Keywords e-commerce; Security technology; principle
First of all, firewall technology
A firewall is a system or a set of systems that enforce certain security policies between the company intranet and the Internet. A firewall is a checkpoint between a protected network and an external network to prevent unpredictable and potentially destructive intrusions. Common firewalls mainly include: packet filtering and proxy server. (1) packet filtering firewall: data packet filtering is based on the source address and destination address, application or protocol, and port information of each IP packet, and the firewall judges whether the packet passes or not according to preset rules. This kind of firewall is usually installed on the router connecting the company's internal network and external network. (2) Proxy firewall: Proxy firewall generally consists of two parts, server-side program and client-side program. The client program connects to the intermediate node, and then the intermediate node connects to the server that provides the service. Proxy server can control the access to applications, and it can complete some TCP/IP functions for network users. The proxy server is actually an application layer gateway, that is, a gateway connecting two networks to determine the network application. Because condition monitoring technology is equivalent to combining packet filtering technology and application proxy technology, it is the most advanced technology. However, due to the complexity of the implementation technology, it is difficult to design perfect defense measures based on this technology on general computer hardware systems (most software firewalls in the market actually only use packet filtering technology plus some other new features).
Second, the data encryption technology
1. Symmetric key encryption technology. Symmetric key encryption technology is that both encryption and decryption use the same key, and both parties need to get this key and ensure the security of the key. (1) encryption algorithm. There are two main encryption algorithms to realize symmetric key encryption technology: one is DES algorithm: DES mainly uses shift and replacement methods for encryption. 2. IDEA algorithm: IDEA is an international information encryption algorithm. It is an iterative cryptosystem with a block size of 64 bits, a key of 128 bits, and 8 iterations. This algorithm uses a key as long as 128 bits, which can well rule out the possibility of trying to search all keys. (2) Advantages and disadvantages of symmetric key encryption technology. Symmetric encryption technology has the advantages of fast encryption speed and high confidentiality. Its disadvantages: First, the key is the key to secure transmission, and the sender needs to send the key to the receiver safely and correctly, and cannot disclose its contents. Second, the number of key combinations will increase when multi-person information is transmitted, which makes key distribution more complicated. Distributing, managing and generating such a large number of keys is really a problem. Third, in the communication process, both parties need a unified key to send confidential information.
2. Public key encryption technology. Public encryption technology requires the use of keys in pairs, that is, the encryption process and decryption process are realized by two different keys respectively. When sending information to the other party, you should encrypt the information with the other party's public key, and then decrypt the information with your own secret key after receiving the information. So this technology is also called asymmetric encryption technology. (1) encryption algorithm. The public key encryption algorithm is mainly RSA encryption algorithm. It is a mature and theoretically successful public key cryptosystem, and its security is based on the following conclusions in euler theorem's number theory and computational complexity theory: it is possible to solve the product of two large prime numbers, but it is very difficult to solve the product of these two large prime numbers. RSA encryption and decryption process consists of key generation, encryption process and decryption process. (2) Advantages and disadvantages of public key encryption technology. The advantages of public key encryption technology are: first, few keys and easy management. Any user in the network only needs to save his own key, so n users only need to generate n pairs of keys. Second, the distribution of keys is also relatively simple. Encryption keys are distributed to users, and decryption keys are managed by users themselves. Third, there is no need for secret channels and complex protocols to transmit keys. Fourthly, digital signature and digital encryption can be realized. The disadvantage of public key encryption technology is that the encryption and decryption speed is slow.
3. Practical application of encryption technology. PGP(pretty good privacy) is a software for encrypting emails and transmitting documents. It can be used to keep emails and documents confidential to prevent unauthorized people from reading them, so that you can communicate safely with people you have never met. PGP encryption adopts RSA and traditional encryption algorithm to realize encryption. The key to encryption lies in a pair of keys, including a public key and a private key. The public key and private key are generated according to some mathematical function, and it is almost impossible to infer another key from one key. The plaintext can be encrypted with public key and decrypted with private key to get the original text, and the plaintext can also be encrypted with private key and decrypted with public key to get the original text. Because the private key is reserved for oneself and unknown to others, the private key has the function of digital signature besides encryption. Its mechanism lies in: only you have the private key, others don't have your private key, you can sign the file with the private key, and others can't sign it because they don't have your private key, so you can prove that the file was sent by you; Public keys are provided for people who want to communicate with you securely.
Take the exam and contribute.
Lanlina, Liu Xinyue. Research on E-commerce Security System [J]. Academic Research .2007 (4)
[2] Liu Bingtao. Problems and countermeasures in e-commerce [J]. Enterprise Herald.2010 (6)
[3] Xie Hongyan. Research on the security problems and countermeasures of e-commerce [J]. Journal of Harbin University of Commerce (Natural Science Edition) .2007 (6)