Electronic Commerce: The Quest for a Global, Secure Infrastructure
Articles and Tips: article
Senior Research Engineer
Novell Developer Information
01 Oct 1997
The hype over doing business across the Internet is at an all-time high, but the early implementations have barely scratched the surface of what electronic commerce is all about. This AppNote identifies the kind of network infrastructure that must be put into place before business can get serious about e-commerce.
Nearly every company that has a strategic program for advancing itself through electronically-mediated communication is keeping an eye on the electronic commerce (e-commerce) arena that is taking shape on the Internet. However, this electronic marketplace of the future is not yet defined clearly for either users or providers. With only the most rudimentary forms of electronic commerce currently available, it is difficult for companies to decide on a pervasive e-commerce strategy.
A previous AppNote, entitled "From Paper to Electrons: Initiating Safer Electronic Commerce" (see Novell AppNotes, June 1997), introduced some of the basic security concerns companies need to be aware of with regard to implementing e-commerce applications. This AppNote expands on the concepts introduced and briefly describes the evolution of electronic commerce and what it can offer in a breadth of available opportunities.
The Evolution of Electronic Commerce
The various ways in which business is transacted are based on long-standing assumptions and agreements between the parties involved. Numerous processes have been agreed upon to protect both the consumer and the merchant from fraud or theft. Even in the simplest form of transaction--cash changing hands directly between buyer and seller--a sales receipt is typically provided as a record of what transpired. As we move into the electronic business arena, the means of protection become more and more involved.
When I make a credit card purchase at the local department store, for example, I rely on a number of protective measures to assure me that the proper amount of money will be billed to the correct account and that the intended recipient will in fact receive payment for the goods I purchase. My signature on the credit card slip identifies me as an authorized user of my account. Those portions of the transaction that occur over dedicated phone lines (such as account verification and credit approval) are backed up by paper documents. The bank that issues my credit card has established accounting trails to verify the details of the transaction in case of a dispute. It's not a perfect system, as evidenced by the many instances of credit card fraud, but generally it works pretty well and most people have grown to trust it. (The $50 liability limit protects the consumer and keeps the system operable. However, no such protection exists for business-to-business transactions.)
Now add to this scenario what many consider to be the essence of electronic commerce: the buying and selling of goods and services over the Internet. The advantages are fairly self-evident. Because the Internet is readily accessible by millions of prospective customers worldwide, suppliers and customers can interact in a dynamic environment where supply and demand truly regulate the economic cycle. Organizations of any size, from sole proprietorships to multinational corporations, can expand their business to reach new customers in new markets, some even achieving a notable level of efficiency. The sole proprietor is able to broaden the scope of his/her business to a mass market approach, while the multinational corporation can now focus on "niche" markets heretofore considered too costly to access using the traditional mechanisms for market penetration.
Further analysis reveals some definite downsides to the Internet business paradigm. What you basically have is computers (presumably being operated by humans) exchanging sensitive financial data by means of a widely-accessible communications infrastructure. Suddenly, the issues of accountability (being able to attribute a transaction to the actual instigator) and liability (imputing responsibility to each participant for their portion of the transaction) become more critical than ever.
A lot of hype has been generated over the initial forays into electronic commerce. It seems everywhere we turn someone is singing the praises of electronic catalogs, online shopping, electronic check writing, web-based advertising and customer prospecting, and on and on. The truly brave can even purchase a car over the Internet! But these consumer-oriented business activities taking place on the Internet today are just the tip of the iceberg. From the standpoint of true international commerce, we have not yet begun to do business electronically.
The means that are currently available for conducting business on the Internet do not form a complete model for secure electronic commerce. Some of the necessary technological pieces are still missing. The major barrier to e-commerce today is the lack of security in commercial Internet products. It is absolutely essential to have the technological means to provide rock-solid authentication, identification, accountability, and liability in electronic transactions. All participants must have a confident reliance on users' identities, while holding each party liable to perform their role in the transaction. Consequently, we need technologies which bolster our confidence in the reliability of the relationship, the identity of the participants, and the veracity of the materials being exchanged.
Recently, the market has seen efforts to legitimatize digitally-signed objects such as e-mail and applets. These efforts are commendable for their underlying intent, but there is currently no legal means to verify the source of an electronic object. Since established business rules of responsibility and accountability must be applied in any financial transaction, the lack of legal verifiability for these objects is an impediment to effective electronic commerce.
Another central technology is called a Public Key Infrastructure (PKI). This is actually a collection of services or capabilities which may be integrated into a single product structure. These public key services include certificate issuing, management, validation, archiving, key backup, key recovery, and so on. One main offering for operating the PKI product(s) is typically called a Certificate Authority. Certificates can be used to ensure identity, privacy, and non-repudiation of transactions. Novell's NDS has a PKI for use with Novell products. In fact, the NDS PKI produces certificates for use within the system.
Directory services is an underlying core component for any widespread e-comm infrastructure. Electronic commerce requires that up-to-date data be available at all times, especially where mission-critical applications are involved. It also requires flexibility in administration and implementation, making information available regardless of whether the data exists in an intranet or extranet environment. This will allow the market players to design commodity services around the directory. Although various forms of directory services have already been deployed, additional work is needed to enhance the existing technology into a more suitable platform for hosting e-commerce applications and services.
Beyond technologies, e-commerce is missing some of the other key components upon which commerce is founded. Many of the business activities we are involved with every day include "social" relationships with other people. There is more to these relationships than just the interpersonal bonding and communication we experience. We give veracity to signatures written on paper documents because other people witness the signing. The words the boss speaks during a meeting come from the mouth of the identified leader: we know first-hand who spoke and when. Social conventions such as the meeting, the handshake, and the signature play an important role in business activities. The need for face-to-face interaction has not been diminished by e-mail, and the human aspects of transactions are not readily replaced by current commercial offerings such as workflow.
Electronic commerce is about all of the relationships required to conduct business or to complete accountable transactions. Consequently, we cannot overlook the importance of developing electronic counterparts for these fundamental business processes and procedures. This will not be easy, but it must be done if electronic commerce is to be seriously considered as a viable alternative to paper-based commerce.
Return on Investment
Despite the formidable barriers that have yet to be removed, businesses will continue to pursue electronic commerce. After all, most organizations that have invested heavily in computers and networking are still hoping for that elusive return on investment. The U.S. Department of Commerce estimated that during the 1980s, organizations spent over $1 trillion in technology but reaped a meager 0.01% increase in productivity. This same department predicts that during the 1990s, organizations will easily spend double that amount in their continuing efforts to improve efficiency and expand their business.
As a compliment to government estimates about the future of e-commerce, Forrester Research projects that business-to-business sales online, estimated at $600 million last year, are expected to reach roughly $66 billion by the year 2000. For developers of e-commerce solutions, revenue numbers like these are certainly attractive. It is clear that e-commerce, which offers the potential for far greater returns on investment in terms of efficiency, will be the center of much attention for the foreseeable future.
A Matter of Infrastructure
The key issue that needs to be addressed before electronic commerce can deliver on its promise is the formation of a global infrastructure that all of the major players can agree upon. In most circles this infrastructure is called the Global Information Infrastructure (GII).
This electronic infrastructure must provide all of the advantages needed for a robust e-commerce strategy:
Security-enabled. This is necessary to allow development of manageable solutions which provide accountability--knowing the real "who" in a transaction. Beyond that, the ability to impute liability to any and all parties involved in completing a transaction is a must for business. For suppliers, e-commerce will be about establishing the identity of the individuals who represent the parties involved. It means that all participants have a confident reliance on users' identity, while holding each party liable to perform their role in the transaction.
Ultra-reliable. In electronic commerce, transactions happen without those involved ever meeting face-to-face, and that implies the need for a technology performance and reliability factor of 99.99%, especially for mission-critical applications. An infrastructure must be trustworthy and trusted on an end-to-end basis. Any weak link in its security will render the whole unusable for serious electronic commerce.
Global. Electronic business cannot be confined to the country of origin. As we move into the future, e-commerce must transcend national boundaries.
In addition to applications, we will need services--such as directory services, a foundation for a PKI, trusted workstation technology, and international cryptography--which can utilize these constructs.
The Internet plays an important role in enabling e-commerce, since it shows the richest potential for growth. Yet it is only a highway for data to travel on. In that respect, it is like any other communications medium (LAN, WAN, or MAN), only more public. And, of course, the Internet receives a great deal of software attention from vendors, service suppliers, end-users, and governments. Yet the Internet is fraught with major impediments to electronic commerce. It is constructed from unregulated processors and switches, over which confidential data travels. Moreover, the cryptography laws of every country apply to all aspects of trade within a given country.
Vendors, application developers, service providers, and users alike are anticipating the formation of an electronic commerce infrastructure that spans international boundaries. Yet few have any clear idea of how this will be accomplished. Vendors and developers are quick to announce individual solutions to specific problems. Internet services and providers continue to proliferate, but comprehensive solutions seem to be lacking from the mix. End-users are apt to believe that standards will shape the industry.
The truth is that, while significant work is being done by standards bodies, no standards currently exist to support solutions to the international problems of implementing electronic commerce. And while Internet services are growing steadily, there is little infrastructure to support the trend toward broad electronic commerce. Moreover, vendors' solutions typically involve a server which is "secure" only as a standalone component, or authentication by the end-user for bottom-up transactions. These so-called "point" solutions address only narrow pieces of a much larger puzzle.
The Dangers of "Point" Solutions
In light of these stark realities, it is extremely risky for any company to make the decision to move forward today and execute an inter-company electronic commerce strategy based on point solutions from one vendor or another. Businesses often are bound by the technologies they employ. Developing and deploying a monolithic solution now may have serious ramifications in the future as you attempt to further leverage your electronic solutions. Worst of all, they may have serious flaws. Yet, they may not scale, or they may prove difficult to maintain. There is the possibility you may have to completely redo your infrastructure at some point down the road.
Additionally, corporate developers must be concerned about their companies' need to increase the return on investment from using computer technology. In an electronic business environment, they must carefully assess the feasibility of deploying potentially unscalable and unmaintainable technologies. Internet commerce techniques which were designed for mass-market penetration are not necessarily good business tools for intra- and inter-business activity, especially where corporate developers must create these inter-business products. Creating applications for an "open" environment, such as the Internet, from point solutions is difficult enough. In fact, it leads to more difficulties in the form of additional communications and security requirements needed to maintain privacy while meeting international laws and regulations.
Solutions must occur at a level higher than the applications or operating systems level. They must occur at the level of an international infrastructure which is globally acceptable and agreed upon by all.
Many e-commerce proponents have advanced the notion that e-commerce should be extended beyond just business to improving the interaction with government through the electronic filing and handling of tax returns, legal filings, corporate withholding, regulatory filings, social security registration, and so on. In this way, both businesses and individuals can benefit. Perhaps one day, running the government will become more efficient and both business and the governed will realize these benefits through lower taxes and higher profits!
But today, governments are mainly concerned with how they may need to intervene on the Internet, with the intent to tax and limit trade. The Internet crosses international boundaries and there are the interests of many nations who are keenly aware of the revenue potential of e-commerce, each wanting their fair share of it.
Additionally, governments are critically aware of where Internet services, such as cryptography to ensure privacy, transgress their laws. Governments keep a sharp eye to sources of new revenue. Yet, they can be quick to shut off offenders who transgress their national security, diplomatic, morality, or financial (tax) laws. While they are aware of some inability to activate "cybercop" services on behalf of their peoples (other than to pull the plug), this will change.
Importantly, governments are legislating initially in the area of digital signature, and there are many variations on this legislation. For instance, the Utah Digital signature act was reviewed by the German Government. In the German draft legislation regarding Certificate Authority (CA), they made requirement for CA producing hardware to have a minimum E4 ITSEC evaluated configuration. Variations on security and cryptography requirements in the international electronic commerce arena will continue to provide wide variation in for international electronic commerce.
For networking people and businesses that intend to deploy across the Internet, the clarification and solutions to these concerns is of commercial benefit. The needs of governments must be understood. And, like developers, it will be necessary to be prepared to respond with a well thought-out plan for international commerce. Such a plan must ensure that governments gain needed insight into the requisite electronic constructs as well as the necessity for scalability and end-user transparency.
All of this goes along with the looming potential of real electronic commerce. All need to recognize there is much more to e-commerce beyond their current experience with the mass market Internet-like services. All must be willing to participate in a viable solution. Implementing a globally acceptable infrastructure could greatly benefit everyone who is looking to decrease costs and increase revenues. Garnering support for a global infrastructure might offset potentially detrimental legislative activities proposed for mass market activities and considered bad for regular business activities.
Defining the problems and potential solutions associated with deploying e-comm is a key topic being aggressively addressed by various standards committees and industry organizations.
For example, there is a standard for X.509 Certificates, commonly known as digital certificates, that will aid in the identification and verification of parties involved in electronic transactions. Yet, the X.509 work exists only as a format to handle problems in establishing accountability. Unfortunately, there is no current standard upon which to distribute X.509 certificates on a global basis. While Public Key Infrastructure (PKI) is well known and can work with X.500 Directory Services, there is no infrastructure unanimously agreed upon by which access based upon X.509 certificates can be granted. Getting a globally-approved scheme for authentication is of primary concern.
There are other groups working at higher levels. Some, like the Global Business Infrastructure (GBI) and the International Cryptographic Experiments (ICE), stand to promote global infrastructure along with many vendors' products. While the GBI's activity alludes to the need for a Pan-European approach to electronic commerce, their research has not yet produced a final proposal for the European Commission.
To further the introduction of technological concepts to clarify business needs, the American National Standards Institute (ANSI) sponsored Information Infrastructure Standards Panel (IISP) has been established within the national voluntary standards system to facilitate development of standards critical to the Global Information Infrastructure. The IISP group provides support at the macro business level by defining business needs for global deployment of an information infrastructure.
The Association for Information and Image Management International (AIIM) works to promote integrated business solutions through proper implementation of standards on a broader focus relating to business information management.
Many academic groups are involved in building electronic commerce infrastructure. Some of the revealing work, as provided by Dr. Manheim of Northwestern University, in providing both the concept and technologies to "electronicize" analog business procedures. Other efforts, including those by Dr. Petra Volger of the IWI in Switzerland, significantly advanced the technologies of workflow. Dr. Mark Turrel of Imaginatik has contributed to the expansion of collaborative technologies through his research and business efforts.
At a very high level, groups like the international Black Forest Group (www.blackforestgroup.org), consisting of delegates from some of the world's largest corporations, recently identified 15 top-level security issues in the global interconnected computing environment. These issues have been identified as essential to deploying an efficient and growth-oriented e-commerce environment.
Yet with all of this effort, no one organization has been able to put the needed components together. Indeed, none can without the concerted effort of existing governments, standards bodies, developers, large customers (users), and infrastructure providers. This forestalls any real electronic commerce and allows mass market implementations to proliferate both at the expense and potentially to the detriment of big business and end-users who are not well protected without adequate infrastructure.
To date, Novell's role has been definitive with numerous discussions, projects, and papers spanning the last two years. Novell has been diligent in its efforts to provide a comprehensive and scalable infrastructure, while meeting market demand for Internet extensibility and flexibility. But despite the infrastructure implications of Novell's e-commerce technologies, Novell's role is not exclusive. Even with Novell addressing many of the underlying security and electronic document issues (as they apply to electronically-mediated communication), there is still need for an expanded view encompassing electronic commerce on a global basis. An industry will be built, and ultimately the key user requirements will prevail.
What Novell Has to Offer
Since Novell is a leader in many of these areas, it is useful to recognize what Novell has to offer, and identify how these capabilities could be applied to enable e-commerce. The following sections describe three key sets of products/technologies that are essential for e-commerce and which could directly support an e-comm strategy.
Novell Directory Services (NDS)
The power and flexibility in the Novell Directory Services model allows the market to design and commoditize services in and around the directory, making it easier and more reliable to host e-commerce services. There is also considerable work underway to enhance NDS as the data store for e-commerce applications and services. Integrating technology for scalability, Federated Partitions, and non-global schema facilitates greater flexibility and administration. Additionally, a host of management utilities such as NAL, and snap-ins to the NWAdmin framework for broader breadth, depth, and ease of management. All of these components are essential to administering and managing the network, its resources, and users working in a global e-commerce environment.
Other important efforts in development for NDS that are required to support an e-commerce infrastructure include:
Support for LDAP with SSL
Global Event Services
Full "native" IP support with multiple protocols
Access control list (ACL) extensions
Public Key Infrastructure (PKI)
There are various proposed solutions to managing the issues of authentication and accountability, but only a global Public Key Infrastructure has the unanimous support of the industry.
IntranetWare, GroupWise, and ManageWise currently offer PKI abilities in their use of cryptographic keys for end-users. Future versions will provide even better management tools.
Novell is currently involved in three related efforts to expand the existing PKI in NDS outward beyond Novell services:
Utah Digital Signature Act
Novell's current role is to supply NDS as the data store and GroupWise as the transport mechanism for digital certificates. The implication for Novell is to prove the value of its technology in a PKI. However, the world is watching, as this test case establishes legal liability for the use of digital certificates. If Utah is successful, it is likely that other states will adopt similar legislation and potentially the Novell solution.
You do not have to wait if you want digital certificates integrated with NDS, albeit not necessarily X.509, but still PKI with e-mail. AT&T's Governments Market demo-ed this ability using an NDS-based PKI in conjunction with their Secret Agent software package which integrates with NDS and GroupWise.
Novell is working to complete technology for certificate infrastructure in addition to the ability NDS has to produce certificates for internal use. This will allow IntranetWare to present itself as a low-assurance Certificate Authority. This allows NDS to act as the directory service for PKI certificate publication and management. Novell can provide NDS as the data store for secrets which can then be used to provide a range of PKI products.
Several governments have legislated in favor of local flavors of cryptography surrounding certificates. Novell plans to support multiple certificate systems--again, an AT&T demonstrated ability. If you are looking for a CA to run with NDS, AT&T has both a PKI as well as a CA/CMS which is multi-platform with regard to their e-mail solutions (including GroupWise).
Novell is working to provide customers, partners, and developers with opportunities surrounding digital signature.
Other Security Technologies
A primary inhibitor of e-commerce is the lack of security in commonly available Internet products. In the area of security, Novell can support an e-commerce infrastructure with:
PKI Framework and Support
Associated with the Novell international cryptography infrastructure are powerful certificate minting and validation capabilities to support a PKI. Novell has defined X.509 extensions for certificates that provide explicit attributes for the quality and security offered by the certificate, and supports distributed validation of authorizations represented in the certificate. These Novell compliant certificates can significantly aid the security and scalability of the PKI.
Network Security Paradigm
E-commerce requires a holistic approach to security for the overall network. In contrast to "point" solutions, Novell has developed security architecture on a total network basis--Novell's Global Security Architecture (NGSA, 1994) and Class C2 (Red Book) Evaluation for networks (1994-1997). In addition, Novell is actively working with international government agencies and various institutions, including those in the US, UK and Germany. As objective third parties, these countries are evaluating and certifying Novell's network security solutions. This "good housekeeping seal" for security addresses customer concern for confidence in deploying e-commerce strategies.
Novell is a leader in providing reliable authentication. Novell's certificates for NDS authentication support distributed validation, meaning Novell can provide reusable credentials so that users log in once using their certificate and other services supporting that certificate process can automatically establish authentication to additional services.
The workstation is the "Achilles Heel" of security in networks in general, and the Internet in particular. If there is to be a compromise in the system, it is most likely to happen here. Since it is users at workstations who must ultimately be accountable for their actions, this capability is a linchpin for practical e-commerce.
In order to conduct effective and productive e-commerce, users will need to interact over the wire, but within the confines of their level of rights and authorization. Novell's Trusted Workstation technology insures a reliable authenticated identity for the workstation user and secures the data for transmission, minimizing the potential of data compromise and potential for unauthorized actions. This includes the ability to evolve in the future to integrate various smart cards and tokens for more reliable authentication of the workstation user.
The first instance of this technology is included in the third party C2/E2 evaluation of Novell networks in the US and Europe.
Via the C2/E2 evaluations in the United States and Europe, Novell is providing a recognizably trusted network configuration for future expansion. This will become increasingly important as electronic commerce expands from workstations transacting over the Internet to workstations and networks interacting across the Internet, enabling business-to-business as well as consumer-to-supplier transactions.
Today's electronic commerce offerings are piecemeal solutions, waiting for better methods upon which to actually perform real comprehensive business activities like those found in large companies. While end-users are often accustomed to their livelihood as everyday business interchanges, there is more to consider when moving people-and-paper processes to the level of electronically-mediated communication. The key issues in creating an e-commerce infrastructure remain largely unaddressed by governments, standards bodies, vendors, and users, while widespread mass access to initial commercial implementations, like those seen on the Internet, are hyped as the "real" future. In short, there is already enough hype about the electronic efficacy of the catalogs and credit card orders, and not enough support for real electronic business activity.
Beyond "point" solutions, real e-commerce as two-way or business-to-business Internet activity does not exist today. Novell customers have the advantages of strong authentication and scalable network technology. With the completion of Novell's Class C2 evaluation in October 1997, customers will have an evaluated basis from which to work and make extension. However, interim "point" solutions must be carefully understood by users, vendors, and governments, lest they be improperly employed and consequentially regulated or legislated against, thereby debarring legitimate participants from entering or expanding in the e-commerce arena.
It must be clearly understood that, today, no company can embark upon a broad and inclusive electronic commerce technology between their employees or with customers from outside with any degree of accountability, scalability, maintainability, and automaticity. There are several obstacles and barriers to international commerce which must be removed before any real e-commerce can develop.
Real electronic commerce will include the flow of international transactions where users and businesses can transact between each other and with governments to achieve their common objectives. The initial missing infrastructure is not the result of a technological inability to create the needed components, but of lack of recognition for those components which must exist and fulfill the need (that is, a "truly" trusted and workable workstation technology from which e-commerce progresses). Developers cannot develop to constructs which do not exist at either the application or infrastructure level. Business cannot work in a one-way security environment, or in one that works only sometimes.
We need a complete e-commerce infrastructure. To be truly effective, e-commerce providers will need an infrastructure which is global in its nature, or recognize that electronic business is closed by national boundaries. Unlike the international mass user and point solutions-based Internet market of today, large organizations are becoming critically aware that they will need to manage accountability and liability in providing any significant level of customer security, especially with end-user customers, but especially in business between themselves in their interactions with employees, partners and suppliers.
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.