E-commerce refers to the government, enterprises and individuals using modern computer and network technology to achieve the whole process of business exchange and administrative management; It is a kind of based on the Internet, in order to trade both parties as the main body, by means of bank electronic payment and settlement, the new business model based on customer data. Essence is to build a society of "network computing environment" or "digital nerve system", in order to realize the information resources in the national economy and the comprehensive application of public life. 电子商务是指政府、企业和个人利用现代电子计算机与网络技术实现商业交换和行政管理的全过程;它是一种基于互联网,以交易双方为主体,以银行电子支付和结算为手段,以客户数据为依托的全新商务模式。本质是建立一种全社会的“网络计算环境”或“数字化神经系统”,以实现信息资源在国民经济和大众生活中的全方位应用。 One, from a security point of view, the current situation of the electronic commerce 1. The network information security in the world has http://www.ukassignment.org/essayfw not formed a complete system, our country is no exception. 网络信息安全在全球还没有形成一个完整的体系,我国也不例外。 2. The intensity of the security technology is generally not enough. Abroad on e-commerce security technology, although its structure or encryption technology is good, but is limited by the foreign password policy, so the strength of the common enough. 安全技术的强度普遍不够。国外有关电子商务的安全技术,虽然其结构或加密技术等都不错,但受到了外国密码政策的限制,因此强度普遍不够。 3. The e-commerce site, there is a big hidden danger of safety management, generally difficult to withstand the hacker's attack. 4. The electronic commerce just confined to the field of business information and real e-commerce into, the existence of these factors will influence the development of electronic commerce in our country further. Second, the electronic commerce security requirement From the perspective of the different characteristics of traditional business and electronic commerce, to meet the security requirements of e-commerce, there must be at least the following questions need to be addressed: 1. The problem of identity authentication before trading. E-commerce is based on Internet platform of the virtual space of business activities, trade both sides only through data, symbols, signals, judgment, choice, specific business practices also rely on electrical signals and data exchange, trading parties can no longer use traditional methods to protect the security of transactions in e-commerce. 2. The legal effect of electronic contract issues in trading and integrity confidentiality issues. 3. The problem of the probative value of the electronic records after trading. In the Anglo-American law system, hearsay evidence rules limiting the probative value of electronic records. In our country, to electronic records the probative value of procedure law did not make clear a regulation, or even to be singled out as an evidence. 3, the network security technology and solution Computer network security is characterized by aiming at the security problem of computer network itself may be, to enhance implementation of network security, to ensure the security of computer network itself as the goal. The problems are as follows: 1. Not security related to operating system configuration. No matter adopt what operating system, under the condition of default installation will exist some safety problems, only for operating system security related and strict security configuration, can achieve a certain degree of security. Don't think the default operating system after installation, coupled with a strong password system to be classified as safe. 2. The CGI program code auditing. If gm CGI, prevention of it a little easier, but for the website or software vendors develop some of the CGI program, a lot of CGI exist serious problem, for an e-commerce site, there will be a malicious attacker and using accounts for online shopping and other serious consequences. 3. The Denial of Service attacks (DoS, "of the Service). With the rise of e-commerce, real-time requirements of the web site is more and more high, DoS or DDoS threat to site bigger and bigger. Aimed at network paralysis attack effect than any traditional way of terrorism and war are more intense, more destructive, harm of faster and range are more wide, and the risk of the attackers itself is very small, even before the attacks had vanished into thin air, make the other side did not execute the possibility of retaliation. 4. Security products use undeserved. Although many sites adopted some network security devices, but due to the security product itself problem or use, these products do not play a proper role. Many security vendor product technical background for configuration personnel requirements are high, beyond the technical requirements of common network management personnel, even the factory in the original to the user to do the correct installation, configuration, but once the system modification, need to change Settings related security products, it is easy to create many security problems. 5. The lack of strict network security management system. Network security is the most important thing is to attaches great importance to the ideological, web site or within the LAN security needs a complete security system to protect. Establish and implement strict system and computer network security strategy is the foundation of the real network security. Analysis of computer network security problems I put forward the solution of the ideas are: 1. To improve the security of the host itself, make security configuration, install security patches in time, reduce vulnerability. 2. To use a variety of system vulnerabilities detection software of network system on a regular basis for scanning analysis, find out the possible safety hazards, and in a timely manner to repair it.#p#分页标题#e# (3) from the router to user access control measures at all levels to establish and improve, to install a firewall, in order to strengthen the management of authorization and authentication. 4. Use RAID5 strengthen data storage technologies such as data backup and recovery measures. 5. The sensitive equipment and data to establish the necessary physical or logical isolation measures. 6. The transmission of sensitive information on the public network for data encryption strength. 7. Establish the details of the security audit log, in order to detect and track intrusion attack, etc. Four, e-commerce transaction security problem and solution In general business exists the following security hidden trouble in security 1. To steal information. Due to not using encryption, the data information transmitted in clear text on the Internet, an intruder on the packets through the gateway or router can transmit information intercepted. By stealing and analysis for many times, you can find the rules and format of information, transmission of information is obtained, the content of the online transmission of information disclosure. 2. The tamper with the information. When the invaders got the information |