-
The most important harm is data theft.
-
1.Security threats. All aspects of e-commerce transactions are susceptible to the following security threats, which usually cause serious consequences:
The first is the theft and tampering of information, that is, the data transmitted in plaintext on the network is intercepted and deciphered by intruders, and then illegally tampered with, deleted or inserted, so that the integrity of the information is damaged. The second is information counterfeiting, that is, malicious network attackers carry out fraudulent acts by impersonating legitimate users or simulating false information. 2.
Security requirements. Corresponding to security threats, the e-commerce transaction process has the following security requirements, namely the confidentiality, integrity and non-repudiation of information. The confidentiality of e-commerce information refers to the fact that in the open Internet environment, the relevant business information in the transaction process must be transmitted and accessed under the corresponding confidentiality regulations.
The integrity of e-commerce information means that the information of both parties to the transaction cannot be illegally tampered with or destroyed. The process of e-commerce transactions has the following security requirements: the non-repudiation of e-commerce information, which refers to avoiding the occurrence of a party to a transaction denying that it has carried out such a business act after carrying out a certain transaction; or a party denies that it has received a transaction message from the other party.
-
Causes harm in the following aspects:
1. The information in the transaction is illegally intercepted or read, and the valid account information is obtained by illegally intercepting the session data.
2. Loss and duplication of transaction information in the process of data transmission.
3. Fake identity to conduct online transactions.
4. The user's personal information is leaked, and the privacy of legitimate users is violated.
-
There are several types of plagiarism threats to e-commerce security:
1. Interception and theft of information. If no encryption measures are used or the encryption strength is not strong enough, the attacker may obtain the transmitted confidential information through the Internet, public ** network, wiring, installation of interception devices within the electromagnetic radiation range, or interception of data on gateways and routers through which the packets pass, or through the analysis of information flow and injection, communication frequency and length and other parameters to deduce useful information, such as consumers' bank account numbers, passwords, and business secrets.
2. Tampering with information. When the attacker is familiar with the network information format, the information transmitted by the network is modified and sent to the destination through various technical methods and means, thereby destroying the integrity of the information. There are three main aspects of this means of destruction:
Tampering - changing the order of information flows, changing the content of information, such as the shipping address of the purchased goods; Delete - Remove the whip message or some total point insertion of the message - Inserts some information into the message so that the receiver does not understand it or receives the wrong information.
3. Information counterfeiting. When an attacker learns the rules of network data or decrypts business information, it can impersonate legitimate users or send fake messages to deceive other users.
4. Transaction repudiation. Transaction repudiation includes a number of aspects, such as the sender later denying that a message or content had been sent; The recipient later denied receiving the message or content, and the purchaser made an order and did not admit it; The goods sold by the merchant are not recognized because of the poor goods.
-
(1) System security: refers to the stability and anti-attack ability of the system, as well as the system recovery ability after being attacked or the system has software and hardware failures.
2) Data security: It refers to maintaining the consistency and integrity of data, and the controllability of use rights. Data security includes the following aspects:
Confidentiality of data. No one can see information that they are not authorized to see; Among them, what goes further than ordinary encryption is that no one can see or modify the data that they are not authorized to obtain by their administrative conceptual authority (data encryption), which will be more in line with practical requirements.
Data Integrity. The data sent can only be fully confirmed if it arrives in its entirety, otherwise the data cannot be recognized.
Non-repudiation. For information that has already been sent by any person, it is possible to determine that the data can only be sent by that person based on the information itself, and to determine important information such as the time when it was sent.
Industry prospects: In Q1 2017, the number of online shopping users in China has exceeded 100 million. And online shopping is constantly penetrating from the PC to the mobile terminal. >>>More
There are several main factors:
1. Unbalanced development of industries and regions. >>>More
E-commerce can be divided into different types according to different business models or business methods, as follows: >>>More
Summary. Hello, happy to answer for you] The e-commerce system consists of six parts. 1, e-commerce system basic layer 2, e-commerce system service layer 3, e-commerce system application layer 4, e-commerce system social environment layer 5, e-commerce system expression layer and client 6, internal system interface and external system interface. >>>More
What is E-commerce?
E-commerce is derived from the English electronic commerce, abbreviated as EC. As the name suggests, its content consists of two aspects, one is electronic means, and the other is commercial activities. >>>More