E-commerce replaces paper in electronic form, so how to ensure the effectiveness of this electronic form of trade information is the premise of developing e-commerce ... As a trade form, the effectiveness of e-commerce information will directly affect the economic interests and reputation of individuals, enterprises or countries. Therefore, it is necessary to control and prevent potential threats caused by network failures, operational errors, application errors, hardware failures, system software errors and computer viruses, so as to ensure that transaction data is valid at a specific time and place.
(2) confidentiality
As a means of trade, the information of e-commerce directly represents the commercial secrets of individuals, enterprises or countries. The traditional paper trade is kept secret by mailing sealed letters or sending commercial messages through reliable communication channels. E-commerce is based on a relatively open network environment (especially the Internet is a more open network), and keeping business secrets is an important guarantee for the comprehensive popularization and application of e-commerce. Therefore, it is necessary to prevent illegal access to information and illegal theft of information during transmission.
(3) Integrity
E-commerce simplifies the trade process, reduces human intervention, and at the same time brings the problem of maintaining the integrity and unity of business information of all parties in trade. Due to unexpected errors or fraud in data entry, the information of the parties may be different. In addition, information loss, information repetition or different information transmission sequence in the process of data transmission will also lead to information differences between the parties to the transaction. The integrity of the transaction information will affect the transaction and business strategy of the transaction party, and maintaining the integrity of the transaction information is the basis of e-commerce application. Therefore, it is necessary to prevent the random generation, modification and deletion of information, prevent the loss and repetition of information in the process of data transmission, and ensure the unity of information transmission order.
(4) Reliability/non-repudiation/identifiability
E-commerce may be directly related to the commercial transactions between two trading parties. How to determine that the trading party to be traded is the expected trading party of the exchange is the key to ensure the smooth progress of e-commerce. In traditional paper transactions, both parties identify the transaction object by signing or stamping written documents such as transaction contracts, contracts or trade documents by hand, so as to determine the reliability of contracts, contracts and documents and prevent the occurrence of repudiation. This is what people often say "in black and white". Under the paperless e-commerce mode, traders cannot be identified by handwritten signatures and seals. Therefore, in the process of transaction information transmission, it is necessary to provide reliable identification for individuals, enterprises or countries involved in the transaction.
(5) Review ability
According to the requirements of confidentiality and integrity, the results of data review shall be recorded.
3.2 Main security technologies and standards adopted in e-commerce
Considering the requirements of all aspects of security services, technical solutions are developed, and security services can be implemented anywhere in the network. However, the EC security service between two trading partners is usually implemented in the form of "end-to-end" (that is, the security measures implemented on the communication network and its nodes are not considered). After weighing the potential security crisis, the cost of taking security measures and the value of information to be protected, the security level to be implemented is determined. This paper will introduce several security technologies mainly used in e-commerce applications and their related standards and specifications.
(1) encryption technology
Encryption technology is the main security measure adopted in e-commerce, and traders can use it in the information exchange stage as needed. At present, encryption technology is divided into two categories, namely symmetric encryption and asymmetric encryption.
① Symmetric encryption/symmetric key encryption/private key encryption
In the symmetric encryption method, information encryption and decryption use the same key. In other words, a key opens a lock. Using symmetric encryption will simplify the encryption process. Each trader does not need to study and exchange special encryption algorithms with each other, but uses the same encryption algorithm and only exchanges the special keys enjoyed by * * *. If the communication trader can guarantee that the private key is not leaked in the key exchange stage, then the confidentiality and message integrity can be realized by encrypting the confidential information by symmetric encryption method and sending the message digest or message hash value with the message. Symmetric encryption technology has the problem of ensuring the secure exchange of keys between communication traders. In addition, when a trading party has "n" trading relationships, then he has to maintain "n" special keys (that is, each key corresponds to a trading party). Another problem with symmetric encryption is that it is impossible to identify the initiator or the final party of the transaction. Because both parties share the same private key, any information of both parties is encrypted and transmitted to each other with this key.
The Data Encryption Standard (DES) was proposed by the National Bureau of Standards, which is one of the widely used symmetric encryption methods, and is mainly used in the field of electronic fund transfer (EFT) in banking. The key length of DES is 56 bits. Triple DES is a variant of DES. This method uses two independent 56-bit keys to encrypt the exchanged information (such as EDI data) for three times, so that its effective key length reaches 1 12 bits. RC2 and RC4 methods are patents of symmetric encryption algorithm of RSA Data Security Company. RC2 and RC4 are different from DES in that they adopt variable key length algorithm. By specifying different key lengths, RC2 and RC4 can improve or decrease the security. Some e-mail products (such as Lotus Notes and Apple's Opn collaborative environment) have adopted these algorithms.
② Asymmetric encryption/public key encryption
In an asymmetric encryption system, the key is decomposed into a pair (that is, a public key or encryption key and a private key or decryption key). Any one of these keys can be disclosed to others in a non-confidential manner as a public key (encryption key), while the other key can be saved as a private key (decryption key). The public key is used to encrypt confidentiality, and the private key is used to decrypt encrypted information. The private key can only be mastered by the traders who generate the key pair, and the public key can be widely distributed, but only corresponding to the traders who generate the key. The basic process for traders to exchange confidential information by using this scheme is as follows: trader A generates a pair of keys and discloses one of them to other traders as a public key; Trader B who obtains the public key encrypts confidential information with the key and sends it to trader A; Party A decrypts the encrypted information with another private key saved by itself. Party A can only decrypt any information encrypted with its own public key with its own private key.
RSA (Rivest, Shamir Adleman) algorithm is the most famous algorithm in the field of asymmetric encryption, but its main problem is its slow operation speed. Therefore, this algorithm is usually not used to encrypt information with a large amount of information (such as large EDI transactions) in practical applications. For applications with large amount of encryption, public key encryption algorithm is usually used to encrypt the key of symmetric encryption method.
(2) Key management technologies
① Symmetric key management
Symmetric encryption is based on * * * confidentiality. Both parties who use symmetric encryption technology must ensure that they use the same key, ensure that the key exchange between them is safe and reliable, and at the same time, they must establish procedures to prevent key leakage and change keys. In this way, the management and distribution of symmetric keys will become a potentially dangerous and tedious process. The symmetric key management is realized by public key encryption technology, which makes the corresponding management simpler and safer, and also solves the reliability and authentication problems in pure symmetric key mode.
Traders can generate a unique symmetric key for each exchanged information (such as each EDI exchange) and encrypt the key with the public key, and then send the encrypted key to the corresponding traders together with the information encrypted with the key (such as EDI exchange). Because each information exchange student has a unique key, each transaction party no longer needs to maintain the key, and no longer needs to worry about the leakage or expiration of the key. Another advantage of this method is that even if a key is leaked, it will only affect one transaction, and will not affect all the trading relationships between the two parties. This method also provides a secure way for trading partners to issue symmetric keys.
② Public key management/digital certificate
Trading partners can use digital certificates (public key certificates) to exchange public keys. The standard X.509 (namely, information technology-open systems interconnection-directory: authentication framework) formulated by the International Telecommunication Union (ITU) defines a digital certificate, which is equivalent to the ISO/IEC 9594-8: 195 standard jointly issued by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). A digital certificate usually contains a name that uniquely identifies the certificate owner (that is, the counterparty), a name that uniquely identifies the certificate publisher, the public key of the certificate owner, the digital signature of the certificate publisher, the validity period of the certificate, the serial number of the certificate, and so on. Certificate issuer is generally called Certification Authority (CA) and is trusted by all parties to the transaction. Digital certificate can play the role of identifying the transaction party, and it is one of the technologies widely used in e-commerce at present. Both Microsoft's InternetExplorer 3.0 and Netscape's Navigator 3.0 provide the function of digital certificate as a means of identity authentication.
③ Standards and specifications related to key management.
At present, relevant international standardization organizations have begun to formulate technical standards and specifications on key management. The Information Technology Committee (JTC 1) under ISO and IEC has drafted international standards and specifications on key management. The specification mainly consists of three parts: 1 part is the key management framework; The second part is the mechanism of using symmetry technology; The third part is the mechanism of asymmetric technology. This specification has now entered the voting stage of the draft international standard and will soon become a formal international standard.
(3) Digital signature
Digital signature is another application of public key encryption technology. The main way is that the message sender generates a hash value (or message digest) of 128 bits from the message body. The sender encrypts this hash value with his own private key to form the sender's digital signature. Then, the digital signature will be sent to the recipient of the email as an attachment. The receiver of the message first calculates the hash value (or message digest) of 128 bits from the received original message, and then decrypts the digital signature attached to the message with the public key of the sender. If the two hash values are the same, the receiver can confirm that the digital signature belongs to the sender. Digital signature can realize the authentication and non-repudiation of the original message.
ISO/IEC JTC 1 has been drafting relevant international standards and specifications. The preliminary name of this standard is "Digital Signature Scheme with Attachment for Information Technology Security Technology", which consists of an overview and an identity-based mechanism.
(4) Internet e-mail security protocol
E-mail is the main means of information transmission on the Internet and one of the main ways of e-commerce application. But it doesn't have strong security precautions. Internet Engineering Task Force (IEFT) has drafted relevant specifications to extend the security performance of e-mail.
①PEM
PEM is a draft standard to enhance the privacy of Internet e-mail. It adds the functions of encryption, authentication and key management to the standard format of Internet e-mail, allows the use of public key and private key encryption methods, and supports a variety of encryption tools. For each email, you can specify specific security measures in the email header, such as encryption algorithm, digital authentication algorithm and hash function. PEM is an informal standard for transmitting secure business e-mail through the internet. For details, please refer to the four documents published by the Internet Engineering Task Force, namely RFC 142 1, RFC 1422, RFC 143 and RFC 1424. PEM may be replaced by S/MIME and PEM-MIME specifications.
② S/MIME
S/MIME (Secure Multifunctional Internet Email Extension) is a protocol that adds digital signature and encryption technology to the multifunctional Internet email extension message described in RFC 152 1. MIME is a formal extended standard format of Internet e-mail, but it does not provide any security services. The purpose of S/MIME is to define the implementation of security service measures on MIME. S/MIME has become a recognized protocol in the industry, such as Microsoft, Netscape, Novll, Lotus and so on.
③PEM-MIME (MOSS)
MOSS(MIME Object Security Service) combines the characteristics of PEM and MIME.
(5) Major Internet security protocols
① SSL
SSL (Secure Slot Layer) protocol is a security protocol developed by Netscape, which provides client-server authentication, data integrity and information confidentiality for client/server applications based on TCP/IP. This protocol realizes the review of security features by exchanging SSL initial handshake information before exchanging data between applications. In SSL handshake information, encryption technologies such as DES and MD5 are used to realize confidentiality and data integrity, and X.509 digital certificate is used to realize authentication. This protocol has become a de facto industrial standard, and is widely used in server products and client products of Internet and Intranet. Leading Internet/Intrnet network products companies such as Netscape, Microsoft and IBM have already used this protocol.
In addition, Microsoft and Visa have also made a protocol similar to SSL, namely PCT (Private Communication Technology). This protocol only makes some improvements to SSL.
②S-HTTP
S-HTTP (Secure Hypertext Transfer Protocol) extends the security features of HTTP and increases the security of messages. It is based on SSL technology. This protocol provides security measures such as integrity, authentication, non-repudiation and confidentiality for WWW applications. At present, the agreement is being drafted by the Internet Engineering Task Force.
(6) Security of UN/EDIFACT.
EDI is an important part of e-commerce, and it is widely used in the world to automatically exchange and process business information and management information. UN/EDIFACT message is the only international EDI standard. Using the Internet for EDI has become an increasingly concerned field, and ensuring the security of EDI has become the main problem to be solved. UN/ECE/WP4 is an organization under the United Nations that specializes in formulating UN/EDIFACT standards. On 1990, a Joint Working Group on Security Issues (UN-SJWG) was established to study the security measures implemented in UN/EDIFACT standards. The results of this working group will be published in the standard form of ISO.
In the new ISO 9735 (namely UN/EDIFACT syntax rules), which is about to be released by ISO, there are five new parts describing the implementation of security measures in UN/EDIFACT. They are: Part 5-Safety rules of batch EDI (reliability, integrity and non-repudiation); Part 6-Security Authentication and Confirmation Message (Autack); Part 7-security rules of batch EDI (confidentiality); Part 9-Security Key and Certificate Management Report (Keykeeper); Part 10-security rules for interactive electronic data interchange.
The security measures of UN/EDIFACT are mainly realized by integration and separation. The integration method is to ensure the integrity of message content, the identification of message source and non-repudiation by using optional security header and security trailer in UN/EDIFACT message structure. The way of separation is to ensure security by sending three special UN/EDIFACT messages (namely AU TCK, KEYMAN and CIPHER).
(7) Specification for Secure Electronic Transactions (Set)
SET provides rules for implementing security measures for electronic transactions based on credit cards. It is a technical standard jointly formulated by Visa International and MasterCard, which can ensure the safe payment of funds through open networks (including the Internet). Microsoft, IBM, Netscape and RSA also participated in the research of this standard. SET mainly consists of three files, namely, SET business description, SET programmer's guide and SET protocol description. SET 1.0 has been published and can be applied to any bank payment service.