企业电子商务网站的平安控制的分析

企业电子商务网站的平安控制的分析一、前言近年来,随着因特网的普及日渐迅速,电子交易开始融入人们的日常生活中,网上订货、网上缴费等众多电子交易方式为人们创造了便利高效的生活方式,越来越多的人开始使用电子商务网站来传递各种信息,并进行各种交易。电子商务网站传递各种商务信息依靠的是互联网,而互联网是一个完全开放的网络,任何一台计算机、任何一个网络都可以和之相连。它又是无国界的,没有管理权威,“是世界唯一的无政府领地”,因此,网上的平安风险就构成了对电子商务的平安威胁。Inrecentyears,withincreasinglyrapidpopularizationofInternet,electronictradingbegantoblendinPeople'sDailylife,onlineordering,onlinepayment,andmanyotherelectronictradingwayforpeopletocreateaconvenientandefficientwayoflife,moreandmorepeoplebegintousee-commercesitestodeliverallkindsofinformation,andconductvarioustransactions.E-commercesite,passingallkindsofbusinessinformationontheInternet,theInternetisacompletelyopennetwork,anycomputer,anyonecanbeconnectedtothenetwork.Itiswithoutborders,nomanagementauthority,istheworld'sonlyanarchy,therefore,theInternetandthepeaceofriskconstitutesathreattothepeaceofe-commerce.从发展趋向来看,电子商务正在形成全球性的发展潮流。电子商务的://存在和发展,是以网络技术的革新为前提。电子商务系统的构建、运行及维护,都离不开技术的支持。同时,因为电子商务适合于各种大、小型企业,所以应充分考虑如何保证电子商务网站的平安。Fromthepointofdevelopmenttrend,e-commerceiscreatingaglobaldevelopmenttrend.Theexistenceanddevelopmentofe-commerce,isanetworktechnologyinnovationastheprerequisite.Electroniccommercesystemconstruction,operationandmaintenance,cannotleavethetechnicalsupport.Atthesametime,becausee-commerceissuitableforallkindsoflargeandsmallbusinesses,soshouldfullyconsiderhowtoensurethepeaceofe-commercesites.二、电子商务网站的平安控制Second,e-commercesitesofpeaceandcontrol电子商务的基础平台是互联网,电子商务发展的核心和关键新问题就是交易的平安性。由于Internet本身的开放性,使网上交易面临了种种危险,也由此提出了相应的平安控制要求。E-commerceplatformisthebasisofInternet,electroniccommercedevelopmentthecoreandkeyofthenewproblemisthetradingofsafesex.DuetotheopennessoftheInternetitself,makeonlinetransactionsfacedangers,peacehasthusputsforwardthecorrespondingcontrolrequirements.下面从技术手段的角度,从系统平安和数据平安的不同层面来探索电://子商务中出现的网络平安新问题。Frombelow,fromtheperspectiveoftechnologysystemsanddatapeaceofdifferentlevelstoexplorethenetworksafeandnewproblemsinelectroniccommerce.(一)系统平安(a)system在电子商务中,网络平安一般包括以下两个方面摘要:Ine-commerce,thenetworksafeandgenerallyincludesthefollowingtwoaspects:1.信息保密的平安1.Thepeaceofinformationconfidential交易中的商务信息均有保密的要求。如信用卡的帐号和用户名被人知悉,就可能被盗用,订货和付款的信息被竞争对手获悉,就可能丧失商机。因此在电子商务的信息传播中一般均有加密的要求。Haveaconfidentialbusinessinformationrequirementsinthedeal.Suchascreditcardaccountandusernameareaware,islikelytobestolen,orderingandpaymentinformationbyrivals,itmayhavelostbusinessopportunities.Soine-commerceareencryptedtransmissionofinformationingeneral.2.交易者身份的平安2.Tradersastotheidentityofthepeace://网上交易的双方很可能素昧平生,相隔千里。要使交易成功,首先要能确认对方的身份,对商家要考虑客户端不能是骗子,而客户也会考虑网上的商店是否是黑店。因此能方便而可靠地确认对方身份是交易的前提。Onlinetradingislikelytobeunknowntothebothsides,milesaway.Tomakethedeal,firstofallneedtobeabletoconfirmtheidentityofeachother,forbusinessestoconsidertheclientcan'tbeacheater,andthecustomerwillconsiderthisonlineshopisslaughterhouse.Sothatyoucaneasilyandreliablyconfirmeachother'sidentityisthepreconditionoftrade.对于一个企业来说,信息的平安尤为重要,这种平安首先取决于系统的平安。系统平安主要包括网络系统、操作系统和应用系统三个层次。系统平安采用的技术和手段有冗余技术、网络隔离技术、访问控制技术、身份鉴别技术、加密技术、监控审计技术、平安评估技术等。Foranenterprise,thepeaceofinformationisparticularlyimportant,thefirstdependsonthesystemofthepeace.Systemmainlyincludesthesafenetworksystem,operatingsystemandapplicationsystemofthreelevels.Systemsafetechnologyandmeanshavearedundanttechnology,networkisolationtechnology,accesscontrol,identificationtechnology,encryptiontechnology,safeassessment,monitoring,auditingtechnologyandsoon.(1)网络系统://(1)thenetworksystem网络系统平安是网络的开放性、无边界性、自由性造成,平安解决的关键是把被保护的网络从开放、无边界、自由的环境中独立出来,使网络成为可控制、管理的内部系统,由于网络系统是应用系统的基础,网络平安便成为首要新问题。解决网络平安主要方式有摘要:Peacenetworksystemisthenetwork'sopenness,borderlessnature,freedom,peacetosolveisthekeytotheprotectednetworkfromopen,borderlessandindependenceintheenvironmentoffreedom,andmakethenetworkbecomecancontrol,managementofinternalsystems,duetothenetworksystemisthebasisoftheapplicationsystem,networksafebecamethefirstnewproblems.Solvethenetworksafemainwayarethe:网络冗余——它是解决网络系统单点故障的重要办法。对关键性的网络线路、设备,通常采用双备份或多备份的方式。网络运行时双方对运营状态相互实时监控并自动调整,当网络的一段或一点发生故障或网络信息流量突变时能在有效时间内进行切换分配,保证网络正常的运行。Networkredundancy-itisaimportantwaytosolvethenetworksystemtoasinglepointoffailure.Oncriticalnetworkwiring,equipment,usuallyadoptthedoublebackupandbackup.Networktorunonbothsidesofoperatingstatereal-timemonitoringandautomaticadjusteachother,whenthenetworkaoralittledownor://系统隔离——分为物理隔离和逻辑隔离,主要从网络平安等级考虑划分合理的网络平安边界,使不同平安级别的网络或信息媒介不能相互访问,从而达到平安目的。对业务网络或办公网络采用VLAN技术和通信协议实行逻辑隔离划分不同的应用子网。Systemisolation-dividedintophysicalisolationandlogicalisolation,mainlyfromthenetworksaferatingsystemconsideringthereasonablenetworksafeboundary,Internetorinformationmediaofdifferentsafelevelcannotaccesstoeachother,soastoachievepeaceandpurpose.ForbusinessorofficenetworkusingVLANtechnologyandcommunicationprotocol