Business-to-business is a situation where one business makes a commercial transaction with another. This occurs when: A business is sourcing materials for their production process for output. Example- Providing raw material to the other company that will produce output. A business needs the services of another for operational reasons. A business re-sells services produced by others. B2B is contrasted with business-to-consumer. In B2B commerce, it is the case that the parties to the relationship have comparable negotiating power, when they do not, each party involves professional staff and legal counsel in the negotiation of terms, whereas B2C is shaped to a far greater degree by economic implications of information asymmetry. However, within a B2B context, large companies may have many commercial and information advantages over smaller businesses; the United Kingdom government, for example, created the post of Small Business Commissioner under the Enterprise Act 2016 to "enable small businesses to resolve disputes" and "consider complaints by small business suppliers about payment issues with larger businesses that they supply."Business-to-Business companies represent a significant part of the United States economy.
This is true in firms of 500 employees and above, of which there were 19,464 in 2015, where it is estimated that as many as 72% are businesses that serve other businesses. In many cases, the overall volume of B2B transactions is much higher than the volume of B2C transactions; the primary reason for this is that in a typical supply chain there will be many B2B transactions involving subcomponents or raw materials, only one B2C transaction the sale of the finished product to the end customer. For example, an automobile manufacturer makes several B2B transactions such as buying tires, glass for windows, rubber hoses for its vehicles; the final transaction, a finished vehicle sold to the consumer, is a single transaction. "Matesourcing" is the phenomenon where businesses seek business support from family and friends rather than obtaining business services from other businesses on a commercial basis. In 2011, UK business PC World published research commissioned from Trends Research which found that British SME's are asking family and friends for IT problem-solving and purchasing advice services.
Vertical B2B is oriented to manufacturing or business. It can be divided into two directions -- downstream. Producers or commercial retailers can have a supply relationship with upstream suppliers, including manufacturers, form a sales relationship; as an example, Dell company is working with upstream suppliers of integrated circuit microchips and computer printed circuit boards. A vertical B2B website can be similar to the enterprise's online store. Through the website, the company can promote their products vigorously, more efficiently and more comprehensively which enriches transactions as they help their customers understand their products well. Or, the website can be created for business, where the seller advertises their products to promote and expand transactions in an intuitive and convenient way. Horizontal B2B is the transaction pattern for the intermediate trading market, it concentrates similar transactions of various industries into one place, as it provides a trading opportunity for the purchaser and supplier involving companies that do not own the products and do not sell the products.
It is a platform to bring sellers and purchasers together online. The better platforms help buyers find information about the sellers and the relevant information about the products via the website. Along the way, B2B has matured but despite the good momentum, it still has an immature side; the majority of the immaturity is in online collaboration. These have not been developed. Boston Consulting Group conducted a survey through in-depth interviews with online traders. BCG believes that the current B2B online trading model cannot simulate the traditional B2B offline trading model. Half of the survey group indicated online transactions still need to coordinate with traditional offline communications to complete the entire transaction process; the report pointed out that with the maturity of the B2B and the improvement of the price comparison mechanism, pressure on the sellers will increase. The survey found that some of the sellers felt a lot of pressure brought on by the price comparison; this report presents another valuable analysis in the development trend of the B2B market.
It pointed out. They do not expect diversification of the trading platforms; this is the same perspective as the trading platforms. The trading platforms hope to integrate instead of having more competitors. Account manager B2B e-commerce Business-to-consumer Business-to-government Customer to customer
An authentication protocol is a type of computer communications protocol or cryptographic protocol designed for transfer of authentication data between two entities. It allows the receiving entity to authenticate the connecting entity as well as authenticate itself to the connecting entity by declaring the type of information needed for authentication as well as syntax, it is the most important layer of protection needed for secure communication within computer networks. With the increasing amount of trustworthy information being accessible over the network, the need for keeping unauthorized persons from access to this data emerged. Stealing someone's identity is easy in the computing world - special verification methods had to be invented to find out whether the person/computer requesting data is who he says he is; the task of the authentication protocol is to specify the exact series of steps needed for execution of the authentication. It has to comply with the main protocol principles: A Protocol has to involve two or more parties and everyone involved in the protocol must know the protocol in advance.
All the included. A protocol has to be unambiguous - each step must be defined precisely. A protocol must be complete - must include a specified action for every possible situation. An illustration of password-based authentication using simple authentication protocol: Alice and Bob are both aware of the protocol they agreed on using. Bob has Alice's password stored in a database for comparison. Alice sends Bob her password in a packet complying with the protocol rules. Bob checks the received password against the one stored in his database, he sends a packet saying "Authentication successful" or "Authentication failed" based on the result. This is an example of a basic authentication protocol vulnerable to many threats such as eavesdropping, replay attack, man-in-the-middle attacks, dictionary attacks or brute-force attacks. Most authentication protocols are more complicated. Protocols are used by Point-to-Point Protocol servers to validate the identity of remote clients before granting them access to server data.
Most of them use a password as the cornerstone of the authentication. In most cases, the password has to be shared between the communicating entities in advance. Password Authentication Protocol is one of the oldest authentication protocols. Authentication is initialized by the client sending a packet with credentials at the beginning of the connection, with the client repeating the authentication request until acknowledgement is received, it is insecure because credentials are sent "in the clear" and making it vulnerable to the most simple attacks like eavesdropping and man-in-the-middle based attacks. Although supported, it is specified that if an implementation offers a stronger authentication method, that method must be offered before PAP. Mixed authentication is not expected, as the CHAP authentication would be compromised by PAP sending the password in plain-text; the authentication process in this protocol is always initialized by the server/host and can be performed anytime during the session repeatedly.
Server sends a random string. The client uses password and the string received as parameters for MD5 hash function and sends the result together with username in plain text. Server compares the calculated and received hash. An authentication is unsuccessful. EAP was developed for PPP but today is used in IEEE 802.3, IEEE 802.11 or IEEE 802.16 as a part of IEEE 802.1x authentication framework. The latest version is standardized in RFC 5247; the advantage of EAP is that it is only a general authentication framework for client-server authentication - the specific way of authentication is defined in its many versions called EAP-methods. More than 40 EAP-methods exist, the most common are: EAP-MD5 EAP-TLS EAP-TTLS EAP-FAST EAP-PEAP Complex protocols used in larger networks for verifying the user, controlling access to server data and monitoring network resources and information needed for billing of services; the oldest AAA protocol using IP based authentication without any encryption. Version XTACACS added authorization and accounting.
Both of these protocols were replaced by TACACS+. TACACS + separates the AAA components thus they can be handled on separate servers, it encrypts the whole packet. TACACS+ is Cisco proprietary. Remote Authentication Dial-In User Service is a full AAA protocol used by ISP. Credentials are username-password combination based, it uses NAS and UDP protocol for transport. Diameter evolved from RADIUS and involves many improvements such as usage of more reliable TCP or SCTP transport protocol and higher security thanks to TLS. Kerberos is a centralized network authentication system developed at MIT and available as a free implementation from MIT but in many commercial products, it is the default authentication method in Windows 2000 and later. The authentication process itself is much more complicated than in the previous protocols - Kerberos uses symmetric key cryptography, requires a trusted third party and can use public-key cryptograp
Multi-factor authentication is an authentication method in which a computer user is granted access only after presenting two or more pieces of evidence to an authentication mechanism: knowledge and inherence. Two-factor authentication is a subset, of multi-factor authentication, it is a method of confirming users' claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. A good example of two-factor authentication is the withdrawing of money from an ATM. Two other examples are to supplement a user-controlled password with a one-time password or code generated or received by an authenticator that only the user possesses. Two-step verification or two-step authentication is a method of confirming a user's claimed identity by utilizing something they know and a second factor other than something they have or something they are. An example of a second step is the user repeating back something, sent to them through an out-of-band mechanism.
Or, the second step might be a six digit number generated by an app, common to the user and the authentication system. The use of multiple authentication factors to prove one's identity is based on the premise that an unauthorized actor is unlikely to be able to supply the factors required for access. If, in an authentication attempt, at least one of the components is missing or supplied incorrectly, the user's identity is not established with sufficient certainty and access to the asset being protected by multi-factor authentication remains blocked; the authentication factors of a multi-factor authentication scheme may include: some physical object in the possession of the user, such as a USB stick with a secret token, a bank card, a key, etc. some secret known to the user, such as a password, PIN, TAN, etc. some physical characteristic of the user, such as a fingerprint, eye iris, typing speed, pattern in key press intervals, etc. Somewhere you are, such as connection to a specific computing network or utilizing a GPS signal to identify the location.
Knowledge factors are the most used form of authentication. In this form, the user is required to prove knowledge of a secret. A password is a secret word or string of characters, used for user authentication; this is the most used mechanism of authentication. Many multi-factor authentication techniques rely on password as one factor of authentication. Variations include both longer ones formed from multiple words and the shorter, purely numeric, personal identification number used for ATM access. Traditionally, passwords are expected to be memorized. Many secret questions such as "Where were you born?" are poor examples of a knowledge factor because they may be known to a wide group of people, or be able to be researched. Possession factors have been used for authentication in the form of a key to a lock; the basic principle is that the key embodies a secret, shared between the lock and the key, the same principle underlies possession factor authentication in computer systems. A security token is an example of a possession factor.
Disconnected tokens have no connections to the client computer. They use a built-in screen to display the generated authentication data, manually typed in by the user. Connected tokens are devices; those devices transmit data automatically. There are a number including card readers, wireless tags and USB tokens. A software token is a type of two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer, laptop, PDA, or mobile phone and can be duplicated. A soft token may not be a device. A certificate loaded onto the device and stored securely may serve this purpose as well; these are factors associated with the user, are biometric methods, including fingerprint, voice, or iris recognition. Behavioral biometrics such as keystroke dynamics can be used. A fourth factor is coming into play involving the physical location of the user. While hard wired to the corporate network, a user could be allowed to login utilizing only a pin code while off the network entering a code from a soft token as well could be required.
This could be seen as an acceptable standard. Systems for network admission control work in similar ways where your level of network access can be contingent on the specific network your device is connected to, such as wifi vs wired connectivity; this allows a user to move between offices and dynamically receive the same level of network access in each. Many multi-factor authentication vendors offer mobile phone-based authentication; some methods include push-based authentication, QR code based authentication, one-time password authentication, SMS-based verification. SMS-based verification suffers from some security co
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient strong reason to believe that the message was created by a known sender, that the message was not altered in transit. Digital signatures are a standard element of most cryptographic protocol suites, are used for software distribution, financial transactions, contract management software, in other cases where it is important to detect forgery or tampering. Digital signatures are used to implement electronic signatures, which includes any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, Turkey, Brazil, Mexico, Saudi Arabia, Uruguay and the countries of the European Union, electronic signatures have legal significance. Digital signatures employ asymmetric cryptography. In many instances they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender.
Digital seals and signatures are equivalent to stamped seals. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, must be implemented properly to be effective. Digital signatures can provide non-repudiation, meaning that the signer cannot claim they did not sign a message, while claiming their private key remains secret. Further, some non-repudiation schemes offer a time stamp for the digital signature, so that if the private key is exposed, the signature is valid. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol. A digital signature scheme consists of 3 algorithms; the algorithm outputs a corresponding public key. A signing algorithm that, given a private key, produces a signature.
A signature verifying algorithm that, given the message, public key and signature, either accepts or rejects the message's claim to authenticity. Two main properties are required. First, the authenticity of a signature generated from a fixed message and fixed private key can be verified by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party without knowing that party's private key. A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a signature; the Digital Signature Algorithm, developed by the National Institute of Standards and Technology, is one of many examples of a signing algorithm. In the following discussion, 1n refers to a unary number. Formally, a digital signature scheme is a triple of probabilistic polynomial time algorithms, satisfying: G generates a public key, a corresponding private key, on input 1n, where n is the security parameter.
S returns a tag, t, on the inputs: the private key, a string. V outputs accepted or rejected on the inputs: the public key, a string, a tag. For correctness, S and V must satisfy Pr = 1. A digital signature scheme is secure if for every non-uniform probabilistic polynomial time adversary, A Pr < negl,where AS denotes that A has access to the oracle, S, Q denotes the set of the queries on S made by A, which knows the public key, pk, the security parameter, n. Note that we require any adversary cannot directly query the string, x, on S. In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital signature scheme, although they only conjectured that such schemes existed based on functions that are trapdoor one-way permutations. Soon afterwards, Ronald Rivest, Adi Shamir, Len Adleman invented the RSA algorithm, which could be used to produce primitive digital signatures; the first marketed software package to offer digital signature was Lotus Notes 1.0, released in 1989, which used the RSA algorithm.
Other digital signature schemes were soon developed after RSA, the earliest being Lamport signatures, Merkle signatures, Rabin signatures. In 1984, Shafi Goldwasser, Silvio Micali, Ronald Rivest became the first to rigorously define the security requirements of digital signature schemes, they described a hierarchy of attack models for signature schemes, presented the GMR signature scheme, the first that could be proved to prevent an existential forgery against a chosen message attack, the accepted security definition for signature schemes. The first such scheme, not built on trapdoor functions but rather on a family of function with a much weaker required property of one-way permutation was presented by Moni Naor and Moti Yung. One digital signature scheme is based on RSA. To create signature keys, generate a RSA key pair containing a modulus, N, the product of two random secret distinct large primes, along w
Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line login and remote command execution, but any network service can be secured with SSH. SSH provides a secure channel over an unsecured network in a client–server architecture, connecting an SSH client application with an SSH server; the protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22. SSH is used to access Unix-like operating systems, but it can be used on Microsoft Windows. Windows 10 uses OpenSSH as its default SSH client. SSH was designed as a replacement for Telnet and for unsecured remote shell protocols such as the Berkeley rlogin and rexec protocols; those protocols send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH, allowing them to read the contents of SSH sessions.
SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several ways to use SSH. Another is to use a manually generated public-private key pair to perform the authentication, allowing users or programs to log in without having to specify a password. In this scenario, anyone can produce a matching pair of different keys; the public key is placed on all computers that must allow access to the owner of the matching private key. While authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key owns the matching private key. In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user. On Unix-like systems, the list of authorized public keys is stored in the home directory of the user, allowed to log in remotely, in the file ~/.ssh/authorized_keys.
This file is respected by SSH only if it is not writable by anything apart from the root. When the public key is present on the remote end and the matching private key is present on the local end, typing in the password is no longer required. However, for additional security the private key itself can be locked with a passphrase; the private key can be looked for in standard places, its full path can be specified as a command line setting. The ssh-keygen utility produces the private keys, always in pairs. SSH supports password-based authentication, encrypted by automatically generated keys. In this case, the attacker could imitate the legitimate server side, ask for the password, obtain it. However, this is possible only if the two sides have never authenticated before, as SSH remembers the key that the server side used; the SSH client raises a warning before accepting the key of a new unknown server. Password authentication can be disabled. SSH is used to log into a remote machine and execute commands, but it supports tunneling, forwarding TCP ports and X11 connections.
SSH uses the client-server model. The standard TCP port 22 has been assigned for contacting SSH servers. An SSH client program is used for establishing connections to an SSH daemon accepting remote connections. Both are present on most modern operating systems, including macOS, most distributions of Linux, OpenBSD, FreeBSD, NetBSD, Solaris and OpenVMS. Notably, versions of Windows prior to 1709 do not include SSH by default. Proprietary and open source versions of various levels of complexity and completeness exist. File managers for UNIX-like systems can use the FISH protocol to provide a split-pane GUI with drag-and-drop; the open source Windows program WinSCP provides similar file management capability using PuTTY as a back-end. Both WinSCP and PuTTY are available packaged to run directly off a USB drive, without requiring installation on the client machine. Setting up an SSH server in Windows involves enabling a feature in Settings app. In Windows 10 version 1709, an official Win32 port of OpenSSH is available.
SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-based virtual machine directly on the Internet. An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine. In 1995, Tatu Ylönen, a researcher at Helsinki University of Technology, designed the first version of the protocol prompted by a password-sniffing attack at his university network; the goal of SSH was to replace the earlier rlogin, TELNET, FTP and rsh protocols, which did not provide strong authentication nor guarantee confidentiality. Ylönen released his implementation as freeware in July 1995, an