1、1本科毕业论文外文翻译外文文献译文对传统和新生成的电子商务模式的安全问题的研究资料来源国际研讨会论文集,软件和计算机应用ICSCA2011作者SEYYEDMOHAMMADREZAFARSHCHI,FARIBAGHARIB,REZAZIYAEE当今的电子商务服务已在互联网和WEB环境中越来越受欢迎。网络上的交换安全是非常重要的电子商务服务,它是影响电子商务(电子商务)取得成功的关键因素。在本白皮书中,我们将讨论一些安全相关的问题,关于传统和新生成的电子商务模式,如身份验证、授权、不可抵赖性和完整性的P2P模式;此外,我们将讨论一些P2P电子商务的信任模型。通过分析P2P电子商务的主要特点,我们总
2、结了P2P电子商务的信任模型的设计原则。我们提供全面的网络安全问题,围绕电子商务和电子商务应用程序,并提出相应的研究框架在电子商务中的安全概述。我们相信,只要充分考虑安全问题,相对于其他安全措施的未来电子商务市场,P2P电子商务的实现将取得巨大成功。关键字通信安全、网络安全、P2P模式,电子商务安全。1介绍安全已经成为最重要的问题,必须首先解决确保成功的电子商务(电子商务)之一。互联网业务和客户的低成本和广泛可用性已经引发了一场革命,在电子商务和电子商务应用程序可以解决一个或几个阶段的一个典型的业务事务,并存在着各种可能性,以模拟这些阶段。例如,一种可能性是区分业务事务的五个阶段。首先,商人对
3、特定(信息)商品或服务的提供。第二,根据这一提议客户可向在线的请求。第三,由客户自己支付,商人向客户提供的货物或服务。付款的处理可能会涉及很多方面,如网上银行、邮政局、现金交付COD等。许多组织正在利用电子商务所提供的机会,更多预计。示范应用程序包括网上购物、网上银行和远程教育、在线游戏和虚拟赌场,以及付费电视和视频对需求的服务。很多企业和客户,仍较谨慎参与电子商务、网络和安全问题常被视为单一最重要屏障。这一损失在线交流上的信任正在加剧的电子商务网站和消费数据隐私滥用本文中的黑客攻击持续2的故事,我们讨论一些安全相关的问题,关于电子商务,特别是可用于新一代的电子商务P2P电子商务)的信任模型。
4、在本白皮书中,第一,我们讨论的其余部分中较新的技术和一些基本的定义。接下来,我们总结了传统电子商务模式和P2P电子商务的信任模型的设计原则。我们希望这些原则将有助于建立基于传统的或新的P2P技术的富裕和繁荣的电子商务平台。2WEB服务和安全21WEB服务全新的分布式计算模型使用SOA(面向服务的架构师撰写的三个参与者和三个基本操作的WEB服务。三名参加者是服务提供商,服务请求者和服务代理。发布的三个基本操作,搜索和约束力。所有这些行为的WEB服务和他们的描述组件和软件模块上。WEB服务的SOA框架显示在图一中。22在WEB服务中的安全规范如今,最认可和全面WEB服务的安全标准是由微软、IBM和
5、VERISIGN联合出版的(WEB服务安全性)WS安全性。这是WEB服务安全性的基础,它还可以集成被普遍接受的安全模型、机制和技术支持。WS安全性的目的是让SOAP的数据处理与应用程序的WEB服务确保完整性和机密性,并订明扩展和消息标头。WS安全性将多样化的安全模型、配置和技术结合在一起。这是其中一个面向服务的标准规格。任何系统都是能够确保与其他平台和独立于语言的方法通过相互兼容。23客户端的安全问题从用户的角度来看,通常主要关注的是客户端的安全。一般情况下,客户端的安全需要使用传统的计算机安全技术,例如,适当的用户身份验证和授权,访问控制和防病毒保护。对于通信服务,客户端可能另外需要服务器身
6、份验证和不可抵赖性的收据。此外,一些应用程序可能需要匿名访问(例如,匿名浏览WEB上)。现在常见的网上银行,对网上银行的客户端安全保护,并需要改进数据分析。大多数银行使用单一密码安全设置系统容易受病毒和网络攻击。网上银行的重要特点之一是在任何时候、任何地方和无论如何,它都可以提供安全的、个性化的客户服务。没有健全的安全保护将导致网上银行交易失败。网上银行服务供应商的客户端安全保护是最弱的部分。加密应用和在线交易的私隐是提供身份验证,为强大的加密系统实现访问控制、交易授权数据完整性和问责制提供了依据。24服务器端的安全问题3相反,服务器端安全性通常是从服务提供商的角度来看的主要关注。服务器端的安
7、全要求正确的客户机身份验证和授权,不可否认的起源、匿名发件人(例如,在WEB上的匿名发布)、审计和问责制,以及可靠性和可用性。图2显示了一般服务器端安全系统。25交易安全问题为客户端和服务器端同样重要的是交易安全。交易安全要求不同的安全服务,如数据验证、访问控制、数据机密性、数据完整性和不可抵赖性服务。此外,某些应用程序可能还需要匿名交易保证。图3显示了一般的网上银行系统的数据处理。3现有的电子商务安全技术但不知名或不均匀主线软件项目中有许多的电子商务安全技术存在。这一举措将完成,端口,并派发大量的现有安全技术,以提高安全对他们的电子商务的影响。在过去,几个网络安全技术发展和已部署。除了物理安
8、全措施,例如专用的通信链路和机械密码锁,网络安全技术通常地址的访问控制和通信安全。31访问控制第一次也是最明显的网络安全关注地址的访问控制。在物理安全,访问控制一词是指财产、建筑物,或获授权人士的空间限制入口的做法。物理访问控制可以通过一个人(警卫、俱乐部门卫或接待员),通过机械手段如锁和钥匙,或如卡技术的手段接入系统。有几种技术可以用来控制对企业内部网和互联网资源的访问。访问控制包括身份验证、授权和审核。它还包括物理设备,包括生物识别扫描等措施和金属锁,隐藏的路径、数字签名、加密、社会的障碍,和人类的监测自动化系统。在任何访问控制模型在,可以在系统中执行操作的实体称为科目,并且表示资源的访问
9、权限的可能需要控制的实体称为对象。主体和对象都应考虑的实体为软件,而不是人类用户人类的任何用户只能对他们所控制的实体软件对系统的影响。虽然一些系统将将主题定义用户ID,以便在默认情况下,由用户启动的所有进程都有相同的机构,这一级别的控制不能满足最小特权原则的。访问控制系统提供必要的服务标识和IMOREOVER,WEDISCUSSSOMETRUSTMODELSINP2PECOMMERCEBYANALYZINGTHEMAINFEATURESOFP2PECOMMERCE,WESUMUPSOMEDESIGNPRINCIPLESOFTRUSTMODELINP2PECOMMERCEWEPROVIDEATH
10、OROUGHOVERVIEWABOUTTHENETWORKSECURITYISSUESTHATSURROUNDECOMMERCEANDECOMMERCEAPPLICATIONSANDPROPOSEACORRESPONDINGRESEARCHFRAMEWORKFORSECURITYINECOMMERCEWEBELIEVETHATASLONGASTHESECURITYISSUESAREADEQUATELYADDRESSED,THEP2PECOMMERCEWOULDACHIEVEGREATSUCCESSINTHEFUTUREECOMMERCEMARKETSINCOMPARISONTOOTHERSEC
11、URITYMETHODSKEYWORDSCOMMUNICATIONSECURITY,NETWORKSECURITY,P2PMODEL,ECOMMERCESECURITY1INTRODUCTIONSECURITYHASBECOMEONEOFTHEMOSTIMPORTANTISSUESTHATMUSTBERESOLVEDFIRSTTOENSURESUCCESSOFELECTRONICCOMMERCEECOMMERCETHELOWCOSTANDWIDEAVAILABILITYOFTHEINTERNETFORBUSINESSESANDCUSTOMERSHASSPARKEDAREVOLUTIONINEC
12、OMMERCEANDANECOMMERCEAPPLICATIONMAYADDRESSONEORSEVERALPHASESOFATYPICALBUSINESSTRANSACTION,ANDTHEREEXISTVARIOUSPOSSIBILITIESTOMODELTHESEPHASESFOREXAMPLE,APOSSIBILITYISTODISTINGUISHFIVEPHASESOFABUSINESSTRANSACTIONFIRST,THEMERCHANTMAKESANOFFERFORSPECIFICINFORMATIONGOODSORSERVICESSECONDLY,ACCORDINGTOTHI
13、SOFFER,THECUSTOMERMAYSUBMITTHEREQUESTONLINETHIRDLY,THECUSTOMERMAKESAPAYMENTANDTHE7MERCHANTDELIVERSTHEGOODSORSERVICESTOTHECUSTOMERTHEHANDLINGOFTHEPAYMENTMAYINVOLVEMANYWAYS,SUCHASONLINEBANKING,POSTOFFICE,CASHONDELIVERYCODANDSOONMANYORGANIZATIONSAREEXPLOITINGTHEOPPORTUNITIESOFFEREDBYECOMMERCE,ANDMANYMO
14、REAREEXPECTEDTOFOLLOWEXEMPLARYAPPLICATIONSINCLUDEONLINESHOPPING,ONLINEBANKINGANDDISTANCEEDUCATION,ONLINEGAMEANDVIRTUALCASINOS,ASWELLASPAYTVANDVIDEOONDEMANDSERVICESMANYBUSINESSESANDCUSTOMERSARESTILLCAUTIOUSABOUTPARTICIPATINGINECOMMERCE,ANDSECURITYCONCERNSAREOFTENCITEDASBEINGTHESINGLEMOSTIMPORTANTBARR
15、IERTHISLOSSOFTRUSTONEXCHANGEONLINEISBEINGFUELLEDBYCONTINUEDSTORIESOFHACKERATTACKSONECOMMERCESITESANDCONSUMERDATAPRIVACYABUSEINTHISPAPER,WEDISCUSSSOMESECURITYRELATEDISSUESABOUTECOMMERCE,ESPECIALLYTHETRUSTMODELTHATCOULDBEUSEDINNEWGENERATIONOFECOMMERCEP2PECOMMERCEINTHERESTOFTHISPAPER,FIRSTLY,WEDISCUSSM
16、ORERECENTTECHNOLOGYANDSOMEBASICDEFINITIONNEXT,WESUMUPSOMEDESIGNPRINCIPLESOFTRUSTMODELINTRADITIONALECOMMERCEMODELANDP2PECOMMERCEWEHOPETHESEPRINCIPLESWILLBEHELPFULINESTABLISHINGAWEALTHYANDPROSPEROUSECOMMERCEPLATFORMBASEDONTRADITIONALORNEWP2PTECHNOLOGIES2WEBSERVICEANDSECURITY21WEBSERVICETHEWEBSERVICEIS
17、ABRANDNEWDISTRIBUTEDCOMPUTATIONALMODELUSINGTHESOASERVICEORIENTEDARCHITECTWHICHCOMPOSESOFTHREEPARTICIPANTSANDTHREEBASICOPERATIONSTHETHREEPARTICIPANTSARETHESERVICEPROVIDER,THESERVICEREQUESTERANDTHESERVICEBROKERTHETHREEBASICOPERATIONSAREPUBLISHING,SEARCHINGANDBINDINGALLTHESEACTONTHECOMPONENTANDSOFTWARE
18、MODULEOFTHEWEBSERVICEANDTHEIRDESCRIPTIONTHEFRAMEWORKOFTHESOAOFWEBSERVICEISSHOWNINFIGURE122SECURITYSPECIFICATIONINWEBSERVICENOWADAYS,THEMOSTAUTHORIZEDANDCOMPREHENSIVEWEBSERVICESECURITYSTANDARDISTHEWEBSERVICESSECURITYWSSECURITYPUBLISHEDJOINTLYBYMICROSOFT,IBMANDVERISIGNITISTHEFOUNDATIONOFTHEWEBSERVICES
19、ECURITYANDITALSOINTEGRATESTHECOMMONLYACCEPTEDSECURITYMODELS,MECHANISMANDTECHNICALSUPPORTSTHEPURPOSEOFWSSECURITYISTOENSURETHECOMPLETENESSANDCONFIDENTIALITYOFTHEDATAPROCESSINGWITHAPPLICATIONPROGRAMSBYWEBSERVICEANDTOPRESCRIBETHEEXTENSIONANDMESSAGEHEADEROF8THESOAPTHEWSSECURITYCOMBINESDIVERSESECURITYMODE
20、LS,CONFIGURATIONSANDTECHNIQUEITISONEOFTHESERVICEORIENTEDSTANDARDSPECIFICATIONSANYSYSTEMISABLETOENSURETOBEMUTUALLYCOMPATIBLEWITHOTHERSTHROUGHTHEPLATFORMANDTHEMETHODINDEPENDENTOFLANGUAGE23CLIENTSIDESECURITYISSUESFROMTHEUSERSPOINTOFVIEW,CLIENTSIDESECURITYISTYPICALLYTHEMAJORCONCERNINGENERAL,CLIENTSIDESE
21、CURITYREQUIRESTHEUSEOFTRADITIONALCOMPUTERSECURITYTECHNOLOGIES,SUCHASPROPERUSERAUTHENTICATIONANDAUTHORIZATION,ACCESSCONTROL,ANDANTIVIRUSPROTECTIONWITHREGARDTOCOMMUNICATIONSERVICES,THECLIENTMAYADDITIONALLYREQUIRESERVERAUTHENTICATIONANDNONREPUDIATIONOFRECEIPTINADDITION,SOMEAPPLICATIONSMAYREQUIREANONYMI
22、TYEG,ANONYMOUSBROWSINGONTHEWEBTHEDATAANALYSISONCOMMONONLINEBANKSINSHOWSTHATTHECLIENTSIDESECURITYPROTECTIONFORONLINEBANKINGDOESNEEDIMPROVEMENTMOSTBANKSUSESINGLECIPHERSECURITYSETTINGSYSTEMISVULNERABLETOVIRUSANDCYBERATTACKSONEOFTHEIMPORTANTCHARACTERISTICOFONLINEBANKINGISTHATITCANOFFERSAFEANDPERSONALIZE
23、DCUSTOMERSERVICEANYTIME,ANYWHEREANDANYHOWWITHOUTSOUNDSECURITYPROTECTIONWILLCAUSEONLINEBANKINGTRANSACTIONFAILCLIENTSIDESAFETYPROTECTIONISTHEWEAKESTPARTFORONLINEBANKINGSERVICEPROVIDERSTHEAPPLICATIONOFENCRYPTIONTOPROVIDEAUTHENTICATIONANDPRIVACYOFONLINETRANSACTIONS,STRONGCRYPTOGRAPHYPROVIDESTHEBASISFORA
24、CHIEVINGACCESSCONTROL,TRANSACTIONAUTHORIZATIONDATAINTEGRITYANDACCOUNTABILITY24SERVERSIDESECURITYISSUESCONTRARYTOTHAT,SERVERSIDESECURITYISTYPICALLYTHEMAJORCONCERNFROMTHESERVICEPROVIDERSPOINTOFVIEWSERVERSIDESECURITYREQUIRESPROPERCLIENTAUTHENTICATIONANDAUTHORIZATION,NONREPUDIATIONOFORIGIN,SENDERANONYMI
25、TYEG,ANONYMOUSPUBLISHINGONTHEWEB,AUDITTRAILANDACCOUNTABILITY,ASWELLASRELIABILITYANDAVAILABILITYTHEGENERALSERVERSIDESECURITYSYSTEMISDEPICTEDONFIGURE225TRANSACTIONSECURITYISSUESTRANSACTIONSECURITYISEQUALLYIMPORTANTFORBOTHTHECLIENTANDTHESERVERSIDETRANSACTIONSECURITYREQUIRESVARIOUSSECURITYSERVICES,SUCHA
26、SDATAAUTHENTICATION,ACCESSCONTROL,DATACONFIDENTIALITY,DATAINTEGRITY,ANDNONREPUDIATIONSERVICESINADDITION,9CERTAINAPPLICATIONSMAYALSOREQUIRETRANSACTIONANONYMITYGUARANTEESFIGURE3SHOWSTHEDATAPROCESSOFGENERALONLINEBANKINGSYSTEM3EXISTINGECOMMERCESECURITYTECHNOLOGIESANUMBEROFUSEFULECOMMERCESECURITYTECHNOLO
27、GIESEXISTBUTARENOTWELLKNOWNORWELLDISTRIBUTEDINMAINLINESOFTWAREPROJECTSTHISINITIATIVEWILLCOMPLETE,PORT,ANDDISTRIBUTEANUMBEROFEXISTINGSECURITYTECHNOLOGIESTOINCREASETHEIREFFECTONTHESECURITYOFECOMMERCEINTHEPAST,SEVERALNETWORKSECURITYTECHNOLOGIESHAVEBEENDEVELOPEDANDDEPLOYEDINADDITIONTOPHYSICALSECURITYMEA
28、SURES,SUCHASDEDICATEDCOMMUNICATIONLINKSANDMECHANICALLOCKS,NETWORKSECURITYTECHNOLOGIESTYPICALLYADDRESSACCESSCONTROLANDCOMMUNICATIONSECURITY31ACCESSCONTROLTHEFIRSTANDMOSTOBVIOUSNETWORKSECURITYCONCERNADDRESSESACCESSCONTROLINPHYSICALSECURITY,THETERMACCESSCONTROLREFERSTOTHEPRACTICEOFRESTRICTINGENTRANCETO
29、APROPERTY,ABUILDING,ORAROOMTOAUTHORIZEDPERSONSPHYSICALACCESSCONTROLCANBEACHIEVEDBYAHUMANAGUARD,BOUNCER,ORRECEPTIONIST,THROUGHMECHANICALMEANSSUCHASLOCKSANDKEYS,ORTHROUGHTECHNOLOGICALMEANSSUCHASACARDACCESSSYSTEMTHEREARESEVERALTECHNOLOGIESTHATCANBEUSEDTOCONTROLACCESSTOINTRANETANDINTERNETRESOURCESACCESS
30、CONTROLINCLUDESAUTHENTICATION,AUTHORIZATIONANDAUDITITALSOINCLUDESMEASURESSUCHASPHYSICALDEVICES,INCLUDINGBIOMETRICSCANSANDMETALLOCKS,HIDDENPATHS,DIGITALSIGNATURES,ENCRYPTION,SOCIALBARRIERS,ANDMONITORINGBYHUMANSANDAUTOMATEDSYSTEMSINANYACCESSCONTROLMODEL,THEENTITIESTHATCANPERFORMACTIONSINTHESYSTEMARECA
31、LLEDSUBJECTS,ANDTHEENTITIESREPRESENTINGRESOURCESTOWHICHACCESSMAYNEEDTOBECONTROLLEDARECALLEDOBJECTSSUBJECTSANDOBJECTSSHOULDBOTHBECONSIDEREDASSOFTWAREENTITIES,RATHERTHANASHUMANUSERSANYHUMANUSERCANONLYHAVEANEFFECTONTHESYSTEMVIATHESOFTWAREENTITIESTHATTHEYCONTROLALTHOUGHSOMESYSTEMSEQUATESUBJECTSWITHUSERI
32、DS,SOTHATALLPROCESSESSTARTEDBYAUSERBYDEFAULTHAVETHESAMEAUTHORITY,THISLEVELOFCONTROLISNOTFINEGRAINEDENOUGHTOSATISFYTHEPRINCIPLEOFLEASTPRIVILEGEACCESSCONTROLSYSTEMSPROVIDETHEESSENTIALSERVICESOFIDENTIFICATIONANDAUTHENTICATIONI2AUTHORIZATIONDETERMINESWHATASUBJECTCANDO3ACCOUNTABILITYIDENTIFIESWHATASUBJEC
33、TORALLSUBJECTSASSOCIATEDWITHAUSERDIDINSUMMARY,ACCESSCONTROLTECHNOLOGIESANDCORRESPONDINGSECURITYMECHANISMSAREWELLUNDERSTOODANDWIDELYDEPLOYEDFORMANYACCESSCONTROLSYSTEM332COMMUNICATIONSECURITYCOMMUNICATIONSSECURITYCOMSECISTHATMEASURESANDCONTROLSTAKENTODENYUNAUTHORIZEDPERSONSINFORMATIONDERIVEDFROMTELECO
34、MMUNICATIONSANDENSURETHEAUTHENTICITYOFSUCHTELECOMMUNICATIONS115COMMUNICATIONSSECURITYINCLUDESCRYPTOSECURITY,TRANSMISSIONSECURITY,EMISSIONSECURITY,TRAFFICFLOWSECURITYANDPHYSICALSECURITYOFCOMSECEQUIPMENT1CRYPTOSECURITYTHECOMPONENTOFCOMMUNICATIONSSECURITYTHATRESULTSFROMTHEPROVISIONOFTECHNICALLYSOUNDCRY
35、PTOSYSTEMSANDTHEIRPROPERUSETHISINCLUDESINSURINGMESSAGECONFIDENTIALITYANDAUTHENTICITY2EMISSIONSECURITYEMSECPROTECTIONRESULTINGFROMALLMEASURESTAKENTODENYUNAUTHORIZEDPERSONSINFORMATIONOFVALUEWHICHMIGHTBEDERIVEDFROMINTERCEPTANDANALYSISOFCOMPROMISINGEMANATIONSFROMCRYPTOEQUIPMENT,AUTOMATEDINFORMATIONSYSTE
36、MSCOMPUTERS,ANDTELECOMMUNICATIONSSYSTEMS3PHYSICALSECURITYTHECOMPONENTOFCOMMUNICATIONSSECURITYTHATRESULTSFROMALLPHYSICALMEASURESNECESSARYTOSAFEGUARDCLASSIFIEDEQUIPMENT,MATERIAL,ANDDOCUMENTSFROMACCESSTHERETOOROBSERVATIONTHEREOFBYUNAUTHORIZEDPERSONS4TRANSMISSIONSECURITYTRANSECTHECOMPONENTOFCOMMUNICATIO
37、NSSECURITYTHATRESULTSFROMTHEAPPLICATIONOFMEASURESDESIGNEDTOPROTECTTRANSMISSIONSFROMINTERCEPTIONANDEXPLOITATIONBYMEANSOTHERTHANCRYPTANALYSISEGFREQUENCYHOPPINGANDSPREADSPECTRUM4P2PECOMMERCETHEGOALOFP2PECOMMERCEISTOPRESENTALONGPERSPECTIVEONTHEEVOLUTIONARYANEW,FINEGRAINEDTYPEOFECOMMERCEONTHEINTERNETINP2
38、PECOMMERCE,THEUSERSARENOTJUST“BUYERS”,BUT“SELLERS”TOOTRUSTESTABLISHMENTBETWEENSTRANGERSISPARTICULARLY11IMPORTANTINTHECONTEXTOFECOMMERCEINP2PECOMMERCE,HOWTOBUILDANEFFECTIVETRUSTMODELINUSERNODESANDHELPUSERNODESTOPREVENTTRANSACTIONWITHMALICIOUSPEERSAREIMPERATIVEBEFOREP2PECOMMERCECANBETRULYREALIZEDTRUST
39、PLAYSAVERYIMPORTANTROLEINP2PNETWORKSFORENABLINGPEERSTOSHARERESOURCESANDSERVICESCREDIBLY,ANDTRUSTREFLECTSACOMPREHENSIVEEVALUATIONOFONEUSERTOANOTHERUSERSBEHAVIORSASWELLASABILITYTHEREAREMANYDEFINITIONSOFTRUSTINTHISPAPER,TRUSTISTHECONFIDENCEOFANENTITYTRUSTORONANOTHERENTITYTRUSTEEBASEDONTHEEXPECTATIONTHA
40、TTHETRUSTEEWILLPERFORMAPARTICULARACTIONIMPORTANTTOTHETRUSTOR,IRRESPECTIVEOFTHEABILITYTOMONITORORCONTROLTHETRUSTEETHEREAREMANYWAYSTOCATEGORYTRUSTMODELS3IACCORDINGTODIFFERENTTRUSTMECHANISM,THETRUSTMODELCANBECLASSIFIEDINTOIDENTITYBASEDTRUSTMODEL,ROLEBASEDTRUSTMODEL,AUTOMATEDTRUSTNEGOTIATIONMODEL,ANDREP
41、UTATIONBASEDTRUSTMODELIIACCORDINGTOCOLLECTIONMETHODSOFTRUSTVALUE,THETRUSTMODELCANBEDIVIDEDINTOTWOCATEGORIESPARTIALLYPEERREPUTATIONMODELANDWHOLLYPEERREPUTATIONMODELIIIACCORDINGTOALGORITHMSTHATCOMPUTETRUST,THETRUSTMODELCANBECLASSIFIEDINTODIFFERENTMODELS,SUCHASMULTIFACTORBASEDTRUSTMODEL,BAYESIANBASEDTR
42、USTMODEL,ANDNEURALNETWORKBASEDTRUSTMODEL5ECOMMERCESECURITYRESEARCHFRAMEWORKREFERRINGTOTHEADDITIONALREQUIREMENTSTHATADDRESSTHECOMPLEXITYANDAVAILABILITYOFCRYPTOGRAPHICAPPLICATIONS,THEANONYMITYOFPARTICIPATINGPEERS,THEAUTONOMYOFMOBILECODE,ANDTHEMANAGEABILITYOFTRUST,THEFOLLOWINGRESEARCHFRAMEWORKOFSECURIT
43、YOFECOMMERCEMAYBEDERIVED51COMPLEXITYFIRSTANDFOREMOST,AFRAMEWORKMUSTBEDEVELOPEDINWHICHPOSSIBLEATTACKSAGAINSTCRYPTOGRAPHICPRIMITIVESALGORITHMS,PROTOCOLS,ANDAPPLICATIONSCANBEEXPLOREDANDSYSTEMATICALLYINVESTIGATEDNOTETHATTHECOEXISTENCEOFMULTIPLEPARTIESANDMULTIPLEPROTOCOLSINANECOMMERCEAPPLICATIONOFFERSNEW
44、POSSIBILITIESTOATTACKTHESYSTEMSINVOLVED5INADDITION,PROVABLYSECURECRYPTOGRAPHICPRIMITIVESMUSTBEDEVELOPED,ANDITMUSTBECLARIFIEDWHATPROVABLYSECUREACTUALLYMEANSINTHISFRAMEWORKFINALLY,RESEARCHMUSTADDRESSANDELABORATEONNEWSECURITYTECHNOLOGIES,SUCHASQUANTUM12CRYPTOGRAPHY,ANDSTUDYTHEIMPLICATIONSOFEVOLVINGTECH
45、NOLOGIES,SUCHASQUANTUMCOMPUTINGORDNSCOMPUTING,TOTHECRYPTANALYTICALSTRENGTHANDSECURITYOFEXISTINGCRYPTOGRAPHICPRIMITIVES52ANONYMITYFORCERTAINECOMMERCEAPPLICATIONS,ITWILLBENECESSARYTODEVELOPTECHNIQUESTHATCANBEUSEDTOPROVIDE1RECEIVERANONYMITYSERVICESEG,ANONYMOUSBROWSINGONTHEWEB2SENDERANONYMITYSERVICESEG,
46、ANONYMOUSPUBLISHINGONTHEWEB3TRANSACTIONANONYMITYSERVICESEG,MILITARYAPPLICATIONSANDSTOCKTRADEBROKERSYSTEMSTHEREARESEVERALTECHNIQUESUNDERINVESTIGATIONTHATCANBEUSEDTOPROVIDETHEANONYMITYSERVICESMENTIONEDABOVETHESETECHNIQUESMUSTBEFURTHERREFINEDANDEXPLOREDINREALWORLDAPPLICATIONSFURTHERMORE,ITWILLBEIMPORTA
47、NTTOSTUDYTHERELATIONSHIPBETWEENANONYMITYSERVICESANDOTHERSECURITYSERVICES,SUCHASACCESSCONTROLANDPEERENTITYAUTHENTICATIONSERVICES6CONCLUSIONALOTOFRESEARCHONECOMMERCESECURITYISGOINGONANDMANYSECURITYPRODUCTSANDSYSTEMSOFECOMMERCEAREBEINGDEVELOPEDANDMARKETEDINTHISSITUATION,ITISIMPORTANTTONOTETHATSECURITYI
48、SASYSTEMPROPERTYOFTHEECOMMERCETHEBESTWECANDOISTOSHOWTHATASPECIFICSYSTEMISRESISTANTAGAINSTASETOFWELLKNOWNATTACKSINADDITION,THISPAPERHASDISCUSSEDSOMESECURITYRELATEDISSUESCONCERNINGAUTHENTICATION,AUTHORIZATION,CONFIDENTIALITY,NONREPUDIATION,ANDTRUSTMODELINP2PECOMMERCEWESUMMARIZETHEFUTUREP2PECOMMERCEASF
49、OLLOWSITHETRADITIONALAUTHENTICATIONMECHANISMISBASEDONIDENTITYTOPROVIDESECURITYORACCESSCONTROLMETHODSINADDITION,TRADITIONALENCRYPTIONANDAUTHENTICATIONALGORITHMREQUIREHIGHCOMPUTINGPOWEROFCOMPUTEREQUIPMENTTHEREFORE,HOWTOIMPROVETHEAUTHENTICATIONMECHANISMANDOPTIMIZETHETRADITIONALENCRYPTIONANDAUTHENTICATIONALGORITHMMAYBETHEFOCUSOFP2PECOMMERCEIIEFFECTIVETRUSTMODELSCANFACILITATEINIMPROVINGUSERTRUSTINP2PECOMMERCEVERSUSTHETRADITIONALMETHODTHATMENTIONEDINTHISPAPER13IIISECURITYRELATEDISSUESSHOULDBERESEARCHEDEXTENSIVELYFORP2PECOMMERCEINCOMPARISONTOTRADITIONALMETHODCONSEQUENTLY,SECURITYENGINEERINGINVOLVE
Copyright © 2018-2021 Wenke99.com All rights reserved
工信部备案号:浙ICP备20026746号-2
公安局备案号:浙公网安备33038302330469号
本站为C2C交文档易平台,即用户上传的文档直接卖给下载用户,本站只是网络服务中间平台,所有原创文档下载所得归上传人所有,若您发现上传作品侵犯了您的权利,请立刻联系网站客服并提供证据,平台将在3个工作日内予以改正。