1、本科毕业论文外文翻译外文文献译文商业银行的电子商务安全风险分析和风险管理策略李波,徐从伟北京航空航天大学经济管理学院,北京,中国摘要随着商业银行的在线商务活动和环境管理及操作模式的巨大变化,使得传统的风险管理面临挑战,不管从实践上还是理论上,电子商务的风险管理变得尤为重要。本文介绍了商业银行的几种电子商务安全风险,并仔细分析了两种测量和评估电子商务风险的方法。然后定位在商业银行的电子商务风险管理策略上。最后,指出基于中国商业银行能达到的并能应用的安全框架风险分析模式和管理策略。关键词电子商务;商业银行;风险分析;管理策略I介绍随着商业银行的在线商务活动的发展,电子商务安全变得越来越重要。如何建
2、立安全便利的电子商务应用环境并提供强力的信息安全保障已经成为商业银行的焦点。在技术及风险管理高度发达的美国,每年的电子商务安全风险损失大约为750亿美元12。商业银行面临风险多种多样。电子商务的出现不仅增加了给类型潜在的风险及危害,也在金融服务领域带来了新的风险34。对于商业银行的电子商务风险管理,西方发达国家的研究与实践积累了丰富的经验和大量的标准规范,然而,在中国,商业银行电子商务的研究与实践却相对落后。II商业银行面临的电子商务安全风险由于互联网自身的复杂性及脆弱性,商业银行发展基于互联网为基础的电子商务面临严重的安全问题56。一般的,安全风险如下几种A信息篡改借助于各种技术及方式,网络
3、攻击者常篡改和毁坏网络软件并破坏信息系统,他们常复制,篡改,删除或插入传输信息来进行暗中破坏。B数据访问风险该风险主要是未经授权的数据修改和删除以及商业银行员工的错误操作所带来的结果。C虚假信息当侵入者掌握了商业银行网络信息及商业信息的规律,他们能成为合法用户或者能使用虚假信息来欺骗其他用户。D在线支付风险网上支付被认为是限制中国商业银行电子商务发展的关键因素之一,因为许多客户担心安全性问题并拒绝使用在线支付。III风险分析方法依据各种定性及定量方法,风险分析能确定电子商务安全风险的关键元素,并评估其在电子商务系统方面的影响。这样电子商务项目实施人员可以专注于主要风险,并从整体上有效控制电子商
4、务系统。下面讨论两种类型的风险分析方法。A风险矩阵风险矩阵是最为直接、有效的风险分析方法7。风险发生概率和损失的资产分别作为水平的行和列,程度用很高,高、中、低和较低表示。框内的数字表示风险。假定风险概率和损失程度从高到低为10到0,分别为10、8、6、4、2,则风险为两因素的结果。风险分析矩阵如下表1所示。B基于CIM的风险分析1梯形模糊数在域X,梯形模糊数如下2CIM模型在域X,梯形模糊数如下CIM模型控制区间和存储器模型是一种由美国学者库珀和查普曼提出的风险分析模型8。有两种类型串行反应模型和并行反应模型,并分别提出了串行或并行的多变量概率分布。如果一个事件有N个发生风险的因素,并且每个
5、因素对事件的影响是单独的,则具有N个危险因素的概率分布模型称为并行反应模型。如果一个事件有N个发生的风险因素,仅N个风险因素全部发生时才影响事件,则N个危险因素的概率分布模型称为串行反应模型。3基于CIM模型的商业银行电子商务风险评估风险用风险概率函数表示,即RFP,I,当R表示风险、P表示风险发生的概率,I表示风险的影响因素。针对所有危险因素的特点,CIM模型应用于商业银行的电子商务风险评估如下9A构建风险因素集和判断集建立风险因素集和判断集,并根据不同的风险概率和风险影响建立不同的判断集。假定风险因素集FIF1,F2,,,FNI1、2、3和判断集JJ1,J2,JM,定性的评估可以借助于梯形
6、模糊数表示。B量化风险因素的模糊评估专家评价方法被用来确定商业银行潜在的风险因素及风险因素的危害的评估。模糊评估风险因素是运用模糊数学方法来获得个体风险的潜在因素及其影响。同时统计个体风险因素的期望并判断个体风险因素。CCIM计算CIM模型被用来计算概率分布范围和所有类型的电子商务风险对商业银行整体风险的期望,其中还可以计算出评估商业银行的电子商务风险的影响,分布范围。IV商业银行面临的电子商务风险管理策略由于电子商务安全的重要性,商业银行很有必要提供完全有效的电子商务风险管理策略来预测和有效控制其可能遇到的风险5,10。策略主要包括如下几种A物理安全物理安全是电子商务系统安全的前提。它能保护
7、计算机系统,电子商务服务器,通信线路等各类风险。B病毒监视防火墙技术能对各类站点提供安全,控制和鉴别进入站点的数据作用,在病毒的规则侦查,抗病毒和动态维护方面效果良好。C数据防御对于具有电子商务系统的许多商业银行,数据是他们的重要财产,因此数据被窃或受损将导致不可弥补的损失。所以,加强电子商务贸易和相关数据的安全保护具有重大意义。D应用防御加强应用是安全模型的整体部分。作为加强保护操作系统可能只提供一些保护,电子商务系统开发商有责任提供具有特殊保护的访问。E内部控制系统的创立内部控制系统主要包括组织控制系统,发展和维护控制系统,数据存取控制和数据备份系统、应用控制系统和每日管理系统。同时,安全
8、审计应用于商业银行电子商务系统的安全系统的全面评估,并应用于风险预测来提高商业银行的安全,并建立紧急应对风险的机制。F人员培训商业银行投资实施电子商务需要大量既懂计算机网络知识又懂企业的知识、法律和章程人才,因此商业银行应该招聘或训练这种人才以促进电子商务的迅速发展。G改革管理策略为了保障信息系统审计和外在信息评估安全,商业银行必须创造条件加强在风险管理部门和电子商务部门之间的合作和采取有些措施预防各种各样的风险11。商业银行必须把重点放在传统财政风险和电子商务安全风险的统一上,并持续改进风险管理部门控制管理整体风险的能力。V结束语商业银行的电子商务安全已经成为一个重要问题。应该全面地了解电子
9、商务风险,并且必要的措施采取使被造成的损失减到最小和防止不必要的银行损失。根据安全风险管理,这篇文章分析商业银行电子商务的安全风险,然后介绍基于CIM的模型和风险矩阵分析方法,最后探讨电子商务风险管理战略,将帮助商业银行执行电子商务活动。电子商务安全风险分析和管理策略的研究为中国商业银行提供一个可利用的安全框架来实施电子商务并处理风险。参考文献1WANGLIPING,“STUDYOFTHEELECTRONICBUSINESSSECURITYRISKMANAGEMENTINCOMMERCIALBANKS”,JOURNALOFZHONGNANUNIVERSITYOFECONOMICSANDLAW,
10、2007,1PP75782LUISNAVARRO,“INFORMATIONSECURITYRISKSANDMANAGEDSECURITYSERVICE”,INFORMATIONSECURITYTECHNICALREPORT,2001,63PP28363HAREC,INTERNETFIREWALLSANDNETWORKSECURITY,NEWYORKNEWRIDERSPUBLISHING,20024THOMASFINNE,“INFORMATIONSYSTEMSRISKMANAGEMENTKEYCONCEPTSANDBUSINESSPROCESS”,COMPUTERANDSECURITY,2000
11、,19PP2342425LINLIMINGANDLIXINCHUN,“ECOMMERCESECURITYRISKMANAGEMENT”,COMPUTERANDINFORMATIONTECHNOLOGY,2006,3PP95976LIUNIANZU,ZHANGMINGANDNALICHUN,“TECHNOLOGICALRISKMANAGEMENTOFECOMMERCE”,CHINAMANAGEMENTINFORMATIONIZATION,2006,910PP537GAOXINYAANDZOUJING,“RISKANALYSISANDMANAGEMENTOFECOMMERCESECURITY”,J
12、OURNALOFWUTINFORMATIONANDMANAGEMENTENGINEERING,2005,274PP2558CBCHAPMAN,DALEFCOOPER,“RISKENGINEERINGBASICCONTROLLEDINTERVALANDMEMORYMODELS”,JOURNALOFOPERATIONALRESEARCHSOCIETY,VOL34,PP1261299ZHANGZEHONG,“ECOMMERCETECHNOLOGYRISKASSESSMENT”,MARKETMODERNIZATION,2007,11PP17517710FENGRENDEANDTUZHISHOU,“EC
13、OMMERCERISKANALYSISANDPREVENTION”,GROUPECONOMY,2006,15PP25825911LIZHIPING,“ONTHEIMPROVEMENTOFEBUSINESSSECURITYMANAGEMENTSTRATEGIESINCOMMERCIALBANKS”,COMMERCIALRESEARCH,2008,3PP214216ECOMMERCESECURITYRISKANALYSISANDMANAGEMENTSTRATEGIESOFCOMMERCIALBANKSLIBO,XUCONGWEISCHOOLOFECONOMICSANDMANAGEMENT,BEIJ
14、INGUNIVERSITYOFAERONAUTICSANDASTRONAUTICS,BEIJING100083,CHINAYJSLIBO126COMABSTRACTWITHTHERAPIDONLINEBUSINESSDEVELOPMENTOFTHECOMMERCIALBANKSANDTHEGREATCHANGESOFMANAGEMENTCIRCUMSTANCESANDOPERATINGMODESWHICHMAKETHETRADITIONALRISKMANAGEMENTCONFRONTEDWITHCHALLENGES,THEECOMMERCERISKMANAGEMENTBECOMESANIMPO
15、RTANTISSUEOFTHEORYANDPRACTICETHISPAPEROUTLINESSEVERALKINDSOFECOMMERCESECURITYRISKSOFCOMMERCIALBANKS,ANDANALYZESINDETAILTWOKINDSOFRISKANALYSISMETHODSOFTHEECOMMERCESECURITYWHICHMEASUREANDASSESSTHEECOMMERCESECURITYRISKANDTHENTHERISKMANAGEMENTSTRATEGIESOFECOMMERCESECURITYOFTHECOMMERCIALBANKSAREADDRESSED
16、INTHEEND,ITISPOINTEDOUTTHATTHESTUDYOFTHERISKANALYSISMETHODSANDTHEMANAGEMENTSTRATEGIESPROVIDESANAVAILABLESECURITYFRAMEWORKFORCHINESECOMMERCIALBANKSTOIMPLEMENTTHEECOMMERCEANDMANAGETHERISKKEYWORDSECOMMERCECOMMERCIALBANKSRISKANALYSISMANAGEMENTSTRATEGIESIINTRODUCTIONWITHTHEONLINEBUSINESSDEVELOPMENTOFCOMM
17、ERCIALBANKS,ECOMMERCESECURITYBECOMESMOREANDMOREOUTSTANDINGHOWTOCREATETHESAFEANDCONVENIENTECOMMERCEAPPLICATIONENVIRONMENTANDPROVIDETHESTRONGPROTECTIONOFINFORMATIONSECURITYHASBECOMEAFOCUSOFCOMMERCIALBANKSINUNITEDSTATESWITHTHEHIGHLEVELOFTECHNOLOGYANDRISKMANAGEMENT,THEECONOMICLOSSESEACHYEARAREABOUT75BIL
18、LIONDOLLARSASARESULTOFECOMMERCESECURITYRISK12COMMERCIALBANKSAREFACEDWITHVARIOUSRISKSTHEEMERGENCEOFECOMMERCEMAYNOTONLYAGGRAVATETHEOCCURRENCEPOSSIBILITYANDTHEDAMAGEOFVARIOUSTYPESOFRISKS,BUTALSOBRINGNEWRISKSINTHEAREAOFFINANCIALSERVICES34WITHREGARDTOECOMMERCERISKMANAGEMENTOFCOMMERCIALBANKS,THEWESTERNDEV
19、ELOPEDCOUNTRIESBYRESEARCHANDPRACTICE,HAVEACCUMULATEDRICHEXPERIENCESANDALOTOFSTANDARDIZEDNORMS,HOWEVER,THERESEARCHANDPRACTICEOFECOMMERCERISKMANAGEMENTINCHINESECOMMERCIALBANKSARERELATIVELYBACKWARDIIECOMMERCESECURITYRISKSCOMMERCIALBANKAREFACEDWITHDUETOTHECOMPLEXITYANDVULNERABILITYOFTHEINTERNET,THEECOMM
20、ERCEDEVELOPMENTOFCOMMERCIALBANKSBASEDONINTERNETISFACEDWITHSERIOUSSECURITYPROBLEMS56USUALLY,THEREARESEVERALKINDSOFSECURITYRISKSASFOLLOWSAINFORMATIONTAMPERINGBYAVARIETYOFTECHNICALWAYSANDMEANS,NETWORKATTACKERSUSUALLYTAMPERWITHANDDESTROYTHEINTERNETSOFTWAREMAKETHEINFORMATIONSYSTEMFAIL,ANDTHEYALSOOFTENCOP
21、Y,TAMPERWITH,DELETEORINSERTTRANSMITTINGINFORMATIONINORDERTOUNDERMINETHEINTEGRITYOFINFORMATIONBDATAACCESSRISKDATAACCESSRISKMAINLYISTHERESULTOFBOTHTHEDATAREVISIONANDDELETIONFROMTHEUNAUTHORIZEDACCESSTOTHEDATABASESYSTEMANDTHEOPERATIONALMISTAKESOFTHESTAFFINTHECOMMERCIALBANKSCFAKEINFORMATIONWHENATTACKERSM
22、ASTERTHELAWOFNETWORKINFORMATIONORDECRYPTBUSINESSINFORMATIONOFBANKS,THEYCANBECOMELEGITIMATEUSERSOFCOUNTERFEITORUSEFAKEINFORMATIONTODECEIVEOTHERUSERSDONLINEPAYMENTRISKONLINEPAYMENTHASALWAYSBEENREGARDEDASTHEMOSTCRITICALFACTORRESTRICTINGTHEECOMMERCEDEVELOPMENTOFCHINESEBANKS,BECAUSEMANYCUSTOMERSWORRYABOU
23、TTHESECURITYANDREFUSETOUSEONLINEPAYMENTIIIRISKANALYSISMETHODSWITHAVARIETYOFQUALITATIVEANDQUANTITATIVEMETHODS,THERISKANALYSISDETERMINESTHEIMPORTANCEOFELEMENTSOFECOMMERCESECURITYRISKS,ANDASSESSESITSIMPACTONALLASPECTSOFTHEECOMMERCESYSTEM,SOTHATSTAFFOFTHEECOMMERCEPROJECTIMPLEMENTATIONCANFOCUSONMAJORRISK
24、S,ANDCONTROLEFFECTIVELYTHEECOMMERCESYSTEMRISKASAWHOLETWOTYPESOFRISKANALYSISMETHODSAREDISCUSSEDINTHEFOLLOWINGARISKMATRIXRISKMATRIXISTHEMOSTDIRECTANDEFFECTIVEWAYOFRISKANALYSIS7THEOCCURRENCEPROBABILITYOFRISKANDTHELOSSOFASSETSARERESPECTIVELYREGARDEDASTHELEVELSOFROWSANDCOLUMNS,WITHTHEDEGREEHIGHER,HIGH,ME
25、DIUM,LOWANDLOWERTHENUMBERATTHECROSSOFTHEMATRIXSHOWSTHERISKSUPPOSINGTHATRISKPROBABILITYANDLOSSDEGREEAREINTHELOWERORDERFROM10TO0,RESPECTIVELY10,8,6,4,2,THENTHERISKISTHEPRODUCTOFTWOFACTORSRISKANALYSISMATRIXISSHOWNINTABLEIBRISKANALYSISBASEDONCIM1TRAPEZOIDALFUZZYNUMBERINTHEDOMAINX,THETRAPEZOIDALFUZZYNUMB
26、ERISASFOLLOWS2CIMMODELCIMMODELCONTROLLEDINTERVALANDMEMORYMODELISAKINDOFRISKANALYSISMODELPUTFORWARDBYAMERICANSCHOLARSCOOPERANDCHAPMAN8THEREARETWOTYPESTHESERIALRESPONSEMODELANDTHEPARALLELRESPONSEMODEL,WHICHWERERESPECTIVELYTHESERIALORPARALLELSUMOFVARIABLEPROBABILITYDISTRIBUTIONIFANEVENTHASNRISKFACTORSA
27、NDTHEOCCURRENCEOFEACHFACTORWILLSEPARATELYINFLUENCETHEEVENT,THENTHEPROBABILITYDISTRIBUTIONMODELWITHNRISKFACTORSISCALLEDSERIALRESPONSEMODELIFANEVENTHASNRISKFACTORSANDONLYTHEOCCURRENCEOFALLOFNRISKFACTORSWILLINFLUENCETHEEVENT,THENTHEPROBABILITYDISTRIBUTIONMODELWITHNRISKFACTORSISCALLEDPARALLELRESPONSEMOD
28、EL3ECOMMERCERISKASSESSMENTOFCOMMERCIALBANKSBASEDONCIMMODETHERISKISINDICATEDBYAFUNCTIONOFTHEPROBABILITYOFRISKEVENTANDITSIMPACT,THATIS,RFP,I,WHERERSHOWSRISK,PTHEPROBABILITYOFRISKEVENTS,ANDITHEIMPACTOFRISKINCIDENTSINVIEWOFTHECHARACTERISTICOFALLRISKFACTORSINECOMMERCEOFCOMMERCIALBANKS,THECIMMODELISAPPLIE
29、DTOECOMMERCERISKASSESSMENTOFCOMMERCIALBANKSASFOLLOWS9ACONSTRUCTINGRISKFACTORSETSANDJUDGEMENTSETSRISKFACTORSETSANDJUDGEMENTSETSOFBANKECOMMERCEARECONSTRUCTED,ANDDIFFERENTJUDGEMENTSETSCANBEESTABLISHEDFORTHEOCCURRENCEPROBABILITYOFRISKFACTORSANDTHEIMPACTOFRISKFACTORSASSUMPTIONTHATTHERISKFACTORSETISFIF1,F
30、2,FNI1,2,3ANDTHEJUDGEMENTSETISJJ1,J2,JM,THEQUALITATIVECOMMENTSINTHEJUDGEMENTSETAREEXPRESSEDBYTRAPEZOIDFUZZYNUMBERBQUANTIFYINGTHEFUZZYEVALUATIONOFRISKFACTORSTHEEXPERTEVALUATIONMETHODISUSEDTODETERMINEFUZZYEVALUATIONOFTHEJUDGEMENTSETOFTHEOCCURRENCEPROBABILITYOFRISKFACTORSANDTHEIMPACTOFRISKFACTORSOFCOMM
31、ERCIALBANKSFUZZYEVALUATIONOFRISKFACTORSBYTHEFUZZYWAYISPROCESSEDTOGETTHEPROBABILITYDISTRIBUTIONRANGEANDTHEIMPACTDISTRIBUTIONRANGE,ATTHESAMETIMECALCULATEEXPECTATIONSOFINDIVIDUALRISKFACTORJUDGINGTHEINDIVIDUALRISKFACTORCCIMCALCULATIONCIMMODELISUSEDTOCALCULATETHEPROBABILITYDISTRIBUTIONRANGEANDTHEIMPACTDI
32、STRIBUTIONRANGEOFALLTYPESOFECOMMERCERISKSOFCOMMERCIALBANKS,BYWHICHTHEEXPECTATIONOFTHEOVERALLRISKCANBECALCULATEDTOASSESSTHEECOMMERCERISKOFCOMMERCIALBANKSIVECOMMERCERISKMANAGEMENTSTRATEGIESOFCOMMERCIALBANKSBECAUSEOFTHEIMPORTANCEOFECOMMERCESECURITY,ITISNECESSARYFORCOMMERCIALBANKSTOBEPROVIDEDWITHTHECOMP
33、LETEANDEFFECTIVEECOMMERCERISKMANAGEMENTSTRATEGYTOFORECASTANDCONTROLEFFECTIVELYTHERISKSWHICHCOMMERCIALBANKSPROBABLYARECONFRONTEDWITH5,10THESTRATEGIESMAINLYINCLUDETHEFOLLOWINGAPHYSICALSECURITYPHYSICALSECURITYISAPREREQUISITEFORTHESECURITYOFECOMMERCESYSTEMSITCANPROTECTCOMPUTERSYSTEM,ECOMMERCESERVER,COMM
34、UNICATIONSLINKSANDSOONFROMTHEVARIOUSRISKSBVIRUSSURVEILLANCETHEFIREWALLTECHNOLOGYCANPROVIDESECURITY,CONTROLANDIDENTIFYTHEACCESSESTOAVARIETYOFSITES,ANDITALSODOESAGOODJOBINTHEREGULARDETECTIONOFVIRUS,THEANTIVIRUS,ANDTHEDYNAMICGUARDCDATADEFENSEFORMANYCOMMERCIALBANKSCARRYINGOUTECOMMERCE,THEDATAARETHEIRIMP
35、ORTANTASSETS,SOTHESTEALORDAMAGEOFDATAWILLLEADTOIRREPARABLELOSSESTHEREFORE,ITISOFGREATSIGNIFICANCEFORTHESECURITYANDOPERATIONOFTHEECOMMERCESYSTEMTOSTRENGTHENPROTECTIONOFECOMMERCETRANSACTIONSANDRELATEDDATADAPPLICATIONDEFENSESTRENGTHENINGTHEAPPLICATIONISANINTEGRALPARTOFTHESECURITYMODELASSTRENGTHENINGTHE
36、PROTECTIONOFTHEOPERATINGSYSTEMCANONLYOFFERSOMEPROTECTION,THEDEVELOPERSOFECOMMERCESYSTEMHAVETHERESPONSIBILITYTOJOINPROTECTIONINTOAPPLICATIONSINORDERTOPROVIDEREGIONSVISITEDBYAPPLICATIONSWITHSPECIALPROTECTIONEESTABLISHMENTOFINTERNALCONTROLSYSTEMTHEINTERNALCONTROLSYSTEMMAINLYCONSISTSOFTHEORGANIZATIONCON
37、TROLSYSTEM,THECONTROLSYSTEMOFDEVELOPMENTANDMAINTENANCE,DATAACCESSCONTROLANDDATABACKUPSYSTEM,APPLICATIONCONTROLSYSTEM,ANDDAILYMANAGEMENTSYSTEMATTHESAMETIME,THESECURITYAUDITISAPPLIEDTOTHECOMPREHENSIVEASSESSMENTOFTHESECURITYOFECOMMERCESYSTEMSOFCOMMERCIALBANKSANDTHEPREDICTIONOFECOMMERCERISKINORDERTHATCO
38、MMERCIALBANKSAREDIRECTEDTOIMPROVETHESAFETYMEASURES,ANDESTABLISHTHEEMERGENCYMECHANISMTODEALWITHTHERISKFPERSONNELTRAININGTHEECOMMERCEIMPLEMENTATIONOFCOMMERCIALBANKSNEEDSALARGENUMBEROFHUMANRESOURCESWITHCOMPUTERNETWORKKNOWLEDGEANDBUSINESSKNOWLEDGEANDLAWSANDREGULATIONS,SOCOMMERCIALBANKSSHOULDRECRUITORTRA
39、INTHISKINDOFTALENTSTOPROMOTETHERAPIDDEVELOPMENTOFECOMMERCEGIMPROVEMENTOFMANAGEMENTSTRATEGIESWITHTHEINFORMATIONSYSTEMAUDITANDTHEEXTERNALEVALUATIONOFINFORMATIONSECURITY,COMMERCIALBANKSMUSTCREATECONDITIONSTOSTRENGTHENTHECOLLABORATIONBETWEENRISKMANAGEMENTDEPARTMENTANDECOMMERCESECTORANDTAKESOMEMEASURESTO
40、IMPROVETHESTATUSOFALLKINDSOFRISKS11COMMERCIALBANKSMUSTATTACHIMPORTANCETOTHEUNIFIEDMEASUREMENTOFTHETRADITIONALFINANCIALRISKSANDECOMMERCESECURITYRISK,ANDCONSTANTLYIMPROVETHEABILITYTOCONTROLTHEOVERALLRISKOFTHERISKMANAGEMENTDEPARTMENTVCONCLUDINGREMARKSTHEECOMMERCESECURITYOFTHECOMMERCIALBANKSBECOMESANIMP
41、ORTANTISSUEECOMMERCERISKSHOULDBECOMPREHENSIVELYUNDERSTOOD,ANDTHENECESSARYMEASURESARETAKENTOMINIMIZETHECAUSEDDAMAGEANDPREVENTUNNECESSARYBANKLOSSACCORDINGTOTHESECURITYRISKMANAGEMENT,THISARTICLEANALYZESECOMMERCESECURITYRISKSOFCOMMERCIALBANKS,THENINTRODUCESTHERISKANALYSISMETHODSOFTHERISKMATRIXANDTHEMODE
42、LBASEDONCIM,ANDFINALLYDISCUSSESTHEECOMMERCERISKMANAGEMENTSTRATEGIES,WHICHWILLHELPCOMMERCIALBANKSCARRYOUTECOMMERCEACTIVITIESTHESTUDYONECOMMERCESECURITYRISKANALYSISANDMANAGEMENTSTRATEGIESPROVIDESANAVAILABLESECURITYFRAMEWORKFORCHINESECOMMERCIALBANKSTOIMPLEMENTECOMMERCEANDMANAGETHERISKREFERENCES1WANGLIP
43、ING,“STUDYOFTHEELECTRONICBUSINESSSECURITYRISKMANAGEMENTINCOMMERCIALBANKS”,JOURNALOFZHONGNANUNIVERSITYOFECONOMICSANDLAW,2007,1PP75782LUISNAVARRO,“INFORMATIONSECURITYRISKSANDMANAGEDSECURITYSERVICE”,INFORMATIONSECURITYTECHNICALREPORT,2001,63PP28363HAREC,INTERNETFIREWALLSANDNETWORKSECURITY,NEWYORKNEWRID
44、ERSPUBLISHING,20024THOMASFINNE,“INFORMATIONSYSTEMSRISKMANAGEMENTKEYCONCEPTSANDBUSINESSPROCESS”,COMPUTERANDSECURITY,2000,19PP2342425LINLIMINGANDLIXINCHUN,“ECOMMERCESECURITYRISKMANAGEMENT”,COMPUTERANDINFORMATIONTECHNOLOGY,2006,3PP95976LIUNIANZU,ZHANGMINGANDNALICHUN,“TECHNOLOGICALRISKMANAGEMENTOFECOMME
45、RCE”,CHINAMANAGEMENTINFORMATIONIZATION,2006,910PP537GAOXINYAANDZOUJING,“RISKANALYSISANDMANAGEMENTOFECOMMERCESECURITY”,JOURNALOFWUTINFORMATIONANDMANAGEMENTENGINEERING,2005,274PP2558CBCHAPMAN,DALEFCOOPER,“RISKENGINEERINGBASICCONTROLLEDINTERVALANDMEMORYMODELS”,JOURNALOFOPERATIONALRESEARCHSOCIETY,VOL34,
46、PP1261299ZHANGZEHONG,“ECOMMERCETECHNOLOGYRISKASSESSMENT”,MARKETMODERNIZATION,2007,11PP17517710FENGRENDEANDTUZHISHOU,“ECOMMERCERISKANALYSISANDPREVENTION”,GROUPECONOMY,2006,15PP25825911LIZHIPING,“ONTHEIMPROVEMENTOFEBUSINESSSECURITYMANAGEMENTSTRATEGIESINCOMMERCIALBANKS”,COMMERCIALRESEARCH,2008,3PP214216
