise to 17 billion, which is almost
half the number of transactions made in today's credit card
market.
Electronic Commerce Today
In recent years, great strides have been made to automate many
of the labor-intensive paper-based aspects of commerce. Examples
abound of corporations that use electronic data exchange (EDI),
electronic mail (e-mail), electronic forms (e.g., for ordering or
for contracting), and electronic catalogs, and of electronic
financial networks that speed the transfer, settlement, and
clearing of funds and other financial instruments. These
OCR for page 522
Page 522
electronic tools and techniques provide many benefits to both
customers and merchants. EDI standards, for example, enable fast,
accurate information exchange between different automated systems
in routine, relatively simple business transactions.
Unfortunately, despite the widespread use of numerous methods of
electronic support, electronic commerce is still not the most
common method of carrying out business transactions. This is so for
several reasons. For one thing, most business transactions still
require the physical exchange of paper documents and instruments,
with the inherent costs and delays this represents. For another,
current electronic commerce approaches are not sufficiently well
integrated, secure, open, or easy to use:
•
Partial solutions. Current electronic
commerce implementations automate only a portion of the entire
transaction process. For example, although ordering and
distribution of an information-based product (such as an electronic
magazine or a software program) can be nearly simultaneous, the
supporting accounting and inventory information, payment, and
actual funds transfer tend to lag, often by days. This time lag,
and the resulting decoupling of the accounting and payment
information from the ordering and delivery of goods and services,
increases the transaction's credit risks. It also increases the
likelihood of discrepancies between the various information
sources, requiring expensive and time-consuming reconciliation.
Finally, today electronic commerce implementations are costly to
develop and operate. Their high cost of entry does not make them
feasible for many of the more spontaneous, high-volume, low-value
electronic transactions (e.g., the sale and distribution of
electronic information-based products, such as magazine articles
and photograps) envisioned for the future. A fully integrated
electronic commerce solution would let users maximize their control
over their cash flows; for instance, it would allow the majority of
their funds to work for them in bank savings accounts and/or
investments, and it would minimize cash shortfalls. It would also
eliminate the gaps between ordering, distribution, and payment,
enabling development of real-time links to recordkeeping and
accounting systems with minimal transaction costs.
•
Rigid requirements. Electronic commerce
applications usually require highly structured protocols,
previously established arrangements, and unique proprietary
bilateral information exchanges. These protocols, arrangements, and
exchanges for the most part involve dedicated lines and/or
value-added networks (VANs) and batch processing. For example, EDI
requires rigid agreements between the two or more transacting
parties about the structure and meaning of data. These agreements
are often time-consuming to negotiate, inflexible, and difficult to
maintain, especially in a rapidly changing business environment.
The resulting costs and necessary lead times frequently create
barriers to investment in and widespread use of electronic commerce
applications by small and medium-size companies and inhibit the
expansion of electronic commerce beyond large companies and their
major trading partners.
•
Limited accessibility. The consumer cannot
usually communicate or transact with vendors in a simple, direct,
free-form environment in today's electronic commerce applications.
For example, to access most electronic shopping services, a
consumer must subscribe to an online service (e.g., Prodigy or
cable TV shopping channels) that then provides proprietary hardware
and/or software with which to communicate with the vendors that
have also registered with that service.
•
Limited interoperability. Most current
implementations depend on proprietary solutions, which do not
easily interoperate, if at all. Internet e-mail and the World Wide
Web are notable exceptions. A truly interoperable electronic
commerce infrastructure would allow parties to conduct their
transactions in private, without paying any fees to intermediaries
unless they provide some real added value, such as credit services.
This infrastructure would make it easier for any and all interested
persons to become service providers as well as consumers.
•
Insufficient security. The lack of personal
contact and the anonymity associated with doing commerce over a
telecommunications network make it difficult to authenticate
parties and detect intruders; this in turn makes the system
vulnerable to fraud and increases the need for security services.
Additionally, the speed with which electronic commerce can be
conducted leaves parties with less to react, check, and respond
appropriately, again creating the potential for system fraud and
abuse. Lack of sufficient security inhibits the introduction of
direct, secure, real-time electronic payment and settlement systems
that can support secure exchanges without prearrangements or third
parties.
OCR for page 523
Page 523
•
Inadequate search capabilities.
Participants in today's electronic commerce applications must find
methods and means of navigating effectively through the sea of
rapidly increasing online electronic information and services to
find trading partners and items of interest. This problem will only
increase as more information and businesses go online.
Electronic Commerce Tomorrow: Building
the Infrastructure
Many new systems and service initiatives have been announced for
the Internet and the evolving NII that address one or more of these
current deficiencies to varying degrees. These include initiatives
such as (1) CommerceNet and Secure Hypertext Transport Protocol
(SHTTP), (2) electronic catalogs, (3) advanced search engines, (4)
e-mail-enabled EDI, and (5) digital cash. Additionally, several
alliances and partnerships have been announced that address the
need for secure, affordable payment, linked in real time to
ordering and billing systems. These initiatives include ventures by
Open Market, Microsoft/Visa, Netscape/First Data/MasterCard/Bank of
America, Cybercash/Wells Fargo, American Express/America Online,
First Virtual/EDS, NetBill, NetCash, Cafe-Digicash, Mondex,
NetCheque, NetAccount, Netchex, AT&T, and InternetMCI. More
such alliances and start-ups are announced each day. These
initiatives promise to accelerate the future growth of electronic
commerce and rapidly decrease the overhead and time associated with
today's paper- and people-intensive activities.
So, in the near future, we should see a broad range of new
value-added electronic commerce services, including the following
built around trust and security:
•
Authentication over public networks;
•
Certification of information, parties, and
transactions;
•
Performance bonding;
•
Electronic escrow;
•
Automated dispute resolution;
•
Transaction insurance;
•
Appraisal services;
•
Various electronic broker services; and
•
Trusted agents to resolve disputes and claims.
All of these initiatives must be developed within a common
framework, or we run the risk of creating isolated,
noninteroperable implementations that will inhibit progress toward
truly free, open, and spontaneous electronic commerce. The joint
ventures listed here, for instance, all vary in their approach to
security and privacy, their ability to handle micropayments, and
their applicability to various types of transactions. They also
differ in their business models—for example, in their pricing
strategy and in their assumptions as to who bears the risk in case
of insufficient funds or disputes.
The electronic commerce infrastructure must therefore do the
following:
•
Allow for interoperability. The
infrastructure must be based on a common set of services and
standards that ensure interoperability. Preferably, these services
and standards can be used as standard building blocks that service
providers and application designers can combine, enhance, and
customize.
•
Allow for maximum flexibility to permit
innovation. As the NII evolves, it will grow and mature
significantly, possibly in ways not even imaginable today. As it
grows, new services and businesses will emerge. For example, NII's
electronic marketplace will provide new opportunities for
narrow-case marketing to short-lived niche markets. Also, existing
services and products will be redefined and modified. The
electronic commerce infrastructure will have to be sufficiently
flexible to accommodate all of these changes and be able to address
new applications and new requirements as they arise.
OCR for page 524
Page 524
Issues Related to Electronic Commerce
Activities
Some related issues important to the design of an electronic
commerce framework are discussed below:
•
Nature of information products. A
particularly important class of products on the NII are products
that are pure information. In the information age, a large percent
of commerce will never be embodied physically. Information products
are enabled by information technology and not just distributed more
efficiently by it. These products can include not just electronic
publications, catalogs, videos, and the like, but also interactive
video games, software programs, electronic keys and tokens,
customized design specifications, and even electronic keys that can
open hotel rooms, cars, storage compartments, and airport boarding
gates. Furthermore, these information products are not created
entirely by the service provider but can be designed or customized
by the customer (e.g., customers can create their own selection of
articles to be bound in an electronic book, or their own custom
clothing design), adding a customer-driven activity call designed
to fit with the purchase cycle. It is also likely that, for these
products, ordering, billing, payment, and distribution would likely
all happen simultaneously.
•
Advanced revenue collection methods. The
electronic commerce infrastructure will need to support advanced
types of revenue collection, in addition to traditional methods
(e.g., payment upon receipt, payment in advance). For example, an
information product service provider could distribute its product
widely and charge on a usage basis—that is, charge the user
only when the information (e.g., a software program, a digital
document, an electronic key that can open and start a rental car)
is used. One innovative approach that permits usage accounting and
payment is called ''meterware." It provides local hardware and/or
software to continuously record and bill customers based on their
usage. Meterware and other advanced revenue collection ideas (e.g.,
payment schemes, such as electronic cash and electronic checks,
which do not require the presence of an online payment processor)
create opportunities for reaching new customers and for
distributing products and services; these make great sense in a
low- or zero-distribution cost environment and should be supported
by the electronic commerce infrastracture.
•
Transaction devices. Electronic commerce
transactions currently involve all manner of devices (e.g.,
telephone, fax, point-of-sale device), media (e.g., electronic
data, image, voice, paper), and networks (cable, wire, satellite,
cellular) over which they will be delivered. As a result, the
system infrastructure must accommodate all of these devices, media,
and communications networks, without degrading them to the lowest
common denominator.
•
Legacy systems. The electronic commerce
domain has a large quantity of legacy systems that it needs to
interface to and ultimately phase out of as it evolves to more
modern systems, applications, and processes. These legacy systems
and processes (e.g., paper checks, mainframe-based settlement and
payment systems, and EDI VANs) will not be replaced overnight. A
successful electronic commerce infrastructure must allow the user
to easily and transparently transfer between and switch back and
forth between the new, all-electronic and the older, hybrid legacy
systems and processes.
•
Public data. Finally, libraries of publicly
available and accessible files of registered contracts, financial
reports, and holdings, as well as catalogs and lists of products,
data, and services, if made part of the NII domain-specific
infrastructure being offered by various electronic commerce vendors
and information providers, could be interfaced with this electronic
commerce scenario to further enrich it.
As new initiatives start up under a common framework and set of
standards, performed over low-cost commodity computers linked by
open public networks, competitive pressures and technology advances
should drive down associated costs and time and increase
interoperability and competitiveness. New forms of commerce will
arise that were impractical under the old cost structure, and the
virtual enterprise will be fully realized. Consider the following
examples of what life might be like in the future NII if this
electronic commerce infrastructure is realized.
OCR for page 525
Page 525
Sample Commercial Scenario
Commercial Example
Mary wants to lease some warehouse space in a distant city that
she will use as a distribution hub. Her main concerns are location,
price, and early occupancy. She clicks an icon displayed on her PC
that establishes an online connection to several broker icons
advertised on the World Wide Web (WWW). She clicks on each of these
broker icons in turn to scan their home pages. Soon, she finds a
property for lease that seems to match what she is looking for. The
property is at the intersection of two major highways, has
sufficient square footage, is being offered for a reasonably
monthly price, and is available for lease at the beginning of the
next month.
Mary checks the broker's credentials by clicking on a
certification icon. The broker's credentials are immediately
transmitted to a reference service for authentication. Within
seconds, the reference service sends Mary an e-mail message with
the certification attached; Mary is alerted to the arrival of this
message by a special interrupt tone on her workstation.
Mary then clicks on the appropriate button, and an electronic
application form to lease the property appears. She begins to fill
out this form and inserts her electronic bank card into the PCMCIA
slot in her PC, which digitally signs the application with her
financial credentials and binds the application data to her
signature so that it cannot be altered. Mary then clicks the send
button to transmit the application to the broker. The application
contains her identification, billing address, and permission for
the broker to obtain a credit reference from her bank. Mary then
closes the broker page and turns to another task.
Several minutes later, the broker has completed a review of
Mary's application, including obtaining and analyzing her bank's
credit reference. Most of this work was performed by intelligent
software agents that were automatically activated and tasked upon
receipt of Mary's electronic application form. Since Mary's
background check was routine and acceptable, the application's
approval was automatic. Accordingly, the broker can send Mary a
standard rental contract. She receives this as an e-mail attachment
concurrent with notification of acceptance of her application.
Mary inspects the contract and finds its terms generally
acceptable, except for two items:
•
Mary wants a 15-day grace period rather than the
5-day period specified in the contract; and
•
Although she has no problem with her bank
transferring payment electronically to the broker's bank account on
the 15th of each month, she does not want this to occur without her
first being notified, in case for some reason she needs to override
and stop the automatic electronic funds transfer.
Mary e-mails these exception items to the broker, who reads and
approves the changes, and makes one additional change: He specifies
the conditions under which Mary is justified in stopping payment.
This information is communicated via e-mail to Mary, who finds the
conditions acceptable and date/time-stamps them, and again
digitally signs the digital contractual agreement. She sends it
back to the broker, who in turn digitally co-signs it. The process
is witnessed by a network notary, who digitally signs the contract
as witness; holds the original digital copies; and sends
authenticated copies to Mary, the broker, their respective banks,
and the appropriate government agency for filing and recording.
Now, each month Mary's bank notifies her by e-mail that it will
electronically transfer funds from her account to the broker's
account unless it receives override instructions from her within 24
hours. Mary completes the required acknowledgment of these
electronic notices and date/time-stamps them. When the bank
electronically withdraws funds from her account to meet the lease
agreement, this information is automatically transmitted to the
broker via e-mail. The broker's financial software agent
automatically makes the electronic deposit of the funds.
Intelligent agents for the bank and broker then automatically
update all appropriate financial records.
OCR for page 526
Page 526
Sample Retail Consumer Scenario
Dave gets an e-mail inviting him to a formal black-tie dinner
tomorrow when he returns from his business trip. Unfortunately, he
does not own a tuxedo and is 3,000 miles from his home. In the
past, he has ordered a rental tuxedo from a neighborhood store via
computer. Since his last promotion, however, he has been getting
invited regularly to formal affairs and can easily justify buying
rather than renting a tux. He dials up his electronic yellow pages,
searches for tuxedo manufacturers, explores their interactive
multimedia advertisements, and finally finds a supplier to his
liking. It allows him to customize his own tuxedo design online and
promises 24-hour delivery to any location in the United States.
Dave requests linkage to the tuxedo manufacturer's interactive
design facility. A range of charges that vary according to the
quality of transmission (image resolution and response time) is
displayed, and Dave is prompted to make a selection and to insert
his American AAdvantage Citibank Visa smart card into his PC
reader. Dave makes a selection and inserts the card, which issues a
payment transfer from his credit card account to the electronic
yellow pages, subject to Dave's approval and authorization. Dave
approves the charge, digitally signs the authorization sealed with
his unique personally encrypted retinal scan recorded by a camera
mounted in his portable PC, and inserts his card, thereby
transferring the payment. Dave is connected to the tuxedo
manufacturer design service.
The tuxedo manufacturer requests that Dave transfer his
dimensions. Dave does so easily, his dimensions being stored on a
file in his PC. The manufacturer then transmits a number of images
of typical tuxedo designs for Dave's selection. Dave enlarges a few
of these images to full size, adjusted to his form and dimensions.
He rotates them and views them in three-dimensional projection from
many viewpoints, and selects one. He then proceeds to manipulate
this design using his electronic pen; he makes minor adjustments
and changes to the tuxedo, raising the waist and tapering the pants
legs to better match his personal taste. He next specifies the
material: 100 percent wool, treated for stain-proofing and
wrinkle-proofing. When it is finished, Dave transmits the revised
design to the manufacturer, along with the desired delivery date
and location. The manufacturer replies with a charge appended to
the design; this specifies the delivery date and location, and the
terms and conditions of payment (either a credit card charge now,
or a 20-percent-down cash transfer now with the remainder due in
cash on delivery). Dave digitally signs the electronic agreement
with his American AAdvantage Citibank Visa smart card, which he
uses as payment, and sends it back to the manufacturer.
The manufacturer receives the order and payment, and issues the
design specifications along with a unique order number to its
factory for manufacture. At the same time, the manufacturer sends
an order to Federal Express for pickup and delivery of the
completed suit that afternoon; this order includes the suit's
unique order number, delivery address, customer name, and
identifying encrypted retinal scan. By 3:00 p.m., the completed
tuxedo has been picked up by the messanger.
At 8:00 the next morning, Dave arrives at his office. Within 2
hours, a Federal Express messenger arrives at his office with the
suit. Dave authenticates himself, matches his retinal scan, and
receives the tuxedo in plenty of time for the evening's formal
dinner.
Scope of Proposed Electronic Commerce
Infrastructure Framework
To achieve the vision outlined above for electronic commerce, we
need a comprehensive architectural framework and a set of base
infrastructure services and standards around which these and future
initiatives can be designed. The architecture must permit the
flexibility, interoperability, and openness needed for the
successful evolution of electronic commerce over the NII. This
framework, and its service and products, will offer the consumer a
diverse set of interoperable choices, rather than a collection of
independent "stovepipe" solutions.
This framework should set the groundwork for developing the
electronic commerce infrastructure. To this end, we begin by
discussing the basic activities and functions associated with
electronic commerce, identifying the key building blocks required
to support those functions and activities, and describing key
infrastructure services and application programming interfaces
(APIs). These services and APIs are placed within an electronic
commerce application architectural framework consisting of a
services infrastructure layer and an
OCR for page 527
Page 527
applications layer that interface with each other and with the
physical layer. These layers are defined in terms of APIs and
objects from which the various electronic commerce applications can
be constructed.
Electronic Commerce Activities and
Functions
There are nine key activities in commerce:
•
Advertising and shopping,
•
Negotiating,
•
Ordering,
•
Billing,
•
Payment and settlement,
•
Distribution and receipt,
•
Accounting,
•
Customer service, and
•
Information and knowledge processing.
The specific functions associated with these activities in an
electronic commerce setting are discussed below. Note that not all
of these activities are performed in every transaction, nor are
they necessarily performed in this order; indeed, they may be
performed in parallel. Also, the activities are not necessarily all
conducted electronically. Finally, these activities can vary in
complexity and importance depending on the size and scope of the
transaction.
Advertising and Shopping
Advertising and shopping can include the following:
•
A potential buyer browsing electronic yellow pages
and catalogs on a network;
•
An agent shopping on behalf of one or many buyers
and/or sellers;
•
A buyer sending an electronic request for proposal
(RFP), and sellers responding with various offers;
•
Sellers advertising their products and services;
and
•
Buyers electronically navigating and/or browsing
through the World Wide Web's online services.
A major problem associated with the advertising and shopping
activity is the cost and time expended in developing, maintaining,
and finding relevant information, products, and services, given the
plenitude of available information. Obviously, this problem will
become increasingly complex as more data and services become
available online and the choices and possibilities multiply
exponentially. We need new and better ways to find services and
information and to publish and update this information.
Negotiating
Buyers and sellers may elect to negotiate the terms of a
transaction (i.e., the terms of exchange and payment). These terms
may cover delivery, refund policies, arranging for credit,
installment payments, copyright or license agreements, usage
rights, distribution rights, and so on. These terms can be
standardized for routine commodity use, or customized to suit
unique individual situations. Often, in the case of two parties
with a well-established business relationship, the terms of
exchange are prenegotiated as standing contractual terms for all
their future exchanges. Often, this process will also include
authentication of the two parties.
OCR for page 528
Page 528
Ordering
The buyer eventually issues a contractual agreement of the terms
of exchange and payment. This contractual agreement is generally
issued as an order, which sets forth the quantity, price, and other
terms of the transaction. The order may be verbal, in writing, or
electronic. It usually includes an acknowledgment of agreement by
the various parties in order to help prevent any future
repudiation. This agreement can be confirmed electronically through
cryptographic techniques such as digital signatures.
In the case of some commodity purchases, the entire transaction
may begin at this ordering stage, bypassing the
advertising/shopping and negotiating activities. The ordering
activity applies to all transactions, regardless of whether billing
will be involved. For example, even requests for free public
information should be issued as formal orders so that the service
provider can record and account for information requests.
Billing
Once a seller has delivered goods or services, a bill is sent to
the buyer. This bill generally includes remittance information that
should accompany the payment. Sometimes, a seller may require
payment in advance. Sometimes, a supplier sends advance shipping
notification, and the customer agrees to authorize payment upon
confirmation of the arrival of the products. And in some cases, as
with the free information example cited above, this activity is
eliminated entirely.
Payment and Settlement
The buyer, or some financial intermediary, eventually sends some
form of electronic payment (this could be some form of contract or
obligation, such as authenticated payment instructions or digital
cash), usually along with some remittance information to the
seller. This payment may occur for a single item, on a usage basis,
or with a single payment for multiple items or usage. Settlement
occurs when the payment and remittance information are analyzed by
the seller or the seller's agent and accepted as valid.
Distribution and Receipt
Either before, after, or concurrent with payment, the seller
arranges for delivery of the purchased goods or services to the
buyer, and the buyer provides the seller with proof of receipt.
Policies regarding customer satisfaction and return should be
negotiated prior to this activity and made part of the contract
between buyer and seller. For larger, more complex orders,
distribution may involve more than two parties and entail
complicated distribution coordination strategies. An ancillary
distribution service involves acting as a fiduciary, and holding
goods, certificates, bonds, stocks, and the like in trust.
Accounting
This activity is particularly important to corporate customers
and suppliers. Both buyer and seller must reconcile all electronic
transactions in the accounts receivable and accounts payable,
inventory information, and accounting systems. Account and
management information system records must also be updated. This
activity can involve third parties, if the transacting businesses
outsource their accounting services.
Customer Service
Customer service entails the following:
OCR for page 529
Page 529
•
Providing the buyer with timely information as to
the progress of a transaction;
•
Handling customer requirements when transactions
go awry—that is, resolving any mistakes, disputes, or
complaints concerning product quality, delivery, or payment (this
includes managing returns and refunds, further exchanges, and/or
repairs); and
•
Providing expert advice and assistance in the use
of the products and services.
Customer service also involves providing general cash management
advice, including addressing foreign exchange imbalances and risk
exposures, collection of delinquent payments and late fees, and
repossessing products for which payment is long overdue.
Information and Knowledge
Processing
A final key activity in electronic commerce is the collection,
management, analysis, and interpretation of the various data to
make more intelligent and effective transaction-related decisions.
Examples include collecting business references, coordinating and
managing marketing strategies, determining new product offerings,
granting and extending credit, and managing market risk.
Performance of these tasks often involves the use of advanced
information management techniques, including models and simulations
and collaborative computing technologies to support conferencing
and distributed workflow processes.
These tasks will become more difficult as the sources of
information grow in number and are of increasingly diverse and
uncertain quality. Additionally, procurement of this information
may raise significant privacy concerns and issues.
A Model for Electronic Commerce
To support the electronic commerce activities and functions
discussed here, and to accelerate the electronic commerce vision
described earlier, we need an open electronic commerce architecture
and a set of agreed-upon electronic commerce infrastructure
standards and services. These elements are detailed in the
following sections; here we describe an overall model of electronic
commerce.
Major electronic commerce applications can be built by
interfacing and integrating, through APIs, elemental electronic
commerce building blocks and services; these latter are provided by
a variety of service providers and application designers. The
enabling infrastructure services include those needed to provide
requisite transaction integrity, authentication, and privacy. The
enabling services and APIs must be at a low enough level of detail
(granularity) to provide open, seamless links to the key electronic
commerce building blocks and services; they also must be simple and
flexible enough to permit user customization and continuous
improvement and evolution over time. To maximize flexibility and
modularity while admitting alternative competing implementations,
an object model is preferred for describing and invoking these
building blocks.
The object model has close parallels with the digital object
model associated with the Defense Advanced Research Projects Agency
(DARPA) Digital Library Program. Both object models share many of
the same needs and attributes (i.e., the need for naming, updating,
retrieving, routing, pricing, and maintaining a repository of
digital objects, and for addressing copyright and usage concerns).
Three key questions remain:
1.
Should the application objects and services be
self-describing?
2.
How should they be standardized, named, accessed,
and updated (i.e., should we adopt object request broker
standards)?
3.
How can they best be interfaced and integrated
into existing processes, procedures, and legacy systems?
OCR for page 530
Page 530
Electronic Commerce Architecture
We envision a three-layered electronic commerce architecture, in
keeping with that described in a previous Cross-Industry Working
Team (XIWT) paper, with an architecture consisting of the
following:
•
The physical communications and computing
infrastructure;
•
An enabling infrastructure services layer; and
•
An applications layer composed of an API layer and
an application object layer.
This architecture includes the infrastructure services needed to
support the major electronic commerce activities discussed here and
the key electronic commerce services, objects, and APIs discussed
below.
Infrastructure Services
Several generic infrastructure services are critical to a
successful electronic commerce framework:
•
Reliable communications services;
•
Common security services;
•
Access control services;
•
Translator services;
•
A software agent management and communications
infrastructure; and
•
Distributed information resource discovery,
retrieval, and synchronization and replication services (e.g.,
search engines, browsing, and publishing tools).
All of these services will probably be needed for most other
applications domains as well and have been or will be discussed in
other XIWT papers in this regard. In this section, we discuss these
elements with particular reference to their application in an
electronic commerce setting. We also discuss specific services
unique to electronic commerce (e.g., paying and accounting).
Communications Services
For electronic commerce, existing communications mechanisms
(e.g., virtual circuits, routing and addressing, datagrams, e-mail,
file transfer protocol [FTP], HTTP, with image and other multimedia
extensions) must be extended to incorporate the following
features:
•
Reliable, unalterable message delivery not subject
to repudiation;
•
Acknowledgment and proof of delivery when
required;
•
Negotiated pricing by usage and/or quality of
service; and
•
Directory services that can be rapidly updated and
that support quick retrieval.
These extensions are either generally available or under
development. However, to support electronic commerce, they must
work across a variety of information and communications devices
(including telephones, personal computers and workstations, set-top
boxes, and personal information managers and communicators);
human-machine interfaces (ranging from character text to virtual
reality, and from keyboard and electronic pen to speech recognition
and gestures); communications media (including satellites, cable,
twisted wire pair, fiber optics, and wireless, which includes
constraints on available communications bandwidth and reliability);
and nomadicity (which includes supporting location independence,
and remote personal file storage with privacy encryption).
OCR for page 531
Page 531
Common Security Mechanisms
Security is a critical component of any electronic commerce
application and must be addressed in designing any electronic
commerce service infrastructure. Electronic commerce system
security should provide the following types of guarantees to the
user:
•
Availability. The system should prevent
denial of service to authorized users—for example, if a third
party ties up the network either inadvertently or
intentionally.
•
Utility. The system should ensure that the
user obtains and retains value of information. Information can lose
its value for the user if it is revealed to unintended third
parties.
•
Integrity. The system should ensure that
information is delivered whole, complete, and in good order, and
that, where applicable, the information is the same as agreed upon
by all parties. Date- and time-stamping along with digital
signatures is one mechanism for ensuring the latter.
•
Authenticity. The system should ensure that
the parties, objects, and information are real and not fraudulent
or forged. To be sure that users are negotiating and exchanging
proper objects with proper parties, the transacting parties,
devices, and controlling and exchanged objects all need to be
authenticated (i.e., verified that they are who or what they claim
to be and that none of the information or objects have been
illegally tampered with or modified). This requires mechanisms such
as digital signatures, passwords and biometrics, and certification
hierarchies.
•
Confidentiality. The system should ensure
that information communicated and stored is kept private and can be
revealed only to persons on an approved access list.
•
Usability. The system should ensure that
only the rightful owner or user maintains possession of his or her
information. Even if others cannot decode and read the stolen
information, if they can take possession of the information, they
can deny the rightful owner the use to and access to it.
Access Control Services
Once authenticated, users need to be authorized for requested
services and information. User authorizations can be provided as a
blanket binary approval or granted only under or for specified
conditions, time intervals, and/or prices. Authorizations can be
provided to designated individuals or to designated organizational
representatives. It is therefore often desirable to authorize a
user in terms of his or her location and organizational
function/role, as well as on the basis of individual identity.
Translator Services
Translators can transform and interpret information from one
system into formats more suitable to other interacting objects and
systems. Translator services should be able to adapt and evolve
automatically. For example, a translator that can interpret a small
subset of electronic forms that have been linked to SQL relations
and data dictionaries should be able to prompt the user for any
needed additional information and update itself accordingly. The
translator could then be incrementally expanded by further manual
linking of data relations to electronic forms, by direct user
query, and by learning from example. This capability for selective
incremental expansion would enable a user to customize translators
to meet unique needs and to expand the translator easily so as to
handle larger vocabularies and collections of electronic
forms/documents as needed, as well as incorporate new EDI standards
as they evolve and become defined. Finally, such a capability would
help simplify and speed up the EDI standards process.
OCR for page 532
Page 532
Software Agent Management and
Communications Infrastructure
Software agents are intelligent programs that simplify the
processing, monitoring, and control of electronic transactions by
automating many of the more routine user activities. Software
agents may be local programs running on the user's machine, or they
may actually transport themselves over the network infrastructure
and execute on the service provider's machine.
Agents are a relatively new development. Currently, they can do
such things as filter incoming mail, coordinate calendars, and find
desired information for presentation to the user. Over the longer
term, agents are likely to take over more complex tasks such as
negotiating, translating, and overseeing and auditing electronic
transactions. Some additional future uses for software agents
include personalization and customization of applications, and
personalized searching, filtering, and indexing.
Eventually, we may have many different agents working for us,
coordinating and communicating among themselves. When this comes to
pass, we will need standards and infrastructure to support the
necessary management, negotiation, and coordination not only
between users and agents but also among agents, and to maintain
agent repositories where agents can be stored, retrieved,
purchased, and leased.
In an electronic commerce setting, software agents should be
able to do the following:
•
Control the workflow governing a set of electronic
commerce transactions;
•
Operate a set of conditional rules specified and
agreed to by the involved parties;
•
Monitor and enforce the terms and conditions of
electronic contracts;
•
Provide an intelligent interface or a facilitator
to existing proprietary VANs and legacy systems, performing the
necessary translations and protocols;
•
Help the user find desired products and services,
and navigate the NII on the user's behalf;
•
Purchase and negotiate on behalf of the user;
and
•
Operate across a wide diversity of vendor hardware
and software.
Distributed Information Resource
Discovery and Retrieval Services
Generic Services. Distributed information
resource discovery and retrieval services help service providers
list and publish their services, and help users find services and
information of interest. These information services cover the
ability to maintain, update, and access distributed directory
services. They also cover more advanced navigation services such as
maintaining hyperlinks, advanced keyword and context search
engines, and software agents, such as Web crawlers, that can
explore and index information sources and services of interest.
These services should be easy and efficient to update as well as to
access and use. They should also be capable of being implemented,
maintained, and accessed over a number of locations distributed
across the NII.
Unique Services. In addition to the generic
services just discussed, there are a number of desirable
infrastructural services that are unique to electronic
commerce:
•
Accessing currency exchange services;
•
Accessing cash management services;
•
Accessing bonding services;
•
Accessing escrow services;
•
Accessing credit services;
•
Accessing various investment services;
•
Accessing various insurance services;
•
Accessing costing services;
•
Accessing financial information and reporting
services;
•
Accessing notarization services;
•
Posting and accessing regulatory notices;
OCR for page 533
Page 533
•
Performing unique EDI and electronic
commerce-specific document translations;
•
Linking to existing billing and payment systems;
and
•
Linking to banks' accounts receivable/accounts
payable services.
Electronic Commerce Building Blocks:
Objects and Object Classes
In addition to the services cited above, the activities and
functions of electronic commerce require certain basic building
blocks:
•
Unstructured information (reports and freeform
text, voice, and video);
•
Structured information (EDI messages, electronic
forms, contracts and contract rules, design specifications);
•
Accounts, account databases, and accounting
rules;
•
Transactions;
•
Records;
•
Agents and brokers (information filters,
translators, trusted third parties);
•
Objects for sale (movies/videos, software objects,
contracts, information, documents); and
•
Decision support models and simulations.
Over time, these items will probably become increasingly
comprehensive and refined.
These building blocks can be best described as classes of
digital objects. A digital object is an ordered sequence of bits
associated with a handle, or unique identification, that can
represent a collection of operations (behaviors) and information
structures (attributes); and where an object class represents a
collection of objects that share a common set of attributes and
behaviors. A digital object can be composed of one or more of these
classes; for example, an e-mail object has both structured and
unstructured information. Digital objects are particularly useful
because they are associated with real objects (e.g., a contract
making them easy to understand) and because they can be specified
and accessed in an application-independent manner, making them easy
to create, reuse, enhance, modify, and replace, and to interface
with existing objects, with minimal side effects.
Electronic commerce activities can be specified in terms of the
interactions between real objects (e.g., transacting parties) and
digital objects (e.g., electronic documents, software agents). An
electronic commerce architecture can be defined in terms of how
these object classes are defined (e.g., their attributes and
behaviors) and how the objects interact with one another. An
electronic commerce transaction can also be implemented as an
interacting network of these objects, where each object can be
dynamically selected as a function of the specific situation.
Electronic commerce digital objects have several important
properties that are discussed below.
General Properties of Digital
Objects
Several operations and controls can be associated with any
electronic commerce digital object.
•
Exchange operations. Examples of
permissible exchange operations include being bought, sold, and
transferred (in whole or part). Exchange operations encompass a
variety of transport mechanisms, including both existing mechanisms
such as e-mail attachments and FTPs, and new and evolving
mechanisms such as encasing the object inside a digital envelope
(thus making the object opaque to everyone except the intended
recipient when he or she opens the envelope).
•
Security operations. Examples of security
operations include making the digital object secure and
confidential (e.g., encrypted), annotating and signing the object
(e.g., with digital signatures), and making it tamper-proof and/or
tamper-evident.
OCR for page 534
Page 534
•
Ownership and authentication controls.
Examples of ownership and authentication controls include ensuring
the digital object's integrity (that is, showing it to be whole,
complete, and in good order); date/time-stamping it; ascertaining
copyright status; and linking to owners and collaborators,
including evidence of the object's source or proof of origin.
•
Usage tools and controls. Examples of usage
control include allowing the digital object to be created;
published; displayed or read; written to and updated; and
reproduced and copied (note, however, that for some object classes,
it may be desirable to inhibit copying), subject to various
restrictions and charges. These controls can restrict use to
particular authorized users and with selective access criteria
specifying type of use (e.g., read only). Usage controls also
include such operations as enforcing intellectual property usage
rights and charges, version-control and backup, change control, and
group sharing (e.g., collaborative authoring). Objects should be
able to be compressed, decompressed, and manipulated in ways
appropriate to their format (e.g., images can be rotated, enhanced,
have features extracted and/or matched, enlarged and reduced in
size; or video and sound can be skimmed and/or played in fast time
or slow motion).
Some Important Electronic Commerce
Digital Objects
Several key digital objects for electronic commerce are listed
below.
Contracts
Examples of contracts include the following:
•
Orders,
•
Checks,
•
Bills,
•
Loan agreements,
•
Treasury bills and bonds,
•
Letters of credit,
•
Account agreements,
•
Receipts, and
•
Electronic money/electronic checks/electronic
tokens.
Contracts can include instructions regarding the handling,
routing, storing,scheduling, and workflow of thecontract itself and
of other objects contained in or referenced by thecontract. These
instructions can addressliabilities; acceptable forms of payment
(cash, credit card, debit, or check);terms of payment (usage
charges,periodic and one-time charges); billing and payment
instructions (credit tomerchant, automatic debit carddeductions,
billing and payment addresses, due date); delivery
instructions(where and how to deliver); returnpolicies; methods of
error and dispute resolution; and conditions of gooddelivery.
Contracts can be negotiated,including prices, terms of payment,
penalties, necessary documentation, creditchecks or required
insurance, andcollateral or margin. They can be written, signed,
read, and amended. In manyinstances, contracts can also bebought,
sold, and exchanged. In many cases (for example, in the case
ofelectronic cash), contracts should not beable to be altered,
reproduced, or copied.
Information Documents
Examples of information documents include the following:
•
Balance sheets;
•
Income statements;
OCR for page 535
Page 535
•
Official statements;
•
Monthly billing statements;
•
Stock offerings;
•
Credit history;
•
Reports;
•
Discharge summary;
•
Physician orders;
•
Process notes;
•
Electronic books;
•
Movies/videos; and
•
Video games.
Information documents can be unstructured, partially structured,
orcompletely structured. They can be browsedor searched, and
bought, sold, exchanged, and copied, under contractualconstraints.
They also can be created,updated, signed, copyrighted, and read,
then synchronized, morphed,compressed, and decompressed.
Accounts
Accounts include the following information:
•
User (name, identification, authorizations,
preferences, and other profile information);
•
Address;
•
User profile (e.g., likes, dislikes, personal
secrets/information);
•
Outstandings;
•
Credits and debits;
•
Balances;
•
Tax computations;
•
Receivables and credits;
•
Payables and debits; and
•
Limits (e.g., credit limits).
Accounts can be opened, closed, linked, updated, blocked,
stopped, orattached. They can receive deposits, debitwithdrawals,
and accept transfers. Also, accounts and account information suchas
account balances can beverified. Since linked transactions (for
example, billing, paying, receipt,and delivery transactions) are
notgenerally simultaneous or one to one, it is often necessary to
reconcileaccount information. The ability to linkand associate
account and remittance objects to payment transactions
helpssimplify account reconciliation.Account operations are
accomplished through transactions, which are discussedlater in this
section. It isgenerally necessary to establish audit trails, so
that the consequences ofmultiple transactions on an account canbe
tracked.
Software Agents
Software agents include the following:
•
Facilitators, who provide key infrastructure
services such as translation and communication/network security
management and control;
•
Information filters and interpreters;
•
Translators;
•
Trusted third parties and witnesses;
OCR for page 536
Page 536
•
Escrow agents;
•
Brokers;
•
Workflow managers;
•
Fiduciaries;
•
Expert advisors; and
•
Negotiators.
An agent should be able to serve in more than one of these
roles.
Objects for Sale or Exchange
Both physical objects (e.g., cars and clothing) and digital
objects (e.g., program logic, digital movies, data, electronic
design specifications, electronic contracts) can be sold and
exchanged.
Transactions
Transactions are generally governed by contracts and update
accounts. They can operate on all the other digital objects and
generally involve the transmission and exchange of two or more
digital objects (e.g., a movie for money, medical services for
money, exchange of two currencies, etc.). They can also include the
exchange of bills and invoices and of information and services.
Transactions can be designed to be anonymous and untraceable or
traceable and auditable. If they are designed to be untraceable,
they lose many of their information features. A more satisfying
compromise is to execute a transaction that can only be traced with
the consent, approval, and active cooperation of the user.
Transactions can, but do not necessarily always, include the
following information:
•
Who is involved in the transaction;
•
What is being transacted;
•
The purpose of the transaction;
•
The destination for payment and delivery;
•
The transaction time frame;
•
Permissible operations;
•
Date/time stamps; and
•
Special information, such as unique
identification, transaction path, sequence information, receipts
and acknowledgments, links to other transactions, identification of
money transferred outside national boundaries, certificates of
authenticity, and the like.
Transactions can be reversed, repaired, disputed, monitored,
logged/recorded,audited, and/or reconciled andlinked (e.g., matched
and associated) with other transactions. If thetransacting parties
want to make thetransaction anonymous or untraceable, then the
users will forego many of theabove features. A compromise is
atransaction that can only be traced with the consent, approval,
and activecooperation of the user or designatedescrow agents.
APIs: Infrastructure Standards
APIs and information exchange protocols are needed for digital
object operations and infrastructure services. Many APIs—for
example, FTP, HTTP, simple mail transport protocol (SMTP), and
multimedia information exchange (MIME)—already exist and could
be considered as a starting point for the NII. Additional APIs
specifically needed as interfaces between electronic commerce
objects and infrastructure services include the following:
OCR for page 537
Page 537
•
APIs that enable two-way exchange of data between
electronic forms and database records into databases, including
calling and using translator programs (these APIs would allow the
automatic fill-in of electronic forms from databases, and the
update of database records from electronic forms);
•
APIs, where possible, complying to a
plug-in/plug-out model that enables embedding and transmission of
electronic forms and documents into e-mail messages, automatic
conversion of these e-mail messages into their original format at
the receiver site, and subsequent processing of the forms/
documents;
•
APIs that allow data from an electronic form or
document to be transmitted from sender to receiver as a database
record update or file transfer via FTP;
•
APIs between translators that can translate
electronic forms into database commands and/or electronic commerce
remote procedure calls, and vice versa;
•
APIs that define operations such as writing,
reading, certifying, authenticating, and transporting of bill and
payment objects; and
•
APIs that link electronic orders and electronic
form messages with electronic payment messages and exchanges.
Representative terms from entire chapter:
digital objects
