application of computer network in e-commerce
abstract: with the rapid development of computer network technology, e-commerce is being more and more widely used. Since most transactions in e-commerce are done online, the security of e-commerce is a key factor affecting the success or failure of both parties. This paper introduces the method of solving security problems by using network security technology from the perspective of computer network security and business transaction security of e-commerce system.
Keywords: computer network, e-commerce security technology
1. Introduction
In recent years, e-commerce has developed very rapidly. E-commerce can reduce costs, increase trade opportunities, simplify trade circulation process, improve productivity, improve logistics, cash flow and commodity flow. Information flow environment and system Although e-commerce has a strong development momentum, its trade volume still accounts for a very low proportion of the total trade volume. The primary factor affecting its development is security. Online transactions are non-face-to-face transactions, so "transaction security" is very important in the development of e-commerce. It can be said that there is no e-commerce without security. The security of e-commerce can be divided into two parts as a whole: computer network security and business transaction security. Computer network security includes computer network equipment security, computer network system security, database security and so on. It is characterized by implementing a network security enhancement scheme aiming at the possible security problems of the computer network itself, with the goal of ensuring the security of the computer network itself. Business security closely revolves around the various security problems arising from the application of traditional commerce on Interne. On the basis of computer network security, how to ensure the smooth progress of e-commerce process. That is to realize the confidentiality, integrity, identifiability, unforgeability and unreliability of e-commerce.
2. Security risks of e-commerce network
1. Stealing information: Because no encryption measures are adopted, data information is transmitted in clear text on the network, and intruders can intercept the transmitted information on the gateway or router where the data packet passes. Through stealing and analyzing for many times, we can find the rules and formats of information, and then get the contents of the transmitted information, which leads to the leakage of information transmitted on the Internet < P > 2. Tampering with information: after the intruders master the format and rules of information, they modify the information data transmitted on the network in the middle and then send it to the destination through various technical means and methods. This method is not new. This kind of work can be done on routers or gateways.
3 impersonation because of mastering the data format and tampering with the passed information, attackers can impersonate legitimate users to send fake information or actively obtain information, which is usually difficult for remote users to distinguish.
4 Malicious destruction: Because the attacker can access the network, he may modify the information in the network, master the confidential information on the network, and even sneak into the network. The consequences are very serious.
Third, the network security technology applied in e-commerce transactions
In order to improve the security of e-commerce, a variety of network security technologies and protocols can be adopted. These technologies and protocols have their own scope of use, which can provide different degrees of security for e-commerce transactions.
1. Firewall technology. Firewall is the main network security equipment at present. The security control methods commonly used by firewalls mainly include packet filtering, state detection and proxy service. Because it assumes the boundaries and services of the network, it is difficult to effectively control the illegal access inside. Therefore, the isolation technology that is most suitable for a relatively independent single network (such as a common enterprise private network) with limited interconnection with external networks and relatively concentrated network services determines its important role in e-commerce security transactions. At present, firewall products are mainly divided into two categories: those based on proxy service and those based on state detection. For example, CheckPoim Filewali-14 is a software firewall based on Unix and WinNT platforms, and Cisco PIX is a hardware firewall with state detection. Because it uses a special operating system, it reduces the possibility of hackers using the operating system G) H. Raptor is a software firewall based on proxy technology. Due to the openness and complexity of the Internet, firewalls also have their inherent shortcomings. (1) Firewalls cannot prevent attacks without firewalls. For example, if you allow unlimited dialing from inside the protected network, some users can form a direct connection with the Interne, thus bypassing the firewall, creating a potential backdoor attack channel, so the uniqueness of the channel between the internal network and the external network should be guaranteed. (2) Firewall can't prevent the transmission of infected software or files. This can only install anti-virus real-time monitoring software on each host. (3) Firewalls cannot prevent data-driven attacks. When some seemingly harmless data is mailed or copied to the Interne' (the host computer and executed to launch an attack), a data-driven attack will occur. Therefore, for data of unknown origin, anti-virus or program coding should be carried out first to prevent backdoor programs.
2. Data encryption technology. Firewall technology is a passive defense technology, which is difficult to effectively defend against unsafe factors in e-commerce activities. Therefore, to ensure the transaction security of e-commerce, we should use contemporary cryptographic technology to help out. Encryption technology is the main security measure in e-commerce, and traders can use it in the stage of information exchange according to their needs. At present, encryption technologies are divided into two categories, namely symmetric encryption/symmetric key encryption/private key encryption and asymmetric encryption/public key encryption. At present, many organizations use PKI (the abbreviation of Punickey nfrastructure) technology to build a complete encryption/signature system, which can solve the above problems more effectively and ensure the security of online transactions and information transmission in a real sense on the premise of making full use of the Internet to realize the sharing of resources. In PKI, the key is decomposed into a pair (that is, a public key or encryption key and a private key or decryption key). Any one of these keys can be disclosed to others in a non-confidential way as a public key (encryption key), while the other key can be saved as a private key (decryption key). Public keys are used to check secrets? 6? Interest-bearing encryption. The private key is used to decrypt the encrypted information. The private key can only be held by the trading party that generates the key pair. The public key can be widely distributed, but it only corresponds to the trading party used to generate the key. The basic process for traders to exchange confidential information by using this scheme is that trader A generates a pair of keys and discloses one of them to other traders as a public key: trader B who gets the public key encrypts confidential information with this key and then sends it to trader A, and then decrypts the encrypted information with another private key he keeps. Party A can only decrypt any information encrypted by its public key with its private key.
3. Identity authentication technology. Identity authentication, also known as authentication or confirmation, is a process of verifying whether the authenticated object meets or is valid by verifying the authenticity and validity of one or more parameters of the authenticated object, so as to ensure the authenticity of data. Prevent attackers from impersonating and tampering. Generally speaking. It is very safe to use the physiological characteristic parameters f of people, such as fingerprint recognition and iris recognition, for authentication. However, at present, this technology has the disadvantages of difficulty in implementation and high cost. At present, the parameters used in computer communication are password, identifier key, random number and so on. Moreover, certificate-based public key cryptosystem (PK I) authentication technology is generally used. To meet the requirements of identity authentication based on public key cryptography. It is necessary to establish a trust and trust verification mechanism. That is, every entity on the network must have a digital ID that can be verified. This is a digital Certifi2cate. Digital certificate is the identification of entities in online information exchange and business transactions. It is unique. A certificate is based on a public key cryptosystem. It associates the user's public key with the user's own attributes (such as name, company, etc.). This means that there should be an institution trusted by all parties on the Internet, which is responsible for auditing the identities of all entities and issuing and managing digital certificates. This institution is the Certificate Authority (CA). CA digitally signs all user attributes, certificate attributes and user's public key with its own private key to generate the user's digital certificate. In the secure communication based on certificate, the certificate is the certificate to prove the user's legal identity and provide the user's legal public key, and it is the basis of establishing secure communication. Therefore, the main function of the certificate management facility CA, as a network trusted organization, is to manage and maintain the certificates it issues and provide various certificate services, including issuing, updating, recycling, archiving and so on.
4. Digital signature technology. Digital signature, also known as electronic signature, has important applications in information security, including identity authentication, data integrity, non-repudiation and anonymity. Digital signature is a joint application of asymmetric encryption and digital summarization technology. The main methods are as follows: the message sender generates a hash value (or message digest) of 1 28b it from the message text, Encrypt this hash value with its own private key to form the sender's digital signature: then this digital signature will be sent to the receiver of the message together with the message as an attachment. The receiver of the message first calculates the hash value (or message digest) of 128 bits from the received original message, and then decrypts the digital signature attached to the message with the sender's public key. If the two hash values are the same, the receiver can confirm that the digital signature belongs to the sender. The authentication and non-repudiation of the original message can be realized through the digital signature.
IV. Conclusion
E-commerce security requires both computer network security and business security, and its complexity is higher than that of most computer networks. During the construction of e-commerce, many security technical problems are involved. Formulating security technical rules and implementing security technical means can not only promote the development of security technology, but also promote the formation of a secure e-commerce system. Of course, any security technology will not provide permanent and absolute security, because the network is changing, the application is changing, and the means of invasion and destruction are also changing. Only the continuous progress of technology is the real security guarantee.
References:
[1] Xiao Manmei Luo Lane. E-commerce and its security technology issues. Journal of hunan university of science and engineering, 26,27
[2] Feng Hongcai Guan Hua Chen Ke. Key technologies of e-commerce and its security analysis. journal of wuhan polytechnic university 24,2
[3] Yan Hui Wang Wei: Ning Yupeng et al. Edited. Firewall