Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
E-Comm
Final
| Question | Answer |
|---|---|
| business-to-business e-commerce (B2B EC) | Transactions between businesses conducted electronically over the Internet, extranets, intranets, or private networks |
| company-centric EC | E-commerce that focuses on a single company’s buying needs (many-to-one, or buy-side) or selling needs (one-to-many, or sell-side) |
| private e-marketplaces | Markets in which the individual sell-side or buy-side company has complete control over participation in the selling or buying transaction |
| exchanges (trading communities or trading exchanges) | Many-to-many e-marketplaces, usually owned and run by a third party or a consortium, in which many buyers and many sellers meet electronically to trade with each other; |
| public e-marketplaces | Third-party exchanges that are open to all interested parties (sellers and buyers) |
| B2B2C | A business sells to a business, but delivers small quantities to individuals or business customers |
| online intermediary | An online third party that brokers a transaction online between a buyer and a seller; may be virtual or click-and-mortar |
| spot buying | The purchase of goods and services as they are needed, usually at prevailing market prices |
| strategic systematic sourcing | Purchases involving long-term contracts that usually are based on private negotiations between sellers and buyers |
| direct materials | Materials used in the production of a product (e.g., steel in a car or paper in a book) |
| indirect materials | Materials used to support production (e.g., office supplies or light bulbs) |
| MRO (maintenance, repair, and operation) | Indirect materials used in activities that support production |
| vertical marketplaces | Markets that deal with one industry or industry segment (e.g., steel, chemicals) |
| horizontal marketplaces | Markets that concentrate on a service, materials, or a product that is used in all types of industries (e.g., office supplies, PCs) |
| sell-side e-marketplace | A Web-based marketplace in which one company sells to many business buyers from e-catalogs or auctions, frequently over an extranet |
| buy-side e-marketplace | A corporate-based acquisition site that uses reverse auctions, negotiations, group purchasing, or any other e-procurement method |
| procurement management | The coordination of all the activities relating to purchasing goods and services needed to accomplish the mission of an organization |
| maverick buying | Unplanned purchases of items needed quickly, often at non-pre-negotiated higher prices |
| e-procurement | The electronic acquisition of goods and services for organizations |
| e-sourcing | The process and tools that electronically enable any activity in the sourcing process, such as quotation/tender submittance and response, e-auctions, online negotiations, and spending analyses |
| request for quote (RFQ) | The “invitation” to participate in a tendering (bidding) system |
| internal procurement marketplace | The aggregated catalogs of all approved suppliers combined into a single internal electronic catalog |
| desktop purchasing | Direct purchasing from internal marketplaces without the approval of supervisors and without the intervention of a procurement department |
| group purchasing | The aggregation of orders from several buyers into volume purchases so that better prices can be negotiated |
| bartering exchange | An intermediary that links parties in a barter; a company submits its surplus to the exchange and receives points of credit, which can be used to buy the items that the company needs from other exchange participants |
| electronic data interchange (EDI) | The electronic transfer of specially-formatted standard business documents, such as bills, orders, and confirmations, sent between business partners |
| value-added networks (VANs) | Private, third-party managed networks that add communications services and security to existing common carriers; used to implement traditional EDI systems |
| Internet-based (Web) EDI | EDI that runs on the Internet and is widely accessible to most companies, including SMEs |
| XML (eXtensible Markup Language) | Standard (and its variants) used to improve compatibility between the disparate systems of business partners by defining the meaning of data in business documents |
| Web Services | An architecture enabling assembly of distributed applications from software services and tying them together |
| supply chain | The flow of materials, information, money, and services from raw material suppliers through factories and warehouses to the end customers |
| e-supply chain | A supply chain that is managed electronically, usually with Web technologies |
| e-supply chain management (e-SCM) | The collaborative use of technology to improve the operations of supply chain activities as well as the management of supply chains |
| bullwhip effect | Erratic shifts in orders up and down supply chains |
| collaborative commerce (c-commerce) | The use of digital technologies that enable companies to collaboratively plan, design, develop, manage, and research products, services, and innovative EC applications |
| collaboration hub | The central point of control for an e-market. A single c-hub, representing one e-market owner, can host multiple collaboration spaces (c-spaces) in which trading partners use c-enablers to exchange data with the c-hub |
| grid computing | A form of distributed computing that involves coordinating and sharing computing, application, data, storage, or network resources across dynamic and geographically dispersed organizations |
| vendor managed inventory (VMI) | The practice of retailers making suppliers responsible for determining when to order and how much to order |
| collaborative planning, forecasting, and replenishment (CPFR) | Project in which suppliers and retailers collaborate in their planning and demand forecasting to optimize flow of materials along the supply chain |
| advanced planning and scheduling (APS) systems | Programs that use algorithms to identify optimal solutions to complex planning problems that are bound by constraints |
| product lifecycle management (PLM) | Business strategy that enables manufacturers to control and share product-related data as part of product design and development efforts |
| intrabusiness EC | E-commerce activities conducted within an organization |
| business-to-employee (B2E) | Intrabusiness EC in which an organization delivers products or services to its employees |
| corporate (enterprise) portal | A gateway for entering a corporate Web site, enabling communication, collaboration, and access to company information |
| mobile portals | Portals accessible via mobile devices, especially cell phones and PDAs |
| information portals | Portals that store data and enable users to navigate and query these data |
| collaborative portals | Portals that allow collaboration |
| workflow | The movement of information as it flows through the sequence of steps that make up an organization’s work procedures |
| workflow systems | Business process automation tools that place system controls in the hands of user departments to automate information processing tasks |
| workflow management | The automation of workflows, so that documents, information, and tasks are passed from one participant to the next in the steps of an organization’s business process |
| groupware | Software products that use networks to support collaboration among groups of people who share a common task or goal |
| virtual meetings | Online meetings whose members are in different locations, even in different countries |
| group decision support system (GDSS) | An interactive computer-based system that facilitates the solution of semi-structured and unstructured problems by a group of decision makers |
| teleconferencing | The use of electronic communication that allows two or more people at different locations to have a simultaneous conference |
| video teleconference | Virtual meeting in which participants in one location can see participants at other locations on a large screen or a desktop computer |
| data conferencing | Virtual meeting in which geographically dispersed groups work on documents together and exchange computer files during videoconferences |
| Voice-over-IP (VOIP) | Communication systems that transmit voice calls over Internet Protocol-based networks |
| screen sharing | Software that enables group members, even in different locations, to work on the same document, which is shown on the PC screen of each participant |
| virtual reality (VR) | System that delivers interactive computer-generated 3D graphics to a user through a head-mounted display |
| Computer Security Institute (CSI) | Nonprofit organization located in San Francisco, California, that is dedicated to serving and training information, computer, and network security professionals |
| Computer Emergency Response Team (CERT) | Group of three teams at Carnegie Mellon University that monitor the incidence of cyber attacks, analyze vulnerabilities, and provide guidance on protecting against attacks |
| National Cyber Security Division (NCSD) | A division of the Department of Homeland Security charged with implementing U.S. cyberspace security strategy |
| authentication | The process by which one entity verifies that another entity is who he, she, or it claims to be |
| authorization | The process that ensures that a person has the right to access certain resources |
| auditing | The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions |
| nontechnical attack | An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network |
| social engineering | A type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individuals have access |
| technical attack | An attack perpetrated using software and systems knowledge or expertise |
| common (security) vulnerabilities and exposures (CVEs) | Publicly known computer security risks, which are collected, listed, and shared by a board of security-related organizations |
| National Infrastructure Protection Center (NIPC) | A joint partnership under the auspices of the FBI between governmental and private industry; designed to prevent and protect the nation’s infrastructure |
| denial-of-service (DoS) attack | An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources |
| distributed denial-ofservice (DDoS) attack | A denial-of-service attack in which the attacker gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer |
| malware | A generic term for malicious software |
| virus | A piece of software code that inserts itself into a host, including the operating systems, in order to propagate; it requires that its host program be run to activate it |
| worm | A software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine |
| security risk management | A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks |
| access control | Mechanism that determines who can legitimately use a network resource |
| passive tokens | Storage devices (e.g., magnetic strips) that contain a secret code used in a two-factor authentication system |
| active tokens | Small, stand-alone electronic devices that generate one-time passwords used in a two-factor authentication system |
| biometric systems | Authentication systems that identify a person by measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice |
| physiological biometrics | Measurements derived directly from different parts of the body (e.g., fingerprint, iris, hand, facial characteristics) |
| behavioral biometrics | Measurements derived from various actions and indirectly from various body parts (e.g., voice scans or keystroke monitoring) |
| fingerprint scanning | Measurement of the discontinuities of a person’s fingerprint, which are then converted to a set of numbers that are stored as a template and used to authenticate identity |
| iris scanning | Measurement of the unique spots in the iris (colored part of the eye), which are then converted to a set of numbers that are stored as a template and used to authenticate identity |
| public key infrastructure (PKI) | A scheme for securing e-payments using public key encryption and various technical components |
| encryption | The process of scrambling (encrypting) a message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it |
| plaintext | An unencrypted message in human-readable form |
| ciphertext | A plaintext message after it has been encrypted into a machine-readable form |
| encryption algorithm | The mathematical formula used to encrypt the plaintext into the ciphertext, and vice versa |
| key | The secret code used to encrypt and decrypt a message |
| symmetric (private) key system | An encryption system that uses the same key to encrypt and decrypt the message |
| Data Encryption Standard (DES) | The standard symmetric encryption algorithm supported the NIST and used by U.S. government agencies until October 2, 2000 |
| Rijndael | The new Advanced Encryption Standard used to secure U.S. government Communications since October 2, 2000 |
| public key encryption | Method of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa |
| public key | Encryption code that is publicly available to anyone |
| digital signature | An identifying code that can be used to authenticate the identity of the sender of a document |
| hash | A mathematical computation that is applied to a message, using a private key, to encrypt the message |
| message digest | A summary of a message, converted into a string of digits, after the hash has been applied |
| digital envelope | The combination of the encrypted original message and the digital signature, using the recipient’s public key |
| digital certificate | Verification that the holder of a public or private key is who he or she claims to be |
| certificate authorities (CAs) | Third parties that issue digital certificates |
| Secure Socket Layer (SSL) | Protocol that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality |
| Transport Layer Security (TLS) | As of 1996, another name for the SSL protocol |
| policy of least privilege (POLP) | Policy of blocking access to network resources unless access is required to conduct business |
| firewall | A network node consisting of both hardware and software that isolates a private network from a public network |
| packet-filtering routers | Firewalls that filter data and requests moving from the public Internet to a private network based on the network addresses of the computer sending or receiving the request |
| packets | Segments of data and requests sent from one computer to another on the Internet; consist of the Internet addresses of the computers sending and receiving the data, plus other identifying information that distinguish one packet from another |
| packet filters | Rules that can accept or reject incoming packets based on source and destination addresses and the other identifying information |
| application-level proxy | A firewall that permits requests for Web pages to move from the public Internet to the private network |
| bastion gateway | A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet |
| proxies | Special software programs that run on the gateway server and pass repackaged packets from one network to the other |
| demilitarized zone (DMZ) | Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall. |
| personal firewall | A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card. |
| virtual private network (VPN) | A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify identity |
| protocol tunneling | Method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address |
| intrusion detection systems (IDSs) | A special category of software that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated action based on what it sees |
| honeynet | A way to evaluate vulnerabilities of an organization by studying the types of attacks to which a site is subjected using a network of systems called honeypots |
| honeypots | Production systems (e.g., firewalls, routers, Web servers, database servers) designed to do real work but that are watched and studied as network intrusions occur |
Created by:
aordway
Popular Computers sets