基于电子商务的信息安全

外文资料翻译—原文部分E-commerce Information Security ProblemsⅠ. IntroductionE-commerce (E-Business) is in open networks, including between enterprises (B2B), business and consumers (B2C) commercial transactions, compared with the traditional business model, e-commerce with efficient, convenient, covered wide range of characteristics and benefits. However, e-commerce open this Internet-based data exchange is great its security vulnerabilities, security is a core e-commerce development constraints and key issues.In this paper, the basic ideas and principles of systems engineering, analyzes the current security threats facing e-commerce, in this based on security technology from the perspective of development trend of e-commerce.Ⅱ. E-commerce modelModern e-commerce technology has focused on the establishment and operation of the network of stores. Network in the department stores and real stores no distinction between structure and function, differences in their function and structure to achieve these methods and the way business operate.Web store from the front view is a special kind of WEB server. WEB site of modern multimedia support and a good interactive feature as the basis for the establishment of this virtual store, so customers can, as in a real supermarket pushing a shopping cart to select goods, and finally in the checkout check out. These online stores also constitute the three pillars of software: catalog, shopping cart and customer checkout. Customers use an electronic currency and transaction must store customers and stores are safe and reliable.Behind the store in the network, enterprises must first have a product storage warehouse and administration; second network to sell products by mail or other delivery channels to customers hands; Third, enterprises should also be responsible for product after-sales service, This service may be through networks, may not. Internet transactions are usually a first Pay the bill and getting goods shopping. For customers, convenience is that the goods purchased will be directly delivered to their home, but hard to feel assured that the goods can not be confirmed until the hands reach into their own hands, what it is.Therefore, the credibility of the store network and service quality is actually the key to the success of e-commerce.Ⅲ.the key to development of electronic commerceE-commerce in the telecommunications network to develop. Therefore, the advanced computer network infrastructure and telecommunications policy easing the development of electronic commerce has become a prerequisite. Currently, telecom services, high prices, limited bandwidth, the service is not timely or not reliable and so the development of e-commerce has become a constraint. Speed up the construction of telecommunications infrastructure, to break the telecommunications market monopoly, introduce competition mechanism to ensure fair competition in the telecommunications business, to promote networking, ensure to provide users with low-cost, high-speed, reliable communications services is a good construction target network environment, but also all of the world common task.E-commerce the most prominent problem is to solve the on-line shopping, trading and clearing of security issues, including the establishment of e-commerce trust between all the main issues, namely the establishment of safety certification system (CA) issues; choose safety standards (such as SET , SSL, PKI, etc.) problems; using encryption and decryption method and encryption strength problems. Establishment of security authentication system which is the key.Online trading and traditional face to face or written transactions in different ways, it is transmitted through the network business information and trade activities. The security of online transactions means:Validity: the validity of the contract to ensure online transactions, to prevent system failure, computer viruses, hacker attacks.Confidentiality: the content of the transaction, both transactions account, the password is not recognized by others and stealing.Integrity: to prevent the formation of unilateral transaction information and modify.Therefore, the e-commerce security system should include: secure and reliable communications network to ensure reliable data transmission integrity, prevent viruses, hackers; electronic signatures and other authentication systems; complete data encryption system and so on.Ⅳ.e-commerce security issues facingAs e-commerce network is the computer-based, it inevitably faces a number of security issues.(1) Information leakPerformance in e-commerce for the leakage of business secrets, including two aspects: the parties are dealing transactions by third parties to steal the contents; transaction to the other party to provide documents used illegal use by third parties.(2) AlteredE-commerce information for business performance in the authenticity and integrity issues. Electronic transaction information in the network transmission process may be others to illegally modify, delete or re-changed, so that information about its authenticity and integrity.(3) IdentificationWithout identification, third-party transactions is likely to fake the identity of parties to a deal breaker, damage the reputation of being counterfeit or stolen by one party to the transaction fake results and so on, for identification, the transaction between the two sides can prevent suspicion situation.(4) Computer virusesComputer virus appeared 10 years, a variety of new virus and its variants rapidly increasing, the emergence of the Internet for the spread of the virus has provided the best medium. Many new viruses directly using the network as its transmission, as well as many viruses spread faster through dried networks, frequently causing billions of dollars in economic losses.(5) HackerWith the spread of a variety of application tools, hackers have been popular, and are not in the past; non-computer expert can not be a hacker. Have kicked Yahoo's mafia boy did not receive any special training, only a few attacks to the users to download software and learn how to use the Internet on a big dry.Ⅴ.e-commerce security and safety factorsEnterprise application security is the most worried about e-commerce, and how to protect the security of e-commerce activities, will remain the core of e-commerce research. As a secure e-commerce system, we must first have a safe, reliable communication network, to ensure that transaction information secure and rapid transmission; second database server to ensure absolute security against hackers break into networks to steal information. E-commerce security technologies include encryption, authentication technology and e-commerce security protocols, firewall technology.(A), encryption technologyTo ensure the security of data and transactions to prevent fraud, to confirm the true identity of transaction parties, e-commerce to adopt encryption technology, encryption technology is through the use of code or password to protect data security. For encrypted data is called plaintext, specifically through the role of a encryption algorithm, the conversion into cipher text, we will express this change as the cipher text is called encryption, the cipher text by the decryption algorithm to form a clear role in the output of this a process known as decryption. Encryption algorithm known as the key parameters used. The longer the key, the key space is large, traversethe key space the more time spent, the less likely cracked.Encryption technology can be divided into two categories: symmetric encryption and asymmetric encryption. Symmetric encryption to the data encryption standard DES (Data Encryption Standard) algorithm is represented. Asymmetric encryption is usually RSA (Rivets Shamir Aleman) algorithm is represented.(B), authenticationCommonly used security authentication technologies: digital signatures, digital certificates, digital time stamp, CA security authentication technology.(C), hacker protection technologyCurrently, hackers have become the biggest e-commerce security threats, thus preventing hacking network security technology has become the main content, by governments and industry are highly valued. Hacking techniques include buffer overflow attacks, Trojans, port scans, IP fraud, network monitoring, password attacks, and denial of service Dos attacks. At present, people have made many effective anti-hacker technologies, including firewalls, intrusion detection, and network security evaluation techniques.Ⅵ.the future security of e-commerceIncreasingly severe security problems, are growing threat to national and global economic security, governments have been based on efforts in the following areas:(1) Strengthen the legislation, refer to the advanced countries have effective legislation, innovative, e-commerce and improve the protection of the laws against cyber-crime security system.(2) Establishment of relevant institutions, to take practical measures to combat cyber crime. Development of the law, the implementing agencies should also be used for its relevant laws, which must establish an independent oversight body, such as the executing agency to implement the law.(3) Increase investment in network security technology; improve the level of network security technology. E-commerce security law is the prerequisite and basis for development and secure e-commerce security technology is a means of protection. There are many security issues are technical reasons, it should increase the technology resources, and continuously push forward the development of old technologies and developing new security technology.(4) To encourage enterprises to protect themselves against Internet crime against. To avoid attack, companies can not hold things to chance, must attach great importance to system vulnerabilities, in time to find security holes to install the operating system and server patches, and networksecurity detection equipment should be used regularly scan the network monitoring, develop a set of complete security protection system to enable enterprises to form a system and combined with the comprehensive protection system.(5) To strengthen international cooperation to strengthen global efforts to combat cyber crime. As e-commerce knows no borders, no geographical, it is a completely open area, so the action against cyber crime e-commerce will also be global. This will require Governments to strengthen cooperation, can not have "the saying which goes, regardless of others, cream tile" misconception.(6) To strengthen the network of national safety education, pay attention to the cultivation of outstanding computer.Ⅶ. ConclusionE-commerce in China has developed rapidly in recent years, but the security has not yet established. This has an impact on the development of electronic commerce as a barrier.To this end, we must accelerate the construction of the e-commerce security systems. This will be a comprehensive, systematic project involving the whole society. Specifically, we want legal recognition of electronic communications records of the effectiveness of legal protection for electronic commerce; we should strengthen the research on electronic signatures, to protect e-commerce technology; we need to build e-commerce authentication system as soon as possible, to organize protection for electronic commerce. Moreover, for e-commerce features without borders, we should also strengthen international cooperation, so that e-commerce truly plays its role. Only in this way, we can adapt to the times Promoting China's economic development; also the only way we can in the economic globalization today, to participate in international competition, and thus gain a competitive advantage.外文资料翻译—译文部分基于电子商务的信息安全问题一、引言电子商务是基于网络上的包括企业之间（B2B）、企业和消费者之间（B2C）的模式交易。