E-Commerce: Plan B: Redefining the Corporation Amidst Denial of Service Attacks

For the past six months, business-to-business (B2B) e-commerce has been the darling of the investment community. However, the opportunity for business-to-consumer e-commerce is limited, due to the current conventional thinking by suicidal pricing, low brand loyalty and customer service barriers.

While the B2B mania ignores the simple fact that a huge percentage of the United States is B2C, the scramble to claim B2B mindshare has blurred the distinctions among the different B2B initiatives. At one end of the spectrum, there are companies like VerticalNet, which claims to be the "first mover" in the B2B space. VerticalNet started with a professional-magazine-on-the-Web model and are now aggressively integrating e-commerce services, and setting up storefronts for advertisers and auctions. At the other end, there are companies like Chemdex who have focused on electronic purchasing and integrating their services with companies’ purchasing operations.

Both VerticalNet- and Chemdex-like operations are intriguing, but a more revolutionary approach to B2B e-commerce is represented by the series of deals inked by some of the world’s biggest industrial customers to transform their supply chains into electronic marketplaces. Ford has signed a deal with Oracle to create AutoXChange, an electronic B2B network that will eventually include Ford’s 30,000 suppliers. General Motors has teamed with Commerce One to build GM Marketsite – a "virtual marketplace" for GM’s suppliers, dealers, service providers and affiliated companies. United Technologies Corp. and Honeywell have paired up with I2 Technologies to establish MyAircraft.com, a Web-enabled supply chain that will include multi-enterprise participation, procurement and bid-auction capabilities.

These deals hold tremendous promise for improving the efficiency of multinational industries. Ford, for example, procures more than $80 billion of materials per year. The Chemdex deal, in which CMGI, IBM and Arriba! are also involved, targets the $75 billion worldwide fluid processing market. The aerospace market generates about $500 billion in annual sales. If procurement costs can be cut by a measurable amount, those savings should pass almost directly to the bottom line.

Deals like these represent more than an opportunity to increase the efficiency of a major manufacturer’s supply chain: They may signal the beginning of a reconceptualization of the corporation.

Corporations were created as legal entities to limit the liabilities of individuals, primarily shareholders and managers, in the operation of large businesses. In the 1930s and 1940s, Peter Drucker reconceived the corporation as a self-sustaining organization that had to be managed, taking into account the needs of its employees. E-commerce marketplaces embody the notion that the world’s largest industrial companies, such as Boeing and Ford, can be thought of as markets themselves. In other words, companies like Ford or Boeing compete in the overall market, but have also created substantial markets in which they play the central role. The efficient operation of those corporation-centric markets will lead to the increased profitability of all the participants.

The idea of the corporation as the centerpiece of a relatively defined and self-sustaining market is a radical departure from the conventional wisdom and could serve to redefine relationships among its participants. Different relationships among the players will emerge and different strategies to maximize efficiencies will develop.

But if B2B electronic trading communities are redefining the concept of a corporation, the denial of service (DoS) attacks on Yahoo!, Buy.com, eBay.com and other major public Web services in February demonstrate the vulnerability of Internet-based commerce. Electronic marketplaces require a mix of secure and insecure transmissions. And while it is almost inconceivable that one person could interrupt the entire operation of, let’s say, General Motors, a sole maladjusted individual can apparently bring a Yahoo! to its knees.

The problem of security is pervasive throughout the Internet. The DoS could not have happened without insufficient security on hundreds or thousands of Web servers around the world. While there are at least three known tools for launching DoS attacks, there are also several commercial and free scanning tools available to identify and defeat DoS software. IT managers can also install an "egress filter" to scan the addresses of outgoing messages and intercept them before they cause a problem. Finally, routers allow administrators to block fake packets from entering a network and stop the "echo" functions that help create the data flow that serves as the weapon in a DoS attack.

New technology is under development to counter more sophisticated attacks. For example, RSA Laboratories is working on an approach called the "client puzzle" protocol. This countermeasure allows servers to accept connection requests when there is no evidence of an attack, but only selectively accept requests during an attack.

To date, e-commerce security has been addressed in a fairly narrow way. For many, it has only addressed the question of whether credit card number transmissions are secure. But, if electronic marketplaces really have the power to transform the basic institutions of the economy, and I think they do, security has to be given a much higher priority.

About the Author: Elliot King is an Associate Professor of Communications at Loyola College in Baltimore, Maryland. He can be reached at (410) 356-3943, or via e-mail at eking2@prodigy.net.