互联网金融外文文献翻译 2

互联网金融电子银行外文文献翻译2014年译文3050字大数据Finance's Impact on nal FinanceAbstract:As we enter the era of web 2.0.banks now have full access to the。

age。

The large amount of data available on the。

has a profound effect on the XXX。

XXX。

The。

has brought about a new era of financial development。

with the rapid growth of。

XXX。

this growth has also XXX。

talent resources。

and system XXX are just a few of the XXX finance。

The development of。

XXX。

With the rise of。

companies。

XXX of the financial industry。

The。

has created a new market for financial services。

and XXX。

This has led to XXX。

The。

has XXX With the large amount of data available on the。

banks can now use this data to better XXX services。

This has led to XXX。

However。

XXX XXX。

In n。

the growth of。

finance has led to XXX around the world are now paying closer n to the financial industry。

外文出处：DeBonisR, Silvestrini A. Internet finance and its influence ontraditional banking [J]. Applied FinancialEconomics, 2016,3(5):409-425.原文Internetfinanceanditsinfluenceontraditionalbanking DeBonisR, SilvestriniAA b stractsWith the rapid development of information technology, Internet financialmodel graduallyrise.ThispapersummarizestheInternetfinancialmodelonthebasisofth e concept, features and functions of Internet financial model in strategy,customer channels,financing, pricingand financial disintermediation of the impact of the tra di ti o nal c om mercial bank. T his paper a r g ue s t hat Inte rne t financ i al m ode l in the short term will not stand in the way of commercial bank's traditional business modelandprofit,butinthelongtermcommercialBanksshoulduseoftheInternetfinancial model,in order to obtain the new development. At the same time, the sustainedandhealthy development of the Internet industry to rely on Internet financialenterprises e lf-di s c i pli ne,posit i ve i nnovat i on,but a lsoattrac t m orec us t ome rs,strengt he nt h e construction ofsystemsecurity.Key words: Financial innovation; Internet financial; FinancialdisintermediationAt p r e s ent, m obi le payment, online ba nking, m obil e ba nki ng and financ i al businessinChina'sbooming financialinnovationssuchascloud,thusformedanew kind of financial model -- the Internet finance. Big data era and brand creation,spread tothedevelopmentoffinancialinstitutionsisbothachallengeandopportunity.Alo ng with the development of the Internet financial, emerging Internet traditionalfinancialcompanies and financial institutions will be a fierce competition, the future mayeven change thetraditional financial management mode and operationpattern. The Inter net financial concepts, features andfunctions Theconcept of the Inter net financial.After years of development, Internet companies stay in business does not providetechnicalsupporttofinancialinstitutionsandservicelevel,thedataaccumulated through the depth of mining information, to expand our business to thefinancial sector,buildfinancialmodelsandInternetbecometheemergingfieldofcombining inf orm a ti on technol o g ya ndca pi ta l.I nt e rne tfina n ci a lmodelisdiffer e ntfromindirectfinancing of commercial bank, it is also different from directfinancing capital market'sthirdfinancialfinancingmodel.Fromthe perspectiveofthe financingmode of Internet financial mode in essence is a kind of direct financing mode. Butcompared withthetraditionalmodeofdirectfinancing,Internetfinancingmodelhasalarge am ount ofinforma t ion,l ow e r transa c tioncost s,hig he ffic i en c y,et c.Adoptappropria t eth e Internet finance is a kind of financial model in the information age. Theauthor believesthattheInternetfinanceisbasedonmoderninformationtechnologyin financia l activities, with functions of financing, payment and transactionintermediary.Thecharacteristicsofthe Internetfinancial.Availabili t y of f i nancia l resources. Financia l exclusi on is defined as: people i nthefinancialsystemlackaconditioninwhichthe share of financial services,includingthesocialvulnerablegroupsinthelackofwaysormethodsiscloseto financialinstitutions,aswellasintheuseoffinancialproductsorfinancialservicesexist difficulties and obstacles. The current management mode,thetraditionalcom m ercia l Banks un able t o effi ci ent ly deal with small comp ani es, and part ofth eindividual customer's business requirements, lead to the financial exclusion of certaincustomers .Internet financial mode, the customer can break through the geographical restrictions, on the Internet looking for financial resources, alleviate thefinancialexclusion, enhance the level of socialwelfare.Trading the relative information. The traditional financing mode, thefinancial institutionstoobtaininvestmententerprises,especiallysmallmicroenterprise inform ation cost is higher, income and cost does not match. Internetfinancial generationanddisseminationofinformation throughsocial network, any enterpriseandindividualinformationwillcontactwithothersubjects.Bothpartiestocollect inform ation via the Internet, can be more comprehensive understanding of a businessor personal financial and credit situation, reduce the information asymmetry. Whenloandefault object, Internet financial enterprises through public default and reducing rating information, increase the cost ofdefault.The allocation of resources to mediation. The traditionalfinancing mode, the money s upplyand de m and both s i des inform a ti on often don't m a t c h.Capitaldemanders can't get the money in time to support at the same time, capitalsuppliers also can't find good investment projects. Internet financial mode, the money supply anddemandbothsidesnolongerneedtheintermediaryinstitutionssuchasBanksor exch angeset,canbedonethroughthenetworkplatformtoinformationscreening,ma t chi ng, pricing and tra di ng, di sintermediation effect isobvious.The Inter net financialfunction.The platform function Financial enterprises establish the platform ofnetwork financial via the Internet, customers can choose the suitable financial products,justmove your fingers, which can carry out payment, loan, investment, financialactivities,s uc h as convenient and quick, from running er r ands, and w a iti ng f or c us tome r.The allocation of resources(i.e.,financing) function. Internet financialisessentiallyawayofdirectfinancing.Internetfinancialmode,wecaneasilycheck counter party transaction records; To find the right risk management tools andriskdiversification; In-depth analysis the data by information technology,comprehensiveand i n-depth master competitors in form atio n, improve the effi c iency ofr e s o urce allocation.Asthe Internetfinancialmodel,the conceptof"sincethe financial"arisesatthehistoricmoment.3,paymentfunction.Internetfinancial mode, between merchants and customers to pay by a third party to complete, convenient,efficient,lower cost. The third party payment or will weaken the commercial bank, the statusofthe traditional payment platform. At present, the people's bank of China for about200third-party payment companies issued payment business license. In 2012, our country third party online payment market size of 3.8trillion.Information gatheringand processing.Traditional financialmode, theinformationresourcesdispersed,confuseddataisdifficult toeffectivelyhandlethe application. Internet financial mode, people use"cloudcomputing"principle,information asymmetry, thepyramid can be flattened, realize the standardizationofdata, structured, increasing the service efficiency of the data.Second, the Internet's influence on the traditional commercial bankingfinancial mode to review the financial strategy, to adapt to the challenges of the Internet fina nc ial model. The emergence of the Int e rnet f i nancial m o delfor s m al l andmedium-sized bank provides an opportunity to competewith the big Banks. If you canmakegooduseofthismodel,thepositiveinnovation,willcatchupwiththebig Banks in some emerging business, the formation of competitiveness. Traditional bankingmaybebecauseoftheInternet financialmodelchangeinthecompetitive la n dscape.SomeInternetcom pa niesha v enots a ti s fyon lydo t hird-pa rtyonl i nepayment platform, but with the advantages of data accumulation andinformation mining,directlytothesupplychain,smallmicroenterprisecreditfinancingexpansi on,the future may impact the core of the traditional banking business, rob Bankscustomerresources,alternative physical channels, overturning traditionalbankma na gement mode and profitable w ay.The development of banking customer andchannelThe customer is the basis ofcommercial Banks and other financial institutionsto the business. Internet financial model for commercial Banks to expand thecustomerbase. In 2012, the global Internet users up to 2012 people; Chinese Internet users is565 m i ll i on (2), the numbe r of onlin e s hoppi ng, 193 million (3).U nde r the modeof Internetfinancial,commercialBankscanbecombinedwithits ownstrategy,on theonehand,toattractnewcustomers;Ontheotherhand,increase customer adhesiveness, close business relationship with clients. Internet financial mode, thebank may change to traditional target audience and traditional physicalnetworkadvantages weakening, the pursuit of diversification personalized service of smalland medium-sized enterprises and individual customers more inclined to participate in a variety of financial transactions via the Internet. Commercial Banks willchange traditionalvaluecreationandrealizationway,abletoprovidefast,lowcostservicesoffin ancial institutionsto get marketfavor.Improve efficiency of resource allocation, effectively solve the smallmicroenterprise financing difficult problem.Internet financial companies with large data, cloud computing, and microlending technology. These three technologies can make a comprehensive understandingofthe Internetfinancialinstitutionsthebusinesspracticesofsmallbusinessesandindividual custom e rs and c redit ra ting, and esta bl ish a database and ne t w o rk c r edit sys t em. Inthecredit review, investors will network trading and credit history as a referenceand analysisindicators.Loanobjectsuchasadefault,financialfirmsstillcanusethe Internetnetworkplatformtocollectandpublishinformation,increasingdefaultcost,red ucetheriskofinvestors,intheserviceofsmallandmedium-sizedenterprise fina n cin g, a nd personal l oans has a unique advantage. T here f or e, t he Int e r n etfi n an c ialmodelcangobeyondthetraditionalfinancingwayofresourceallocationeffic iency,significantlyreducetransactioncosts,stronglysupportthedevelopmentofthereal economy. Thepricediscoveryfunction,andpromote themercerizationofinterest rate.Int e rne t fi nan c ial m ode l ca n obj e ctivel y r e fle c t the mar ke ts uppl y a nd d e mand bothsidespricepreferences, commercial Banks and other financial institutionsrespond to interest rate marketization.Debit offer Internet financial as a trading platform, funds, credit on the basis of the liquidity preference choice, risk factors,such as loan object, the two sides bargaining to clinch a deal, tradingmarketcom pl et e ly. W i t h m arket-ori ented inter es t r a te, financialinstituti ons ca nnotcompletelydependontheguidanceofthecentralbank'sbenchmarkrate,shouldtaketheinitiativetofindbenchmarkinterestratesinthemarket .TheInternetmode,financial institutions, financial market interest rate movements can be done viatheInternet, determine specific customer base interest rates. If can also in-depthstudyofdatamining,canevenformcompletelydeterminedbythemarket"rateindex",soas to improve the loanpricing.To speed up financial disintermediation.Traditional Banks inthe financial business,mainly ACTS as afinancialintermediaryfunction. Internet financial will acceleratefinancial disintermediation,make the funds of commercial Banks intermediary function marginalized. IntheInternet financial mode, Internet companies to provide financial search platform forcapitalsupplyanddemand,asmoneyinformationintermediaryrole.Fromthe perspectiveoffinanc ing,capitalsupplyanddemandbothsidesusingsearchplatform fortradingobject,afterthefinanci ngdealisdonebybothsides.Fromtheperspective of t h e pa y third-party payme nt pla t form, ca n provide c us t ome r s wit h paying,automatic collecting and transfer the remittance and settlement and paymentservices,with the traditional bank payment form instead.Third, the Internet financial mode development trendand strategy of commercialBanks.Overall,theInternetfinancial institutions development speed is fast,b ut the vol umeisre lat ive ly smal l,s h ort-te rm w ou ldnots ha kecomm e rcialbank's traditional business model and profit way. Sustained and healthy development ofthe financialindustry,theauthorthinksthat,theInternet,needtopayattentiontothe following four points: first, the Internet financial enterprises shouldself-discipline,business development can notdrill loophole legal and regulatory loopholes, shouldbeto support the rea l e c onomy as the start i ng point. Sec ond, the I nternet f inanci a l enterprisesshouldactivelyinnovation,andconstantlygraftfunctionof financialservicesandinformationtechnology,explorenewbusinessareas,complementarywith th e traditional financial business model. Again, the Internet financial enterprises touseits own resources,breakthe geographical boundaries,attract morecustomers,opera t in g a s "ma k ing a fool of. Fina l ly, the Inte rne t fi nan c ial enterpr i sesshould strengthentheconstructionofsystemsecurity,toensurethesafetyof capital,informationofthetrader. Fromthesocialenvironment, peopleshould give the Internet financial enterprises more open and tolerant attitude. Under the premiseofguarantee the financial stability and security, relevant departments can considertobreak through the geographical, trade restrictions, encourage financialindustry competition, safeguardsocial financial ecologicalenvironment.Traditional model of commercial Banks in the Internet age still mercialBanks'capitalstrength,cognitiveandhighcreditstanding,perfectinfrastructure,physicaloutletsarewidelydistributed, entitybank can establish the trust of the tangible. In addition to providing traditional commercial bankloanbusiness, wealth depository and provide payment and settlement business media, alsoforthesocietytoprovideliquidityinsurance,supportnormaleconomicactivity.Some financial business needs professional experience judgment, informationtechnology cannot completely replace the face the vigorous development of the Internet financial bus i ness, comme rc ia l B a nks and other financi a l i ns t i tut i ons should pa y c l osea t te nt ionto the development of the Internet financial trends, changing the conceptof development, actively adjust strategy. Commercial Banks to use the Internet financial mode, can deep integration of Internet technology and the bank's corebusiness,improve customer service quality, expand the service channels, improve the level of business, t o ada pt to the Int e rnet fina ncia l model to the impac t of t he tradi t iona l financial pattern, obtain new development. Based on comparative advantage, in support, service the real economy At the same time, create value for shareholders.译文互联网金融以及它对传统银行业的影响作者：伯尼斯；席尔瓦尼摘要随着信息技术的快速发展，互联网金融模式逐渐兴起。

互联网金融安全中英文对照外文翻译文献中英文对照外文翻译文献(文档含英文原文和中文翻译)Database Security in a Web Environment IntroductionDatabases have been common in government departments and commercial enterprises for many years. Today, databases in any organization are increasingly opened up to a multiplicity of suppliers, customers, partners and employees - an idea that would have been unheard of a few years ago. Numerous applications and their associated data are now accessed by a variety of users requiring different levels of access via manifold devices and channels – often simultaneously. For example:• Online banks allow customers to perform a variety of banking operations - via the Internet and over the telephone – whilst maintaining the privacy of account data.• E-Commerce merchants and their Service Providers must store customer, order and payment data on their merchant server - and keep it secure.• HR departments allow employees to update their personal information –whilst protecting certain management information from unauthorized access.• The medical profession must protect the confidentiality of patient data –whilst allowing essential access for treatment.• Online brokerages need to be able to provide large numbers of simultaneous users with up-to-date and accurate financial information.This complex landscape leads to many new demands upon system security. The global growth of complex web-based infrastructures is driving a need for security solutions that provide mechanisms to segregate environments; perform integrity checking and maintenance; enable strong authentication andnon-repudiation; and provide for confidentiality. In turn, this necessitates comprehensive business and technical risk assessment to identify the threats,vulnerabilities and impacts, and from this define a security policy. This leads to security definitions throughout the infrastructure - operating system, database management system, middleware and network.Financial, personal and medical information systems and some areas of government have strict requirements for security and privacy. Inappropriate disclosure of sensitive information to the wrong parties can have severe social, legal and regulatory consequences. Failure to address the basics can result in substantial direct and consequential financial losses - witness the fraud losses through the compromise of several million credit card numbers in merchants’ databases [Occf], plus associated damage to brand-image and loss of consumer confidence.This article discusses some of the main issues in database and web server security, and also considers important architecture and design issues.A Simple ModelAt the simplest level, a web server system consists of front-end software and back-end databases with interface software linking the two. Normally, the front-end software will consist of server software and the network server operating system, and the back-end database will be a relational orobject-oriented database fulfilling a variety of functions, including recording transactions, maintaining accounts and inventory. The interface software typically consists of Common Gateway Interface (CGI) scripts used to receive information from forms on web sites to perform online searches and to update the database.Depending on the infrastructure, middleware may be present; in addition, security management subsystems (with session and user databases) that address the web server’s and related applications’ requirements for authentication, accesscontrol and authorization may be present. Communications between this subsystem and either the web server, middleware or database are via application program interfaces (APIs)..This simple model is depicted in Figure 1.Security can be provided by the following components:• Web server.• Middleware.• Operating system.. Figure 1: A Simple Model.• Database and Database Management System.• Security management subsystem.The security of such a system addressesAspects of authenticity, integrity and confidentiality and is dependent on the security of the individual components and their interactions. Some of the most common vulnerabilities arise from poor configuration, inadequate change control procedures and poor administration. However, even if these areas are properlyaddressed, vulnerabilities still arise. The appropriate combination of people, technology and processes holds the key to providing the required physical and logical security. Attention should additionally be paid to the security aspects of planning, architecture, design and implementation.In the following sections, we consider some of the main security issues associated with databases, database management systems, operating systems and web servers, as well as important architecture and design issues. Our treatment seeks only to outline the main issues and the interested reader should refer to the references for a more detailed description.Database SecurityDatabase management systems normally run on top of an operating system and provide the security associated with a database. Typical operating system security features include memory and file protection, resource access control and user authentication. Memory protection prevents the memory of one program interfering with that of another and limits access and use of the objects employing techniques such as memory segmentation. The operating system also protects access to other objects (such as instructions, input and output devices, files and passwords) by checking access with reference to access control lists. Security mechanisms in common operating systems vary tremendously and, for those that are lacking, there exists special-purpose security software that can be integrated with the existing environment. However, this can be an expensive, time-consuming task and integration difficulties may also adversely impact application behaviors.Most database management systems consist of a number of modules - including database querying and database and file management - along with authorization, concurrent access and database description tables. Thesemanagement systems also use a variety of languages: a data definition language supports the logical definition of the database; developers use a data manipulation language; and a query language is used by non-specialist end-users.Database management systems have many of the same security requirements as operating systems, but there are significant differences since the former are particularly susceptible to the threat of improper disclosure, modification of information and also denial of service. Some of the most important security requirements for database management systems are: • Multi-Level Access Control.• Confidentiality.• Reliability.• Integrity.• Recovery.These requirements, along with security models, are considered in the following sections.Multi-Level Access ControlIn a multi-application and multi-user environment, administrators, auditors, developers, managers and users – collectively called subjects - need access to database objects, such as tables, fields or records. Access control restricts the operations available to a subject with respect to particular objects and is enforced by the database management system. Mandatory access controls require that each controlled object in the database must be labeled with a security level, whereas discretionary access controls may be applied at the choice of a subject.Access control in database management systems is more complicated than in operating systems since, in the latter, all objects are unrelated whereas in a database the converse is true. Databases are also required to make accessdecisions based on a finer degree of subject and object granularity. In multi-level systems, access control can be enforced by the use of views - filtered subsets of the database - containing the precise information that a subject is authorized to see.A general principle of access control is that a subject with high level security should not be able to write to a lower level object, and this poses a problem for database management systems that must read all database objects and write new objects. One solution to this problem is to use a trusted database management system.ConfidentialitySome databases will inevitably contain what is considered confidential data. For example, it could be inherently sensitive or its source may be sensitive, or it may belong to a sensitive table, thus making it difficult to determine what is actually confidential. Disclosure is also difficult to define, as it can be direct, indirect, involve the disclosure of bounds or even mere existence.An inference problem exists in database management systems whereby users can infer sensitive information from relatively insensitive queries. A trivial example is a request for information about the average salary of an employee and the number of employees turns out to be just one, thus revealing the employee’s salary. However, much more sophisticated statistical inference attacks can also be mounted. This highlights the fact that, although the data itself may be properly controlled, confidential information may still leak out.Controls can take several forms: not divulging sensitive information to unauthorized parties (which depends on the respective subject and object security levels), logging what each user knows or masking response data. The first control can be implemented fairly easily, the second quickly becomesunmanageable for a large number of users and the third leads to imprecise responses, and also exemplifies the trade-off between precision and security. Polyinstantiation refers to multiple instances of a data object existing in the database and it can provide a partial solution to the inference problem whereby different data values are supplied, depending on the security level, in response to the same query. However, this makes consistency management more difficult.Another issue that arises is when the security level of an aggregate amount is different to that of its elements (a problem commonly referred to as aggregation). This can be addressed by defining appropriate access control using views.Reliability, Integrity and RecoveryArguably, the most important requirements for databases are to ensure that the database presents consistent information to queries and can recover from any failures. An important aspect of consistency is that transactions execute atomically; that is, they either execute completely or not at all.Concurrency control addresses the problem of allowing simultaneous programs access to a shared database, while avoiding incorrect behavior or interference. It is normally addressed by a scheduler that uses locking techniques to ensure that the transactions are serial sable and independent. A common technique used in commercial products is two-phase locking (or variations thereof) in which the database management system controls when transactions obtain and release their locks according to whether or not transaction processing has been completed. In a first phase, the database management system collects the necessary data for the update: in a second phase, it updates the database. This means that the database can recover from incomplete transactions by repeatingeither of the appropriate phases. This technique can also be used in a distributed database system using a distributed scheduler arrangement.System failures can arise from the operating system and may result in corrupted storage. The main copy of the database is used for recovery from failures and communicates with a cached version that is used as the working version. In association with the logs, this allows the database to recover to a very specific point in the event of a system failure, either by removing the effects of incomplete transactions or applying the effects of completed transactions. Instead of having to recover the entire database after a failure, recovery can be made more efficient by the use of check pointing. It is used during normal operations to write additional updated information - such as logs, before-images of incomplete transactions, after-images of completed transactions - to the main database which reduces the amount of work needed for recovery. Recovery from failures in distributed systems is more complicated, since a single logical action is executed at different physical sites and the prospect of partial failure arises.Logical integrity, at field level and for the entire database, is addressed by the use of monitors to check important items such as input ranges, states and transitions. Error-correcting and error-detecting codes are also used.Security ModelsVarious security models exist that address different aspects of security in operating systems and database management systems. For example, theBell-LaPadula model defines security in terms of mandatory access control and addresses confidentiality only. The Bell LaPadula models, and other models including the Biba model for integrity, are described more fully in [Cast95] and [Pfle89]. These models are implementation-independent and provide a powerfulinsight into the properties of secure systems, lead to design policies and principles, and some form the basis for security evaluation criteria.Web Server SecurityWeb servers are now one of the most common interfaces between users and back-end databases, and as such, their security becomes increasingly important. Exploitation of vulnerabilities in the web server can lead to unforeseen attacks on middleware and backend databases, bypassing any controls that may be in place. In this section, we focus on common web server vulnerabilities and how the authentication requirements of web servers and databases are met.In general, a web server platform should not be shared with other applications and should be the only machine allowed to access the database. Using a firewall can provide additional security - either between the web server and users or between the web server and back-end database - and often the web server is placed on a de-militarized zone (DMZ) of a firewall. While firewalls can be used to block certain incoming connections, they must allow HTTP (and HTTPS) connections through to the web server, and so attacks can still be launched via the ports associated with these connections.VulnerabilitiesVulnerabilities appear on a weekly basis and, here, we prefer to focus on some general issues rather than specific attacks. Common web server vulnerabilities include:• No policy exists.• The default configuration is on.• Reusable passwords appear in clear.• Unnecessary ports available for network services are not disabled.• New security holes are not tracked. Even if they are, well-known vulnerabilities are not always fixed as the source code patches are not applied by system administrator and old programs are not re-compiled or removed.• Security tools are not used to scan the network for weaknesses and changes or to detect intrusions.• Faulty and buggy software - for example, buffer overflow and stack smashingAttacks• Automatic directory listings - this is of particular concern for the interface software directories.• Server root files are generally visible or accessible.• Lack of logs and bac kups.• File access is often not explicitly configured by the system administrator according to the security policy. This applies to configuration, client, administration and log files, administration programs, and CGI program sources and executables. CGI scripts allow dynamic web pages and make program development (in, for example, Perl) easy and rapid. However, their successful exploitation may allow execution of malicious programs, launching ofdenial-of-service attacks and, ultimately, privilege escalation on a server.Web Server and Database AuthenticationWhile user, browser and web server authentication are relatively well understood [Garf97], [Ghos98] and [Tree98], the introduction of additional components, such as databases and middleware, raise a number of authentication issues. There are a variety of options for authentication in a simple model (Figure 1). Firstly, both the web server and database management system can individually authenticate a user. This option requires the user to authenticatetwice which may be unacceptable in certain applications, although a singlesign-on device (which aims to manage authentication in a user-transparent way) may help. Secondly, a common approach is for the database to automatically grant user access based on web server authentication. However, this option should only be used for accessing publicly available information. Finally, the database may grant user access employing the web server authentication credentials as a basis for its own user authentication, using security management subsystems (Figure 1). We consider this last option in more detail.Web-based communications use the stateless HTTP protocol with the implication that state, and hence authentication, is not preserved when browsing successive web pages. Cookies, or files placed on user’s machine by a web server, were developed as a means of addressing this issue and are often used to provide authentication. However, after initial authentication, there is typically no re authentication per page in the same realm, only the use of unencrypted cookies (sometimes in association with IP addresses). This approach provides limited security as both cookies and IP addresses can be tampered with or spoofed.A stronger authentication method, commonly used by commercial implementations, uses digitally signed cookies. This allows additional systems, such as databases, to use digitally signed cookie data, including a session ID, as a basis for authentication. When a user has been authenticated by a web server (using a password, for example), a session ID is assigned and is stored in a security management subsystem database. When a user subsequently requests information from a database, the database receives a copy of the session ID, the security management subsystem checks this session ID against its local copy and, if authentication is successful, user access is granted to the database.The session ID is typically transmitted in the clear between the web server and database, but may be protected by SSL or even by physical security measures. The communications between the browser and web servers, and the web servers and security management subsystem (and its databases), are normally protected by SSL and use a web server security API that is used to digitally sign and verify browser cookies. The communications between the back-end databases and security management subsystem (and its databases) are also normally protected by SSL and use a database security API that verifies session Ids originating from the database and provides additional user authorization credentials. The web server security API is generally proprietary while, for the database security API, many vendors have adopted standards such as the Generic Security Services API (GSS-API) or CORBA [RFC2078] and [Corba].Architecture and DesignSecurity requirements for designing, building and implementing databases are important so that the systems, as part of the overall infrastructure, meet their requirements in actual operation. The various security models provide an important insight into the design requirements for databases and their management systems.Secure Database Management System ArchitecturesIn multi-level database management systems, a variety of architectures are possible: trusted subject, integrity locked, kernels and replicated. Trusted subject is used by most of the leading database management system vendors and can be integrated in existing products. Basically, the trusted subject architecture allows users to access a database via an un trusted front-end, a trusted database management system and trusted operating system. The operating systemprovides physical access to the database and the database management system provides multilevel object protection.The other architectures - integrity locked, kernels and replicated - all vary in detail, but they use a trusted front-end and an un trusted database management system. For details of these architectures and research prototypes, the reader is referred to [Cast95]. Different architectures are suited to different environments: for example, the trusted subject architecture is less integrated with the underlying operating system and is best suited when a trusted path can be assured between applications and the database management system.Secure Database Management System DesignAs discussed above, there are several fundamental differences between operating system and database management system design, including object granularity, multiple data types, data correlations and multi-level transactions. Other differences include the fact that database management systems include both physical and logical objects and that the database lifecycle is normally longer.These differences must be reflected in the design requirements which include:• Access, flow and infer ence controls.• Access granularity and modes.• Dynamic authorization.• Multi-level protection.• Polyinstantiation.• Auditing.• Performance.These requirements should be considered alongside basic information integrity principles, such as:• Well-formed transactions - to ensure that transactions are correct and consistent.• Continuity of operation - to ensure that data can be properly recovered, depending on the extent of a disaster.• Authorization and role management – to ensure that distinct roles are defined and users are authorized.• Authenticated users - to ensure that users are authenticated.• Least privilege - to ensure that users have the minimal privilege necessary to perform their tasks.• Separation of duties - to ensure that no single individual has access to critical data.• Delegation of authority - to ensure that the database management system policies are flexible enough to meet the organization’s requirements.Of course, some of these requirements and principles are not met by the database management system, but by the operating system and also by organizational and procedural measures.Database Design MethodologyVarious approaches to design exist, but most contain the same main stages. The principle aim of a design methodology is to provide a robust, verifiable design process and also to separate policies from how policies are actually implemented. An important requirement during any design process is that different design aspects can be merged and this equally applies to security.A preliminary analysis should be conducted that addresses the system risks, environment, existing products and performance. Requirements should then beanalyzed with respect to the results of a risk assessment. Security policies should be developed that include specification of granularity, privileges and authority.These policies and requirements form the input to the conceptual design that concentrates on subjects, objects and access modes without considering implementation details. Its purpose is to express information and process flows in a complete and consistent way.The logical design takes into account the operating system and database management system that will be used and which of the security requirements can be provided by which mechanisms. The physical design considers the actual physical realization of the logical design and, indeed, may result in a revision of the conceptual and logical phases due to physical constraints.Security AssuranceOnce a product has been developed, its security assurance can be assessed by a number of methods including formal verification, validation, penetration testing and certification. For example, if a database is to be certified as TCSEC Class B1, then it must implement the Bell-LaPadula mandatory access control model in which each controlled object in the database must be labeled with a security level.Most of these methods can be costly and lengthy to perform and are typically specific to particular hardware and software configurations. However, the international Common Criteria certification scheme provides the added benefit of a mutual recognition arrangement, thus avoiding the prospect of multiple certifications in different countries.ConclusionThis article has considered some of the security principles that are associated with databases and how these apply in a web based environment. Ithas also focused on important architecture and design principles. These principles have focused mainly on the prevention, assurance and recovery aspects, but other aspects, such as detection, are equally important in formulating a total information protection strategy. For example, host-based intrusion detection systems as well as a robust and tested set of business recovery procedures should be considered.Any fit-for-purpose, secure e-business infrastructure should address all the above aspects: prevention, assurance, detection and recovery. Certain industries are now starting to specify their own set of global, secure e-business requirements. International card payment associations have recently started to require minimum information security standards from electronic commerce merchants handling credit card data, to help manage fraud losses and associated impacts such as brand-image damage and loss of consumer confidence.网络环境下的数据库安全简介数据库在政府部门和商业机构得到普遍应用已经很多年了。

毕业论文外文文献翻译毕业论文题目互联网金融模式下的内部审计研究翻译题目银行业是必要的而银行不是，互联网时代的金融中介的未来学院会计学院专业会计学姓名朱艳琦班级10140611 学号10147919 指导教师毛以奇译文银行业是必要的而银行不是，互联网时代的金融中介机构的未来摘要本文探讨了互联网时代下金融机构和银行作为特殊的金融机构的未来可能是怎样的问题。

由于互联网而导致的交易费用的减少会降低进入金融产品市场的壁垒，因为有可能不再需要运行成本密集型的分支的大型系统。

但是，对金融机构的职能研究表明，不是每个人都可以销售和经销金融产品。

这是真的，因为金融业务中的信息不对称问题需要一个拥有良好信誉的中介，也因为需要限制大型资本基金转换资产的风险。

这两个要求变现了进入金融中介市场的重要壁垒。

并不是每一个金融产品会因为互联网的崛起而将面临更多的竞争，只有那些标准化和低风险的产品。

此外，那些拥有可观资本和良好声誉的大公司可能被视为银行的新竞争者。

关键字：银行业，银行，金融机构，互联网1、引言“银行业是19世纪的钢铁行业。

”当谈到关于新的信息技术对银行的影响的谈论时，这句话经常被提起。

更一般来说，可能有人会问，新信息技术是如何成功的，特别是互联网的，可能会改变商业和金融机构的市场情况。

在互联网的帮助下，人们可以执行所有银行的业务，而不需要银行。

这意味着传统银行分支机构的中介。

此外，互联网已经使客户直接从网上购买股票而不需要访问当地的分支银行。

从更广泛的意义上来说，在互联网的帮助下，金融市场的供给和需求可能通过互联网满足，而不需要金融中介机构。

互联网的崛起是否真的是金融中介机构的威胁？在急剧减少的交易成本情况下，商业和竞争将如何变化？本文考察了互联网的成功对金融机构和银行的影响。

2、金融机构的发展几个世纪以来，许多金融交易需要个人的存在。

随着现代信息技术的发展，这些都被改变了。

如今，客户可以在不进入当地分支银行的情况下进行任何金融交易。

P2P互联网金融外文翻译文献P2P互联网金融外文翻译文献(文档含中英文对照即英文原文和中文翻译)译文：P2P 金融下的中小企业融资摘要中小企业融资难是世界性难题。

文章介绍了互联网金融的概念，重点概括了 P2P 金融在科技和金融创新融合方面的发展，综合了现在学术界对 P2P 金融研究的五大方向方面的各种观点和见解。

指出了当前 P2P 金融发展的突出问题风险控制，并对互联网金融的大趋势进行了分析。

关键词: P2P金融; 金融创新; 风险管控1引言从企业发展的历史看，大型企业都来源于中小企业。

中小企业是国民经济中最具活力的部分，往往走在技术发展的最前端，在高科技产业、清洁能源、绿色经济等方面都有很好的业绩，在经济转型中发挥着巨大作用。

中小企业融资难是世界性难题。

这些中小企业融资环境和渠道狭窄，有 60% 以上无法获得银行贷款。

目前，科技型企业又有轻资产的特点，融资困境，成为困扰可持续发展的巨大瓶颈。

2 互联网金融的概念近两年来，互联网金融呈现井喷式发展， 2014 年以来，互联网金融板块表现强势。

当前经济领域存在两个特别矛盾的现象，一是中小企业在企业总数中占比很大，但普遍存在融资难的问题; 二是民间闲散资金多，但除了股市和房市，往别的领域投资很难。

而以互联网、大数据、云计算为基础和高度契合市场引领的互联网金融的发展，对于解决这两个难题，更好地为实体经济，尤其是中小企业发展创造良好的金融环境，也为中国在国际竞争当中实现弯道超车起到重要作用。

互联网金融除了掌握客户端外，还便于做好上游资本供给方、下游资本使用方点与点的整合，结合互联网的其中特质( P2P) 及金融的本质( 资本) 。

依托互联网金融的发展，金融供给能力得以提高，包容性得以增强，可以动员更多的金融资源，覆盖面更广，覆盖度更多，满足更分散、更多元化的需求。

互联网金融最狭隘的概念就是 P2P( Peer-to-Peer Lend-ing) 金融平台，P2P 模式的核心是: 在这个具有资质的网站平台上，借款人发出借贷信息，并提供借贷项目的具体情况、借款人的相关诚信及经济实力等有关信息; 投资人根据平台上提供的信息，进行决策，最后做出向借款人发放贷款的决定。

电子银行风险管理互联网金融外文文献翻译2013年3000多字E-banking has brought about a new set of risks for financial XXX risks include fraud。

processing errors。

system ns。

and other unforeseen events that can result in the XXX products or services。

It is XXX of the n to the customer and the n。

and to XXX.2.Risk management in e-bankingEffective risk management in e-XXX and analyzing potential risks。

XXX risks。

XXX.3.Security measures in e-bankingns should XXX controls。

n。

firewalls。

XXX systems。

and regular security testing and assessments.4.XXXXXX measures。

XXX passwords。

avoiding phishing scams。

XXX.5.nOverall。

effective risk management is essential for financial XXX。

ns XXX.XXX access accounts。

conduct ns。

and obtain n on financial products and services via public or private orks。

including the。

and mobile phones。

Customers can use us electronic devices。

文献出处：Monastiriotis V, Hardiman N. Austerity measures in crisis countries—results and impact on mid-term development[J]. Intereconomics, 2015, 8(5): 19-32.原文The Commercial bank development strategy under the background of InternetfinancializationMonastiriotis V, Hardiman NAbstractRepresented by the Internet in the modern information technology, especially the third-party payment, mobile payment，social network, search engines, big data and cloud computing, has a disruptive influence on many areas of human economic life (such as book, music, retailing etc.). It also has a significant impact on the business mode，profit mode and service mode of traditional commercial banks. Internet financial has gained rapid development in 2003. On the one hand, taking the advantage of information, electronic commerce companies extend the business to the financial areas, such as third-party payment and network leading etc. On the other hand, large commercial banks constantly innovate; accelerate the development and product marketing of e-commerce, mobile payment and other businesses, to supply a variety of financial products and services.Keywords: Internet finance; City commercial bank; Business development strategy1 Introduction1.1 The Internet financial financialization and the InternetGeneralized financial refers to the issue of all and credit currency, storage, exchange, settlement and financing related economic activity; And narrow sense of financial, generally refers to the accommodation of monetary, so-called monetary accommodation, refers to the funds in various financing transfer process between market subjects. This article take the narrow financial, that is to say, financing based on the Internet to achieve financial methods can be called the Internet.The financialization of the Internet for Internet companies, especially e-commerce platform company as a platform of merchants provide more value-addedservices such as payment, investment and financing, such as financial services, is married and some financial functions, namely Internet financialization.1.2 The financial Internet, finance, Internet and direct bankFinancial Internet refers to the traditional commercial Banks face the Internet enterprise competition, have to strengthen the business transformation to respond, one is through the strength of the business and product innovation, to carry out online banking, telephone banking, mobile banking, mobile payments and other business, traditional business network, mobile; The second is to speed up the self-built e-commerce platform construction, relying on local Internet financial platform at the same time of improving customer value, to conduct their own financial business;3 it is combined with the spirit of the Internet, establish direct bank; Four is to strengthen the cooperation with the electric business enterprise, Internet financial products, seizes the market. The Internet of financial is to part or all of the financial products with the help of Internet, mobile network to complete the purchase and sale of products.And direct bank is to point to by the entity business network media, such as mail, telephone, fax, Internet, mobile terminals and the interactive TV and so on, realizes the banking center and terminal customer directly for business operators. Although the traditional commercial Banks have been widely used in the mail, telephone, Internet marketing methods and tools, such as set up "online banking", "bank" and "mobile banking" business model, but the business model, compared with the traditional entity bank is only a complement to the physical network and auxiliary, independence from physical network does not exist. And direct bank is an independent organization and staffing, its business development and marketing to the counter and physical entity branch for the premise and foundation, therefore has the personnel, organization, cost and other significant advantages of small, less than physical locations to provide customers with more favorable interest rate and lower cost of financial products and services.2 Origin and current situation of the development of the financialization of the Internet2.1 The origin of the Internet financializationInternet financialization is Internet companies (usually is the financial industry of third parties) to provide financial services to the public, is due to the electronic commerce development needs, is the combination of Internet technology with traditional financial products emerging. Its original main business model for third-party payment, with the continuous development of e-commerce market, in the network settlement, especially in the C2C (Consumer - to - Consigner, namely individual to consumers) mode, consumers could not be in when ordering goods directly confirm elements such as quality of product design, in order to complete the payment risks; And sellers before not yet received payment for goods delivery, also there is a risk of bad debts, which are both consumers and sellers tend to invite all trusted third party as intermediary involved in trading, the trading funds supervision and keeping. Thus it can be seen that the Internet financial services initially mainly through third-party payment to participate in online trading, so as to make the online payment is more convenient, safe.2.2 Internet financialization development present situationAt present, according to the research of the related data, financialization market all over the Internet, the third party payment account for most of the share, proportion reached 76. 3%.In general the more advanced the country, the higher the degree of attention to the financial products, the higher the proportion of online shopping and online payment, the higher the volume also of the third-party payment.P2P network financing small loans came in second, 11.2%.Network financing the raise pattern was ranked third, 9.8%.And new type electronic money 0.5%, mainly because the new currency on the obtained people's trust is low, can not get effective recognition of the government, its share is not high. Since 2011, China's domestic Internet financialization rapid business development, but with a delay time, the Internet financialization has just started, a lot of policy haven't reach the designated position, the current development of the best is still a third-party payment. According to estimate speed way research institute, and the current domestic third-party payment transactions accounted for the proportion of Internet financial will reach more than 95%, became the mainstay of the Internet financialization.3.1 Direct bank development is introduced3.1.1 Bank of ING directs (ING Dib).ING direct bank is Germany's first "direct bank", is one of the biggest "direct bank" of Germany and the European, the predecessor was founded in 1965, BSV bank. It can be seen the development process of Germany a microcosm of the development of the "direct bank".ING direct bank is now the world's largest integrated financial services group ING (ING) is a wholly owned subsidiary. It provides financial products or services to the customers mainly include: checking accounts, savings accounts, personal real estate finance, intermediary business, the installment and so on. The bank set up nearly 1200 tams, the number of ATM ranked fifth in the German Banks, are mainly distributed in gas station, large super.In the city and home appliance stores. In addition, the bank customers can also use their own credit card, VISA in any marked signs of ATM withdrawals for free. Calculated on total assets, ING direct selling at deutsche bank in the top ranking 21st 2008, more than 2007 years ago in 10.According to the bank's annual report in 2009, as of December 31, 2009, the bank has 6.47 million clients in Germany, Austria customer 400000 Yuan; Company existing staff 2750 people, the company's total assets is 87.7 billion euro, equity of 4.8 billion euros.3.1.2 German credit bank (DKB)Credit bank (DKB), Germany is a subsidiary Bayer state Banks, the headquarters is located in Berlin. Bank was established in March 1990, is a former democratic Germany after the establishment of the first non-state bank, 1995 buyout by Bayer Munich state Banks. The bank currently few branches, the target customer groups, including individuals and corporate clients and government agencies, entirely by "direct bank" personal banking business. Hold the bank credit card customers in any place with VISA logo free ATM cash. In addition, it also has some professional company engaged in the personal financial services, for example, in the east, the real estate finance company offices in 15 cities;3.2 Direct bank characteristics in GermanyMostly by bank group holdings, Germany "direct bank", for the most part, arewholly owned or holding subsidiaries of bank group. Direct bank flattening organization structure, the German bank "direct" the vast majority of Banks have little or no entity branch network, the bank staff background directly communicate with end customer and business, fully embodies the "direct" characteristics. Flattening organization structure for the bank to save a large amount of operating expenses and costs, which could provide more high quality financial products and services to the customers. Compared with the traditional bank of similar assets, employees generally less, "direct bank" assets and deposit amount per person than the average traditional bank is much higher.Some Banks such as Netcom even only 20 or 30 people is enough to maintain the good operation of the bank. Is given priority to with personal financial business, Germany "direct bank" because of the limitation of business to handle the way is very difficult for the customer provide personalized financial services, provide standardized financial products mainly for individual customers. At present, the German bank "direct" mainly provides the following business: demand deposits and transfers, savings and consumption installment, online payment, credit card business, securities investment, real estate, financing, etc.Fully based on a virtual network and external network platform, the German bank "direct" most of the financial services can be done via the Internet, the business is mainly based on Internet platform.” Direct bank" in addition to relying on the Internet this virtual network, also can borrow other entity unit network channels to handle business. In the process of a customer account, for example, by means of spread over the post office network channels to the customer in "direct bank" check the system and registered permanent residence of the chariot, entrust postal service hall to complete the local post office. In addition, most of the "direct bank" is the site of the ATM by other financial institutions to meet the requirements of customers' cash, only individual larger "direct bank" set up own ATM machine, such as the Netherlands international direct bank, the other is either to join the ATM alliance, such as "cash group of union" or "union" cash pool, either can provide customers with free debit VISA or mastercard.译文互联网金融化背景下商业银行发展策略研究Monastiriotis V, Hardiman N摘要以互联网为代表的现代信息技术，特别是第三方支付、移动支付、社交网络、搜索引擎、大数据和云计算等，已经对人类经济生活中多个领域（如图书、音乐、商品零售）产生了颠覆性的影响，并将对传统商业银行的经营模式、盈利模式和服务模式产生重要影响。

互联网金融的发展英语作文The Development of Internet Finance。

Introduction。

The rapid advancement of technology has revolutionized various aspects of our lives, including the financial sector. Internet finance, also known as online finance or fintech, refers to the use of technology and the internet to provide financial services. Over the years, internet finance has experienced significant growth and has become an integral part of the global financial system. This essay will explore the development of internet finance, its impact on traditional financial institutions, and the challenges and opportunities it presents.Development of Internet Finance。

The development of internet finance can be traced back to the late 1990s when online banking services emerged.However, it was not until the 2000s that internet finance began to gain momentum. The rise of e-commerce platforms, such as Alibaba and Amazon, paved the way for the development of online payment systems. This led to the creation of various online payment platforms, such as PayPal and Alipay, which allowed individuals and businesses to make secure online transactions.Furthermore, the introduction of peer-to-peer (P2P) lending platforms in the early 2000s revolutionized the lending industry. P2P lending platforms connect borrowers directly with lenders, eliminating the need for traditional financial intermediaries. This not only providedindividuals and small businesses with easier access to credit but also offered investors an alternative investment opportunity.The development of internet finance continued to accelerate with the emergence of crowdfunding platforms, mobile payment services, and digital currencies. Crowdfunding platforms, such as Kickstarter and Indiegogo, allowed individuals and businesses to raise funds for theirprojects from a large number of people. Mobile payment services, such as Apple Pay and WeChat Pay, enabled users to make payments using their smartphones, eliminating the need for physical cash or cards. Digital currencies, such as Bitcoin and Ethereum, introduced the concept of decentralized and secure transactions using blockchain technology.Impact on Traditional Financial Institutions。