Overview
Building a complex and secure e-commerce application is a challenge. Fortunately Service Oriented Architecture enables online businesses to incorporate capabilities of external web-services owned by other entities into their own applications. On-demand / SaaS business-model is yet another step on this path – the Service Providers implementing ‘On-demand’ business-model are offering complete business-services that may be integrated into complex business-processes of servicing customers as building blocks with predictable and manageable capabilities. The important part of this arrangement is, that business-services are manageable for the company - consumer, it retains full control over the parameters of particular business-process implemented by Service Provider and corresponding data; any business using external On-demand service is simply outsourcing the technical task of building and maintaining a hardware and software infrastructure meeting particular business-needs to external Service Provider.
The company subscribing to our service operates a separate instance of business-services described below, which means that: consumer (company) has a separate sub-set of end-user accounts demominated in a separate ‘currency’ of consumer; every end-user has in his possession a unique cryptographic material, associated with the account; consumer (company) manages the trust relationship with his client/end-user itself through web-interfaces or web-service interfaces.
June 10, 2005 in 1. Overview | Permalink | Comments (0)
Summary
The ON-LINE CARD ™ Technology Framework is a combination of business-services that can be incorporated by e-commerce providers into their own business-processes. Below we outline the business-functions of each sub-service as well as its technical capabilities.
The ON-LINE CARD™ Technology Framework consists of:
• End-user Trust Infrastructure (EUTI)
business:
- customer acquisition;
- management of customer trust relationship – approval, decline, suspension, termination;
technology:
- digital identity life-cycle management;
- end-user self-service front-end;
- backend for trust relationship management.• Access Control Service (ACS)
business:
- log-in business-process for e-commerce web-sites with enhanced security;
technology:
- two-factor (‘trusted-channel’) end-user authentication business-process.• Consolidated Accounting Service (CAS)
business:
- consolidated accounting of credits and debits authorized by customer and other parties (credits) on a personalized account;
- management of client account status by company;
- CRM functions for transaction dispute resolution;
technology:
- consolidated recording of incoming and outgoing transactions with 'value';
- management of account parameters and properties (permissions);
- role-based CRM functionality tied to transaction records / authenticated messaging.• Logging and Audit Service (LAS)
business:
- law-enforceable logs of individual client and consumer authorizations;
technology:
- immutable logging of individual digitally signed transaction authorizations from trusted end-users and web-service requests from consumer.• Consumer Certificate Authority Service (CCAS)
business:
- issuance of certificates, tied to particular business-functions;
technology:
- issuance of standard (X.509) server certificates, tied to one or several business-functions (type(s) of web-service requests) to consumer.
This section provides a set of resources to help you understand the key concepts that the ON-LINE CARD™ Technology Framework is based on and learn how those concepts and the Service functionality may be integrated into your e-commerce solutions.
June 10, 2005 in 2. Summary | Permalink | Comments (0)
