互联网金融中英文对照外文翻译文献

文献出处: Waitz M. The small and medium-sized enterprise financing under P2P finance [J]. Journal of Business Research, 2016, 8(6): 81-91.原文The small and medium-sized enterprise financing under P2P financeWaitz MAbstractSmall and medium-sized enterprise financing difficult is worldwide difficult problem. Article introduces the concept of the Internet financial, mainly summarized the P2P financial in the development of financial innovation and integration of science and technology, a combination of academic research on P2P financial now of the five directions of various views and opinions. Points out the current P2P financial problems in the development of risk control, and analyses the trend of the Internet financial.Keywords: P2P financial; Financial innovation; Risk control1 IntroductionLook from the history of enterprise development, a large enterprise originate from small and medium-sized enterprises. Small and medium-sized enterprises (smes) is the most dynamic part of the national economy, often walk in the forefront of technology development, in the high-tech industry, clean energy, green economy, etc, have good performance, play an important role in the economic transformation. Small and medium-sized enterprise financing difficult is worldwide difficult problem. These small and medium-sized enterprise financing environment and narrow channels, more than 60% are unable to get a bank loan. At present, science and technology enterprises and the characteristics of light assets, financing difficulties, become a huge bottleneck of sustainable development.2 The concept of the Internet financialIn the past two years, the Internet financial show explosive growth, since 2014, the Internet financial sector performance strength. Current economic field exists the phenomenon of two special contradiction, one is the small and medium-sizedenterprises in the total number of enterprises accounted for a large, but the universal problems of financing difficulties; Second, folk idle capital, but in addition to the stock market and housing market, it is difficult to invest in other areas. And on the basis of the Internet, cloud computing, big data and highly fit market leads the development of the Internet financial, to solve these two problems, better serve the real economy, especially small and medium-sized enterprise development to create a good financial environment, but also for China's overtaking play an important role in the implementation of international competition corners.Internet financial besides master client, also facilitate completes the upstream suppliers, downstream capital use party, the integration of point and point, combining with the characteristics of the Internet (P2P) and the nature of financial (capital).Based on the development of the Internet financial, financial supply ability is improved, inclusive to strengthen, can mobilize more financial resources, broader, more coverage, more decentralized, more diversified needs.The Internet the most narrow financial concept is P2P (Peer - to - Peer Lend - ing) financial platform, the core of the P2P model is: on the web site has a qualification platform, the borrower credit information, and provide the loan project specific situation, the borrower's integrity and economic strength and other related information; Investors according to the platform to provide information, make decisions, and finally made a decision of to make loans to borrowers.P2P finance is a new kind of financial model, through the Internet and large data, make to minimize the asymmetric information, this new financing channels, for individuals and businesses to provide great convenience, is a beneficial supplement of the existing banking system. Peer-to-peer (P2P) had a great influence on financial business in China. Traditional banking business model, mainly is the savings and loan business, P2P entirely new business models, deconstructs the traditional banking business model, breaking the monopoly of state-owned Banks, to a certain extent, in the form of fragmentation added to the drawback of the market.P2P financial innovation of science and technology and financial integration development, the release of the science and technology system reform and the doubledividend of financial reform, to introduce more financial products to serve the scientific and technological innovation, support the development of science and technology enterprises, solve to create light assets of small and mid-sized enterprise multidimensional financing difficulties; Also is helpful for financial innovation, find new investment direction, in order to obtain a higher return on investment.In 2005, the world's first P2P Zopa, a financial company (Zone of Possi - ble Agreement) was founded in London. In 2006, the United States, the first a P2P financial company Prosper founded in California. In 2007, our country the first P2P finance company established on credit, at present, the P2P financial firms more than more than 300, traded as high as more than 200 one hundred million. Financial risk is a highly amplified industry, P2P financial with convenient Internet natural attributes, but relative to the traditional financial institutions, financial in the Internet's openness also determines the P2P web site platform, information security, etc, could be affected by a great deal of challenges, risk control will be more pressure.3 The five direction of current P2P financial3.1 What is: it is subversive or supplementaryHas view: P2P financial is the innovation of the Internet with the traditional financial integration, at present is still in the stage of integration, there are a lot of problems, problems are not terrible, problems can also be seen as a contradiction, the process to solve the problem, is to promote the process of developing a new thing, this is the necessary stage P2P financial growth. To correctly treat the present P2P financial problems and drawbacks: a guide; Second, we must avoid risk. Only in this way, will lead to financial and the Internet have more innovation, to the prosperity of the rational.3.2 What: high-end service grassroots or serviceComprehensive research achievements of this direction, mainly has the following kinds of views and opinions. Has view: is a multi-level capital market, the P2P finance is one of the components, compared with traditional financial companies, should follow the development way of differentiation and mainly for the financing difficulties of small and medium-sized enterprise service. View: P2P financial if theservice object, mostly low risk customers, then there will be a problem, must do a certain size, can have a better economic returns, and to do a certain size, must put the human cost, time cost and the cost of capital, the same small P2P financial companies, will form a lot of pressure, therefore, some P2P financial enterprises gradually became the "pool", big customers, lending if big client management problems, is easy to appear P2P financial risk, and even lead to P2P financial business owners "run". So P2P financial enterprises, should do more small loans, don't dabble in big customers, big customer risk is too big, not P2P financial companies can undertake. And do more small loans, the cost is lower than the bank, have a competitive advantage.3.3 How to do: innovation mode of risk preventionComprehensive research achievements of this direction, mainly has the following kinds of views and opinions. The argument goes, the Internet technology and the integration of financial haven't reached a very reasonable, scientific, P2P financial there will be many new problems. And when the P2P financial after reaching a certain size, risk control will be the key to the healthy development of the P2P financial. If the P2P financial regulation, also will become a important test of P2P regulators wisdom. Have a view is: to the P2P financial risk control, should start from to the customer credit, credit reporting system perfect, to both sides of the docking loans, although to do so is very hard, but can avoid many risks, guarantee the healthy development of the financial industry, the P2P.At the same time, to clear the main body of industry regulations, for the convenience of management, appendage management should be implemented.3.4 Who is going to do: working in the financial sector or non-financial areasComprehensive research achievements of this direction, mainly has the following kinds of views and opinions. The argument goes, P2P financial done by a team with a finance background is better; Due to the P2P finance is based on the Internet, with Internet gene, so the team should have the knowledge and skills of specialized personnel to participate in the Internet. View: P2P financial can be developed from the traditional financial transformation, also can by Internet companies innovation, finally formation of the team, must have both the financial and investment knowledge, andthe Internet. Knowledge of finance and investment aspects of the personnel, in accordance with the rules of the financial industry control risk; The persons with Internet knowledge, according to the rules of the network industry big data analysis, selected customers for sales, customer maintenance, at the same time do a good job in network security. View: P2P financial represents the future direction of financial development, some commercial Banks now also vigorously develop P2P financial, but at the same time to prevent the transfer of risk to the banking system, increased regulation of lending to P2P network platform.3.5 How to pipe: cross-border development and supervised respectivelyHas view: P2P financial, in essence, is still a financial, compared with the traditional industry, is only the change of the financial model, so must be regulated. If not strengthen supervision, can appear the problem such as run, adverse to the healthy development of the industry, and easy to bring serious social problems, affect social stability. View: in research regulation, there should be a state investment fund, to support the top in the field of technology innovation.P2P financial as a new financial form, to the top ahead of research and development, to prevent the banking system similar to the problem now. The argument goes: Europe, the United States based on large data of individual credit reporting system is relatively developed, can effectively prevent fraud. One is to establish individual credit system as soon as possible. The second is to establish P2P lending related laws and regulations as soon as possible. Three is to strengthen self-discipline of the P2P lending industry. Four is entry qualifications have to be very clear, the implementation system of archival filing registration.译文P2P 金融下的中小企业融资Waitz M摘要中小企业融资难是世界性难题。

互联网金融电子银行外文文献翻译2014年译文3050字大数据Finance's Impact on nal FinanceAbstract:As we enter the era of web 2.0.banks now have full access to the。

age。

The large amount of data available on the。

has a profound effect on the XXX。

XXX。

The。

has brought about a new era of financial development。

with the rapid growth of。

XXX。

this growth has also XXX。

talent resources。

and system XXX are just a few of the XXX finance。

The development of。

XXX。

With the rise of。

companies。

XXX of the financial industry。

The。

has created a new market for financial services。

and XXX。

This has led to XXX。

The。

has XXX With the large amount of data available on the。

banks can now use this data to better XXX services。

This has led to XXX。

However。

XXX XXX。

In n。

the growth of。

finance has led to XXX around the world are now paying closer n to the financial industry。

互联网金融视角下的电子货币与货币政策外文文献翻译2014年译文3500字Electronic currency has emerged as a new form of currency with the rise of electronic commerce。

It is ing increasingly popular as a means of payment and currency around the world。

However。

the development of electronic currency and its use has XXX and problems。

XXX.3 The development of electronic currencyThe development of electronic currency can be traced back to the 1970s。

with the XXX (EFTS)。

XXX。

it wasn't until the rise of the。

and electronic commerce in the 1990s that electronic currency truly began to take off。

The n of digital currencies。

such as Bitcoin。

has also contributed to the growth of electronic currency.4 The use of electronic currencyElectronic currency is being used in a variety of ways。

from online shopping to peer-to-XXX over nal currency。

includinglower n XXX。

互联网金融安全中英文对照外文翻译文献中英文对照外文翻译文献(文档含英文原文和中文翻译)Database Security in a Web Environment IntroductionDatabases have been common in government departments and commercial enterprises for many years. Today, databases in any organization are increasingly opened up to a multiplicity of suppliers, customers, partners and employees - an idea that would have been unheard of a few years ago. Numerous applications and their associated data are now accessed by a variety of users requiring different levels of access via manifold devices and channels – often simultaneously. For example:• Online banks allow customers to perform a variety of banking operations - via the Internet and over the telephone – whilst maintaining the privacy of account data.• E-Commerce merchants and their Service Providers must store customer, order and payment data on their merchant server - and keep it secure.• HR departments allow employees to update their personal information –whilst protecting certain management information from unauthorized access.• The medical profession must protect the confidentiality of patient data –whilst allowing essential access for treatment.• Online brokerages need to be able to provide large numbers of simultaneous users with up-to-date and accurate financial information.This complex landscape leads to many new demands upon system security. The global growth of complex web-based infrastructures is driving a need for security solutions that provide mechanisms to segregate environments; perform integrity checking and maintenance; enable strong authentication andnon-repudiation; and provide for confidentiality. In turn, this necessitates comprehensive business and technical risk assessment to identify the threats,vulnerabilities and impacts, and from this define a security policy. This leads to security definitions throughout the infrastructure - operating system, database management system, middleware and network.Financial, personal and medical information systems and some areas of government have strict requirements for security and privacy. Inappropriate disclosure of sensitive information to the wrong parties can have severe social, legal and regulatory consequences. Failure to address the basics can result in substantial direct and consequential financial losses - witness the fraud losses through the compromise of several million credit card numbers in merchants’ databases [Occf], plus associated damage to brand-image and loss of consumer confidence.This article discusses some of the main issues in database and web server security, and also considers important architecture and design issues.A Simple ModelAt the simplest level, a web server system consists of front-end software and back-end databases with interface software linking the two. Normally, the front-end software will consist of server software and the network server operating system, and the back-end database will be a relational orobject-oriented database fulfilling a variety of functions, including recording transactions, maintaining accounts and inventory. The interface software typically consists of Common Gateway Interface (CGI) scripts used to receive information from forms on web sites to perform online searches and to update the database.Depending on the infrastructure, middleware may be present; in addition, security management subsystems (with session and user databases) that address the web server’s and related applications’ requirements for authentication, accesscontrol and authorization may be present. Communications between this subsystem and either the web server, middleware or database are via application program interfaces (APIs)..This simple model is depicted in Figure 1.Security can be provided by the following components:• Web server.• Middleware.• Operating system.. Figure 1: A Simple Model.• Database and Database Management System.• Security management subsystem.The security of such a system addressesAspects of authenticity, integrity and confidentiality and is dependent on the security of the individual components and their interactions. Some of the most common vulnerabilities arise from poor configuration, inadequate change control procedures and poor administration. However, even if these areas are properlyaddressed, vulnerabilities still arise. The appropriate combination of people, technology and processes holds the key to providing the required physical and logical security. Attention should additionally be paid to the security aspects of planning, architecture, design and implementation.In the following sections, we consider some of the main security issues associated with databases, database management systems, operating systems and web servers, as well as important architecture and design issues. Our treatment seeks only to outline the main issues and the interested reader should refer to the references for a more detailed description.Database SecurityDatabase management systems normally run on top of an operating system and provide the security associated with a database. Typical operating system security features include memory and file protection, resource access control and user authentication. Memory protection prevents the memory of one program interfering with that of another and limits access and use of the objects employing techniques such as memory segmentation. The operating system also protects access to other objects (such as instructions, input and output devices, files and passwords) by checking access with reference to access control lists. Security mechanisms in common operating systems vary tremendously and, for those that are lacking, there exists special-purpose security software that can be integrated with the existing environment. However, this can be an expensive, time-consuming task and integration difficulties may also adversely impact application behaviors.Most database management systems consist of a number of modules - including database querying and database and file management - along with authorization, concurrent access and database description tables. Thesemanagement systems also use a variety of languages: a data definition language supports the logical definition of the database; developers use a data manipulation language; and a query language is used by non-specialist end-users.Database management systems have many of the same security requirements as operating systems, but there are significant differences since the former are particularly susceptible to the threat of improper disclosure, modification of information and also denial of service. Some of the most important security requirements for database management systems are: • Multi-Level Access Control.• Confidentiality.• Reliability.• Integrity.• Recovery.These requirements, along with security models, are considered in the following sections.Multi-Level Access ControlIn a multi-application and multi-user environment, administrators, auditors, developers, managers and users – collectively called subjects - need access to database objects, such as tables, fields or records. Access control restricts the operations available to a subject with respect to particular objects and is enforced by the database management system. Mandatory access controls require that each controlled object in the database must be labeled with a security level, whereas discretionary access controls may be applied at the choice of a subject.Access control in database management systems is more complicated than in operating systems since, in the latter, all objects are unrelated whereas in a database the converse is true. Databases are also required to make accessdecisions based on a finer degree of subject and object granularity. In multi-level systems, access control can be enforced by the use of views - filtered subsets of the database - containing the precise information that a subject is authorized to see.A general principle of access control is that a subject with high level security should not be able to write to a lower level object, and this poses a problem for database management systems that must read all database objects and write new objects. One solution to this problem is to use a trusted database management system.ConfidentialitySome databases will inevitably contain what is considered confidential data. For example, it could be inherently sensitive or its source may be sensitive, or it may belong to a sensitive table, thus making it difficult to determine what is actually confidential. Disclosure is also difficult to define, as it can be direct, indirect, involve the disclosure of bounds or even mere existence.An inference problem exists in database management systems whereby users can infer sensitive information from relatively insensitive queries. A trivial example is a request for information about the average salary of an employee and the number of employees turns out to be just one, thus revealing the employee’s salary. However, much more sophisticated statistical inference attacks can also be mounted. This highlights the fact that, although the data itself may be properly controlled, confidential information may still leak out.Controls can take several forms: not divulging sensitive information to unauthorized parties (which depends on the respective subject and object security levels), logging what each user knows or masking response data. The first control can be implemented fairly easily, the second quickly becomesunmanageable for a large number of users and the third leads to imprecise responses, and also exemplifies the trade-off between precision and security. Polyinstantiation refers to multiple instances of a data object existing in the database and it can provide a partial solution to the inference problem whereby different data values are supplied, depending on the security level, in response to the same query. However, this makes consistency management more difficult.Another issue that arises is when the security level of an aggregate amount is different to that of its elements (a problem commonly referred to as aggregation). This can be addressed by defining appropriate access control using views.Reliability, Integrity and RecoveryArguably, the most important requirements for databases are to ensure that the database presents consistent information to queries and can recover from any failures. An important aspect of consistency is that transactions execute atomically; that is, they either execute completely or not at all.Concurrency control addresses the problem of allowing simultaneous programs access to a shared database, while avoiding incorrect behavior or interference. It is normally addressed by a scheduler that uses locking techniques to ensure that the transactions are serial sable and independent. A common technique used in commercial products is two-phase locking (or variations thereof) in which the database management system controls when transactions obtain and release their locks according to whether or not transaction processing has been completed. In a first phase, the database management system collects the necessary data for the update: in a second phase, it updates the database. This means that the database can recover from incomplete transactions by repeatingeither of the appropriate phases. This technique can also be used in a distributed database system using a distributed scheduler arrangement.System failures can arise from the operating system and may result in corrupted storage. The main copy of the database is used for recovery from failures and communicates with a cached version that is used as the working version. In association with the logs, this allows the database to recover to a very specific point in the event of a system failure, either by removing the effects of incomplete transactions or applying the effects of completed transactions. Instead of having to recover the entire database after a failure, recovery can be made more efficient by the use of check pointing. It is used during normal operations to write additional updated information - such as logs, before-images of incomplete transactions, after-images of completed transactions - to the main database which reduces the amount of work needed for recovery. Recovery from failures in distributed systems is more complicated, since a single logical action is executed at different physical sites and the prospect of partial failure arises.Logical integrity, at field level and for the entire database, is addressed by the use of monitors to check important items such as input ranges, states and transitions. Error-correcting and error-detecting codes are also used.Security ModelsVarious security models exist that address different aspects of security in operating systems and database management systems. For example, theBell-LaPadula model defines security in terms of mandatory access control and addresses confidentiality only. The Bell LaPadula models, and other models including the Biba model for integrity, are described more fully in [Cast95] and [Pfle89]. These models are implementation-independent and provide a powerfulinsight into the properties of secure systems, lead to design policies and principles, and some form the basis for security evaluation criteria.Web Server SecurityWeb servers are now one of the most common interfaces between users and back-end databases, and as such, their security becomes increasingly important. Exploitation of vulnerabilities in the web server can lead to unforeseen attacks on middleware and backend databases, bypassing any controls that may be in place. In this section, we focus on common web server vulnerabilities and how the authentication requirements of web servers and databases are met.In general, a web server platform should not be shared with other applications and should be the only machine allowed to access the database. Using a firewall can provide additional security - either between the web server and users or between the web server and back-end database - and often the web server is placed on a de-militarized zone (DMZ) of a firewall. While firewalls can be used to block certain incoming connections, they must allow HTTP (and HTTPS) connections through to the web server, and so attacks can still be launched via the ports associated with these connections.VulnerabilitiesVulnerabilities appear on a weekly basis and, here, we prefer to focus on some general issues rather than specific attacks. Common web server vulnerabilities include:• No policy exists.• The default configuration is on.• Reusable passwords appear in clear.• Unnecessary ports available for network services are not disabled.• New security holes are not tracked. Even if they are, well-known vulnerabilities are not always fixed as the source code patches are not applied by system administrator and old programs are not re-compiled or removed.• Security tools are not used to scan the network for weaknesses and changes or to detect intrusions.• Faulty and buggy software - for example, buffer overflow and stack smashingAttacks• Automatic directory listings - this is of particular concern for the interface software directories.• Server root files are generally visible or accessible.• Lack of logs and bac kups.• File access is often not explicitly configured by the system administrator according to the security policy. This applies to configuration, client, administration and log files, administration programs, and CGI program sources and executables. CGI scripts allow dynamic web pages and make program development (in, for example, Perl) easy and rapid. However, their successful exploitation may allow execution of malicious programs, launching ofdenial-of-service attacks and, ultimately, privilege escalation on a server.Web Server and Database AuthenticationWhile user, browser and web server authentication are relatively well understood [Garf97], [Ghos98] and [Tree98], the introduction of additional components, such as databases and middleware, raise a number of authentication issues. There are a variety of options for authentication in a simple model (Figure 1). Firstly, both the web server and database management system can individually authenticate a user. This option requires the user to authenticatetwice which may be unacceptable in certain applications, although a singlesign-on device (which aims to manage authentication in a user-transparent way) may help. Secondly, a common approach is for the database to automatically grant user access based on web server authentication. However, this option should only be used for accessing publicly available information. Finally, the database may grant user access employing the web server authentication credentials as a basis for its own user authentication, using security management subsystems (Figure 1). We consider this last option in more detail.Web-based communications use the stateless HTTP protocol with the implication that state, and hence authentication, is not preserved when browsing successive web pages. Cookies, or files placed on user’s machine by a web server, were developed as a means of addressing this issue and are often used to provide authentication. However, after initial authentication, there is typically no re authentication per page in the same realm, only the use of unencrypted cookies (sometimes in association with IP addresses). This approach provides limited security as both cookies and IP addresses can be tampered with or spoofed.A stronger authentication method, commonly used by commercial implementations, uses digitally signed cookies. This allows additional systems, such as databases, to use digitally signed cookie data, including a session ID, as a basis for authentication. When a user has been authenticated by a web server (using a password, for example), a session ID is assigned and is stored in a security management subsystem database. When a user subsequently requests information from a database, the database receives a copy of the session ID, the security management subsystem checks this session ID against its local copy and, if authentication is successful, user access is granted to the database.The session ID is typically transmitted in the clear between the web server and database, but may be protected by SSL or even by physical security measures. The communications between the browser and web servers, and the web servers and security management subsystem (and its databases), are normally protected by SSL and use a web server security API that is used to digitally sign and verify browser cookies. The communications between the back-end databases and security management subsystem (and its databases) are also normally protected by SSL and use a database security API that verifies session Ids originating from the database and provides additional user authorization credentials. The web server security API is generally proprietary while, for the database security API, many vendors have adopted standards such as the Generic Security Services API (GSS-API) or CORBA [RFC2078] and [Corba].Architecture and DesignSecurity requirements for designing, building and implementing databases are important so that the systems, as part of the overall infrastructure, meet their requirements in actual operation. The various security models provide an important insight into the design requirements for databases and their management systems.Secure Database Management System ArchitecturesIn multi-level database management systems, a variety of architectures are possible: trusted subject, integrity locked, kernels and replicated. Trusted subject is used by most of the leading database management system vendors and can be integrated in existing products. Basically, the trusted subject architecture allows users to access a database via an un trusted front-end, a trusted database management system and trusted operating system. The operating systemprovides physical access to the database and the database management system provides multilevel object protection.The other architectures - integrity locked, kernels and replicated - all vary in detail, but they use a trusted front-end and an un trusted database management system. For details of these architectures and research prototypes, the reader is referred to [Cast95]. Different architectures are suited to different environments: for example, the trusted subject architecture is less integrated with the underlying operating system and is best suited when a trusted path can be assured between applications and the database management system.Secure Database Management System DesignAs discussed above, there are several fundamental differences between operating system and database management system design, including object granularity, multiple data types, data correlations and multi-level transactions. Other differences include the fact that database management systems include both physical and logical objects and that the database lifecycle is normally longer.These differences must be reflected in the design requirements which include:• Access, flow and infer ence controls.• Access granularity and modes.• Dynamic authorization.• Multi-level protection.• Polyinstantiation.• Auditing.• Performance.These requirements should be considered alongside basic information integrity principles, such as:• Well-formed transactions - to ensure that transactions are correct and consistent.• Continuity of operation - to ensure that data can be properly recovered, depending on the extent of a disaster.• Authorization and role management – to ensure that distinct roles are defined and users are authorized.• Authenticated users - to ensure that users are authenticated.• Least privilege - to ensure that users have the minimal privilege necessary to perform their tasks.• Separation of duties - to ensure that no single individual has access to critical data.• Delegation of authority - to ensure that the database management system policies are flexible enough to meet the organization’s requirements.Of course, some of these requirements and principles are not met by the database management system, but by the operating system and also by organizational and procedural measures.Database Design MethodologyVarious approaches to design exist, but most contain the same main stages. The principle aim of a design methodology is to provide a robust, verifiable design process and also to separate policies from how policies are actually implemented. An important requirement during any design process is that different design aspects can be merged and this equally applies to security.A preliminary analysis should be conducted that addresses the system risks, environment, existing products and performance. Requirements should then beanalyzed with respect to the results of a risk assessment. Security policies should be developed that include specification of granularity, privileges and authority.These policies and requirements form the input to the conceptual design that concentrates on subjects, objects and access modes without considering implementation details. Its purpose is to express information and process flows in a complete and consistent way.The logical design takes into account the operating system and database management system that will be used and which of the security requirements can be provided by which mechanisms. The physical design considers the actual physical realization of the logical design and, indeed, may result in a revision of the conceptual and logical phases due to physical constraints.Security AssuranceOnce a product has been developed, its security assurance can be assessed by a number of methods including formal verification, validation, penetration testing and certification. For example, if a database is to be certified as TCSEC Class B1, then it must implement the Bell-LaPadula mandatory access control model in which each controlled object in the database must be labeled with a security level.Most of these methods can be costly and lengthy to perform and are typically specific to particular hardware and software configurations. However, the international Common Criteria certification scheme provides the added benefit of a mutual recognition arrangement, thus avoiding the prospect of multiple certifications in different countries.ConclusionThis article has considered some of the security principles that are associated with databases and how these apply in a web based environment. Ithas also focused on important architecture and design principles. These principles have focused mainly on the prevention, assurance and recovery aspects, but other aspects, such as detection, are equally important in formulating a total information protection strategy. For example, host-based intrusion detection systems as well as a robust and tested set of business recovery procedures should be considered.Any fit-for-purpose, secure e-business infrastructure should address all the above aspects: prevention, assurance, detection and recovery. Certain industries are now starting to specify their own set of global, secure e-business requirements. International card payment associations have recently started to require minimum information security standards from electronic commerce merchants handling credit card data, to help manage fraud losses and associated impacts such as brand-image damage and loss of consumer confidence.网络环境下的数据库安全简介数据库在政府部门和商业机构得到普遍应用已经很多年了。

互联网金融作文英文范文The rise of internet finance has revolutionized the way we manage our money. With just a few clicks, we can now access a wide range of financial services, from online banking to peer-to-peer lending.Internet finance has made it easier for people to invest their money. Through online platforms, individuals can now invest in stocks, bonds, and other financial products without the need for a traditional broker.One of the key benefits of internet finance is the convenience it offers. With online banking and payment systems, we can now manage our finances from the comfort of our own homes, without the need to visit a physical bank branch.Internet finance has also opened up new opportunities for small businesses and entrepreneurs. Through crowdfunding and online lending platforms, individuals andbusinesses can now access the funding they need to start or grow their ventures.However, internet finance also comes with its own set of risks. With the rise of online scams and fraud, individuals need to be cautious when managing their finances online and ensure they are using reputable and secure platforms.Despite the risks, it's clear that internet finance is here to stay. As technology continues to advance, we can expect to see even more innovations in the world of online finance, making it easier and more accessible for people to manage their money.。

文献出处:Aronson J. The research of P2P model of financial [J] Value Creation in E-Business Management, 2016,12(5):85-95.原文The research of P2P model of financialAronson JAbstractThe development of the Internet financial, constantly create new financial model, P2P is one of the new financial model, the development of rapid direct threat to the commercial Banks in the financial world's dominance. In P2P explosive savage growth process, however, there are regulatory or incomplete system, risk control measures is not mature, P2P financial platform collapse would happen often, this leads to the development of P2P is in trouble Based on this, this paper introduces the P2P concepts and the reasons on the basis of the financial model, analyzes the difficulties faced by the current P2P financial model, and accordingly put forward the development of P2P financial model.Keywords: P2P financial mode; The theoretical analysis; Measures1 IntroductionThe wide application of Internet technology, when science and technology combined with financial, gives rise to some emerging Internet model, P2P has greatly reduced the transaction cost, satisfy the customer demand for financial, especially the working class and the small and medium-sized enterprise loan demand. But so far, due to the lack of innovation mode of financial supervision, to information asymmetry, imperfect credit system construction, and low security of adverse effect caused by funds, hindered the healthy and orderly development of P2P.For Internet financial can inject vigor, continuing for the financial sector to the real economy better service, we must strengthen the industry regulation, establish effective credit evaluation system and P2P platform to establish effective risk control system.So-called peer-to-peer (P2P), is the abbreviation of English Peer to Peer, meaning "person-to-person", refers to the directly by third-party Internet platform of money lending financing behavior, is a kind of direct financing behavior of individualto individual. It originated in Britain, and later to the United States, Germany and other countries, China introduced in 2007.In our country, its typical model is: the network credit companies provide a platform, by borrowing free bids, brokered transactions. Money lenders to obtain interest income with the risk; Money borrowed people due to repay the principal, the network credit charge intermediary company.Peer-to-peer (P2P) the causes of financial mode mainly lies in the fact that Internet technology rapidly Exhibition. With the development of Internet, the scope of its popularization in our country is more and more widely, new technology and new business forms appear constantly, and gradually extended to the financial sector, the financial and the Internet fusion degree in the process of deepening, the financial industry got the booming development, at the same time, also produced a P2P financial mode; Fill the shortcoming in traditional financial business function in our country at present. Let those be bank financial products and loan threshold shut out of the working class and the small and medium-sized enterprises can also have the opportunity to enjoy the financial services. Working class a large body of demand for money have great demand; Other small and medium-sized enterprises (SEM) in many places the arrested development, mainly due to small and medium-sized enterprises (smes) in bank loans difficult, loans due to the high cost. In order to promote the development of their own, small and medium-sized enterprises to seek other financing mode, which promote the generation of the P2P financial model.2 The status quo of P2P financial model2.1 P2P financial models lack of effective supervisionRelative to the early start of online banking, online securities and so on in the form of financial regulatory policy relatively incomplete, relatively mature management framework. But P2P financial mode in 2012 entered the blowout outbreak period. But the Internet financial regulatory agencies and related regulatory policy did not keep up with the pace of its rapid development, for the development of P2P is also hinder the role. Should be further follow relevant regulations to meet the constantly enrich and expand the urgent needs of the emerging financial forms. The lack of regulation for a long time, has been out of the grey zone and regulatory gap,there are low barriers to entry, lending money monitoring vacancy, credit evaluation system is not sound, and many other problems.The industry has been in a savage growth state, run, capital chain rupture and collapse phenomenon appeared frequently. ack of legal norms, unclear regulatory policy, business operation is not standard to causes such as the chaos of industry management.2.2 Domestic credit system construction is not perfectThe Internet in the financial, financial credit system is the basis of the healthy and standardizing development of the financial industry, the Internet. But the current construction of credit system is not perfect, personal credit record includes only with bank lending behavior and maintain within the Banks, other financial institutions can't call society.P2P network platform loan borrowers can only through an indirect way to verify information and the judgment through the subjective experience of auditors. Abroad in the implementation of a P2P financial model, the comparison of perfect personal credit system construction, when making loans, personal credit can achieve effective query, which leads the P2P financial mode constantly development and improvement. Internet financial enterprise credit reporting database is not perfect in our country, is not included in the central bank credit reporting system, for both the management difficulty is big, no effective mechanism and discipline and punishment.2.3 Information asymmetry cause malicious default riskOf the Internet financial transactions, payments and services are completed on the Internet, virtualization of trading, trading process is not transparent and so on have made the financial risk more diversified and uncontrolled. Of new trading patterns of this for the disclosure of the information has the certain difficulty, in P2P financial mode, due to information asymmetry, P2P platform there may be a risk, the truth of the borrower to provide information due to the master of P2P platform borrowing history data is limited, its credit rating system is also unable to grasp the situation of the borrowers, the condition of the fake information or the borrower. Once appear, default or delay balance, due to recover the cost is higher, lenders are hard to take back the principal and interest of the person failed to perform its obligations due to lending and lead to potential financial damage is one of the reasons that hinder thedevelopment of P2P.3 The implement measures3.1 Encourage innovation to strengthen the basis of industry regulationDue to P2P long-term financial platform is in a state of lack of regulation, resulting in a variety of financial risk problems occur unceasingly, serious impact on the development of P2P financial, based on this, as soon as possible, perfect the construction of Internet financial regulation legal system in our country, should provide a clear and transparent legal environment, including the market access supervision, operation supervision and exit regulatory measures to standardize the development of the P2P network platform. But don't like management of traditional financial institutions, so as not to stifle financial innovation. Perfect financial market system, pratt &whitney financial development, encourage financial innovation, rich level financial markets and products. Regulators want reasonable grasp the boundaries of innovation and strength, not to hinder the sustainable development of financial innovation, whether it be a financial product innovation, and financial service innovation. To strengthen management and ensure that financial security is very necessary, cut can not manage, weaken the vitality of financial innovation.3.2 promoting the construction of credit evaluation systemA severe credit system can restrain people daily financial activity. Therefore, in a constantly enrich financial transaction way to meet the demand of investment and financing of all social strata at the same time, the credit system construction also needs to be perfect and connectivity. At present, the central bank has started the construction of personal credit system, however, the central bank alone is not enough to build personal credit system, and will result in incomplete information system, therefore, in the process of building the personal credit system in the future, should attract more participants, to establish the perfect credit system, make scientific evaluation to the borrower's credit rating, for P2P platform provides necessary judgment. In addition, P2P financial platform should also set up its own credit system, establish a customer database, regular update of customer information in a database, at the same time, guarantee the comprehensiveness and accuracy of the new customerinformation, and effective to evaluate the customer's credit.3.3 P2P platform to strengthen risk control abilityP2P business at the core of the pricing power is in the team's own risk, the risk management ability is the core of the P2P company competitiveness. establish a risk control function is clear, for policy making, the characteristics of customer data mining, overdue customers, study and so on carries on the effective management, to standardize the front-end marketing, China audit, background collection each work orderly. At the same time, digital risk control model is established and the score card system is the effective measure to standardize P2P scientific management, with a complete set of scientific management methods, to cure it to risk control examination and approval decision engines and business process, to guide the business for examination and approval of risk control. Second, compared with the traditional financial institutions such as Banks, Internet financial firms can take advantage of big data analytics, cloud computing technology to manage customer credit evaluation and customer information, above is actually a credit evaluation system and risk control measures of innovation. Third, should attach importance to small and scattered plays important role in reducing risk, network platform, in the face of the large capital demand loan can be systemic forced to spread risk, is more than a sum of money into different sum, scattered the people who need loans to lend, risk can be effectively diluted. Fourth, guarantee qualification can be introduced with a third party professional guarantee companies provide guarantee, in case of bad debts by guarantee company compensation, in order to ensure safe operation, to ensure the safety of information and capital of investors. by using the combined risk of internal and external control means, in view of information asymmetry and capital safety is low in the strong guarantee.Era development is irreversible, the subversion and innovation of the Internet continues, because the P2P financial pattern in the global new things, the speed of development and the construction of the corresponding system is not perfect, resulting in the development of P2P financial face a lot of trouble. despite the difficulties, the game between the various arms intensified, but it's true that the development of P2Pinjected new vitality into the financial sector, in order to promote the healthy and orderly development of P2P, needs to explore the path to promote the development of P2P financial, P2P platform in the process of operation gradually improve risk control ability, ensure the safety of the funds. These efforts will make P2P financial mode gradually towards standardization and legalization, make it effectively fill the shortcoming in traditional financial business function at present, the future will be better able to make the financial service for the real economy, support the national strategic transformation of the economic structure.译文P2P金融模式研究Aronson J摘要互联网金融的发展，不断地创新出新型的金融模式，P2P就是其中一种新型金融模式，其发展的迅速直接威胁到商业银行在金融界的主导地位。

电子银行风险管理互联网金融外文文献翻译2013年3000多字E-banking has brought about a new set of risks for financial XXX risks include fraud。

processing errors。

system ns。

and other unforeseen events that can result in the XXX products or services。

It is XXX of the n to the customer and the n。

and to XXX.2.Risk management in e-bankingEffective risk management in e-XXX and analyzing potential risks。

XXX risks。

XXX.3.Security measures in e-bankingns should XXX controls。

n。

firewalls。

XXX systems。

and regular security testing and assessments.4.XXXXXX measures。

XXX passwords。

avoiding phishing scams。

XXX.5.nOverall。

effective risk management is essential for financial XXX。

ns XXX.XXX access accounts。

conduct ns。

and obtain n on financial products and services via public or private orks。

including the。

and mobile phones。

Customers can use us electronic devices。

文献信息：文献标题：Evaluating credit risk and loan performance in online Peer-to-Peer (P2P) lending（点对点(P2P)网络借贷的信用风险与贷款绩效评估）国外作者：Riza Emekter, Yanbin Tu, Benjamas Jirasakuldech, Min Lu 文献出处：《Applied Economics》, 2015, 47(1):54-70字数统计：英文3063单词，15818字符；中文5110汉字外文文献：Evaluating credit risk and loan performance in onlinePeer-to-Peer (P2P) lendingAbstract Online Peer-to-Peer (P2P) lending has emerged recently. This micro loan market could offer certain benefits to both borrowers and lenders. Using data from the Lending Club, which is one of the popular online P2P lending houses, this article explores the P2P loan characteristics, evaluates their credit risk and measures loan performances. We find that credit grade, debt-to-income ratio, FICO score and revolving line utilization play an important role in loan defaults. Loans with lower credit grade and longer duration are associated with high mortality rate. The result is consistent with the Cox Proportional Hazard test which suggests that the hazard rate or the likelihood of the loan default increases with the credit risk of the borrowers. Finally, we find that higher interest rates charged on the highrisk borrowers are not enough to compensate for higher probability of the loan default. The Lending Club must find ways to attract high FICO score and high-income borrowers in order to sustain their businesses.Key words: Peer-to-Peer lending; credit grade; FICO score; default riskI.IntroductionWith the advent of Web 2.0, it has become easy to create online markets and virtual communities with convenient accessibility and strong collaboration.One of the emerging Web 2.0 applications is the online Peer-to-Peer (P2P) lending marketplaces, where both lenders and borrowers can virtually meet for loan transactions. Such marketplaces provide a platform service of introducing borrowers to lenders, which can offer some advantages for both borrowers and lenders. Borrowers can get micro loans directly from lenders, and might pay lower rates than commercial credit alternatives. On the other hand, lenders can earn higher rates of return compared to any other type of lending such as corporate bonds, bank deposits or certificate of deposits. One of the problems in online P2P lending is information asymmetry between the borrower and the lender. That is, the lender does not know the borrower's credibility as well as the borrower does. Such information asymmetry might result in adverse selection (Akerlof, 1970) and moral hazard (Stiglitz and Weiss, 1981). Theoretically, some of these problems can be alleviated by regular monitoring, but this approach poses a challenge in the online environment because the borrowers and the buyers do not physically meet. Fostering and enhancing the lender's trust in the borrower can also be implemented to mitigate adverse selection and moral hazard problems. In the traditional bank-lending markets, banks can use collateral, certified accounts, regular reporting, and even presence of the board of directors to enhance the trust in the borrower. However, such mechanisms are difficult to implement in the online environment which will incur a significant transaction cost.To reduce lending risks associated with information asymmetry, current online P2P lending has the following arrangements. First, the Lending Club screens out any potential high-risk borrowers based on the FICO score. The minimum FICO score to be able to participate is 640. Second, the typical size of the loans produced in this market is small, which is under $35 000 at the Lending Club. Therefore, these loans are essentially microloans which pose a relatively small loss in case of default. Third, the market maker offers matchmaking systems which can be used to generate portfolio recommendations and minimize lending risks. Fourth, if a borrower fails to pay, the market maker will report the case to a credit agency and hire a collectionagency to collect the funds on behalf of the lender. Although there are certain structures imposed in the online P2P that help to minimize the risk, this form of lending is inherently associated with greater amount of risk compared to the traditional lending.The purpose of this article is to evaluate the credit risk of borrowers from one of the largest P2P platforms in the United States provided by the Lending Club, which help lenders to make more informed decisions about the risk and return efficiency of loans based on the borrowers' grade. There are two related research questions this article will address: (1) What are some of the borrowers' characteristics that help determine the default risk? and (2) Is the higher return generated from the riskier borrower large enough to compensate for the incremental risk? Lenders can allocate their investments more efficiently if they know what characteristics of the borrower affect the default risk. Each borrower is classified by credit grade with corresponding borrowing rate assigned by the Lending Club. To make an efficient allocation, a lender should know whether the higher interest rates set for high-risk borrowers are sufficient to compensate the lenders for the higher probabilities of a potential loss.Our findings suggest that borrowers with high FICO score, high credit grade, low revolving line utilization and low debt-to-income ratio are associated with low default risk. This finding is consistent with the studies by Duarte et al. (2012) who report that borrowers with a trustworthy characteristic will have better credit scores but low probability of default. This result also suggests that besides the loan applicants' social ties and friendship as reported by Freedman and Jin (2014) and Lin et al. (2013), the four factors discussed above are also important in explaining the default risk. When comparing with US national borrowers, the results show that the Lending Club should continue to screen out the borrowers with lower FICO score and attract the highest FICO score borrowers in order to significantly reduce the default risk. In relating the risk to the return, it shows that higher interest rate charged for the riskier borrower is not significant enough to justify the higher default probability. Our finding here is consistent with the study by Berkovich (2011) who reports that high quality loans offer excess return.II.Literature ReviewThree main streams of research have emerged in response to the growing popularity of P2P lending. The first stream of research examines the reasons for the emergence of online P2P lending. The second stream of research focuses on determining the factors that explain the funding success and default risk. The last stream of research investigates the performance of online P2P loan for a given level of the risk.Peer group lending has been emerging in local communities and has attracted the research in this area. Conlin (1999) develops a model to explain the existence of peer group micro-lending programmes in the United States and Canada. He finds that peer groups enable fixed costs to be imposed on the entrepreneurs while minimizing the programme's overhead costs. Ashta and Assadi (2008) investigate whether Web 2.0 techniques are integrated to support the advanced social interactions and associations with lower costs for P2P lending. Hulme and Wright (2006) study a case of online P2P lending house, Zopa, in the United Kingdom. They suggest that the emergence of online P2P lending is a direct response to social trends and a demand for new forms of relationship in financial sector under the new information age.There is extant literature that identifies the factors determining the funding success and default risk. Using the Canadian micro-credit data, Gomez and Santor (2003) find that group lending offers lower default rates than conventional individual lending does. Study by Iyer et al. (2009) shows that lenders can evaluate one third of credit risk using both hard and soft data about the borrower. Lin et al. (2013) analyse the role of social connections in evaluating credit risk and discover that strong social networking relationship is an important factor that determines the borrowing success and lower default risk. Lin et al. (2013) further report that applicants' friendship could increase the probability of successful funding, lower interest rates on funded loans, and these borrowers are associated with lower ex post default rates at Prosper. The importance of social ties in determining loans funded is also examined by Freedman and Jin (2014). The result shows that borrowers with social ties are more likely tohave their loans funded and receive lower interest rates. However, they also find evidence of risks to lenders regarding borrower participation in social networks.Several other studies examine whether certain borrowers' characteristics and personal information determine the success of loan funding and default risk. Herzenstein et al. (2008) show that borrowers' financial strength, their listing and publicizing efforts, and demographic attributes affect likelihood of funding success. Study by Duarte et al. (2012) further argues that borrowers who appear more trustworthy have better credit score with higher probabilities of having their loans funded and default less often. Larrimore et al. (2011) demonstrate that borrowers who use extended narratives, concrete descriptions and quantitative words have positive impact on funding success. However, humanizing personal details or loan justifi cations have negative influences on funding success. Qiu et al. (2012) further reveal that in addition to personal information and social capital, other variables, including loan amount, acceptable maximum interest rate and loan period set by borrowers, significantly influence the funding success or failure.Galak et al. (2011) further show that lenders tend to favour individual over group borrowers and borrowers who are socially proximate to themselves. They also find that lenders prefer the borrowers who are more like themselves in terms of gender, occupation and first name initial. More interestingly, Gonzalez and Loureiro (2014) have similar findings: (1) when perceived age represents competence, attractiveness has no effect on loan success; (2) when lenders and borrowers are of the same gender, attractiveness might lead to a loan failure (i.e., the ‘beauty is beastly' effect) and (3) loan success is sensitive to the relative age and attractiveness of lenders and borrowers. Herzenstein et al. (2011) find that herding in the loan auction is positively related to its subsequent performance, that is whether borrowers pay the money back on time.III.DataIn this section, the loan applicants' data is first described, followed by loan distribution based on loan purposes, credit grade and loan status and it ends with thedetailed descriptive statistics of the loan applicants. This study uses 61 451 loan applications in the Lending Club from May 2007 to June 2012 obtained from . Over the study period, the Lending Club lent about $713 million to borrowers. To address the borrowers' behaviour in online P2P lending, we first examine the main reasons for borrowing money from others. Table 1 lists the borrowers' self-claimed reasons summarized in the Lending Club. Almost 70% of loan requested are related to debt consolidation or credit card debts with a total loan amount requested of approximately $387 million and $108 million, respectively. The number of loan applications for education, renewable energy and vacation contribute less than 1% of total loans with the total loan requested ranging from 1 to 3 million. The borrowers state that their preferences to borrow from the Lending Club are lower borrowing rate and inability to borrow enough money from credit cards. The second purpose for borrowing is to pay home mortgage or to re-model home.Table 1. Loan distributions by loan purpose (May 2007–June 2012)Notes: The data is obtained from 61 451 loan applicants in the Lending Club, , from May 2007 to June 2012.The loan-seeking persons are asked to provide the reasons for requesting loans.The Lending Club uses the borrower's FICO credit scores along with other information to assign a loan credit grade ranging from A1 to G5 in descending credit ranks to each loan. The detailed procedure is as follows: after assigning a base score based on FICO ratings, the Lending Club makes some adjustments depending on requested loan amount, number of recent credit inquiries, credit history length, total open credit account, currently open credit accounts and revolving line utilization todetermine the final grade, which in turn determines the interest rate on the loan.Table 2 reports the loan distribution by credit grade. The majority of borrowing requests have grades between A1 and E5. The Highest loan amounts requested are from borrowers with ‘B' credit grade, which contribute 29.56% of total amount of loans requested. The total number of applicants for this ‘B' credit grade group is 18 707, which represents total loans of approximately $210 million. The lowest loan amounts requested are from borrowers with the lowest ‘G' credit grade which accounts for 1.53% of total loans. There are only 608 loan applicants for this lowest credit rating ‘G' group and it represents approximately $11 million in total loan value. According to the Lending Club's policy, a loan credit grade is used to determine the interest rate and the maximum amount of money that a borrower can request. The higher the loan grade, the lower the interest rate. A borrowing request with a low grade renders a higher interest rate as a compensation for a high risk held by lenders. Table 2. Loans distribution by credit grades (May 2007–June 2012)Notes: The Lending Club uses the borrowers’ FICO credit scores along with other information to classify a loan from Grade A1 to G5 in descending credit risk. Therefore, A1 credit grade represents the highest credit quality/low-risk borrowers, whereas G5 credit grade represents the lowest credit quality/ high-risk borrowers. Total amount of loans requested as a percentage of total loan is 19.35% for credit grade group ‘A’, 29.56% for ‘B’, 19.94% for ‘C’, 14.84% for ‘D’, 10.15% for ‘E’, 4.59% for ‘F’ and 1.53% for ‘G’.Finally, Panel A of Table 3 shows the loan status for all the loan requests on 20 July 2012. Overall, the default rate is 4.60% with total losses of approximately $29 million. Another 2.45% of total loan requests which constitute $18.6 million could be potentially lost because the borrowers are late in making payment within 30 days or 120 days and not paying the normal instalments. 17.98% of the loans are fully paid with an approximate value of $108 million. The $557 million loans are in current status account for 74.91% of total loans. Naturally, loans with a lower grade demonstrate a higher default rate. Therefore, study on risk management on P2P lending is relevant for the lenders to optimize their investment portfolios. Panel B of Table 3 reports the loan status for the matured loans. The overall loss rate is much higher for matured loans. Among 4904 matured loans, 914 loans are charged-off, which represent 18.6%. The total loss is $5.5 million which represents 13% of all matured loans amount. Less than 1% of the matured loans are late in terms of making payment with the unpaid balance of approximately $27 000. 80.77% or $33 million of matured loans are fully paid.Table 3. Loan distribution by the loan status (May 2007–June 2012)Table 4 reports the general characteristics and credit history of the online P2P loan applicants from the Lending Club. Based on our sample of 61 451 loanapplicants, the average monthly interest charged on a loan is 12.34%. On average, 471 days passed from the issue date of the loan. The average credit grade of a borrower is 25, which corresponds to credit category between B and C. The average size of a typical loan is $11 604 and the average monthly payment is $351. The borrower in general pays back $4384 a month and has $7873 left to be paid. The average ratio of the remaining balance to total loans is 63%.Examining the borrowers' characteristics, it shows that the mean income of a borrower from the Lending Club is $5796 with the debts to income ratio of 0.1381. On average, a borrower has 9.56 open credit lines and 22 total credit lines, carries $14 315 average revolving credit balance and almost half (51.6%) of his or her credit limit. In the last six months, there is 1 credit inquiry requested by an average borrower. Average FICO score category of a typical borrower is 3.48, which corresponds to a FICO score between 680 and 750.Table 4. Descriptive statistics (May 2007–June 2012)Notes: Credit Grade is the grade assigned by the Lending Club based on the FICOrano credit rating information along with other information. Credit Grade ‘1’ is the loan category of ‘G’ which is the riskiest class of loans. Credit Grade ‘7’ is the loan category of ‘A’ which is the lowest risk borrowers. FICOrano is the credit rating of the borrowers rated by credit card companies. FICO 6 corresponds to borrowers with the FICO score above 780, FICO 5 corresponds to FICO score between 750–779, FICO 4 = 714–749, FICO 3 = 679–713, FICO 2 = 660–678 and FICO 1 = 640–659, respectively.IV.ConclusionsCredit risk is an important concern for the P2P loans. This study employs the data from the Lending Club to evaluate the credit risk of the P2P online loans. We findthat credit score, debt-to-income ratio, FICO score and revolving line utilization play an important role in determining loan default. The credit categorization used by the Lending Club successfully predicts the default probability with one exception of next lowest credit grade ‘F'. In general, higher credit grade loan is associated with lower default risk.The mortality risk also increases with the maturity of the loans. Loans with lower credit grade and longer duration are associated with high mortality rate. The Cox Proportional Hazard Test results show that as the credit risk of the borrowers increases, so does the likelihood of loan being default. However, the higher interest rate currently charged for the riskier borrower is not significant enough to justify the higher default probability. This suggests that the lenders would be better off to lend only to the safest borrowers in the highest grade category of 7 or Grade A. Increasing spreads on riskier borrower may lead to a more severe adverse selection resulting in higher default risk.The Lending Club lenders should either extend credits only to the highest grade borrower or try to find more creative ways to lower the default rate among current borrowers. When comparing with the US national consumers, borrowers with relatively higher income and potentially higher FICO scores do not participate in the P2P market. Creating incentives to attract these types of borrowers would have a significant potential to decrease the default risk in this market.中文译文：点对点（P2P）网络借贷的信用风险与贷款绩效评估摘要近年来点对点（P2P）网络借贷开始兴起。