关于电子商务安全的英文参考文献要求有参考文献的各个要素都有(像出版时间,几卷几期啊) 一两篇即可是参考文献啦 不是摘要翻译!
来源:学生作业帮助网 编辑:作业帮 时间:2024/11/17 23:47:38
关于电子商务安全的英文参考文献要求有参考文献的各个要素都有(像出版时间,几卷几期啊) 一两篇即可是参考文献啦 不是摘要翻译!
关于电子商务安全的英文参考文献
要求有参考文献的各个要素都有(像出版时间,几卷几期啊) 一两篇即可
是参考文献啦 不是摘要翻译!
关于电子商务安全的英文参考文献要求有参考文献的各个要素都有(像出版时间,几卷几期啊) 一两篇即可是参考文献啦 不是摘要翻译!
电子商务安全技术的分析与研究
2007-10-12 With the network technology and the rapid development of information technology, e-commerce has been growing a wide range of applications, more and more businesses and individuals rely on e-commerce users quick and efficient. It appears not only to the development and expansion of Internet has provided a new opportunity, but also to the business community into a great power. But e-commerce is based on vector-based computer network and a large number of important status information, accounting information, transaction information needed to carry out in-line transmission, in such circumstances, security issues become a priority issue.
Second, the current e-commerce security issues
1. Network protocol security issue: At present, TCP / IP protocol is the most widely used network protocol, but TCP / IP itself, characterized by openness, enterprise and users of electronic transactions in the course of the data is the form of packet transmission, malicious attackers can easily launch an e-commerce site to a packet interception, or even modify the data packets and counterfeiting.
2. Users of information security issues: At present, the most important form of e-commerce is based on B / S (Browser / Server) structure of the e-commerce sites, users log on using the browser network transactions, as a result of the user in the registry may be used in public computer, such as Internet cafes, offices, computers, etc., then if they have a malicious Trojan horse computer program or virus, the user's login information such as user names, passwords may be the risk of loss.
3. E-commerce Web site security issue: that there are some companies established themselves in the design of e-commerce site will have a number of production security, server operating system itself, there will be loopholes, unscrupulous attackers to enter the e-commerce site if a large number of user information and transaction information will be stolen, enterprises and users to incalculable losses.
C, e-commerce security requirements
1. The effectiveness of service requirements: e-commerce system should be able to prevent the occurrence of service failures to prevent failure due to network attacks and viruses and other system factors such as suspension of services to ensure that transaction data can be transmitted quickly and accurately.
2. Trading requirements of the confidentiality of information: e-commerce systems to deal with the information sent by users of encryption to effectively prevent the interception of information to decipher, at the same time to prevent unauthorized access to information.
3. Data integrity requirements: the number refers to the integrity of data processing, the original data and existing data is fully consistent between. In order to safeguard the seriousness of business dealings and fair, the transaction documents is not being modified, there will be damage to the commercial interests of the party.
4. The requirements of authentication: e-commerce systems should provide safe and effective authentication mechanism to ensure that transaction information between the two sides are legitimate and effective in order to avoid trade disputes, to provide a legal basis.
D, e-commerce security measures
1. Data encryption technology. Data encryption is the most basic e-commerce information system security precautions. The principle is that information on the use of encryption algorithm will be converted into explicit rules according to a certain encryption ciphertext generated after the transmission, thus ensuring the confidentiality of data. The use of data encryption technology can solve the information requirements of the confidentiality of its own. Data encryption technology can be divided into symmetric key encryption and asymmetric key encryption.
(1) symmetric key encryption (SecretKeyEncryption). Symmetric key encryption also known as secret / Private key encryption, that is, send and receive data between the parties must use the same key for encryption and decryption explicitly computing. Its advantage is encryption, decryption speed, suitable for large amount of data encryption, to ensure data confidentiality and integrity; drawback is that when the large number of users, distribution and management is very difficult to key on.
(2) non-symmetric key encryption (PublicKeyEncryption). Non-symmetric-key encryption also known as public key encryption, it mainly refers to each person only has a pair of corresponding keys: public key (the public key) and private key (the private key) public key public, private saved by the personal secret, a key used to encrypt them, they can only use the other to decrypt the key. Asymmetric key encryption algorithm is the advantage of easy distribution and management, the shortcomings of the algorithm complexity, encryption slow.
(3) the complexity of encryption technology. As a result of these two types of encryption technology, each the length of the relatively common practice is to integrate the two technologies. For example, the use of information to send the information symmetric key encryption, ciphertext generated after the recipient's public key to use symmetric key encryption to generate the number of envelopes, then the number of ciphertext envelope and sent to the receiver at the same time, the receiving party by the opposite clear direction after decryption.
2. Digital signature technology. Digital signature is generated through specific password computing the composition of a series of symbols and codes for a signature key, to replace the written signature or seal, this electronic signature technology can also be carried out to verify, verify the accuracy of its general manual signature and verification seal unmatched. Digital signature technology to ensure the integrity of information transfer and non-repudiation.
3. Accreditation agencies as well as digital certificates. E-commerce transactions due to the general users will not have face to face, so the two sides of the transaction identification is to protect the safety of the premise of e-commerce transactions. Certification body is a public and credible third party to confirm the identity of both parties, the digital certificate is signed by the certification body, including the identity of the owner of public key information as well as the public key of the document. Paid in the transaction process, participants must use the Certification Center of the digital certificate issued to prove his identity.
4. The use of Secure Electronic Transaction protocol (SET: Secure Electronic Transactions). By two major credit cards VISA and MasterCard standards organizations. SET for the division of e-commerce activities and to define the rights and obligations of the parties to the relationship between a given transaction information transmission process standards. SET protocol guarantees the confidentiality of e-commerce systems, integrity, non-repudiation of the legitimacy and identity.
不知道