电子商务的安全问题

Security Issue of Electronic Commerce

尽管电子商务具有降低开销、拓展市场、不受地域空间限制等优势,但是其安全问题阻碍了它更广泛地应用。电子商务系统必须利用安全技术(如加密、电子签名、电子信封、电子证书和防火墙等)为参与者提供鉴别服务、访问控制服务、机密性服务和不可否认服务等可靠的服务,其安全体系结构包括支持服务层、传输层、交换层和商务层。目前安全方案主要有安全通信协议、支持安全交易的商用服务器、电子支付系统,但仍有一些问题尚待解决。

In spite of its advantages of lowering the cost, expanding the market, unrestrained by the geographical areas and space, etc, electronic commerce is confronted with the security issue which hinders its widespread application. It must adopt the security technologies (e.g. encription, electronic signature, electronic envelope, electronic certification, and firewall) to provide the participants with the authentication service, access control service, confidentiality service, undeniable service, and other reliable security service. Its security architecture includes support service level, transport level, switching level, and business level. At present, the security scheme mainly involves the security communication protocol, commercial servers supporting secure transactions and electronic payment system, and some problems remain to be resolved.