Application of Computer Network in E-commerce
Abstract: With the rapid development of computer network technology, e-commerce has been more and more widely used. Since most transactions in e-commerce are completed online, the security of e-commerce is a key factor affecting the success or failure of both parties. This paper introduces the method of solving security problems by using network security technology from the perspective of computer network security and business transaction security of e-commerce system.
Keywords: computer network, e-commerce security technology
I. Introduction
In recent years, e-commerce has developed very rapidly. E-commerce can reduce costs, increase trade opportunities, simplify trade circulation, improve productivity and improve logistics, cash flow and commodity flow. Although the environment and system of information flow are developing strongly, the proportion of its trade volume to the total trade volume is still very low. The primary factor affecting its development is safety. Online transactions are non-face-to-face transactions, so "transaction security" is very important in the development of e-commerce. It can be said that there is no e-commerce without security. The security of e-commerce can be divided into two parts as a whole: computer network security and business transaction security. Computer network security includes computer network equipment security, computer network system security, database security and so on. Its characteristic is to implement a network security enhancement scheme for the possible security problems of the computer network itself, with the goal of ensuring the security of the computer network itself. Business security closely revolves around various security problems arising from the application of traditional business on the Internet. On the basis of computer network security, how to ensure the smooth progress of e-commerce process. That is, to realize the confidentiality, integrity, identifiability, unforgeability and unreliability of e-commerce.
Second, e-commerce network security risks
1 Stealing information: Because no encryption measures are taken, data information is transmitted in clear text on the network. Intruders can intercept the transmitted information at the gateway or router where the packet passes. Through stealing and analyzing for many times, we can find the rules and formats of information, and then get the content of the transmitted information, which leads to the information transmitted on the network being leaked.
2. Tampering with information: After mastering the format and laws of information, intruders modify the information data transmitted on the network in the middle, and then send it to the destination through various technical means and methods. This method is not new. This work can be done on the router or gateway.
3 Forgery Because the data format is mastered, the transmitted information can be tampered with, and attackers can impersonate legitimate users to send false information or take the initiative to obtain information, which is usually difficult for remote users to distinguish.
Malicious destruction: Because the attacker can access the network, he may modify the information in the network, master the confidential information on the network, and even sneak into the network. The consequences are very serious.
Third, the application of network security technology in e-commerce transactions.
In order to improve the security of e-commerce, various network security technologies and protocols can be adopted. These technologies and protocols have their own scope of use, which can provide different degrees of security for e-commerce transactions.
1. firewall technology. Firewall is the main network security equipment at present. The common security control methods of firewall mainly include packet filtering, state detection and proxy service. Because it undertakes the boundary and service of the network, it is difficult to effectively control the illegal access inside. Therefore, the isolation technology that is most suitable for a relatively independent single network (such as a common enterprise private network) with limited interconnection with external networks and relatively concentrated network services determines its important role in e-commerce security transactions. At present, firewall products are mainly divided into two categories: proxy-based services and state-based detection. For example, CheckPoim Filewali- 140 is a software firewall based on Unix and WinNT platforms, and Cisco PIX is a hardware firewall with state detection. Because of the use of special operating system, the possibility of hackers using operating system G) H is reduced. Raptor is a software firewall based on proxy technology. Due to the openness and complexity of the Internet, firewalls also have their inherent shortcomings (1). Without a firewall, a firewall cannot prevent attacks. For example, if you allow unlimited dialing from inside the protected network, some users can form a direct connection with the Internet, thus bypassing the firewall and creating a potential backdoor attack channel, so the uniqueness of the channel between the internal network and the external network should be guaranteed. (2) Firewalls cannot prevent the spread of infected software or files. In this way, only anti-virus real-time monitoring software can be installed on each host. (3) Firewalls cannot prevent data-driven attacks. Data-driven attacks occur when some seemingly harmless data is mailed or copied to the Internet (which is executed by the host to launch an attack). Therefore, for data of unknown origin, we must first carry out anti-virus or program coding to prevent backdoor programs.
2. Data encryption technology. Firewall technology is a passive defense technology, and it is difficult to effectively defend against unsafe factors in e-commerce activities. Therefore, to ensure the transaction security of e-commerce, it is necessary to use contemporary cryptographic technology to help out. Encryption technology is the main security measure in e-commerce, and traders can use it in the information exchange stage as needed. At present, encryption technologies are divided into two categories, namely symmetric encryption/symmetric key encryption/private key encryption and asymmetric encryption/public key encryption. At present, many organizations use PKI (the abbreviation of Punickey infrastructure) technology to build a complete encryption/signature system, which can solve the above problems more effectively and truly ensure the security of online transactions and information transmission on the premise of making full use of the Internet to share resources. In PKI, the key is decomposed into a pair (that is, public key or encryption key and private key or decryption key). Any one of these keys can be disclosed to others in a non-confidential manner as a public key (encryption key), while the other key can be saved as a private key (decryption key). Is the public key used to check secrets? 6? 1 1 interest encryption. The private key is used to decrypt the encrypted information. The private key can only be held by the party that generated the key pair. The public key can be widely distributed, but it only corresponds to the transaction party used to generate the key. The basic process for traders to exchange confidential information by using this scheme is that trader A generates a pair of keys and discloses one of them to other traders as a public key: trader B who has obtained the public key encrypts confidential information with this key and sends it to trader A, and then decrypts the encrypted information with another private key kept by trader A.. Party A can only decrypt any information encrypted with its own public key with its own private key.
3. Identity authentication technology. Identity authentication, also known as authentication or confirmation, is a process of verifying whether the authenticated object meets or is valid by verifying the authenticity and validity of one or more parameters of the authenticated object, thus ensuring the authenticity of data. Prevent attackers from impersonating and tampering. Generally speaking. It is very safe to use human physiological characteristic parameters f, such as fingerprint recognition and iris recognition, for authentication. However, at present, this technology has the disadvantages of great difficulty and high cost. At present, the parameters used in computer communication include password, identifier key, random number and so on. In addition, certificate-based public key cryptosystem (PK I) authentication technology is usually used. Meet the requirements of identity authentication based on public key cryptography. Trust and trust verification mechanism need to be established. In other words, every entity on the network must have a verifiable digital ID. This is a digital certificate. Digital certificate is the identification of entities in online information exchange and commercial transactions. It is unique. Certificates are based on public key cryptosystem. It associates the user's public key with the user's own attributes, such as name, company, etc. ). This means that there should be a trusted organization on the Internet, which is responsible for auditing the identities of all entities and issuing and managing digital certificates. The organization is a certificate authority (CA). CA digitally signs all user attributes, certificate attributes and user's public key with its own private key to generate the user's digital certificate. In the secure communication based on certificate, the certificate is the certificate that proves the legal identity of the user and provides the legal public key of the user, and it is the basis of establishing secure communication. Therefore, as a trusted network organization, the certificate management facility CA's main function is to manage and maintain the certificates issued by it and provide various certificate services, including issuing, updating, recycling and archiving.
4. Digital signature technology. Digital signature, also known as electronic signature, has important applications in information security, including identity authentication, data integrity, non-repudiation and anonymity. Digital signature is a joint application of asymmetric encryption and digital digest technology. The main methods are as follows: the message sender generates a hash value (or message digest) it of 1 28b from the message body, encrypts this hash value with his own private key, and forms the sender's digital signature; then this digital signature will be sent to the message receiver as an attachment together with the message. The receiver of the message first calculates the hash value (or message digest) of 1 28bit from the received original message, and then decrypts the digital signature attached to the message with the public key of the sender. If the two hash values are the same, the receiver can confirm that the digital signature belongs to the sender. The original message can be realized by digital signature.
Four. Concluding remarks
E-commerce security requires both computer network security and business security, and its complexity is higher than that of most computer networks. In the construction of e-commerce, many security technical problems are involved. Formulating security technical rules and implementing security technical means can not only promote the development of security technology, but also promote the formation of a secure e-commerce system. Of course, any security technology will not provide permanent and absolute security, because the network is changing, the application is changing, and the means of invasion and destruction are also changing. Only the continuous progress of technology is the real security guarantee.
References:
[1] Xiaoluo Lane. E-commerce and its security technology. Journal of hunan university of science and engineering, 2006,27.
[2] Feng Ke: The key technology of e-commerce and its security analysis. Journal of Wuhan University of Technology 2004,2
[3] Yan Wei: Ning et al. Firewall Principle and Technology [M] Beijing: Du Machinery Industry Press, 2004