電子商務信息安全中英文對照外文翻譯文獻電子商務信息安全中英文對照外文翻譯文獻(文檔含英文原文和中文翻譯)原文：E-commerceInformationSecurityProblemsⅠ.IntroductionE-commerce(E-Business)isinopennetworks,includingbetweenenterprises(B2B),businessandconsumers(B2C)commercialtransactions,comparedwiththetraditionalbusinessmodel,e-commercewithefficient,convenient,coveredwiderangeofcharacteristicsandbenefits.However,e-commerceopenthisInternet-baseddataexchangeisgreatitssecurityvulnerabilities,securityisacoree-commercedevelopmentconstraintsandkeyissues.Inthispaper,thebasicideasandprinciplesofsystemsengineering,analyzesthecurrentsecuritythreatsfacinge-commerce,inthisbasedonsecuritytechnologyfromtheperspectiveofdevelopmenttrendofe-commerce.Ⅱ.E-commercemodelModerne-commercetechnologyhasfocusedontheestablishmentandoperationofthenetworkofstores.Networkinthedepartmentstoresandrealstoresnodistinctionbetweenstructureandfunction,differencesintheirfunctionandstructuretoachievethesemethodsandthewaybusinessoperate.WebstorefromthefrontviewisaspecialkindofWEBserver.WEBsiteofmodernmultimediasupportandagoodinteractivefeatureasthebasisfortheestablishmentofthisvirtualstore,socustomerscan,asinarealsupermarketpushingashoppingcarttoselectgoods,andfinallyinthecheckoutcheckout.Theseonlinestoresalsoconstitutethethreepillarsofsoftware:catalog,shoppingcartandcustomercheckout.Customersuseanelectroniccurrencyandtransactionmuststorecustomersandstoresaresafeandreliable.Behindthestoreinthenetwork,enterprisesmustfirsthaveaproductstoragewarehouseandadministration;secondnetworktosellproductsbymailorotherdeliverychannelstocustomershands;Third,enterprisesshouldalsoberesponsibleforproductafter-salesservice,Thisservicemaybethroughnetworks,maynot.InternettransactionsareusuallyafirstPaythebillandgettinggoodsshopping.Forcustomers,convenienceisthatthegoodspurchasedwillbedirectlydeliveredtotheirhome,buthardtofeelassuredthatthegoodscannotbeconfirmeduntilthehandsreachintotheirownhands,whatitis.Therefore,thecredibilityofthestorenetworkandservicequalityisactuallythekeytothesuccessofe-commerce.Ⅲ.thekeytodevelopmentofelectroniccommerceE-commerceinthetelecommunicationsnetworktodevelop.Therefore,theadvancedcomputernetworkinfrastructureandtelecommunicationspolicyeasingthedevelopmentofelectroniccommercehasbecomeaprerequisite.Currently,telecomservices,highprices,limitedbandwidth,theserviceisnottimelyornotreliableandsothedevelopmentofe-commercehasbecomeaconstraint.Speeduptheconstructionoftelecommunicationsinfrastructure,tobreakthetelecommunicationsmarketmonopoly,introducecompetitionmechanismtoensurefaircompetitioninthetelecommunicationsbusiness,topromotenetworking,ensuretoprovideuserswithlow-cost,high-speed,reliablecommunicationsservicesisagoodconstructiontargetnetworkenvironment,butalsoalloftheworldcommontask.E-commercethemostprominentproblemistosolvetheon-lineshopping,tradingandclearingofsecurityissues,includingtheestablishmentofe-commercetrustbetweenallthemainissues,namelytheestablishmentofsafetycertificationsystem(CA)issues;choosesafetystandards(suchasSET,SSL,PKI,etc.)problems;usingencryptionanddecryptionmethodandencryptionstrengthproblems.Establishmentofsecurityauthenticationsystemwhichisthekey.Onlinetradingandtraditionalfacetofaceorwrittentransactionsindifferentways,itistransmittedthroughthenetworkbusinessinformationandtradeactivities.Thesecurityofonlinetransactionsmeans:Validity:thevalidityofthecontracttoensureonlinetransactions,topreventsystemfailure,computerviruses,hackerattacks.Confidentiality:thecontentofthetransaction,bothtransactionsaccount,thepasswordisnotrecognizedbyothersandstealing.Integrity:topreventtheformationofunilateraltransactioninformationandmodify.Therefore,thee-commercesecuritysystemshouldinclude:secureandreliablecommunicationsnetworktoensurereliabledatatransmissionintegrity,preventviruses,hackers;electronicsignaturesandotherauthenticationsystems;completedataencryptionsystemandsoon.Ⅳ.e-commercesecurityissuesfacingAse-commercenetworkisthecomputer-based,itinevitablyfacesanumberofsecurityissues.(1)InformationleakPerformanceine-commercefortheleakageofbusinesssecrets,includingtwoaspects:thepartiesaredealingtransactionsbythirdpartiestostealthecontents;transactiontotheotherpartytoprovidedocumentsusedillegalusebythirdparties.(2)AlteredE-commerceinformationforbusinessperformanceintheauthenticityandintegrityissues.Electronictransactioninformationinthenetworktransmissionprocessmaybeotherstoillegallymodify,deleteorre-changed,sothatinformationaboutitsauthenticityandintegrity.(3)IdentificationWithoutidentification,third-partytransactionsislikelytofaketheidentityofpartiestoadealbreaker,damagethereputationofbeingcounterfeitorstolenbyonepartytothetransactionfakeresultsandsoon,foridentification,thetransactionbetweenthetwosidescanpreventsuspicionsituation.(4)ComputervirusesComputervirusappeared10years,avarietyofnewvirusanditsvariantsrapidlyincreasing,theemergenceoftheInternetforthespreadofthevirushasprovidedthebestmedium.Manynewvirusesdirectlyusingthenetworkasitstransmission,aswellasmanyvirusesspreadfasterthroughdriednetworks,frequentlycausingbillionsofdollarsineconomiclosses.(5)HackerWiththespreadofavarietyofapplicationtools,hackershavebeenpopular,andarenotinthepast;non-computerexpertcannotbeahacker.HavekickedYahoo'smafiaboydidnotreceiveanyspecialtraining,onlyafewattackstotheuserstodownloadsoftwareandlearnhowtousetheInternetonabigdry.Ⅴ.e-commercesecurityandsafetyfactorsEnterpriseapplicationsecurityisthemostworriedaboute-commerce,andhowtoprotectthesecurityofe-commerceactivities,willremainthecoreofe-commerceresearch.Asasecuree-commercesystem,wemustfirsthaveasafe,reliablecommunicationnetwork,toensurethattransactioninformationsecureandrapidtransmission;seconddatabaseservertoensureabsolutesecurityagainsthackersbreakintonetworkstostealinformation.E-commercesecuritytechnologiesincludeencryption,authenticationtechnologyande-commercesecurityprotocols,firewalltechnology.(A),encryptiontechnologyToensurethesecurityofdataandtransactionstopreventfraud,toconfirmthetrueidentityoftransactionparties,e-commercetoadoptencryptiontechnology,encryptiontechnologyisthroughtheuseofcodeorpasswordtoprotectdatasecurity.Forencrypteddataiscalledplaintext,specificallythroughtheroleofaencryptionalgorithm,theconversionintociphertext,wewillexpressthischangeastheciphertextiscalledencryption,theciphertextbythedecryptionalgorithmtoformaclearroleintheoutputofthisaprocessknownasdecryption.Encryptionalgorithmknownasthekeyparametersused.Thelongerthekey,thekeyspaceislarge,traversethekeyspacethemoretimespent,thelesslikelycracked.Encryptiontechnologycanbedividedintotwocategories:symmetricencryptionandasymmetricencryption.SymmetricencryptiontothedataencryptionstandardDES(DataEncryptionStandard)algorithmisrepresented.AsymmetricencryptionisusuallyRSA(RivetsShamirAleman)algorithmisrepresented.(B),authenticationCommonlyusedsecurityauthenticationtechnologies:digitalsignatures,digitalcertificates,digitaltimestamp,CAsecurityauthenticationtechnology.(C),hackerprotectiontechnologyCurrently,hackershavebecomethebiggeste-commercesecuritythreats,thuspreventinghackingnetworksecuritytechnologyhasbecomethemaincontent,bygovernmentsandindustryarehighlyvalued.Hackingtechniquesincludebufferoverflowattacks,Trojans,portscans,IPfraud,networkmonitoring,passwordattacks,anddenialofserviceDosattacks.Atpresent,peoplehavemademanyeffectiveanti-hackertechnologies,includingfirewalls,intrusiondetection,andnetworksecurityevaluationtechniques.Ⅵ.thefuturesecurityofe-commerceIncreasinglyseveresecurityproblems,aregrowingthreattonationalandglobaleconomicsecurity,governmentshavebeenbasedoneffortsinthefollowingareas:(1)Strengthenthelegislation,refertotheadvancedcountrieshaveeffectivelegislation,innovative,e-commerceandimprovetheprotectionofthelawsagainstcyber-crimesecuritysystem.(2)Establishmentofrelevantinstitutions,totakepracticalmeasurestocombatcybercrime.Developmentofthelaw,theimplementingagenciesshouldalsobeusedforitsrelevantlaws,whichmustestablishanindependentoversightbody,suchastheexecutingagencytoimplementthelaw.(3)Increaseinvestmentinnetworksecuritytechnology;improvethelevelofnetworksecuritytechnology.E-commercesecuritylawistheprerequisiteandbasisfordevelopmentandsecuree-commercesecuritytechnologyisameansofprotection.Therearemanysecurityissuesaretechnicalreasons,itshouldincreasethetechnologyresources,andcontinuouslypushforwardthedevelopmentofoldtechnologiesanddevelopingnewsecuritytechnology.(4)ToencourageenterprisestoprotectthemselvesagainstInternetcrimeagainst.Toavoidattack,companiescannotholdthingstochance,mustattachgreatimportancetosystemvulnerabilities,intimetofindsecurityholestoinstalltheoperatingsystemandserverpatches,andnetworksecuritydetectionequipmentshouldbeusedregularlyscanthenetworkmonitoring,developasetofcompletesecurityprotectionsystemtoenableenterprisestoformasystemandcombinedwiththecomprehensiveprotectionsystem.(5)Tostrengtheninternationalcooperationtostrengthenglobaleffortstocombatcybercrime.Ase-commerceknowsnoborders,nogeographical,itisacompletelyopenarea,sotheactionagainstcybercrimee-commercewillalsobeglobal.ThiswillrequireGovernmentstostrengthencooperation,cannothave"thesayingwhichgoes,regardlessofothers,creamtile"misconception.(6)Tostrengthenthenetworkofnationalsafetyeducation,payattentiontothecultivationofoutstandingcomputer.Ⅶ.ConclusionE-commerceinChinahasdevelopedrapidlyinrecentyears,butthesecurityhasnotyetestablished.Thishasanimpactonthedevelopmentofelectroniccommerceasabarrier.Tothisend,wemustacceleratetheconstructionofthee-commercesecuritysystems.Thiswillbeacomprehensive,systematicprojectinvolvingthewholesociety.Specifically,wewantlegalrecognitionofelectroniccommunicationsrecordsoftheeffectivenessoflegalprotectionforelectroniccommerce;weshouldstrengthentheresearchonelectronicsignatures,toprotecte-commercetechnology;weneedtobuilde-commerceauthenticationsystemassoonaspossible,toorganizeprotectionforelectroniccommerce.Moreover,fore-commercefeatureswithoutborders,weshouldalsostrengtheninternationalcooperation,sothate-commercetrulyplaysitsrole.Onlyinthisway,wecanadapttothetimesPromotingChina'seconomicdevelopment;alsotheonlywaywecanintheeconomicglobalizationtoday,toparticipateininternationalcompetition,andthusgainacompetitiveadvantage.Source:MichaelHecker,TharamS.Dillon,andElizabethChangIEEEInternetComputingprenticehallpublishing,2002電子商務中的信息安全問題一、引言電子商務（E-Business）是發生在開放網絡上的包括企業之間（B2B）、企業和消費者之間（B2C）的商業交易，與傳統商務模式相比，電子商務具有高效、便捷、覆蓋范圍廣等特點和優點。然而，電子商務這種基于Internet的開放式的數據交換是的其安全具有很大的脆弱性，安全問題是制約電子商務發展的一個核心和關鍵問題。本文從系統工程的基本觀點和原理出發，分析了目前電子商務面臨的各種安全威脅，在此基礎上，從安全技術角度，探討電子商務的發展趨勢和方向二、電子商務模式現代電子商務技術已經集中于網絡商店的建立和運作。網絡商店和真實商店在部門結構和功能上沒有區別，不同點在于其實現這些功能和結構的方法以及商務運作的方式。網絡商店從前臺看是一種特殊的WEB服務器。現代WEB網站的多媒體支持和良好的交互性功能成為建立這種虛擬商店的基礎，使得顧客可以像在真實的超級市場一樣推著購物車挑選商品，并最后在付款臺結賬。這也就構成網上商店軟件的三大支柱：商品目錄、顧客購物車和付款臺。顧客運用某種電子貨幣和商店進行交易必須對顧客和商店都是安全可靠的。而在網絡商店的背后，企業首先要具備商品的存儲倉庫和管理機構；其次要將網絡上銷售的產品通過郵政或其他渠道投遞到顧客手里；第三，企業同樣要負責產品的售后服務，這種服務可能是通過網絡的，也可能不是。網絡交易通常是一種先交錢后拿貨的購物方式。對客戶而言，其方便處在于購得的商品會直接投遞到自己家里，而難以放心的是在商品到達手中之前并不能確認到自己手中的究竟是什么。因此網絡商店的信譽和服務質量實際上是電子商務成功與否的關鍵。三、電子商務發展的關鍵環節電子商務是在電信網絡上發展起來的。因此，先進的計算機網絡基礎設施和寬松的電信政策就成為發展電子商務的前提。目前，電信服務價格過高，帶寬有限，服務不及時或不可靠等因素已經成為發展電子商務的制約因素。加快電信基礎設施建設，打破電信市場的壟斷，引進競爭機制，保證電信業務公平競爭，促進網絡互聯，確保為用戶提供廉價，高速，可靠的通信服務是良好網絡環境的建設目標，也是世界各國面臨的共同課題。開展電子商務最突出的問題是要解決網上購物、交易和結算中的安全問題，其中包括建立電子商務各主體之間的信任問題，即建立安全認證體系（CA）問題；選擇安全標準（如SET、SSL、PKI等）問題；采用加、解密方法和加密強度問題。其中建立安全認證體系是關鍵。網上交易與傳統的面對面或書面的交易方式不同，它是通過網絡傳輸商務信息和進行貿易活動的。網上交易的安全問題意味著：有效性:保證網上交易合同的有效性，防止系統故障、計算機病毒、黑客攻擊。保密性:對交易的內容、交易雙方賬號、密碼不被他人識別和盜取。完整性:防止單方面對交易信息的生成和修改。所以，電子商務的安全體系應包括：安全可靠的通信網絡，保證數據傳輸的可靠完整，防止病毒、黑客入侵；電子簽名和其他身份認證系統；完備的數據加密系統等等。四、電子商務面臨的安全問題由于電子商務是以計算機網絡為基礎的，因此它不可避免面臨著一系列的安全問題。(1)信息泄漏在電子商務中表現為商業機密的泄漏，主要包括兩個方面：交易雙方進行交易的內容被第三方竊取；交易一方提供給另一方使用的文件被第三方非法使用。(2)竄改電子商務中表現為商業信息的真實性和完整性的問題。電子的交易信息在網絡上傳輸的過程中，可能被他人非法修改、刪除或重改，這樣就使信息失去了真實性和完整性。(3)身份識別如果不進行身份識別，第三方就有可能假冒交易一方的身份，以破壞交易、破壞被假冒一方的信譽或盜取被假冒一方的交易成果等，進行身份識別后，交易雙方就可防止相互猜疑的情況。(4)電腦病毒問題電腦病毒問世十幾年來，各種新型病毒及其變種迅速增加，互聯網的出現又為病毒的傳播提供了最好的媒介。不少新病毒直接利用網絡作為自己的傳播途徑，還有眾多病毒借助干網絡傳播得更快，動輒造成數百億美元的經濟損失。(5)黑客問題隨著各種應用工具的傳播，黑客己經大眾化了,不像過去那樣非電腦高手不能成為黑客。曾經大鬧雅虎網站的黑手黨男孩就沒有受過什么專門訓練，只是向網友下載了幾個攻擊軟件并學會了如何使用，就在互聯網上大干了一場。五、電子商務安全因素與安全技術安全問題是企業應用電子商務最擔心的問題，而如何保障電子商務活動的安全，將一直是電子商務的核心研究領域。作為一個安全的電子商務