電子商務中信息安全問題的探討外文翻譯

1、<p>　　E-commerce Information Security Problems</p><p>　　Ⅰ. Introduction</p><p>　　E-commerce (E-Business) is in open networks, including between enterprises (B2B), business and consumers (B2

2、C) commercial transactions, compared with the traditional business model, e-commerce with efficient, convenient, covered wide range of characteristics and benefits. However, e-commerce open this Internet-based data excha

3、nge is great its security vulnerabilities, security is a core e-commerce development constraints and key issues.</p><p>　　In this paper, the basic ideas and principles of systems engineering, analyzes the cu

4、rrent security threats facing e-commerce, in this based on security technology from the perspective of development trend of e-commerce.</p><p>　?、? E-commerce model</p><p>　　Modern e-commerce te

5、chnology has focused on the establishment and operation of the network of stores. Network in the department stores and real stores no distinction between structure and function, differences in their function and structur

6、e to achieve these methods and the way business operate.</p><p>　　Web store from the front view is a special kind of WEB server. WEB site of modern multimedia support and a good interactive feature as the ba

7、sis for the establishment of this virtual store, so customers can, as in a real supermarket pushing a shopping cart to select goods, and finally in the checkout check out. These online stores also constitute the three pi

8、llars of software: catalog, shopping cart and customer checkout. Customers use an electronic currency and transaction must store customers </p><p>　　Behind the store in the network, enterprises must first ha

9、ve a product storage warehouse and administration; second network to sell products by mail or other delivery channels to customers hands; Third, enterprises should also be responsible for product after-sales service, Thi

10、s service may be through networks, may not. Internet transactions are usually a first Pay the bill and getting goods shopping. For customers, convenience is that the goods purchased will be directly delivered to their ho

11、me</p><p>　　Therefore, the credibility of the store network and service quality is actually the key to the success of e-commerce.</p><p>　?、?the key to development of electronic commerce</p&g

12、t;<p>　　E-commerce in the telecommunications network to develop. Therefore, the advanced computer network infrastructure and telecommunications policy easing the development of electronic commerce has become a pre

13、requisite. Currently, telecom services, high prices, limited bandwidth, the service is not timely or not reliable and so the development of e-commerce has become a constraint. Speed up the construction of telecommunicati

14、ons infrastructure, to break the telecommunications market monopoly, introd</p><p>　　E-commerce the most prominent problem is to solve the on-line shopping, trading and clearing of security issues, including

15、 the establishment of e-commerce trust between all the main issues, namely the establishment of safety certification system (CA) issues; choose safety standards (such as SET , SSL, PKI, etc.) problems; using encryption a

16、nd decryption method and encryption strength problems. Establishment of security authentication system which is the key.</p><p>　　Online trading and traditional face to face or written transactions in differ

17、ent ways, it is transmitted through the network business information and trade activities. The security of online transactions means:</p><p>　　Validity: the validity of the contract to ensure online transact

18、ions, to prevent system failure, computer viruses, hacker attacks.</p><p>　　Confidentiality: the content of the transaction, both transactions account, the password is not recognized by others and stealing.&

19、lt;/p><p>　　Integrity: to prevent the formation of unilateral transaction information and modify.</p><p>　　Therefore, the e-commerce security system should include: secure and reliable communicatio

20、ns network to ensure reliable data transmission integrity, prevent viruses, hackers; electronic signatures and other authentication systems; complete data encryption system and so on.</p><p>　?、?e-commerce s

21、ecurity issues facing</p><p>　　As e-commerce network is the computer-based, it inevitably faces a number of security issues.</p><p>　　(1) Information leak</p><p>　　Performance in e-

22、commerce for the leakage of business secrets, including two aspects: the parties are dealing transactions by third parties to steal the contents; transaction to the other party to provide documents used illegal use by th

23、ird parties.</p><p>　　(2) Altered</p><p>　　E-commerce information for business performance in the authenticity and integrity issues. Electronic transaction information in the network transmissio

24、n process may be others to illegally modify, delete or re-changed, so that information about its authenticity and integrity.</p><p>　　(3) Identification</p><p>　　Without identification, third-pa

25、rty transactions is likely to fake the identity of parties to a deal breaker, damage the reputation of being counterfeit or stolen by one party to the transaction fake results and so on, for identification, the transacti

26、on between the two sides can prevent suspicion situation.</p><p>　　(4) Computer viruses</p><p>　　Computer virus appeared 10 years, a variety of new virus and its variants rapidly increasing, the

27、 emergence of the Internet for the spread of the virus has provided the best medium. Many new viruses directly using the network as its transmission, as well as many viruses spread faster through dried networks, frequent

28、ly causing billions of dollars in economic losses.</p><p>　　(5) Hacker</p><p>　　With the spread of a variety of application tools, hackers have been popular, and are not in the past; non-compute

29、r expert can not be a hacker. Have kicked Yahoo's mafia boy did not receive any special training, only a few attacks to the users to download software and learn how to use the Internet on a big dry.</p><p&

30、gt;　?、?e-commerce security and safety factors</p><p>　　Enterprise application security is the most worried about e-commerce, and how to protect the security of e-commerce activities, will remain the core of

31、e-commerce research. As a secure e-commerce system, we must first have a safe, reliable communication network, to ensure that transaction information secure and rapid transmission; second database server to ensure absolu

32、te security against hackers break into networks to steal information. E-commerce security technologies include encryption, authe</p><p>　　(A), encryption technology</p><p>　　To ensure the securi

33、ty of data and transactions to prevent fraud, to confirm the true identity of transaction parties, e-commerce to adopt encryption technology, encryption technology is through the use of code or password to protect data s

34、ecurity. For encrypted data is called plaintext, specifically through the role of a encryption algorithm, the conversion into cipher text, we will express this change as the cipher text is called encryption, the cipher t

35、ext by the decryption algorithm to form </p><p>　　Encryption technology can be divided into two categories: symmetric encryption and asymmetric encryption. Symmetric encryption to the data encryption standar

36、d DES (Data Encryption Standard) algorithm is represented. Asymmetric encryption is usually RSA (Rivets Shamir Aleman) algorithm is represented.</p><p>　　(B), authentication</p><p>　　Commonly us

37、ed security authentication technologies: digital signatures, digital certificates, digital time stamp, CA security authentication technology.</p><p>　　(C), hacker protection technology</p><p>　　

38、Currently, hackers have become the biggest e-commerce security threats, thus preventing hacking network security technology has become the main content, by governments and industry are highly valued. Hacking techniques i

39、nclude buffer overflow attacks, Trojans, port scans, IP fraud, network monitoring, password attacks, and denial of service Dos attacks. At present, people have made many effective anti-hacker technologies, including fire

40、walls, intrusion detection, and network security evaluation </p><p>　　Ⅵ.the future security of e-commerce</p><p>　　Increasingly severe security problems, are growing threat to national and globa

41、l economic security, governments have been based on efforts in the following areas:</p><p>　　(1) Strengthen the legislation, refer to the advanced countries have effective legislation, innovative, e-commerce

42、 and improve the protection of the laws against cyber-crime security system.</p><p>　　(2) Establishment of relevant institutions, to take practical measures to combat cyber crime. Development of the law, the

43、 implementing agencies should also be used for its relevant laws, which must establish an independent oversight body, such as the executing agency to implement the law.</p><p>　　(3) Increase investment in ne

44、twork security technology; improve the level of network security technology. E-commerce security law is the prerequisite and basis for development and secure e-commerce security technology is a means of protection. There

45、 are many security issues are technical reasons, it should increase the technology resources, and continuously push forward the development of old technologies and developing new security technology.</p><p>

46、　　(4) To encourage enterprises to protect themselves against Internet crime against. To avoid attack, companies can not hold things to chance, must attach great importance to system vulnerabilities, in time to find secur

47、ity holes to install the operating system and server patches, and network security detection equipment should be used regularly scan the network monitoring, develop a set of complete security protection system to enable

48、enterprises to form a system and combined with the comprehensi</p><p>　　(5) To strengthen international cooperation to strengthen global efforts to combat cyber crime. As e-commerce knows no borders, no geog

49、raphical, it is a completely open area, so the action against cyber crime e-commerce will also be global. This will require Governments to strengthen cooperation, can not have "the saying which goes, regardless of o

50、thers, cream tile" misconception.</p><p>　　(6) To strengthen the network of national safety education, pay attention to the cultivation of outstanding computer.</p><p>　?、? Conclusion</p

51、><p>　　E-commerce in China has developed rapidly in recent years, but the security has not yet established. This has an impact on the development of electronic commerce as a barrier.</p><p>　　To th

52、is end, we must accelerate the construction of the e-commerce security systems. This will be a comprehensive, systematic project involving the whole society. Specifically, we want legal recognition of electronic communic

53、ations records of the effectiveness of legal protection for electronic commerce; we should strengthen the research on electronic signatures, to protect e-commerce technology; we need to build e-commerce authentication sy

54、stem as soon as possible, to organize protection for el</p><p>　　Promoting China's economic development; also the only way we can in the economic globalization today, to participate in international comp

55、etition, and thus gain a competitive advantage.</p><p>　　Source: Michael Hecker, Tharam S. Dillon, and Elizabeth Chang IEEE Internet Computing prentice hall publishing, 2002</p><p>　　電子商務中的信息安全問

56、題</p><p><b>　　一 、引言</b></p><p>　　電子商務（E-Business）是發(fā)生在開放網絡上的包括企業(yè)之間（B2B）、企業(yè)和消費者之間（B2C）的商業(yè)交易，與傳統(tǒng)商務模式相比，電子商務具有高效、便捷、覆蓋范圍廣等特點和優(yōu)點。然而，電子商務這種基于Internet的開放式的數(shù)據交換是的其安全具有很大的脆弱性，安全問題是制約電子商務發(fā)展的一個

57、核心和關鍵問題。</p><p>　　本文從系統(tǒng)工程的基本觀點和原理出發(fā)，分析了目前電子商務面臨的各種安全威脅，在此基礎上，從安全技術角度，探討電子商務的發(fā)展趨勢和方向</p><p><b>　　二 、電子商務模式</b></p><p>　　現(xiàn)代電子商務技術已經集中于網絡商店的建立和運作。網絡商店和真實商店在部門結構和功能上沒有區(qū)別，不同點

58、在于其實現(xiàn)這些功能和結構的方法以及商務運作的方式。 </p><p>　　網絡商店從前臺看是一種特殊的WEB服務器。現(xiàn)代WEB網站的多媒體支持和良好的交互性功能成為建立這種虛擬商店的基礎，使得顧客可以像在真實的超級市場一樣推著購物車挑選商品，并最后在付款臺結賬。這也就構成網上商店軟件的三大支柱：商品目錄、顧客購物車和付款臺。顧客運用某種電子貨幣和商店進行交易必須對顧客和商店都是安全可靠的。</p>

59、<p>　　而在網絡商店的背后，企業(yè)首先要具備商品的存儲倉庫和管理機構；其次要將網絡上銷售的產品通過郵政或其他渠道投遞到顧客手里；第三，企業(yè)同樣要負責產品的售后服務，這種服務可能是通過網絡的，也可能不是。網絡交易通常是一種先交錢后拿貨的購物方式。對客戶而言，其方便處在于購得的商品會直接投遞到自己家里，而難以放心的是在商品到達手中之前并不能確認到自己手中的究竟是什么。因此網絡商店的信譽和服務質量實際上是電子商務成功與否的關鍵。&

60、lt;/p><p>　　三 、電子商務發(fā)展的關鍵環(huán)節(jié)</p><p>　　電子商務是在電信網絡上發(fā)展起來的。因此，先進的計算機網絡基礎設施和寬松的電信政策就成為發(fā)展電子商務的前提。目前，電信服務價格過高，帶寬有限，服務不及時或不可靠等因素已經成為發(fā)展電子商務的制約因素。加快電信基礎設施建設，打破電信市場的壟斷，引進競爭機制，保證電信業(yè)務公平競爭，促進網絡互聯(lián)，確保為用戶提供廉價，高速，可靠的通

61、信服務是良好網絡環(huán)境的建設目標，也是世界各國面臨的共同課題。</p><p>　　開展電子商務最突出的問題是要解決網上購物、交易和結算中的安全問題，其中包括建立電子商務各主體之間的信任問題，即建立安全認證體系（CA）問題；選擇安全標準（如SET、SSL、PKI等）問題；采用加、解密方法和加密強度問題。其中建立安全認證體系是關鍵。</p><p>　　網上交易與傳統(tǒng)的面對面或書面的交易方式不

62、同，它是通過網絡傳輸商務信息和進行貿易活動的。網上交易的安全問題意味著：</p><p>　　有效性:保證網上交易合同的有效性，防止系統(tǒng)故障、計算機病毒、黑客攻擊。</p><p>　　保密性:對交易的內容、交易雙方賬號、密碼不被他人識別和盜取。</p><p>　　完整性:防止單方面對交易信息的生成和修改。 </p><p>　　所以，電子

63、商務的安全體系應包括：安全可靠的通信網絡，保證數(shù)據傳輸?shù)目煽客暾乐共《?、黑客入侵；電子簽名和其他身份認證系統(tǒng)；完備的數(shù)據加密系統(tǒng)等等。</p><p>　　四 、電子商務面臨的安全問題</p><p>　　由于電子商務是以計算機網絡為基礎的，因此它不可避免面臨著一系列的安全問題。</p><p><b>　　(1)信息泄漏</b></

64、p><p>　　在電子商務中表現(xiàn)為商業(yè)機密的泄漏，主要包括兩個方面：交易雙方進行交易的內容被第三方竊??；交易一方提供給另一方使用的文件被第三方非法使用。</p><p><b>　　(2)竄改</b></p><p>　　電子商務中表現(xiàn)為商業(yè)信息的真實性和完整性的問題。電子的交易信息在網絡上傳輸?shù)倪^程中，可能被他人非法修改、刪除或重改，這樣就使信息

65、失去了真實性和完整性。</p><p><b>　　(3)身份識別</b></p><p>　　如果不進行身份識別，第三方就有可能假冒交易一方的身份，以破壞交易、破壞被假冒一方的信譽或盜取被假冒一方的交易成果等，進行身份識別后，交易雙方就可防止相互猜疑的情況。</p><p><b>　　(4)電腦病毒問題</b><

66、/p><p>　　電腦病毒問世十幾年來，各種新型病毒及其變種迅速增加，互聯(lián)網的出現(xiàn)又為病毒的傳播提供了最好的媒介。不少新病毒直接利用網絡作為自己的傳播途徑，還有眾多病毒借助干網絡傳播得更快，動輒造成數(shù)百億美元的經濟損失。</p><p><b>　　(5) 黑客問題</b></p><p>　　隨著各種應用工具的傳播，黑客己經大眾化了,不像過去那樣

67、非電腦高手不能成為黑客。曾經大鬧雅虎網站的黑手黨男孩就沒有受過什么專門訓練，只是向網友下載了幾個攻擊軟件并學會了如何使用，就在互聯(lián)網上大干了一場。</p><p>　　五 、電子商務安全因素與安全技術</p><p>　　安全問題是企業(yè)應用電子商務最擔心的問題，而如何保障電子商務活動的安全，將一直是電子商務的核心研究領域。作為一個安全的電子商務系統(tǒng)，首先必須具有一個安全、可靠的通信網絡，以

68、保證交易信息安全、迅速地傳遞；其次必須保證數(shù)據庫服務器絕對安全，防止黑客闖入網絡盜取信息。電子商務安全的技術主要包括加密技術、認證技術和電子商務安全協(xié)議，防火墻技術等。</p><p><b>　　(一)、加密技術</b></p><p>　　為保證數(shù)據和交易的安全、防止欺騙，確認交易雙方的真實身份，電子商務須采用加密技術，加密技術是指通過使用代碼或密碼來保障數(shù)據的安

69、全性。欲加密的數(shù)據稱為明文，明文經過某種加密算法作用后，轉換成密文，我們將明文換為密文的這一過程稱為加密，將密文經解密算法作用后形成明文輸出的這一程稱為解密。加密算法中使用的參數(shù)稱為密鑰。密鑰長度越長，密鑰的空間就大，遍歷密鑰空間所花的時間就越多，破譯的可能性就越小。加密技術可以分為兩類:對稱加密技術和非對稱加密技術。對稱加密技術以數(shù)據加密標準DES (Data Encryption Standard)算法為典型代表。非對稱加密技術通常

70、以RSA算法為代表。</p><p><b>　　（二）、認證技術</b></p><p>　　常用的安全認證技術有：數(shù)字簽名、數(shù)字證書、數(shù)字時間戳、CA安全認證技術。</p><p>　?。ㄈ?、黑客防范技術</p><p>　　目前，黑客攻擊已成為電子商務安全所面臨的最大威脅，于是黑客防范技術也成為了網絡安全的主要內

71、容，受到了各國政府和業(yè)界人士的高度重視。黑客入侵技術主要包括緩沖區(qū)溢出攻擊、特洛伊木馬、端口掃描、IP欺騙、網絡監(jiān)聽、口令攻擊、拒絕服務Dos攻擊等。目前，人們已提出了許多有效的反黑客技術，主要包括防火墻技術、入侵檢測技術、網絡安全評估技術等。</p><p>　　六 、未來電子商務的安全工作</p><p>　　日益嚴峻的安全問題，正越來越嚴重的威脅著各國及全球的經濟安全，各國政府在已有

72、的基礎上，已在以下幾個方面努力：</p><p>　?。?）加強立法，參照先進國家已有的有效法律，不斷創(chuàng)新，完善保護電子商務和打擊網絡犯罪的法律保障體系。</p><p>　?。?）建立相關機構，采取實際措施打擊網絡犯罪。制定了法律，還應該有執(zhí)行機構將相關的法律用到實處，這就必須建立獨立的監(jiān)督機構、執(zhí)行機構等來落實法律。</p><p>　?。?）加大對網絡安全技術

73、的投入，提高網絡安全技術的水平。法律是電子商務安全問題發(fā)展的前提和基礎，而安全技術則是電子商務安全的保障手段。很多安全問題都存在技術的原因，所以更應該加大技術研究的資金，不斷推進舊技術的發(fā)展，并研究新的安全技術。</p><p>　?。?）鼓勵企業(yè)加強自我保護，防范網絡犯罪侵害。為避免遭受攻擊，企業(yè)不能抱著僥幸心理，必須高度重視系統(tǒng)漏洞問題，及時給發(fā)現(xiàn)安全漏洞的操作系統(tǒng)和服務器等安裝補丁程序，并應使用網絡安全檢測

74、設備經常對網絡進行掃描監(jiān)控，制定一套完整的安全保護制度，使企業(yè)形成一個制度與技術結合的綜合性保護體系。</p><p>　?。?）加強國際合作，增強全球范圍內打擊網絡犯罪的力度。由于電子商務是沒有國界，沒有地域的，它是一個完全開放的領域，所以打擊電子商務網絡犯罪的行動也將是全球性的。這就要求各國政府加強合作，不能有“各掃門前雪，不管他人瓦上霜”的錯誤想法。</p><p>　?。?）加強對

75、國民的網絡安全教育，注意對優(yōu)秀計算機人才的培養(yǎng)。</p><p><b>　　七、 結束語</b></p><p>　　我國的電子商務近年來發(fā)展很快，但是有關的安全保障還未建立起來。這已經成為影響我國電子商務發(fā)展的一個障礙。</p><p>　　為此，我們必須加快建設有關的電子商務安全系統(tǒng)。這將是一個綜合性的、涉及全社會的系統(tǒng)工程。具體而言，我