Initial Exploration of logistics information security policies in E-commerce

Source: Internet
Author: User
Tags ftp site

Today, the world's networks, communication and information technology are developing rapidly, and the Internet is becoming increasingly popular around the world, bringing business space to a global scale, promote organizations to reform their own ideas, organizational structures, strategic policies and operating methods to adapt to global development and changes. E-commerce is a new business model that adapts to the emergence and development of global markets. It quickly and effectively carries out various business activities through network technology, that is, transactions are paperless and direct throughout the business operation. E-commerce allows sellers and suppliers to sell products in the global market. It also allows users to choose the best products around the world without leaving home and enjoy the whole process of electronic services.

I. Functions of Logistics in E-commerce processes

E-commerce objects are the entire transaction process. Any transaction consists of four basic parts: information flow, business flow, capital flow, and logistics. The ultimate goal of e-commerce is to solve the delay in processing information flows and capital flows, so as to improve the modernization level of logistics process management and further improve the modernization speed of logistics. As the final process of online electronic transactions, the execution result plays a very important role in the success or failure of electronic transactions, and is an important part and basic guarantee for realizing electronic commerce. E-commerce must have the support of modern logistics technology to reflect its unparalleled advancement and superiority, so as to maximize the convenience and benefits of both parties.

Ii. logistics implementation in e-commerce processes

In e-commerce, processing of information flows, business flows, and capital flows can be achieved through computers and network communication devices. For tangible goods and services, logistics still needs to be transmitted physically. For intangible goods and services, such as various electronic publications, information consulting services, and valuable information software, you can directly perform electronic distribution through network transmission. Logistics in the e-commerce environment, through the application of mechanized and automated tools and accurate and timely logistics information monitoring of the logistics process, the logistics speed is accelerated and the accuracy is improved, it can effectively reduce inventory and shorten the production cycle.

Iii. Logistics Information Security Issues in E-commerce

Logistics is evolving towards informatization, automation, networking, and intelligence, and is increasingly dependent on the security performance of network transmission information. As the Internet is open and anonymous, its security issues become increasingly prominent. During network transmission, logistics information is often intercepted, stolen, tampered with, stolen, monitored, and maliciously damaged by hackers, causing significant losses to merchants. Hackers attempt to intrude into computer networks by various illegal means. Their malicious attacks constitute the biggest threat to network security in e-commerce systems and have become the biggest risk of logistics information security. Hacker attacks are often used:

1. Get the password

There are three methods: one is to carefully forge a login page and embed it into the relevant webpage. When a merchant enters the login information (such as the user name and password, this information is sent to the hacker's host, and then the "System Fault" prompt is displayed, asking the merchant to log on again before the real logon page is displayed. Second, the merchant's password is obtained through network listening, and the listener can often obtain all the user accounts and passwords in the network segment, which poses a great threat to the LAN. Third, the merchant account is known and some special software is used to forcibly crack the merchant's password.

2. Email bomb

Use forged IP addresses and email addresses to send countless malicious emails with the same content to the merchant's mailbox, Which is crowded with mailboxes and can be washed away. It also occupies a large amount of network resources, leading to network congestion and even paralyzing the email server.

3. Trojan Horse

Hide a program on the merchant's computer that runs when the system starts. The program uses the server/client running mode to control the merchant's computer when accessing the Internet, attackers can steal passwords, browse merchant drives, modify merchant files, and log on to the Registry.

4. Target audiences

Hackers write "legal" programs and upload them to the FTP site or provide them to the personal homepage to induce customers. When a customer downloads the software, the hacker's software enters the customer's computer together, tracks the customer's operations, records every password entered by the customer, and sends it to the specified email by the hacker.

5. Search for vulnerabilities

Find the system security vulnerabilities or security vulnerabilities of the target to obtain illegal access to the target system.

Iv. Logistics Information Security Protection Policies

Legal merchants have high security requirements for business data when conducting online queries, business negotiation between the parties, buyer placing orders and obtaining confirmation from the seller, goods distribution, after-sales service, technical support, and other online operations, at the same time, private information (passwords, account data, etc.) is required to be kept confidential. The use of identity authentication and data encryption technology can protect the personal information and business data of merchants from being eavesdropped, tampered with, replaced, and illegally used when uploading or transmitting data on the public network.

1. Identity Authentication

Two-factor authentication technology is used for digital certificate authentication and password authentication. Each enterprise user should apply for a digital certificate. When querying an account online, the online banking system first verifies that the user's digital certificate is valid, and then sends the query request and password together to the front-end server, authenticate the password again. After the server obtains the user certificate, it also needs to retrieve whether the certificate is in the Certificate Revocation List. For individual users, password encryption can be used for identity authentication, without the need to apply for a certificate, more convenient.

2. Data Encryption

When logistics information is transmitted over the network, it is usually transmitted in plaintext instead of ciphertext. Because the information data transmitted in plain text can be easily read, stolen, stolen, and tampered with once intercepted by others, it is difficult to ensure the confidentiality, reliability, and security of logistics distribution activities. The following uses the C Language Programming to Implement the replacement encryption method.

Caesar is the oldest technique to replace each letter in the text with a fixed number of letters in the alphabet. If the plaintext to be transmitted is "I am a teacher !", Encrypted, the key is 5, and the ciphertext received by the recipient is "N fr f yjfhmjw !", For a third party, this is a meaningless string of characters to avoid leaks. The legal receiver decrypts the data and obtains "I am a teacher !" String. Encrypted data transmission ensures information security to a certain extent, and key confidentiality is critical. Otherwise, attackers can master encryption and decryption algorithms and obtain keys, which can cause fatal losses to legitimate merchants. Therefore, the management of keys should be carried out throughout the entire life cycle of keys: Key Generation, verification, transmission, storage, use and destruction.

E-commerce, as a brand new transaction model in the Internet era, is a revolution compared with traditional commerce. One of the advantages of e-commerce is that it can greatly simplify business processes and reduce enterprise operation costs. The establishment and maintenance of cost advantages of e-commerce enterprises must be ensured by reliable and efficient logistics operations. Therefore, only by increasing efforts to protect the security of logistics information and vigorously develop modern logistics can e-commerce be better developed.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.