Current location - Quotes Website - Signature design - What are the security measures for e-commerce?
What are the security measures for e-commerce?
Appropriate protective measures can reduce or prevent threats from reality. Some measures can be taken in communication security, computer security, physical security, personnel security, management security and media security. The security of the whole system depends on the security level of the weakest link in the system, which needs comprehensive consideration and compromise in the system design. Security measures in e-commerce include the following categories:

(1) Ensure the authenticity of the identities of both parties to the transaction:

The commonly used processing technology is identity authentication, which relies on a certificate issued by a trusted institution (CA Certification Center) to identify the other party. The purpose is to ensure the accuracy of identity, distinguish the authenticity of participants' identities and prevent camouflage attacks.

(2) Ensure the confidentiality of information:

In order to protect information from being leaked or disclosed to unauthorized people or organizations, the commonly used processing technologies are data encryption and decryption, and its security depends on the algorithm used and the key length. Common encryption methods include symmetric key encryption technology (such as DES algorithm) and public key encryption technology (such as RSA algorithm). (3) Ensure the integrity of information:

Commonly used data hashing and other technologies. Hash algorithm is used to protect data from being created, embedded, deleted, tampered with and replayed by unauthorized users. The typical hash algorithm is one of the one-way hash algorithms developed by the National Security Agency.

(4) Ensure the authenticity of the information:

The common processing method is digital signature technology. The purpose is to solve the possible fraud between the two communication parties, such as the sender's denial of the information he sent and the receiver's denial of the information he received. Instead of dealing with unknown attackers, it is based on public key encryption technology. At present, there are many available digital signature algorithms, such as RSA digital signature and ELGamal digital signature.

(5) Ensure the non-repudiation of information:

It is usually necessary to introduce a certification center (CA) for management, and the CA will issue the key, and send the copy of the transmitted file and its signature to the CA for preservation as the arbitration basis for possible disputes.

(6) Ensure the security of stored information:

Standardize internal management, use access control rights and logs, and encrypt the storage of sensitive information.

Related articles
  • Which one should I choose to name my child? Lu Hui, Lu Hui, Lu Hui!
  • Emotional character, talking about signature
  • What is an on-site visa? What's the difference between on-site visa and on-site change?
  • Unique composite printmaking
  • Planning scheme of June 1 garden activities
  • Wechat nickname domineering cold super drag
  • Lovely personality signature
  • Accidentally deleted the security certificate of mobile phone. How can I reinstall it?
  • What's the sound of writing with bare screen and pen on ipad?
  • Eight-character love story

    • copyright 2024 Quotes Website All rights reserved