电子商务安全策略研究
|
摘要
随着互联网的不断发展,在世界范围内掀起了一股电子商务热潮。许多国家政府部门对电子商务的发展十分重视,把这场以电子商务为标志的信息化革命与十九世纪以蒸汽机为标志的工业化革命相提并论,并纷纷出台了有关政策和举措。电子商务正得到越来越广泛的应用。其发展给人类社会带来巨大的影响,其一系列的相关领域的研究成为全球的热点。但近年来,电子商务的发展逐步放慢了脚步,其安全问题是阻碍发展的主要原因之一。所以本人选择这一课题进行了探索性研究,有着重要的实际意义。
论文第一章介绍课题的研究背景,总结国内外电子商务安全研究现状及我国电子商务安全存在的问题和该问题研究的发展趋势。论文第二章对电子商务安全的内容做了简要的概述,提出电子商务安全的五个方面的需求:信息的保密性,信息的完整,信息的真实性,信息的不可抵赖性,信息的有效性。并对电子商务信息安全面临的威胁进行了描述。接下来论述了电子商务的安全技术机制,利用分层模型将各安全措施映射到对应层次中进行了四个方面的论述,其中包括网络层技术,加密层技术,认证层技术,协议层技术。在论述了电子商务系统的安全机制的基础上,提出电子商务系统安全技术的架构。论文还在第三章论述电子商务安全评价方法,介绍国内外电子商务系统的安全评价标准,设计电子商务安全评价的指标,提出对电子商务安全进行评价的一种可行性方法一模糊综合评价法。此后论文在第四章介绍电子商务交易支付系统模型,并设计了一个基于SET协议的交易模型。第五章对电子商务信息安全认证进行了论述。最后一章对电子商务企业安全在技术和管理以及第三方外包服务进行了全面的分析。论文结尾提出了电子商务的正确安全观念,并进一步指出解决电子商务安全问题尚需努力的方向。
With the development of internet, electronic commerce has become a trend in all over the worldwide. Government departments in many countries attach great importance to the electronic commerce development. They take the information revolution with the hallmark of electronic commerce equally important with industrialization of the steam engine revolution for the same mark, and have introduced a relevant policies and initiatives. E-commerce is gaining wide application, it brings huge affection to the human society, and a series of its related research in this field has become the world's hot spots. Recently, the development of e-commerce and gradually slowed down the pace. Its security problems are one of the main reasons hindering development. Therefore, I choose to explore the subject of this study has important practical significance.
The first chapter of this thesis introduces the research background, summed up security at home and abroad on e-commerce and the status of China's e-commerce security on the issue and the development trend at presence. Papers second chapter present brief overview of the content of the e-commerce security, put out brief overview proposed in e-commerce security: Confidentiality of information, the integrity of the information, Information authenticity, non-repudiation of information, the validity of information. This chapter described information security threats on e-commerce, and the e-commerce security technology mechanism. In this paper, the hierarchical model will be mapped to the corresponding level of safety measures in four aspects to the exposition, including the network layer, layer encryption technology, certification of the technology, protocol layer technology. Based upon the Discussion in the e-commerce system security mechanisms, this paper give out e-commerce system architecture. Papers in the third chapter describes security evaluation methods on e-commerce, e-commerce systems evaluation criteria both at home and abroad, designs e-commerce security assessment indicators, give out a the safety of e-commerce feasibility method -fuzzy comprehensive evaluation method. In the fourth chapter, it introduced e-commerce transactions payment system model, and designed a transaction-based model agreement SET. In the fifth chapter, the e-commerce information security certification is discussed. The final chapter some recommendations are given on e-commerce enterprise security management. The correct e-commerce security concepts presented at the end of papers, and further points out the efforts direction that to solve the problem of e-commerce security.
论文第一章介绍课题的研究背景,总结国内外电子商务安全研究现状及我国电子商务安全存在的问题和该问题研究的发展趋势。论文第二章对电子商务安全的内容做了简要的概述,提出电子商务安全的五个方面的需求:信息的保密性,信息的完整,信息的真实性,信息的不可抵赖性,信息的有效性。并对电子商务信息安全面临的威胁进行了描述。接下来论述了电子商务的安全技术机制,利用分层模型将各安全措施映射到对应层次中进行了四个方面的论述,其中包括网络层技术,加密层技术,认证层技术,协议层技术。在论述了电子商务系统的安全机制的基础上,提出电子商务系统安全技术的架构。论文还在第三章论述电子商务安全评价方法,介绍国内外电子商务系统的安全评价标准,设计电子商务安全评价的指标,提出对电子商务安全进行评价的一种可行性方法一模糊综合评价法。此后论文在第四章介绍电子商务交易支付系统模型,并设计了一个基于SET协议的交易模型。第五章对电子商务信息安全认证进行了论述。最后一章对电子商务企业安全在技术和管理以及第三方外包服务进行了全面的分析。论文结尾提出了电子商务的正确安全观念,并进一步指出解决电子商务安全问题尚需努力的方向。
With the development of internet, electronic commerce has become a trend in all over the worldwide. Government departments in many countries attach great importance to the electronic commerce development. They take the information revolution with the hallmark of electronic commerce equally important with industrialization of the steam engine revolution for the same mark, and have introduced a relevant policies and initiatives. E-commerce is gaining wide application, it brings huge affection to the human society, and a series of its related research in this field has become the world's hot spots. Recently, the development of e-commerce and gradually slowed down the pace. Its security problems are one of the main reasons hindering development. Therefore, I choose to explore the subject of this study has important practical significance.
The first chapter of this thesis introduces the research background, summed up security at home and abroad on e-commerce and the status of China's e-commerce security on the issue and the development trend at presence. Papers second chapter present brief overview of the content of the e-commerce security, put out brief overview proposed in e-commerce security: Confidentiality of information, the integrity of the information, Information authenticity, non-repudiation of information, the validity of information. This chapter described information security threats on e-commerce, and the e-commerce security technology mechanism. In this paper, the hierarchical model will be mapped to the corresponding level of safety measures in four aspects to the exposition, including the network layer, layer encryption technology, certification of the technology, protocol layer technology. Based upon the Discussion in the e-commerce system security mechanisms, this paper give out e-commerce system architecture. Papers in the third chapter describes security evaluation methods on e-commerce, e-commerce systems evaluation criteria both at home and abroad, designs e-commerce security assessment indicators, give out a the safety of e-commerce feasibility method -fuzzy comprehensive evaluation method. In the fourth chapter, it introduced e-commerce transactions payment system model, and designed a transaction-based model agreement SET. In the fifth chapter, the e-commerce information security certification is discussed. The final chapter some recommendations are given on e-commerce enterprise security management. The correct e-commerce security concepts presented at the end of papers, and further points out the efforts direction that to solve the problem of e-commerce security.
引文
[1]胡桃 吕廷杰 尹涛 电子商务及其在电信行业中的应用,浙江大学出版社,2006,34-112
[2]尚建成 《电子商务基础》 高等教育出版社出版2000.9。
[3]舒彤 电子商务概论,长沙:湖南大学出版社,2003,1-40
[4]黄永斌 电子商务导论,北京:机械工业出版社,2004,202-245
[5]张小兵 《商业研究》中的《我国电子商务发展现状及存在问题与对策》,2000年2期
[6]甘早斌 电子商务概论,武汉:华中科技大学出版社,2003,171-172
[7]郑英铎 电子商务安全综述,市场周刊。管理探索,2005,1:148-172
[8]胡枚艳 电子商务教程,广州:华南理工大学出版社,2003,69-82
[9]翟才喜 杨敬杰 《电子商务》 东北财经大学出版社2002.2
[10]徐雪梅 浅谈保障电子商务活动中的信息安全 科技情报开发与经济,2003
[11]祁明 电子商务安全与保密 北京:高等教育出版社,2001
[12]徐伟 电子商务网上支付的安全保障问题 合肥联合大学学报,2000,(3)
[13]王林 章少强 电子商务网上支付系统的安全性.情报科学,2002,(6)
[14]徐学军 我国发展电子商务的主要瓶颈及对策 科技管理研究,2004,(2)。[4]乐凡网上支付治疑难杂症计算机,2002,(2).
[15]金武 加密技术与信息认证技术 华南金融电脑2000.10
[16]俞小青 信息安全管理体系的建立 电子标准化与质量 2000第4期
[17]陈汉龙 用模糊综合评价方进行网络安全风险评估 现代商贸工业2007年2月
[18]韩宝明 电子商务安全与支付,北京人民邮电出版社,2001,32-66
[2]尚建成 《电子商务基础》 高等教育出版社出版2000.9。
[3]舒彤 电子商务概论,长沙:湖南大学出版社,2003,1-40
[4]黄永斌 电子商务导论,北京:机械工业出版社,2004,202-245
[5]张小兵 《商业研究》中的《我国电子商务发展现状及存在问题与对策》,2000年2期
[6]甘早斌 电子商务概论,武汉:华中科技大学出版社,2003,171-172
[7]郑英铎 电子商务安全综述,市场周刊。管理探索,2005,1:148-172
[8]胡枚艳 电子商务教程,广州:华南理工大学出版社,2003,69-82
[9]翟才喜 杨敬杰 《电子商务》 东北财经大学出版社2002.2
[10]徐雪梅 浅谈保障电子商务活动中的信息安全 科技情报开发与经济,2003
[11]祁明 电子商务安全与保密 北京:高等教育出版社,2001
[12]徐伟 电子商务网上支付的安全保障问题 合肥联合大学学报,2000,(3)
[13]王林 章少强 电子商务网上支付系统的安全性.情报科学,2002,(6)
[14]徐学军 我国发展电子商务的主要瓶颈及对策 科技管理研究,2004,(2)。[4]乐凡网上支付治疑难杂症计算机,2002,(2).
[15]金武 加密技术与信息认证技术 华南金融电脑2000.10
[16]俞小青 信息安全管理体系的建立 电子标准化与质量 2000第4期
[17]陈汉龙 用模糊综合评价方进行网络安全风险评估 现代商贸工业2007年2月
[18]韩宝明 电子商务安全与支付,北京人民邮电出版社,2001,32-66