 |
|
Copyright(c) 1995 - 2001 by Ted Haynes
AAA server A server that provides authentication, authorization, and accounting security services. Standards for such servers include RADIUS and TACACS+. (See authentication and authorization in the hard copy dictionary.)
above the fold The top portion of a Web page which can be seen without scrolling. The term is adopted from newspapers where it refers to the top half of the front page.
acceptable use policy A policy established for a computing resource (e.g. a Web site) that describes how users may access and use the facility. Among other issues, an acceptable use policy typically addresses who may use the resource, the purposes for which the resource may be used, how much of the resource (memory, computing capacity) may be used, copying and publication of content, security requirements, and privacy requirements.
access profile The information maintained by an AAA server for each user. It includes information needed for authentication and accounting. It also specifies the user's access privileges for authorization by the AAA server. (See authentication and authorization in the hard copy dictionary.)
access URL A URL used by a payment switch (which see) to enable delivery of a purchased product. The access URL contains the name of the server which can provide the product, the identification of the product, an identification of the buyer (e.g. the buyer's IP address), an expiration date for the access URL, and a digital signature for the access URL.
active attack An attempt to break security by altering information. An active attack may or may not require decrypting the information attacked. See passive attack and replay attack.
ad See advertisement.
ad auction A service that allows Web publishers to sell previously unsold ad space at the last minute for whatever the market will bear. Advertisers are able to buy space at exceptionally low cost-per-thousand. See advertisement.
ad inventory All the advertising space available for sale on a given Web site. See advertisement.
ad management service bureau A company that serves Web publishers by delivering advertisements (See ad serving system) on the publisher's Web site and reporting on the ads that were served (See impressions) and how many times user's clicked on them (See click-through rate). Also see third-party ad management.
ad network A company that contracts with a number of Web sites to sell advertising space on the sites. See advertisement and run of network.
ad request The request to an ad server to display an advertisement within a Web page. For many possible reasons the ad may fail to display. See ad serving system.
ad serving system A system which inserts ads (usually banners) into Web pages when the pages are accessed by a user. The Web page and the ad may be served (i.e. delivered) by entirely different companies using geographically separated servers. The system requires that the designated Web pages have links embedded in them that correspond to certain sizes of ads and to certain categories of products or services. Often the company delivering the Web page receives compensation for attracting users who view the advertising but has little or no control or interest in the specific advertising messages delivered. Often the company operating the ad serving system is not advertising any of its own products or services but is acting as a middleman between the advertiser and the company that supplies the Web pages. See impression. See link in the hard copy dictionary.
ADC Automatic Data Capture. The general capability of gathering status, location, and identifying information without human intervention. ADC reduces the need for manually keying in data and the risk of inaccuracies. Technologies used in ADC include bar coding, magnetic stripes, smart cards, machine vision, biometric identification, voice recognition, optical character recognition, and Radio Frequency Identification.
address locator A type of service available from a number of Web sites that provides the addresses and phone numbers of individuals and businesses input by the user.
ADSL Asymmetric Digital Subscriber Line. A technology for providing high transmissions speeds for video and voice to homes over ordinary copper telephone wire. It will be most cost- effective in areas with low market penetration of "cable" TV. In areas with higher penetration coax is expected to be more cost-effective.
advertisement A message from a company (the advertiser) to potential customers that attempts to influence or reinforce the customers' attitudes and/or behavior toward purchasing the advertiser's products or services, or towards obtaining more information, including further marketing messages, from the advertiser. Advertising is usually not requested by the user but is embedded within information or entertainment that the user has chosen to see or listen to. Traditional media for delivering advertising include newspapers, magazines, television, and radio. On the Internet, advertising is most commonly delivered by E-mail or in the form of banners embedded in Web pages. Advertisers almost always pay the media or content providers for "space" or "placement" within the content that attracts customers.
advertising The planning for, development of, and placement of advertisements. Also, the set of advertisements placed by a merchant in a given campaign.
advertorial An advertisement that appears to be editorial content. In printed media advertorials are generally labeled as advertising but on the Web their purpose is often disguised.
Advisory Commission on Electronic Commerce A group set up by the U.S. Congress under the Internet Tax Freedom Act of 1998 to recommend a plan for taxing sales made over the Internet.
AEI Automatic Equipment Identification. The general capability of identifying movable equipment without human intervention. See Radio Frequency Identification (RFID) in the hard copy dictionary.
affiliate program A marketing program, usually automated, in which a Web merchant recruits other Web sites to place the merchant's banners and buttons on their sites in return for commissions on sales to customers who click on the ads.
affinity card A type of credit card, first marketed in 1985, which ties into a special consumer interest. Affinity cards include product benefit cards which provide bonuses for usage, lifestyle cards which usually contribute a portion of each transaction to a specific charity, and personality cards which feature images on the card associated with a particular celebrity.
AH See IP authentication header.
applet An application written in Java (which see) and inserted in an HTML program.
application-centric EDI An update to traditional electronic data interchange (EDI) that uses secure transmission methods to facilitate the exchange of information between secure applications, typically residing at different companies (e.g. vendor and customer). Deployment of such secured applications over their intranets and Internets is faster, less costly, and more effective than traditional EDI. See electronic data interchange, information security, transmission, application, intranet, and Internet in the hard copy dictionary.
Application Service Provider (ASP) A company that hosts an application and data for one or more customers, providing the hardware, software, infrastructure, and basic maintenance. The provider supports remote access to the application by the customer, usually over the Internet. The provider usually has expertise in the specific application hosted and may provide enhancements to it. Advantages to the customer, versus running the application in-house, include guaranteed performance, a robust data center, in-depth support from a skilled staff, and better economics. See application and Internet in the hard copy dictionary.
ASP See Application Service Provider
audit trail Information on the significant steps in the progress of a transaction which allows an auditor to determine that there are no errors in the reporting of the transaction. In electronic commerce a good audit trail can help resolve programming errors and discrepancies in the how a transaction is recorded by the parties to the transaction.
automated crime The use of a software program to invade a system, commit a crime (e.g. illegal transfer of funds) and erase all traces of the crime, usually within a small fraction of a second.
automated fuel terminal (AFT) Allows purchasers of gasoline to "pay at the pump" with a thermal printer installed at every pump.
B2B Business-to-business marketing and commerce.
B2C Business-to-consumer marketing and commerce.
B-ISDN A very high speed data communications service that supports rates of 1.5 million bits per second over fiber-optic telephone lines. See ISDN and bits per second in the hard copy dictionary.
banner A graphic element, usually horizontal, on a Web page, used to title the page, head a new section, present a company's or advertiser's message, or provide a link to another page.
beta software Software that has been developed to the point where it can be tested for reliability and usability in customer environments but not to the point where it can be broadly sold, used, or supported. Beta sites are customer sites where the software is tested.
bill presentment The delivery of a bill or invoice to a client or customer for payment. Third party specialists compete with banks to provide electronic bill presentment over the Internet, especially for companies that serve large numbers of consumers (i.e. utility companies).
Blackbird A multimedia authoring tool analogous to HTML. Blackbird was developed by Microsoft for developing content to be published on the Microsoft Network (MSN). It includes Standard Generalized Markup Language (SGML - see hard copy dictionary) and Object Linking and Embedding Technology (OLE) controls called OCXes. Helper applications developed by other companies can be linked to Blackbird using OCXes to present 3-D displays, editable spreadsheets, animation and other capabilities.
blind certificate A digital certificate (which see in the hard copy dictionary) which does not contain the name or other identifying information about the user to whom it is issued. Such a certificate can be used to verify some limited information about the user or to associate a user with a series of communications or transactions without revealing the identity of the user. Applications include revocable cash transactions and ongoing anonymous communications over the network.
brand A name or symbol chosen by a company to uniquely identify a set of products and/or services that the company has established or hopes to establish in the minds of its customers as an indication of certain levels of quality and trustworthiness. A brand name is usually legally registered as a trademark with a governmental organization to prevent other companies from using it. A brand is usually established in customer's minds through marketing, particularly advertising, and by satisfying customer experiences with the product or service. A brand is valuable to a company in encouraging repeat purchases and in extending the brand, with its aura of quality and trustworthiness, to new products and services. Examples of widely known and successful brands include Coca Cola (a trademark of the Coca Cola Company) and Amazon (a trademark of Amazon, Inc.). Branding (the establishment of a brand) is generally judged to be extremely important in electronic commerce because of the ease with which customers can find, compare, and do business with a wide variety of competitive companies offering similar products and service on the Internet.
brick-and-mortar A traditional business operation that commonly deals with its customers face-to-face in an office or store that the business owns or rents (e.g. a retail store or a bank branch). Web-based businesses usually have lower costs and greater flexibility than brick-and-mortar operations.
Broadband Web A vision of the future World Wide Web with high speed broadband connections to the home and desktop. The Broadband Web is expected to pose a significant threat to CD-ROM use and to favor high quality small independent multimedia developers who can afford to offer their products on the Web but who cannot afford to mass market a CD-ROM.
broker An individual or company that is an intermediary between a seller and a buyer. A stockbroker specializes in stocks, bonds and other investments.
button A small advertisement that can provide a constant presence on a Web site while costing considerably less than a banner. Buttons can build brand awareness and attract traffic to the sponsor's Web site but their message must be limited and simple.
cache High speed memory that stores data for relatively short periods of time, under computer control, in order to speed data transmission or processing. Web pages that are used frequently are often cached close to users so that they can be delivered quickly without requiring repeated transmissions over the entire network between the Web server and the client machine. See Web server and client in the hard copy dictionary.
Call Detail Reporting 1)The logging and reporting of details about each connection by users to a LAN through a network access server . 2) The logging and reporting by a PBX of voice or data calls made from the PBX to the Public Switched Telephone Network or vice-versa. (See LAN and PBX in the hard copy dictionary.)
CAP Competitive Access Provider. A company which competes with local telephone companies to provide access from the customer's premise to long distance carriers. Currently the largest CAP in the U.S. is Teleport Communications Group.
CAPI Cryptography API (which see)
card reader in the dispenser (CRIND) See automated fuel terminal.
CDR See Call Detail Reporting
Cello A World Wide Web browser developed at Cornell University and integrated with gopher, WAIS, USENET and E-mail tools.
certified delivery server A server which uses public key cryptography (which see in the hard copy dictionary) to provide a destination non-repudiation service, similar to certified mail. The server establishes that a message was received or that a good faith effort was made to deliver it.
certification path The hierarchy of certificate authorities (which see in the hard copy dictionary) that vouch for a digital certificate (which also see in the hard copy dictionary) issued to a user. The path runs from the issuing certificate authority to the root certificate authority.
channel conflict A set of problems posed by the offering of the same or similar products from the same manufacturer to the same customers through multiple distribution channels. Channel conflict tends to decrease prices and erode profit margins, particularly for intermediaries, and may lead to the refusal of intermediaries to continue selling the products.
channels An Internet technology based upon server push which broadcasts information to Web browsers so that users can view the information passively, as with television, rather than interactively as in traditional Web use.
Channel Definition Format A specification developed by Microsoft and PointCast that defines when and how Web browser users receive information broadcast over the Internet using server push technology.
check card See off-line debit card.
check image interchange The transmission of digitized images of checks between banks as part of the check clearing process. Since each check image requires approximately 40,000 bytes, images are not expected to replace paper checks soon. The first likely use will be as part of notification from one bank to another when the bank on which a large-dollar check is drawn decides not to honor the check and desires to provide the image of the check to the bank which originally accepted the check so that fraud or other problems can be rapidly investigated. Currently such notification is done by phone or Fed Wire. See presentment. (See clearing and Fed Wire in the hard copy dictionary.)
check-by-phone A technology developed by Accelerated Payment Systems and EIS International to support the acceptance of checks by phone. Agents record checking account information, print and deposit facsimile checks, and send acknowledgments to all parties to a transaction.
CLEC See competitive local exchange carrier.
click On the Web, the act of selecting and following a link by placing one's mouse cursor on the text, graphics, banner, or button identifying the link and depressing a button on the mouse. See click-through rate.
click stream The Web sites and Web pages a user visits, either in a single online session or over a longer period of time. Information about a user's click stream on a single site, and some information about the click stream over multiple sites, can be collected by specialized organizations using cookies. The information can be used to improve Web sites, customize Web sites, and to target appropriate marketing messages from ad-serving systems.
click-through rate The percent of individuals viewing a Web page who click on a specific banner ad appearing on the page. Overall click-through rates have declined substantially since the early days of electronic commerce on the Web.
closed loop reporting The ability to measure the effectiveness of a particular ad on the Web by tracking which ad viewers actually bought which product, requested a catalog, or took other specific actions on the Web site.
CMW+ The first commercial implementation, by Security First Network Bank, of the trusted operating system (which see).
co-branding Loosely, the appearance of two company names on a Web page or Web site, implying that a product or service is provided jointly by the two companies. Often the site belongs to a company with a significant customer base, market awareness or marketing power while the other company on the page or site is actually providing the bulk of the product or service. In another variety of co-branding, an advertiser provides information about its offering in the midst of ostensibly objective information on the site.
COCA cost of cracking adjustment An adjustment in the strength of an encryption method over time to reflect that newer and faster computers are able to crack codes more rapidly. The adjustment is generally expressed as the bits that should be added to a key each year to maintain the cost of cracking the code at a constant level.
code
commoditization An increase in the number, availability, and similarity of products in a given category which tends to drive down the price of the products. Some people believe the rapid and easy access to information about products on the Internet will make markets more efficient, facilitate comparisons, increase competition, eliminate inconsequential differences between products, and drive toward commoditization and lower prices. Others believe that low marketing and distribution costs will enable companies to differentiate their products and establish a wide variety of niche markets.
community In the context of the Internet and electronic commerce, people who participate in a online discussion group or bulletin board, or who return frequently to a Web site because of a common interest in a given subject. One business strategy developing on the Internet is to create a community and then sell access to the group for marketing purposes. (See bulletin board system in the hard copy dictionary.)
competitive local exchange carrier (CLEC) A company that competes with the established local telephone company to provide at least voice connections to the Public Switched Telephone Network (PSTN) to residences and business in the area served. CLECs are becoming integrated communications providers (ICPs) by adding data and other services. Also see incumbent local exchange carrier.
computationally secure A cipher is computationally secure if systematic analysis with available computing resources cannot break the cipher in a short enough time to allow exploitation. (See cipher in the hard copy dictionary.)
Consumer Internet Privacy Protection Act of 1997 A law that regulates how interactive computer services can use personal information input by users. For the purposes of this bill, interactive computer services are essentially Internet service providers (which see in the hard copy dictionary). See data protection.
content centric software As distinguished from older processing-centric software in which content (data) is fed to the program, content centric software is embedded in or wrapped around content. It is oriented to dynamic documents and is generally designed to run over networks, including the World Wide Web.
contact card A smart card in which the microchip is visible and makes contact with a reader to support digital cash or access control.
contactless card A smart card which hides the microchip within the plastic and communicates through radio waves. Toll collection, where drivers hold their cards up to a reader as they pass, is the most common application. Contactless cards have been developed by AT&T Smart Cards and GemPlus Card International.
container See tag and element.
Cookie A capability of some Web browsers which allows Web servers to store information about user visits to the Web site on the hard disk in the user's PC or workstation. Because it can be used to identify repeat visitors the cookie allows on the fly customization of a Web site to feature items the user showed an interest in during previous visits. The cookie also allows a Web server to track the sequence of a session on a Web site, including how long a user spent on each Web page. While a boon to marketing on the Web the cookie raises some privacy issues because it removes some of the traditional anonymity associated with viewing Web sites and uses a small portion of the user's hard disk. (See Web, browser, server, and Web site in the hard copy dictionary.)
cost-per-click (CPC) A method of charging for banner advertisements on the Web on the basis of how many viewers click on the ad, rather than charging on a flat rate basis for the advertising space. The CPC model is generally considered to favor advertisers rather than publishers because it ignores the brand building value of an ad that is seen but not clicked on, generally gives the publisher no control over the content or appearance of the ad, and may require the publisher to allocate space to poorly performing ads until the contracted number of clicks have been achieved.
cost-per-thousand (CPM) The cost in any given media for a thousand impressions. On the Web, the CPM for impressions on a Web site that attracts an undifferentiated variety of consumers (e.g. a typical search engine) is on the order of $5. The CPM for advertising on a Web site with a very specific audience that is likely to make sizable purchases (e.g. corporate telecommunications managers) can be in the neighborhood of $100. See targeting.
country club billing A system in which each charge slip is returned to the credit card customer along with the customer's bill. Until 1976, credit card companies were required to provide costly country club billing. See descriptive billing.
CPC See cost per click.
CPM See cost-per-thousand.
credit transfer A transfer of funds in which the payer issues a payment order to the payer's own bank and the order is passed, possibly through intermediary banks, to the bank of the payee or beneficiary. (See debit transfer.)
cryptography API An application program interface (which see in the hard copy dictionary) that makes it easy for applications to use cryptography software developed by others. It facilitates application development, supports updating of the application code and the cryptography code independent of one another, and allows the use of different cryptography code for domestic sales (in the USA) and for export. (See export laws.)
Cryptoki A standard application program interface that presents applications with a simple object view of a device called a cryptographic token. The logical token definition is independent of the underlying cryptographic technology. The Cryptoki Standard (also known as PKCS #11) was developed by RSA Data Security. See crypto API.
Cryptolopes The specific implementation of secure containers (which see) implemented in IBM's infoMarket (which see).
CTI Computer Telephony Integration
cybermediary An individual or organization that collects a fee for facilitating transactions over the Internet without taking ownership of the products or services sold. Also see Internet Transaction Broker. Examples include Web sites that provide many of the services of traditional real estate brokers and insurance agents but at much lower costs.
CyberWallet A technology for enabling secure transactions over networks developed by V-ONE Corporation and designed to run in conjunction with World Wide Web browsers. It will hold information on up to 16 credit cards or bank accounts. It is especially designed to prevent merchant fraud and is based on Secure Transaction Channel technology (see STC). CyberWallet has been licensed to Checkfree and Spyglass as part of the Electronic Business Co-op (EBC). See network payment system and Electronic Business Co-op in the hard copy dictionary.
data protection The prevention of the passing of an individual's personal information from one computer system where the information legitimately resides to other computer systems without the consent of the individual. In the United Kingdom the Data Protection Act of 1984 requires the registration of every data user who processes personal information.
DAVIC (Digital Audio Video Interactive Council) A committee which sets standards for digital transmission of multimedia in Europe. See DOCSIS. See transmission and multimedia in the hard copy dictionary.
debit transfer A transfer of funds in which the payer issues a payment order to the payee, the payee takes the order to the payee's bank and the order is passed back to the payer's bank in exchange for the actual funds. Consumer payments by check are a type of debit transfer. (See credit transfer.)
demilitarized zone (DMZ) An area of an organization's network which is open to the public over the Internet and is separated from the organization's private network by a firewall. The resources in the demilitarized zone are typically Web servers and are often outsourced by the organization to an Internet Service Provider which locates the DMZ at the ISP's point of presence (POP). (See network, Internet, firewall, resource, Web server, Internet Service Provider and point of presence in the hard copy dictionary.)
demographics In marketing, the description of a group of consumers, most often age, gender, household income, level of education, marital status, employment status, number of people in the household, and region of the country. More loosely, a description of any group of customers whether consumers or businesses. See targeting.
descriptive billing A system of credit card billing in which individual charge slips are not returned with the bill. Federal Reserve Board Regulation Z requires that if a charge slip is not enclosed, the bill must provide the date, the amount, the seller's name and the location where the transaction took place for each transaction.
differential work factor cryptography A technology embedded in Lotus Notes Release 4.0 that allows export of 64 bit cryptography without special permits (see export law) while assuring the US government that government agencies can decrypt messages encoded using the technology as easily as they can decrypt conventional 40 bit cryptography. The government generated a public/private key pair and gave the public key to Lotus. Lotus uses this public key to bind into each Lotus Notes 64 bit key a 24 bit work factor reduction capability. A cracker must still decrypt a 64 key. (See public key cryptography in the hard copy dictionary.)
Diffie-Hellman A public key algorithm which can be used for deriving and distributing private keys over insecure networks. Diffie-Hellman itself cannot be used to encrypt or decrypt messages. The patent on the algorithm expired on April 29, 1997. (See public key cryptography and private key cryptography in the hard copy dictionary.)
Digital Subscriber Line (DSL) A technology that allows the transmission of many forms of data, voice, and video for limited distances over the standard twisted-pair copper wire that is widely used to connect home and business telephone lines to telephone company central offices. DSL generally offers much higher transmission speeds than standard modems or ISDN but lower speeds (i.e. less bandwidth) than cable modems or T1 lines. Also see High Bit Rate Digital Subscriber Line and Other Digital Subscriber Line. See transmission, ISDN, bandwidth, and cable modem in the hard copy dictionary.
digital videodisk technology See DVD.
DirecPC A service from Hughes Network Systems that uses a VSAT (which see) antenna and a PC card to capture satellite broadcasts and download large files at 1.5 to 2 Mbits per second. Requests for files are sent by users using modems over telephone lines.
directory A structure for organizing files on a computer or on a network. Directories may be protected or shared using various methods for information security. Common directory structures include NetWare Directory Services, X.500 (a standard), and Banyan Vines. See file, network, and information security in the hard copy dictionary.
directory service markup language (DSML) A language which allows XML enabled applications, particularly electronic commerce applications, to share information from a variety of directories without knowing the specific data formats for each vendor's directory. The language extends the LDAP (lightweight directory access protocol) to Web applications.
distribution channel A method by which a manufacturer or software developer delivers its goods to customers and receives payment in return. A direct channel, whereby the company transacts business with its customers with no intermediaries, is common in business-to-business commerce and in catalog sales, direct mail, or telemarketing to consumers. Indirect channels may use any variety of distributors, resellers, retailers, agents, or other intermediaries. In many indirect channels the goods are marketed using the brand of the manufacturer while sales, installation, service, and customer support are provided by an intermediary. In the original equipment manufacture (OEM) channel the product often takes on a brand owned by the intermediary and often becomes part of a more comprehensive offering by the intermediary. By making it easy for customers to find and do business with manufacturers, electronic commerce often makes a direct channel more cost effective for the manufacturer than it had previously been. See channel conflict.
DMZ See demilitarized zone
DOCSIS (Data Over Cable Interface Specification) Cable modem specifications set by the MCNS group of cable operators in North America. See DAVIC. See cable modem in the hard copy dictionary.
document-type definition (DTD) See Extensible Markup Language.
DSML See directory service markup language.
DSL See Digital Subscriber Line.
DTD See Extensible Markup Language.
duality The issuance of credit cards from both major bank card associations (Visa and MasterCard) by an individual bank.
DVD A technology that uses five inch discs similar to CD-ROMs but which can hold much more data. A DVD disc can deliver multi-channel sound and TV images three times sharper than videotape. DVD players, expected to debut in late 1996, will be interoperable with televisions, stereos, personal computers and some video games. Unlike CDs, DVDs can hold data on both sides and can provide either one or two layers of data on each side. A single-sided single layer DVD holds 4.7 gigabytes of data while a double-sided double-layer DVD holds 17 gigabytes.
EADP Emergency Access Demonstration Program A federal program to demonstrate the feasibility of using key recovery in federal business applications.
EAI See Enterprise Application Integration.
ECC elliptic curve cryptosystem. An alternative to the RSA encryption system which is based on the difficulty of solving elliptic curve discrete logarithm problems rather than on factoring large numbers. Developed and marketed by Certicom, ECC is especially suitable for environments, such as wireless devices and PC cards, where computational power is limited and high speed is required. For any given key size (measured in bits) ECC provides more security (is harder to decrypt without the key) than RSA. ECC is newer than RSA, has not developed as much supporting software, and has not been attacked for as long a time. (See RSA, encryption, key, bit, decryption, and Fundamental Tenet of Cryptography in the hard copy dictionary.)
Echeck A demand for payment sent electronically over a network by a buyer (generally a consumer) to a seller (generally a merchant) and sent on over a network to the seller's bank and thence to the buyer's bank. See debit transfer.
ECI Efficient Channel Integration. The combining of Automatic Data Capture (ADC) and electronic data interchange (EDI) to improve the timeliness and accuracy of production and delivery. (See ADC. See EDI in the hard copy dictionary.)
economic profit Return on investment in excess of the average cost of capital in the overall market. Alternatively, profits excluding profits from the increase in value of inventory which the company holds.
ECR electronic cash register
Edgar Electronic Data Gathering, Analysis, and Retrieval System. A database available over the Internet that gives investors free and easy access to disclosure documents that publicly traded companies must file with the Securities and Exchange Commission (S.E.C).
Edibanx EDI Bank Alliance Network A payment system operated by the Chicago Clearing House Association for the paperless exchange of payments between companies using electronic data interchange (EDI) standard formats. Edibanx was developed by thirteen major banks in October, 1994, and recruited several other banks in the following year. See EDI and Financial EDI in the hard copy dictionary.
EFT-POS (Electronic Funds Transfer at the Point-of-Sale) The automatic transfer of funds, using a debit card at a retail point of sale, from a consumer's demand deposit account to the retailer's account. EFT-POS transactions pass through the retailer's back office computer and, if the retailer is part of a chain, may also pass through the data center of the retailer on its way to the EFT processor.
electronic bill delivery A system from Visa Interactive which enables banks to electronically deliver bills to consumers through the consumer's PC or telephones. Eventually the system will allow consumers to send electronic payments back through their banks to the biller's accounts receivable system.
Electronic Check system A project by the FSTC that allows customers to write and sign secure checks for transactions over insecure public networks, such as the Internet. The system uses crytographic processing in a PCMCIA card from Telequip Corporation to assure that the checks cannot be counterfeited or forged. (See FSTC and PCMCIA in the hard copy dictionary.)
electronic rights Copyrights (which see in the hard copy dictionary) extended to electronic media.
Electronic Signature Capture Terminals From AT&T Global Information Systems, terminals that translate signatures into digital images and send them to a payment processing firm for storage.
electronic tax filing A offering of the Internal Revenue Service that allows taxpayers to file their tax returns on diskette or over a network. In 1994, 11.8 million tax returns were filed electronically or about 11% of all individual tax returns. The number was down 15.8% from 1993 because of increased IRS efforts to prevent the fraud which can be facilitated when tax returns are filed electronically. Fraud has caused the IRS to question its goal of getting 80% of Americans to file electronically by the year 2001. See RAL.
element The basic building block of an HTML document. When an element consists of a start tag, an end tag, and text or some other content it can also be referred to as a "container". An "empty element", such as that commanding a line break, has only one tag and no content.
Encapsulating Security Payload (ESP) A fundamental element of IPsec that provides integrity, authentication, and confidentiality for IP datagrams. ESP works between hosts, between a host and a security gateway, or between security gateways. The support for security gateways (in Tunnel-mode) permits trustworthy networks behind a security gateway to omit encryption while using security gateways to obtain confidentiality for transmissions over untrustworthy network segments. In Tunnel-mode ESP encapsulates the entire IP datagram within the ESP. (See tunneling.) When there is no intervening security gateway, then the hosts may use the Transport-mode in which only the upper layer protocol data (e.g., TCP or UDP) is encrypted and there is no encrypted IP header. In Transport-mode ESP encapsulates an upper-layer protocol (e.g. UDP or TCP) inside ESP and then adds a cleartext IP header. This cleartext IP header is used to carry the protected data through the intervening networks. Transport-mode can reduce both the bandwidth consumed and the protocol processing costs for users that do not need to keep the entire IP datagram confidential or who encrypt the data in the host application prior to transmission. ESP works with both unicast and multicast traffic. (See integrity, authentication, confidentiality, datagram, encapsulation, host, cleartext, encryption, TCP, and multicast in the hard copy dictionary.)
encryption engine A device planned by Hewlett-Packard and Gemplus SCA that would support basic encryption capabilities in a computer when combined with a separately installable policy card (which see) that controls the strength of the encryption algorithm. The combination permits the volume production and export from the US, without State Department approval, of computers potentially able to support many levels of encryption while still allowing State Department control of encryption strength (by approval or denial of the policy card) on an individual customer basis. (See encryption, RC2 and RC4 in the hard copy dictionary.)
Enterprise Application Integration (EAI) The linking and sharing of multiple business applications and data, including extensions to business partners, through the use of application-to-application modules, object middleware and message brokering, or multitier application server platforms. Motivations for EAI include the need to rapidly implement Web-based projects, the need to link to legacy data, and the need to forge links to different systems acquired through corporate mergers and acquisitions. See application in the hard copy dictionary.
Enterprise Transaction Gateway (ETG) An EDI gateway developed by CLT Appraisal Services and running on Windows NT which supports multiple messaging protocols and transaction formats.
EPH Electronic Payment Handling. The banking system capabilities needed to support Echeck (which see) and capable of reducing bank costs. The logical providers of EPH are automated clearing houses (which see in the hard copy dictionary).
ESP (See Encapsulating Security Payload.)
exit page The last Web page an individual user looks at on a given Web site. Common exit pages are often identified in the log file. A Web merchant or publisher may modify the most common exit pages in order to induce viewers to stay on the site for a longer time.
export law A United States export law, administered by the Department of State, forbids the export of cryptography software or hardware using a key (which s ee in the hard copy dictionary) longer than forty bits without a permit. Export to subsidiaries of US companies is permitted. The law exists primarily to prevent hostile groups from encrypting messages which the US intelligence agencies (See National Security Agency) will have difficulty decrypting. With the increasing speed of computers forty bit cryptography is considered relatively weak and has, in fact, been broken. The cryptography industry is pressing the government to change the law so that US companies can export cryptography which is competitive worldwide. (See differential work factor cryptography.)
exposure See impression.
Extensible Authentication Protocol A framework for handling a variety of Point-to-Point Protocol authentication methods including cleartext, challenge/response, and arbitrary dialogue sequences. (See Point-to-Point Protocol, authentication, and challenge/response authentication in the hard copy dictionary.)
Extensible Forms Description Language (XFDL) A protocol for creating and using legally binding Extensible Markup Language documents. The forms contain all the data, presentation, computational logic, and business semantics for a specific transaction and is signed digitally. XFDL may transform electronic data interchange (EDI) into a Web-based infrastructure. See digital signature and electronic data interchange in the hard copy dictionary.
Extensible Markup Language (XML) A document description language, primarily used to define Web pages and applications, that are compatible with Hypertext Markup Language (HTML) but provides more capabilities and flexibility. XML removes presentation constraints imposed by HTML and, in fact, does not necessarily require a Web browser. While both languages are platform independent, XML is also database and file format independent. To display an XML document (or run the XML application) the user's machine must be equipped with an XML parser. For basic XML documents, any XML parser can infer the document rules simply by the way the elements are presented. For more complicated documents or applications the author must develop or utilize a document-type definition (DTD) that defines the structure and rules for a given type of document. The XML parser refers to the DTD in order to determine how to display the document or run the application. More or less standard DTD's have been developed for engineering, law, medicine, and other areas of knowledge. See Hypertext Markup Language, browser, and application in the hard copy dictionary.
FIMAS Financial Institution Message Authentication Standard. See X9.9.
first-time visitor A visitor to a Web site who has never visited the site before. See repeat visitor.
frequency capping Limiting the number of times a given advertisement is presented to the same person.
geek A person who is proficient in one or more technical areas, especially in hands-on utilization of technology. At its most extreme geek implies a total lack of interest, ability, and even awareness of all aspects of life unrelated to technology.
Gibralter Microsoft's original name for its Web server, now called the Internet Information Server.
gigalapse A massive denial of customer access to the Internet due to demand for services exceeding capacity. See xlapse.
global system for mobile communications (GMS) The standard for digital cellular phone service set by the European Telecommunications Standards Institute and used in Europe, Japan, Australia, and most countries outside the Americas.
GlobeSpan A digital and analog transceiver chip set and technology from AT&T Paradyne that adds 6Mbps of bandwidth for asymmetrical digital subscriber line (ADSL) and high-bit rate digital subscriber line (HDSL) applications to a standard phone line for distances up to 18,000 feet. At a cost to a telco of $500 to $1,500 per line, GlobeSpan is intended to support simultaneous delivery of video, voice, and high speed data.
GMS See global system for mobile communications.
go button See button.
hard copy A physical document, usually text on paper. While additions to The Electronic Commerce Dictionary appear as soft copy in this Web page the original book is available only in hard copy. (Return to home page for more book information.)
Harvest An architecture for searching for data on the Internet developed at the University of Colorado. The architecture combines information "gatherers" located on servers and information "brokers" which communicate with gatherers and other brokers in their search for information. Harvest uses far less network bandwidth and index space than other search architectures and can work with a variety of search engines and search protocols. See metadata.
HDSL See High Bit Rate Digital Subscriber Line.
header Control information inserted in front of data when the data is encapsulated for network transmission. See IP Authentication Header and Encapsulating Security Payload. (See IPv6 in the hard copy dictionary.)
headend A central distribution point in a cable television network that typically serves tens of thousands to hundreds of thousands of homes. In a traditional cable TV network all communication was one way TV video and sound carried from the headend to the subscriber residences. Cable networks have been upgraded to carry data and voice as well as video, and to carry some traffic in both directions.
helper A program used by a WWW browser to process files that the browser itself cannot, for example a sound file, JPEG image, MPEG movie, or a compressed file. Also known as a viewer.
HFC See Hybrid Fiber/Coax.
High Bit Rate Digital Subscriber Line (HDSL) A technology that supports high speed transmission of data over copper wires. See Digital Subscriber Line.
hollow PC See Internet appliance.
home automation The ability of products to communicate with each other over some medium within the home such as twisted pair, coaxial cable, radio frequency, infrared, spread spectrum, or powerline. Control applications include lighting, air conditioning, heating, overall energy management, security, watering, and entertainment. The three leading protocols for home automation are LonWorks, CEBus, and Smart House.
Hot Java A World Wide Web browser capable of interpreting interactive applications, or "applets" programmed in Java (which see).
hot link See link in the hard copy dictionary.
Hybrid Fiber/Coax (HFC) Upgraded cable TV facilities which use fiber optic cable in the backbone and coaxial cable to connect to cable subscriber homes and businesses. See backbone in the hard copy dictionary.
IAB See Internet Advertising Bureau.
IBEX International Business Exchange. An online service that allows businesses to identify suppliers, make and receive bids, negotiate contracts, and arrange the delivery of goods and services world-wide. A company may post its requirements and receive bids without revealing its identity. IBEX is a joint effort of AT&T, Dun & Bradstreet, General Electric, and the U.S. Chamber of Commerce. It is scheduled for availability in 1996.
IKMP See Internet Key Management Protocol.
iKP Internet Keyed Payment Protocols. A family of secure payment protocols from IBM that support World Wide Web transactions involving up to three parties. The protocols are non-proprietary, independent of specific browsers and servers, and exportable from the United States to most countries. They will support a wide variety of payment methods (e.g. credit cards, checks, smart cards). iKP does not provide encryption but supports other protocols which do (e.g. SSL, S-HTTP). iKP does require the provision of public keys by a certificate issuing authority.
ILEC See incumbent local exchange carrier.
Immediate Response EDI The use of EDI in exchanging messages among thousands of users to a central "online" application (e.g., dealers sending orders to a supplier and receiving a confirmation while their customer waits). The exchange is passed through directly between parties, not mailboxed.
impression The delivery of a single ad (usually a banner) to a single viewer one time. Sometimes an impression is counted when the ad is requested (i.e. linked to) by a Web page and sometimes an impression is only counted when the ad is completely downloaded (and therefore has a higher probability of appearing on the user's screen before the user scrolls past the ad or moves on to a different Web page). Synonym: exposure. See ad serving system.
incumbent local exchange carrier (ILEC) The local telephone company, providing local service and connections to the Public Switched Telephone Network to residences and businesses in its area.
Inferno A crash project at AT&T Bell labs to develop a language to rival Java (which see).
infoMarket An IBM system which provides management of electronic rights (which see) over the Internet and IBM's Global Network using secure containers (which see).
Infosec Information Security. The preservation of the availability, utility, integrity, authenticity, confidentiality, and possession of information. (See the earlier definition of information security in the hard copy dictionary.)
inline image On a Web page, an image that appears in the midst of text.
inline keying A method of encryption and authentication that avoids setup overhead by inserting an extra header in every protected packet. See SKIP. In order to minimize the per-packet overhead, an inline keying header should be used only until the desired security association is established, at which point the peers will fall back to pure ESP.
instant messaging A Web-based service that enables users to see whether another individual is currently online and to send that user a short message immediately, without the store-and-forward delays inherent in E-mail. See E-mail and store-and-forward in the hard copy dictionary.
integrated POS terminal A terminal at the point-of-sale, connected to a retailer's back office computer, that executes both point-of-sale functions and EFT-POS functions. It usually integrates an electronic cash register with a card reader and a PIN keypad.
interactive multimedia An application involving substantial user input or control and presenting at least two of the following: text, graphics, sound, image, video, and animation. Applications can be in the areas of education, entertainment, information and publishing, and transactions.
Intercast A technology and open standard developed by Intel for transmitting World Wide Web pages at approximately 100Kbps in the vertical blanking interval of a standard television signal. While not supporting two way communication, Intercast will allow broadcasters and advertisers to provide text, graphics, and still images to home PC's. The technology requires a television receiver and a chip that converts the signal from analog to digital. Backed by PC manufacturers, broadcasters, online service providers and software developers, Intercast broadcasts are planned for nationwide availability in 1996.
intermercial See interstitial.
Internet Advertising Bureau (IAB) An association of companies that advertise on the Internet. Key activities include establishing terminology and standards for measuring advertising, conducting research relevant to electronic commerce and advertising, and addressing industry issues such as privacy and taxation.
Internet appliance A computer designed to support client access to the Web (i.e. browsing) but without support for any popular PC operating systems or applications. Targeted to be substantially less expensive than a PC, some Internet appliances will be able to use either a PC monitor or a TV for display. See NCOS.
Internet Explorer Microsoft's Web browser.
Internet Key Management Protocol (IKMP) A part of the IETF standard for IPSec which combines the Oakley protocol for key exchange with the ISAKMP protocol for key management. (See IETF, protocol, and key management in the hard copy dictionary.)
Internet Tax Freedom Act of 1998 A law passed by the U.S. Congress that placed a three-year moratorium on new taxes on Internet access fees and prohibited multiple and discriminatory taxes on electronic commerce. The Internet appears likely to drive a major simplification of the sales tax laws which vary greatly between different states and local governments across the country. The act also set up the Advisory Commission on Electronic Commerce.
Internet Transaction Broker An alternative term for cybermediary created by Forrestor Research.
interstitial A Web page not requested by a user, usually containing an advertisement, that appears on the user's screen, often in an automatically opened new browser, when the user has clicked on a link to move from one Web page to another. The page that the user originally requested continues to load and the interstitial is programmed to disappear after a few seconds or when the user clicks on it to acknowledge having seen it. Interstitials are interruptive, like television advertising, rather than passive, like Web banner advertising.
IP Authentication Header (AH) A header that provides integrity and IP authentication without confidentiality to IP datagrams. The lack of confidentiality (which would require encryption) ensures that implementations of the Authentication Header will be widely available on the Internet, even in locations where the export, import, or use of encryption to provide confidentiality is regulated. The Authentication Header supports security between two or more hosts implementing AH, between two or more security gateways implementing AH, and between a host or gateway implementing AH and a set of hosts or gateways. For optimal security the Authentication Header should be used from origin to final destination rather than being implemented only in security gateways. All IPv6 hosts must implement the IP Authentication Header. IPv4 systems that claim to implement the Authentication Header must implement the IP Authentication Header. When implemented the IP Authentication Header must use MD5 with a 128-bit key or a stronger hash function. An implementation may support other authentication algorithms in addition to keyed MD5. (See integrity, confidentiality, encryption, IPv6, key, and hash function in the hard copy dictionary.)
IP telephony Technology which supports voice, data, and video (both broadcast and interactive) over IP-based LANs and WANs and over the Internet. See Internet Protocol (IP), local area network (LAN), wide area network (WAN) and Internet in the hard copy dictionary.
IP service The carrying, for a fee, of data traffic using the Internet protocol. This is the essential service provided by Internet Service Providers and Network Service Providers. (See Internet Protocol and Internet Service Providers in the hard copy dictionary.)
InterNotes A software product from Lotus Development Corporation which allows users to turn information into a database that can be accessed through the World Wide Web.
IP-SEC An IETF standard for encrypted sessions between corporate firewalls. DES with a 56-bit key is the mandatory encryption method. S/WAN (which see) is an industry standard implementation of IP-SEC. (See IETF, encryption, firewall, and DES in the hardcopy dictionary.)
ISAKMP Internet Security Association & Key Management Protocol. A leading candidate for Internet key management being considered by the IP Security Working Group of the IETF. ISAKMP provides a framework for authentication and encryption for many different key exchange methodologies. ISAKMP requires that at least one pair of messages be exchanged between the communicating peers before a secure link can be established. (See key management, IETF, authentication, encryption, and link in the hard copy dictionary.)
ISAPI Microsoft's proprietary API for interfacing between the company's Internet Information Server (Web server) and back-end services such as databases. ISAPI provides higher performance than the industry standard Common Gateway Interface (which see in the hard copy dictionary).
ISO Latin-1 An ISO code using 8 bits to specify 256 different characters. The first 128 correspond to the US-ASCII character set. The other 128 include control characters and characters common in European languages.
ITB See Internet Transaction Broker
IXC interexchange carrier. A company which carries long distance telephone traffic (e.g. AT&T or MCI.)
Java A programming language developed by Sun Microsystems to support widespread software distribution, particularly over the Web. It is a slimmed down and more secure version of the C++ programming language. Originally developed for use with set-top boxes (which see in the hard copy dictionary), Java runs on Web servers and downloads small application programs, called applets (which see), to Web browsers on an as needed basis. Because of strict built-in controls over software distribution the Java design protects against the delivery of incompatible software or viruses. (See Hot Java. See virus in the hard copy dictionary.)
JavaBeans A software component model associated with the Java programming language. A JavaBean component is an object which can be used repeatedly by visually manipulating it into larger solutions. JavaBeans can range from low-level components, such as a scroll bar, to complete products like Corel's Office for Java.
JavaScript A cross-platform, Web-based scripting language that will allow a lay person to author HTML pages that use Java applets, objects, and classes without having to know how to program in Java. It can also be used to build stand-alone applications that can run on either clients or servers. JavaScript is being developed by Netscape and Sun Microsystems and is supported by approximately twenty-five other companies in competition with Microsoft's OLE and OCX's optimized for the Internet. See Java, applet, OLE, OCX and Blackbird. See Web, HTML, and application in the hard copy dictionary.
JDBC Java Database Connectivity. A Java-enabled version of the Open Database Connectivity data-access specification. (See OBDC in the hard copy dictionary.) JDBC provides an API for developing data-access applets (which see). The applets can then be downloaded from a Web browser to any database server with a JDBC driver. The specification was developed by Sun Microsystems and is supported by Oracle, Sybase, and Informix.
JTAPI Java Telephony API A set of application programming interfaces (which see in the hard copy dictionary) that support interoperation between telephone switching equipment and a computer. JTAPI's principal advantage over TAPI developed by Microsoft is that JTAPI runs on a wide variety of processors.
key library A set of encrypted keys that belong to one person or that can be shared by a defined group of people. Access to a key library requires a separate key. (See key and key management in the hard copy dictionary.)
key recovery While sometimes simply the process by which a key is retrieved from key escrow (which see in the hard copy dictionary) key recovery also refers to a substitute for the failed Clipper chip/Capstone initiative (which see in the hard copy dictionary). In this scheme a copy of the key, in a separately encrypted key recovery field, is always sent along with the data which it encrypts. A predetermined private sector "Key Recover Center" can decrypt the key recovery field when requested by an authorized party (e.g. a government agency with a court order). A new cryptography export policy which took effect in late 1996 allows companies in the United States to export cryptographic algorithms using up to 56 bit keys if they agree to add a method for key recovery within their product within the next two years. Also see recovery key and TACDFIPSFKMI.
L2F See Layer-2 Forwarding.
L2PT See Layer Two Tunneling Protocol.
L2PT Access Concentrator (LAC) A device connected to one or more Public Switched Telephone Network or ISDN lines that supports both the PPP protocol and the L2PT protocol. It may tunnel any protocol carried within PPP and communicate with one or more L2PT Network Servers. (See ISDN and PPP in the hard copy dictionary.)
L2PT Network Server (LNS) A device that communicates with one or more L2PT Access Concentrators using the L2PT protocol and with only one LAN or WAN.
LAC See L2PT Access Concentrator.
Layer Two Tunneling Protocol (L2PT) A protocol that enables the tunneling of the data link layer of Point-to-Point Protocol between a remote access server that interfaces with dialup or ISDN circuits and a network access server that interfaces with a LAN or WAN. The L2PT protocol makes it possible to provide virtual dialup or support single user Virtual Private Networks over the Internet. L2PT does not provide encryption but will often be used in conjunction with encryption. (See protocol, Point-to-Point Protocol, dialup, ISDN, LAN, WAN, Internet, and encryption in the hard copy dictionary.)
Layer-2 Forwarding (L2F) A capability developed by Cisco which is used in combination with the Point-to-Point Tunneling Protocol to provide the Layer-2 Tunneling Protocol. (See Point-to-Point Tunneling Protocol in the hard copy dictionary.)
LEC local exchange carrier. A company which provides local telephone service to homes and businesses within a given area (e.g. a Regional Bell Operating Company such as Pacific Bell).
LMDS See Local Multipoint Distribution Service.
loading The transfer of funds from a demand deposit account in a bank to an online account (e.g. a CyberCash demand deposit account) so that the funds can be sent over the net to another company or individual.
Local Multipoint Distribution Service (LMDS) A broadband wireless network that uses high frequencies (28 to 38 gigaherz) to transmit video and data to residences at less than a few miles distance. See broadband, network, and Multichannel MultiPoint Distribution System (MMDS) in the hard copy dictionary.
LOCT Layered Open Crypto Toolkit. An RSA architecture which includes application specific tools, a certificate engine, cryptography engines, and a token interface. It makes it easy for application developers to use cryptography.
log file A file which records many activities on a server, counting the number of times each event took place. Among other measurements, Web server log files typically record each time a page on a Web site is requested, when it was requested, the type of browser that requested the page, whether the visitor was visiting the site or page for the first time (a first-time visitor) or a repeat visitor, and possibly the domain name of the user who requested the page. Traffic analysis software can operate on log files to determine how successful the Web site is and suggest ways the Web site might be improved.
logic bomb A malicious program similar to a virus except that it does not replicate itself. (See virus in the hard copy dictionary.)
LonWorks A technology for control networks, including networks for home automation, developed by Echelon Corporation. Development time for network applications is greatly reduced by the implementation of the LonWorks architecture in integrated circuits available from Motorola and Toshiba.
lynx A World Wide Web browser that displays only text. ch as Fed Wire (which see in the hard copy dictionary).
Return to Haynes & Company home page.