“电子恐怖主义”在网络时代的蔓延,已对电子商务的安全运作构成威胁。本书在为您分析、完成电子商务解决方案提供基本概念与框架的同时,重点探讨了电子商务的安全和风险问题,以及对风险的管理与控制方法。本书还介绍了电子商务涉及的法律法规环境,讨论了电子商务的实施中独立的第三方机构所起的作用、电子商务应用对会计职业的影响、基于Web的市场营销技术的应用等重要问题。\r\n 本书是在MBA研究生和本科生试用教材的基础上编写的,每章末都附有大量的习题和丰富的案例,非常适合做教材。本书可作为大学本科及研究生电子商务课程的教学用书,还可供希望学习电子商务知识的人士作为参考资料用。\r\n\r\n
1.OVERVIEW OF ELECTRONIC COMMERCE\r\n\r\nIntroduction\r\nDefinition of Electronic Commerce\r\nElectronic Business\r\nPotential Benefits of Electronic Commerce\r\nThe Internet and WWW as Enablers of Electronic Commerce\r\nImpact of Electronic Commerce on Business Models\r\nOverall Business and E-Commerce Goal Congruence\r\nThe Impact of Electronic Commerce on the Value Chain\r\nThe ICDT Business Strategy Model\r\nThree Pillars of Electronic Commerce\r\nElectronic Commerce Security\r\nOrganization of Topics\r\nImplications for the Accounting Profession\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n2.ELECTRONIC COMMERCE AND THE ROLE OF INDEPENDENT THIRDPARTIES\r\n\r\nIntroduction\r\nConsulting Practices and Accountants’Independence\r\nCPA Vision Project\r\nNew Assurance Services Identified by the AICPA\r\nThe Elliott Committee and the Cohen Committee\r\nThree Waves of Electronic Commerce\r\nElectronic Commerce Integrity and Security Assurance\r\nElectronic Commerce Systems Reliability Assurance\r\nInternal Control Framework\r\nCompetition\r\nRisk Assessment Assurance\r\nImpact of Electronic Commerce on the Traditional Assurance Function\r\nContinuous Auditing\r\nThird-Party Assurance of Web-Based Electronic Commerce\r\nSecurity of Data\r\nBusiness Policies\r\nTransaction Processing Integrity\r\nPrivacy of Data\r\nWeb Site Seal Options\r\nBetter Business Bureau\r\nTruste\r\nVeri-Sign\r\nICSA\r\nAICPA/CICA Webtrust\r\nBusiness Practices\r\nTransaction Integrity\r\nInformation Protection\r\nReport Issuance\r\nComparison of Seals\r\nImplications for the Accounting\r\nProfession\r\nSkill Sets\r\nExpansion of Assurance Services\r\nConsulting and International Services\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n3.THE REGULATORY ENVIRONMENT\r\n\r\nIntroduction\r\nCryptography Issues\r\nKey Length\r\nKey Escrow and key Recovery\r\nInternational Cryptography Issues\r\nPrivacy Issues\r\nFTC Privacy Online Report\r\nAdults’Privacy Rights and The EU’s Directive\r\nWeb Linking\r\nInappropriately Referencing a Linked Site\r\nDisplaying Information without Proper Referencing\r\nLinking Using Framing\r\nLinking Using Trademark in Keyword Meta Tags\r\nUnauthorized Display of a Registered Trademark\r\nLinking to Illegal Files\r\nDomain Name Disputes\r\nSimilarly Named companies or Products\r\nRegistering and Using a Competitor’s Name\r\nDomain Names Registered and Held Hostage\r\nDomain Name Dispute Resolution\r\nInternet Sales Tax\r\nInternational Tax Issues\r\nElectronic Agreements and Digital Signatures\r\nInternet Service Prodivers and International Libel Laws\r\nImplications for the Accounting Profession\r\nLiability Exposure and Risk Assessment\r\nExpansion of Legal Resources and Services\r\nDigital Signatures and Certificate Authorities\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n4.EDI,ELECTRONIC COMMERCE,AND THE INTERNET\r\n\r\nIntroduction\r\nTraditional EDI Systems\r\nThe Origin of EDI\r\nNon-EDI Systems\r\nValue-Added Networks(VANs)and Preestablished Trading Partners\r\nPartially Integrated EDI Systems\r\nFully Integrated EDI Systems\r\nBenefits of EDI Systems\r\nData Transfer and Standards\r\nDepartment of Defense Transaction Example\r\nFinancial EDI\r\nEDI Systems and the Internet\r\nSecurity concerns\r\nSecurity of Data during Transmission\r\nAudit Trails and Acknowledgements\r\nAuthentication\r\nInternet Trading Relationships\r\nConsumer to Business\r\nBusiness to Business\r\nGovernmnet to citizen\r\nBenefits\r\nEDI Web Browser Translation Software\r\nInsight’s EDI and Internet\r\nSystems\r\nReal-time EDI Inventory Links with Suppliers\r\nEntegrated Delivery Links with Federal Express\r\nWeb-Based Sates\r\nImpact of EDI-Internet Applications on the Accounting Profession\r\nIncreased Complexity of Auditing through the computer\r\nIntegrity of and Reliance in the VANs\r\nExtension of Audit to Trading Partners’s Systems\r\nIncreased Technological Skills of Smaller Accounting Firms\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n5.RISKS OF INSECURE SYSTEMS\r\n\r\nIntroduction\r\nOverview of Risks Associated with Internet Transactions\r\nInternet Associated Risks\r\nRisks to Customers\r\nFalse or Malicious Web Sites\r\nStealing Visitors’Ids and Passwords\r\nStealing Visitors’Credit Card Information\r\nSpying on a Visitors’Hard Drive\r\nTheft of Customer Data from Selling Agents and ISPs\r\nPrivacy&the Use of Cookies\r\nRisks to Selling Agents\r\nCustomer Impersonation\r\nDenial of Service Attacks\r\nData Theft\r\nIntranet Associated Risks\r\nSabotage by Former Employees\r\nThreats from Current Employees\r\nSniffers\r\nFinancial Fraud\r\nDownloading of Data\r\nE-Mail Spoofing\r\nSocial Engineering\r\nRisks Associated with Business Transaction Data Transferred between Trading Partners\r\nIntranets,Extranets and Internet Relationships\r\nData Interception\r\nMessage Origin Authentrication\r\nProof of Delivery\r\nMessage Integrity&Unauthorized Viewing of Messages\r\nTimely delivery of Messages\r\nRisks Associated with Confidentially-Maintained Archival,Master File and Reference Data\r\nRisks Associated with Viruses and Malicious Code Overflows\r\nViruses\r\nTrojan Horses\r\nHoaxes\r\nBuffer Overflows\r\nImplications for the Accounting Profession\r\nIntranets and Internal Controls\r\nIntranet and Internal Controls\r\nWeb Site Assurance\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n6.RISK MANAGENENT\r\n\r\nIntroduction\r\nControl Weakness vs.Control Risk\r\nSecurity Gaps\r\nCulture Management\r\nExcessively Tight Controls\r\nRisk Management Paradigm\r\nDisaster Recovery Plans\r\nDisaster Recovery Plan Objectives\r\nSecond Site Back-up alternatives\r\nMutual Aid Pact\r\nCold Site/Crate and Ship\r\nHot Site\r\nConducting a Dress Rehearsal\r\nImplications for the Accounting Profession\r\nEvolution of Internal control Framework\r\nThe Control Environment\r\nRisk Assessment\r\nControl Activities\r\nInformation and Communication\r\nMonitoring\r\nThe Role of Internal Controls in Risk Management\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n7.INTENET SECURITY STANDARDS\r\n\r\nIntroduction\r\nStandard Setting Issues and Committees\r\nANSI\r\nUN/EDIFACT\r\nANSI’s ASC X12 Alignment Task Group Leading the Migrations to UN/EDIFACT\r\nMajor Standard Setting Structures and Interfaces\r\nU.S.and International Standard Setting Bodies\r\nInternet and WWW Committees\r\nInternet committees\r\nWWW Committees\r\nW3C\r\nOBI\r\nGlobal Information Infrastructure Commission\r\nSecurity Committees and Organizations\r\nSecurity Protocols and Languages\r\nOSI\r\nTCP/IP\r\nIP Addresses \r\nClass A\r\nClass B\r\nClass C\r\nClass D and Class E\r\nDomain Names\r\nIPv6\r\nFTP and TELNET\r\nNNTP\r\nHTTP and HTTP-NG\r\nS-HTTP,SSL,and PCT\r\nSGML,HTML,and XML\r\nDOM ang DHTML\r\nJAVA\r\nSTEP\r\nMessaging Protocols\r\nBasic Mail Protocols\r\nSecurity-Enhanced Mail Protocols\r\nSecure Electronic Payment Protocols\r\nThe Role of Accountants in Internet-related Standard Setting Process\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n8.CRYPTOGAPHY AND AUTHENTICATION\r\n\r\nIntroduction\r\nMessaging Security Issues\r\nConfidentiality\r\nIntegrity\r\nAuthentication\r\nNon-Repudiation\r\nAccess controls\r\nEncryption Techniques\r\nSymmetric Encryption Keys\r\nData Encryption Standard\r\nTriple Encryption\r\nAdvanced Encryptions Standard\r\nSkipjack\r\nRC2,RC4,and RC5\r\nAsymmetric cryptography\r\nPublic-Private Key Pairs\r\nElliptic Curve Cryptography\r\nIntegrity check Values and Digital Signatures\r\nIntegrity check Value(Hashes)\r\nDigital Signatures\r\nOne Time Pads\r\nGood Encryption Practices\r\nPasswork Maintenance\r\nKey Length\r\nKey Management Policies\r\nCompressed Files\r\nMessage contents\r\nKey Manangement\r\nPublic Certification Authorities\r\nPrivate or Enterprise Certification Authorities\r\nHybrid Public and Private certification Authorities\r\nKey Management Tasks\r\nIdentification and Verification of Users\r\nKey Generation\r\nKey Registration\r\nKey Escrow and Recovery\r\nKey Updates and Replacement\r\nKey Revocation and Destruction\r\nAdditional Authentication Methods\r\nAdditional Non-Repudiation Techniques\r\nImplications for the Accounting Profession\r\nConfidentiality\r\nMessage Integrity\r\nAuthentication\r\nNon-repudiation\r\nAccess Controls\r\nInternal Control and Risk Analysis\r\nSummary\r\nAppendix A-The RSA Algorithm\r\nAppendix B-XOR Function\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n9.FIREWALLS\r\n\r\nIntroduction\r\nFirewall Defined\r\nTCP/IP\r\nOpen Systems Interconnect(OSI)\r\nComponents of a Firewall\r\ntypical functionality of Firewalls\r\nPacket Filtering\r\nIP Spoofing\r\nNetwork Address Translation\r\nApplication-Level Proxies\r\nStateful-Inspection\r\nVirtual Private Networks\r\nReal-Time Monitoring\r\nNetwork Topology\r\nDemilitarized Zone\r\nSecuring The Firewall\r\nPolicy\r\nNetwork Security Access Policy\r\nFirewall Design Policy\r\nAdministration\r\nServices\r\nTelnet and FTP Security Issues\r\nFinger Service Security Issues\r\nInternal Firewalls\r\nAuthentication\r\nOperating System Controls\r\nFactors to Consider in Firewall Design\r\nIn-House Solutions vs.Commercial Firewall Software\r\nLimitations of the Security Prevention Provided by Firewalls\r\nImplications for the Accounting Profession\r\nPenetration Testing and Risk Exposure\r\nProvider of Network Solutions\r\nForensic Accounting and Intrusion Investigation\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n10.ELECTRONIC COMMERCE PAYMENT MECHANISMS\r\n\r\nIntroduction\r\nThe SET Protocol\r\nSET vs.SSL\r\nVersion 1.0\r\nPayment Gateway\r\nCertificate Issuance\r\nCertificate Trust Chain\r\nCryptography Methods\r\nDual Signatures\r\nThe SET Logo\r\nCompliance Testing\r\nStatus of Software\r\nImplementations\r\nVersion 2.0 and Intermediate Releases\r\nMagnetic Strip Cards\r\nSmart Cards\r\nElectronic Checks\r\nThe FSTC’s Electronic Check\r\nThe FSTC’s BIPS Specification\r\nBIPS and EDI\r\nElectronic Cash\r\nImplications for the Accounting Profession\r\nAudit Implications\r\nElectronic Bill Presentment and Payment systems\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n11.INTELLIGENT AGENTS\r\n\r\nIntroduction\r\nDefinition of Intelligent Agents\r\nCapabilities of Intelligent Agents\r\nLevel of Agent Sophistication\r\nAgent Societies\r\nIntelligent Agents&Electronic commerce\r\nThe Online Information Chain\r\nPush Technology and Marketing\r\nPull Technology and Demands of Information and Services\r\nNew Geographical Markets\r\nBusiness-to-Business Transaction Negotiation\r\nLimitations of Agents\r\nImplications for the Accounting Profession\r\nContinuous Reliability Assurance\r\nAgents and Security\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\n12.WEB-BASED MARKETING\r\n\r\nIntroduction\r\nThe Scope of Marketing\r\nBusiness,Marketing,and Information Trchnology Strategy Congruence\r\nThe Four Ps Applied to Internet Marketing\r\nProduct\r\nPricing\r\nPlace(Distribution)\r\nPromotion\r\nThe Fifth“P”.Personalization\r\ntoffler’s Powershift\r\nMarketing Implications of the consumer Power Shift\r\nBuilding Relationships through Database Marketing\r\nPersonalized Transaction Domain\r\nThe Relentless Search for Value\r\nInternet Marketing Techniques\r\nPassive Providers of Information\r\nSearch Engine and Directory Registration\r\nSolicited,Taargeted E-mail\r\nInteractive Sites\r\nBanner Advertising\r\nOff-Line Advertising\r\nUnsolicited,Targeted E-Mail\r\nSpam Mail\r\nE-mail Chain Letters\r\nOn-Line Advertising Mechanisms\r\nDirectories\r\nSearch Engines\r\nKeywords and Meta Tags,and Frequency of Words\r\nLocation of Words\r\nLink Popularity\r\nReviewed Sites\r\nCase Sensitive\r\nBanners\r\nSponsorships\r\nPortals\r\nOn-line Coupons\r\nWeb Site Design Issues\r\nPage Loading Efficiency\r\nSimplicity\r\nUse the Space Wisely\r\nCreate a Reason to Return\r\nFraming\r\nTables and Fonts\r\nGraphics\r\nInterlaced Graphics\r\nGIF vs.JPEG Files\r\nColors and Contrast\r\nPurchasing Information\r\nTracking Data\r\nIntelligent Agents and Their Impact on Marketing Techniques\r\nImplications for the Accounting Profession\r\nSummary\r\nKey Words\r\nReview Questions\r\nDiscussion Questions\r\nCases\r\n\r\nINDEXES
无封面
第二书店&China-pub战略联盟提供专业服务
第二书店联系方式 010-64348411 webmaster@dearbook.com