E-Commerce - Computer Science - Grade X - New Syllabus

 

E-Commerce

—  Ecommerce, also known as electronic commerce or internet commerce, refers to the buying and selling of goods or services using the internet.

—  any kind of commercial transaction that is facilitated through the internet.

—  E.g. Amazon, Flipkart, eBay, sastodeal, daraz etc.

—  Almost anything can be purchased through e-commerce today.

Types of Ecommerce Models

a)     Business to Consumer (B2C):
When a business sells a good or service to an individual consumer (e.g. You buy a pair of shoes from an online retailer).

b)     Business to Business (B2B):
When a business sells a good or service to another business (e.g. A business sells software-as-a-service for other businesses to use)

c)     Consumer to Consumer (C2C):
When a consumer sells a good or service to another consumer (e.g. You sell your old furniture on hamrobazar to another consumer).

d)     Consumer to Business (C2B):
When a consumer sells their own products or services to a business or organization (e.g. An influencer offers exposure to their online audience in exchange for a fee, or a photographer licenses their photo for a business to use).

Advantages of E-commerce

a)     It makes buying/selling possible 24/7.

b)     It makes buying selling procedure faster, as well as easy to find products.

c)     You can set up an online business even by sitting at home if you have the required software, a device, and the internet.

d)     There are no geographical boundaries for e-business. Anyone can order anything from anywhere at any time.

e)     Higher quality of services and lower operational costs.

Disadvantages of E-commerce

a)     No guarantee of product quality.

b)     Customer loyalty becomes a bigger issue as there is a minimal direct customer-company interaction.

c)     Technical failure may affect the business system.

d)     Anyone can start an online business, which sometimes leads to scam and phishing sites.

e)     There are many hackers who look for opportunities and thus an ecommerce site, service payment gateways all are always prone (liable to suffer from) attack.

M-Commerce / Mobile Commerce

—  The online transactions through the wireless handheld devices such as mobile phone, laptop, palmtop, tablet, or any other personal digital assistant.

—  It does not require the user to sit at the computer that is plugged in and perform the commercial transactions.

—  People can perform several functions such as pay bills, buy and sell goods and services, access emails, book movie tickets, make railway reservations, order books, read and watch the news, etc.

—  The term itself was coined in 1997 by Kevin Duffy.

Advantages of M-Commerce

—  Easy To Use - It is the easiest purchase where without any disturbance you can search all the online sites and choose the best among the one.

—  More Access To User Data - Once a purchase is been done from a store user’s information gets stored. Which can be used in the future by sending about the deals and offers to the users.

—  Time-Saving - Instead of physically going to the store’s users can easily select and purchase any product of any brand and place they want. Saving both the time and energy of the user.

—  Global Customer Base - If an individual has a mobile device and internet connection then they are the potential customer to any platform. you can choose, select and purchase any product from any place you want.

—  Easy Inventory Management - You can manage and maintain your inventory levels regardless of how small it is. Saving all the product database you can easily know what product is available or not.

Disadvantages of M-commerce

—  Smartphone Limitation - No matter how useful it is without the use of smartphone user can never access and navigate the data properly.

—  Connectivity - Without accessing the internet connections user will not be able to receive any data to purchase.

—  Need Faithful Shipment Company - You should tie-up with a good shipping company for delivering your products on time to the users.

—  Security - Entering all the details of your bank and security codes. Which sometimes can harm you, also syncing of data or connecting to unknown WiFi networks may appear risky by hacking or bypassing your information to others.

 

 

Online Payment

—  Making transactions or paying for goods and services through an electronic medium, without the use of checks or cash.

—  It helps in sending and receiving the money online, buy air tickets, pay utility bills, purchase mobile recharge cards, pay school college bills, internet bills, subscribe newspaper and magazines online, etc.

—  E.g. eSewa Nepal, iPay, Khalti, e-banking, etc.

Advantages of online payment

a)     Low labour costs - Since online payments are usually automatic, they have lower labour costs than manual payment methods, such as cheque, money order and cash.

b)     Convenience for online sales - Online payment methods allow conveniently selling goods and services online.

c)     Automatic - Online payments can be automatic, which can be convenient for you and your customers.

d)     Fast transaction speed - Online transactions quickly provide feedback to you and your customers.

e)     Low risk of theft - After processing delays, online payments generally go straight into your bank account, so they have a low risk of theft.

Disadvantages of online payment

a)     Service fees - Payment gateways and third-party payment processors charge service fees.

b)     Inconvenient for offline sales - Online payment methods are inconvenient for offline sales.

c)     Vulnerability to cybercriminals - Cybercriminals can disable online payment methods or exploit them to steal people’s money or information.

d)     Reliance on telecommunication infrastructure - Internet and server problems can disable online payment methods.

e)     Technical problems - Online payment methods can go down due to technical problems.

 

***

Computer Security - Computer Science - Grade X - New Syllabus

 

Computer Security - Computer Science - Grade X - New Syllabus

Computer Security / Cyber Security

—  The protection of computer systems and information from harm, theft, and unauthorized use.

—  Proper computer security helps prevent viruses and malware, which allows programs to run quicker and smoother.

 

Tips for Best Computer Security

a)     Use the best antivirus software, which not only provides protection to your PC but also internet protection and guards against cyber threats.

b)     Do not download un trusted email attachments as these may carry harmful malware.

c)     Never download software from unreliable sites as they may come with a virus that may infect your system as soon as you install the software.

 

Information Security (infosec)

The processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

 

Key principles of Information Security

a)     Confidentiality:- Only authorized users can access the data resources and information.

b)     Integrity:- Only authorized users should be able to modify the data when needed.

c)     Availability:- Data should be available to users when needed.

 

Security Threats

—  A risk which can potentially harm computer systems and organization.

—   The cause could be physical such as someone stealing a computer that contains vital data.

—  The cause could also be non-physical such as a virus attack.

 

Possible Security Threats

—  Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.

—  External: These threats include Lightning, floods, earthquakes, etc.

—  Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.

—  Loss or corruption of system data.

—  Disrupt business operations that rely on computer systems.

—  Loss of sensitive information.

—  Unauthorized access to computer systems resources such as data.

 

Malicious code (Malware)

—  A code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. 

—  Includes computer viruses, worms, Trojan horses and spyware.

—  Perform a variety of different functions such as stealing, encrypting or deleting sensitive data, altering or hijacking (taking control) core computing functions and monitoring users' computer activity without their permission.

Types of malware

a)     A virus is the most common type of malware which can execute itself and spread by infecting other programs or files.

b)     A  worm  can self-replicate without a host program and typically spreads without any human interaction or directives from the malware authors.

c)     A Trojan horse   is  designed to appear as a legitimate (valid) program in order to gain access to a system. Once activated following installation, Trojans can execute their malicious functions. 

d)     Spyware   is  made to collect information and data on the device user and observe their activity without their knowledge.

e)     Keyloggers, also called system monitors, are used to see nearly everything a user does on their computer. This includes emails, opened web-pages, programs and keystrokes.

 

Protect a system from infection

a)     Never download files from unknown or suspicious sources.

b)     Install antivirus software that features automatic updates and has the capability to detect all types of infections.

c)     Delete spam and junk emails without forwarding.

d)     Always scan a pen drive from an unknown source for viruses before using it.

e)      Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. In the event of an infection, your information will not be lost.

 

Security mechanisms

—  A mechanism that is designed to detect, prevent, or recover from a security attack.

—  It includes

—  Authentication Systems

—  Firewalls

—  Cryptography

—  Antivirus Software

—  Backup System

 

Authentication System

—  Authentication is the process of verifying the identity of a person or device.

—  Authentication system makes sure that right people enters the system and access the right information.

—  Types of Authentication

—  Password

—  Biometric

 

Password

—  A set of secret characters or words used to authenticate access to a digital system.

—  Password ensures that unauthorized users do not access the computer.

—  Password secures the data by protecting the data from unauthorized access.

—  To protect a system from unauthorized access, password should be kept in a system which provides security to the system.

—  A password should be difficult to guess and determine and should be changed regularly and memorized.

 

Any four criteria for strong password are:

a)     Do not keep a password which can be easily guessed such as date of birth, nickname, etc.

b)     Do not keep word as password that is currently popular.

c)     Keep a password with mixture of alphabet and numbers which is difficult to guess.

d)     Keep changing your password regularly.

 

Biometric

—  Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices or data.

—  Examples of these biometric identifiers are fingerprints, facial patterns and voice.

—  Computers and devices can unlock automatically when they detect the fingerprints of an approved user.

—  Apple's Face ID (introduced with the iPhone X) authenticates users by facial recognition.

—  Retinal scanners, which require an eye scan to allow authorized individuals to access secure areas.

 

Firewall

—   A network security device, either hardware or software  that monitors and filters all incoming and outgoing network traffic based on an organization’s previously established security policies. 

—  Firewall blocks unwanted traffic as well as malicious software from infecting your computer.

—  Firewalls helps to prevent unauthorized access.

—  Software firewalls are designed to protect a computer by blocking certain programs from sending and receiving information from a local network or the Internet.

—  Hardware firewalls are found on most network routers and can be configured through the router setup screen.

 

Cryptography

—  A technique of securing information and communications through use of codes so that only those person for whom the information is intended can understand it and process it.

—  Thus preventing unauthorized access to information.

—  The prefix “crypt” means “hidden” and suffix graphy means “writing”.

—  A message sent over the network is transformed into an unrecognizable encrypted message known as data encryption. At the receiving end, the received message is converted to its original form known as decryption.

—  Cryptography is used to secure and protect data during communication.

 

Features of Cryptography

a)     Confidentiality: Information can only be accessed by the person for whom it is intended and no other person except him can access it.

b)     Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.

c)     Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.

d)     Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed.

 

Encryption

—  Encryption is a process which transforms the original information into an unrecognizable form.

—  This new form of the message is entirely different from the original message.

—  That's why a hacker is not able to read the data as senders use an encryption algorithm.

—  Encryption is usually done using key algorithms.

—  Data is encrypted to make it safe from stealing. However, many known companies also encrypt data to keep their trade secret from their competitors.

 

Decryption

—  Decryption is a process of converting encoded/encrypted data in a form that is readable and understood by a human or a computer.

—  This method is performed by un-encrypting the text manually or by using keys used to encrypt the original data.

 

KEY DIFFERENCE BETWEEN ENCRYPTION AND DECRYPTION

a)     Encryption is a process of converting normal data into an unreadable form whereas Decryption is a method of converting the unreadable/coded data into its original form.

b)     Encryption is done by the person who is sending the data to the destination, but the decryption is done at the person who is receiving the data.

c)     The same algorithm with the same key is used for both the encryption-decryption processes.

 

Antivirus software

—  Antivirus software is software designed to detect and remove virus from computer system and ensures virus free environment.

—  E.g. Kaspersky, NAV, MSAV, McAfee, NOD 32 etc.

—  Main use of antivirus is to protect computer from viruses and remove viruses that are detected and also protects data and programs from being corrupted.

 

Backup system

—  It is the system of copying data and programs into another location or creating a duplicate copy of it in a secured place.

—  A copy of a file which is used in the event of the original file being corrupted.

—  Backup is vital to computer security system in order to save the data from being lost or damaged due to accidental or intentional harm. When data and software are lost or damaged, we can easily recover through backup.

—  These files are kept on hard disks, CDs and tapes and on the internet.

 

Hardware Security

—  The security given to the machine and peripheral hardware from theft and from electronic intrusion (interruption) and damage.

—  Different hardware security measures are:

a)     Regular Maintenance

b)     Insurance

c)     Dust free environment

d)     Protection from Fire

e)     Protection from Thief

f)      Air condition system

g)     Power Protection device (Volt guard, Spike guard, UPS)

 

Regular Maintenance

—  Computer system need regular maintenance to keep the computer hardware in good working condition and it also helps to find out problems in hardware and correct the problems before they cause several damages.

—  The hardware components of computer systems are very delicate and gets damaged if proper care is not taken.

—  E.g. CPU cooler not working properly and if we don’t repair or replace on time then the computer system may get halted and can damage microprocessor.

—  Another E.g. Computer Hard disk which needs to be checked frequently in order to find errors and keep in good condition.

 

Insurance

—  A means of protection from financial loss.

—  If a computer is damaged or stolen or any kind of harm done then we can claim for the insurance amount and get the economic support.

 

Dust Free Environment

—  Dust particles can cause the failure of hardware components.

—  Computer room should be absolutely free from dust and air pollution.

—  Use dust cover to prevent our computer from dust particles.

 

Protection from Fire

—  Due to faulty wiring, loose connection, smoking in the computer room and overload on power socket can cause fire in a room.

—  Using fire alarms, fire doors, fire detectors and fire extinguishers can minimize the damage of hardware components and loss of information from fire.

 

Protection from Theft

—  Use of Lighting system, Grills on the windows, Safety Lock on the doors, Alarms, CCTV (Closed Circuit Television) helps to protect from thieves.

 

Air Condition System

—  A system for controlling the temperature and humidity (wetness) of the air

—  Maintains suitable temperature or humidity in the computer room.

—  Room Temperature should be maintained between 21⁰C to 24⁰C.

 

 

 

Power Protection Device

—  An electric device that controls electric voltage and provides enough backup to the computer system when there is power failure.

—  Computer needs 220 volts to 240 volts constantly.

—  Some common power protection devices are:

a)     UPS

b)     Volt Guard

c)     CVT

d)     Stabilizer

e)     Spike Guard

f)      Surge Suppressor

 

Why Power Protection Device needed?

—  To protect computer system from damage, expensive data loss and unnecessary down time (is out of action or unavailable for use).

 

Volt Guard

—  A power protection device that provides constant output voltage to the computer system in case of high input voltage coming from the source.

 

UPS

—  UPS is a battery supported power protection device which controls the electric voltage and supplies clean and continuous power to the computer system even during power failures.

—  The importance of UPS in computer security system is that it controls fluctuation of electric voltage and provides enough backup electric power to the computer system when there is power failure.

 

Spike Guard

—  A device designed to protect electrical devices from voltage spikes.

—  Automatically maintains a constant voltage level.

 

***