下载文档原格式
毕业论文2015 届我国移动电子商务安全问题探析学生姓名余力量学号 020*******系别经济与管理系专业班级信息管理与系统1101班指导教师***完成日期2015 年6月我国移动电子商务安全问题探析摘要随着我国无线网络和移动通信技术的不停发展,以及人民日益增长的消费需求,不断地拉动我国经济的发展,从而一种新的商务模式——移动电子商务正在全国范围内快速崛起。
尽管我国移动电子商务有着巨大、广阔的发展前景,但是目前我国移动电子商务尚处于早期发展阶段,面临着各种安全性问题,以及发展瓶颈本文主要是通过对电子商务的新形势-移动电子商务的概念、现状和问题进行分析,提出应对措施,对未来移动电子商务的发展方向进行预测。
关键词移动电子商务;安全问题;无线PKI;对策建议PROBLEMS OF CHINA'S MOBILE E-COMMERCE SECURITYABSTRACTWith the constant development of wireless networks and mobile communications technology , as well as people's growing consumer demand , continue to pull the country 's economic development, and thus a new business model - mobile commerce is rapidly rising across the country . While China's mobile e-commerce has a huge , broad prospects for development , but at present China's mobile e-commerce is still in its early stages of development , face a variety of security issues , as well as bottlenecks in the development of e-commerce through the article is a new situation of mobile e-commerce the concept , status and analysis of the problem , propose countermeasures for the future development direction of mobile e-commerce forecast.KEY WORDS Mobile e-commerce ; security ; wireless PKI; Suggestions目录摘要 (I)ABSTRACT .......................................................... I I 前言. (1)1移动电子商务概述 (1)1.1移动电子商务的概念 (2)1.2移动电子商务的发展背景 (2)1.3移动电子商务的现状分析 (3)2移动电子商务安全存在的主要问题 (4)2.1移动设备操作系统种类繁多 (4)2.2移动设备数据安全性较低 (4)2.3移动支付发展存在阻力 (5)2.4移动终端通讯信息开放性传输 (6)2.5移动电子商务相关法规不完善 (6)3移动电子商务安全问题存在的原因 (7)3.1移动设备制造商自主研发系统 (7)3.2移动设备数据多以明文形式存在 (7)3.3移动支付安全存在威胁 (7)3.4移动通讯处于开放的无线网络环境下 (9)3.5未制定相关移动电子商务法律法规 (9)4移动电子商务安全问题的对策建议 (10)4.1搭建通用移动电子商务平台 (10)4.2采用无线PKI等加密技术 (10)4.3加强移动支付交易安全 (12)4.4无线网络的安全措施的实施 (12)4.5为移动电子商务制定相关法律法规 (13)5总结 (13)参考文献 (15)致谢 (17)前言随着电子商务的发展以及技术的革新,移动电子商务也应时代的需求衍生而出,电子商务主要是以pc作为主要界面,而移动电子商务则是利用以智能手机、智能平板以及掌上电脑等无线终端进行的O2O、C2C、B2B以及B2C等电子商务活动。
外文文献翻译(含:英文原文及中文译文)文献出处:International Joint Conference on Inc, Ims and IDC. IEEE, 2013:27-35.英文原文The Research of Mobile E-commerceM DromaAbstractAs an expansion and extension of e-commerce in wireless networks, mobile e-commerce will further promote the maturity of online consumption. According to the results of research conducted by independent agencies, mobile e-commerce, which is business and service activities through mobile devices and wireless networks, will soon become the dominant force in business and society. M-Commerce, which is derived from the concept of E-Commerce. E-commerce uses PC as the main interface and is wired e-commerce; while mobile e-commerce is based on mobile phones and PDAs. Personal Digital Assistants) These terminals interact with us. It combines the Internet, mobile communication technology, short-distance communication technology and other information processing technologies to enable people to conduct various business activities at any time and any place, and realizes shopping and trading, business activities, financial activities and relatedComprehensive service activities.Keywords: mobile commerce, mobile device, PDAThe power of mobile e-commerceIn the mid-1990s, the Federal Communications Commission of the United States auctioned off the spectrum space of personal communications services and promoted the development of contemporary wireless communications. Modern wireless communication terminals include not only mobile phones, but also personal handheld computers (PDAs), digital assistants and a series of devices.Wireless base station constructionThe application of the Internet has enabled the development of networks in the traditional PC field. According to the forecast of Dataquest and Yankee Group, the scale of server development will reach 500 million in 2003. E-commerce and other communication applications have prompted the continuous growth of such large-scale server areas. In addition, because these systems will have greater processing power and storage capacity, better price-performance ratio, more powerful performance, and more complex applications, its emergence may gradually become the mainstream of desktop applications and the Internet.Although these predictions are impressive, personal computers have two limitations. First, users must sit in front of them. Second, even if it isa portable laptop, it needs to load software, dial in to connect with the network service provider, and wait for the handshake agreement to proceed before accessing the Internet. This process is understandable, but it is better to be in a tolerable range. Therefore, although the main application has many troubles, it is still within the acceptable range for those users to follow this access sequence, at least to keep the computer and the application program running. Overall, the scale of the PC is huge, including more mobile communication devices. The Gartner Group and other research institutions estimate that by 2004, the global mobile phone user base will exceed 1 billion, which is 2 times the number of PC users. In addition, the number of users of other wireless mobile devices will also increase significantly. The scale of application of wireless PDA will be tripled in the next three years. Unlike personal computers, these wireless devices do not require a boot sequence, so people can use them in a convenient and fast manner. This quick application can make these products more attractive.Wireless protocol standardJust as the Transmission Control Protocol/Internet Protocol and the Universal Browser as the mainstay force drive the development of the Internet, allowing different devices to interconnect and communicate, similar factors will simplify heterogeneous interconnection and wireless device communication. Mobile network operators currently rely on amulti-standard and incompatible wireless access standard. Recently, a common communication technology has finally emerged. It has developed and provided a unified interface standard for wireless services and Wireless Application Protocol (W AP) for mobile devices.Wap's specifications include a microbrowser, JavaScript-like scripting, access capabilities, session layering interaction specification, transport, and security. These specifications make it possible for applications to be interface independent and interoperable. Most mobile phone and wireless device manufacturers, as well as some service and infrastructure vendors, have already approved the W AP standard.Adequate bandwidthCurrent access technologies, including TDMA (Time Division Multiple Access), CDMA (Code Division Multiple Access) and GSM, provide transmissions with speeds of 9.6 to 19.2 Kbps. This speed is quite different from desktop dial-up access to the Internet. Although mobile e-commerce can be implemented at this low-speed bandwidth, this low speed is not conducive to mobilizing the participation of a wide range of businesses and consumers.By 2002, 3G (third generation) wireless technology will be implemented. In addition to having a bandwidth rate of up to 2 Mbps, 3G will also support multimedia transmissions. Integrated voice, data interaction, and multi-party video will enable mobile e-commerce on anywireless device. In addition, 3G technology has received active support from the International Telecommunication Union and has raised the possibility of 3G technology.Mobile e-commerce applicationsThe application of mobile e-commerce can be divided into three categories: transaction management, digital content delivery, and telemetry services. Transaction managementUsers will experience more and more rich commercial applications through mobile devices. Online shopping platforms for mobile phones and PDAs have emerged and have enabled browsing, selection, purchase, payment, and delivery. These websites include the necessary elements for shopping, such as online catalogs, shopping carts and back-office functions. In this area, online bookstores have already implemented shopping transactions for wireless platforms.Another type of mobile e-commerce transaction application involves purchasing payments and real-time services through wireless devices. This type of transaction application will continue to grow as the user gains more and more application experience and will make management easier.The highest demand for the development of mobile e-commerce comes from micro-transactions. Compared to coins, they are more willing to use electronic money via their handsets or PDAs in order to solveproblems such as paying for subways. The widespread use of electronic money will become a reality.Content Delivery ServiceDigital content delivery uses the distribution characteristics of wireless channels. These mobile e-commerce activities include information browsing, real-time information retrieval (weather, traffic schedules, sports scores, ticket sales, and market prices) and directory services. CNN's wireless news subscription service and UPS Pocket PC's package tracking and location service are representative of this emerging content delivery service.Digital products are easily transmitted via wireless devices. Therefore, the arrival of 3G can make downloading applications such as entertainment and MP3 music more common. Transmission software, high-resolution images, and full-motion advertising information will also become increasingly common. The emergence of high-quality displays and greater bandwidth will undoubtedly lead to innovation in the field of video applications. In the future, people can realize high-definition video content that accesses, retrieves, stores, and displays multimedia through wireless devices, as well as distance education.Telemetry serviceWith the telemetry services for transmitting, receiving, sensing and measuring information, the wide application of this new field isinseparable from the establishment of mobile devices. Innovations in this area allow people to use their mobile phones and other wireless devices to access their homes, offices or other places. For example, delivery drivers access a computer in an intelligent dispenser or warehouse to determine where they need the most active inventory or where they need immediate service. Similarly, the user can activate the recording device or the remote service system by sending an e-mail.Passive applicationsAn active mobile electronic commerce application means that the application will only be enabled if the parties communicate payment details, request information, receive specific content, or retrieve status information. Passive applications, in contrast, act in situations where the user has not implemented any behavior, such as the collection of consumer cash cards. Electronic Money Flow Integration on mobile devices will impact cash cards and make cash cards less necessary. These wireless devices can facilitate and record consumer payments, transportation, fast food, other transactions, all unauthorized users, or confirmation of each transaction information. Users can arrange their financial flows, connect their funding sources, and download additional digital cash when they need it, through direct automatic updates of wireless devices.The more popular text message in Europe is a text message with alength of up to 160 characters, which is displayed on the recipient's screen. This is a typical passive application example. With the increasing popularity of digital convergence, wireless devices will be passive in a variety of emails, including digital voice mail, fax files, and e-mail. These necessary technologies are now perfect, and further awareness and universal access will make these services very popular. These paid mobile e-commerce activities will increase, and may make the payment system innovation. For example, free services in wireless devices that use audio or video advertising as revenue.Passive security, prevention of intrusion, and emergency telemetry services provide comprehensive testing of facilities and individuals. Any unusual events or unacceptable conditions will promptly alert the user, no matter where they are.The airline is testing a technology that uses wireless devices to remind passengers, especially those frequent flyers, to give them information on seat upgrades, schedule changes, and more. At present, some airlines have already put this prototype telemetry system into use. When passengers enter the airport or pass through nearby self-service facilities, they will receive this kind of information in a timely manner.Passive mobile e-commerce telemetry is the foundation of another form of interactive marketing. Stores can pass on their products and services to customers in the form of promotional coupons andinformation, such as "To: Come and enjoy a cup of our new coffee mix!" or "Half-price promotion, only for half an hour!" But this kind of marketing may also face a new challenge: Turn off your mobile device and prevent mobile spam.The promotion of this technology to mobile e-commerce is endless, and it can even evolve into an obstacle to its development. The development of applications and wireless devices are complementary, and innovation in one area will make the other stronger.Business opportunities and challenges require an ever-changing strategy, leveraging the advantages of mobile e-commerce to help them compete in the ever-increasing digital market. The biggest challenge in constructing this strategy comes from the contradiction that technological innovation can give the user what functions and what functions consumers and business people expect.中文译文移动电子商务研究M Droma摘要移动电子商务作为电子商务在无线网络中的拓展和延伸,会进一步促进网络消费的成熟。
移动电子商务的安全与隐私问题分析移动电子商务(Mobile E-commerce)已经成为了现代人购物的主要方式之一。
然而,在移动电子商务领域,安全与隐私问题一直是用户和商家最为关注的焦点。
本文将对移动电子商务中的安全与隐私问题进行分析,并提供相应的解决方案。
一、安全问题分析1. 网络攻击:移动设备的开放性和全球化特性使其成为黑客攻击的主要目标。
黑客可以通过网络攻击窃取用户的个人信息、支付信息以及交易记录。
因此,移动电子商务平台需要加强网络安全措施,采用防火墙、加密技术、身份验证等手段,保护用户隐私和交易安全。
2. 信息泄露:移动电子商务平台可能存在数据泄露的风险。
用户在进行购物时,需要提供个人信息和支付信息,一旦这些信息泄露,用户可能遭受财产损失或身份盗窃。
因此,移动电子商务平台应该加强数据加密技术,确保用户数据不被非法获取。
3. 恶意软件:移动应用程序市场存在大量的恶意软件,这些软件可能通过盗取用户信息和操纵支付流程等手段,对用户进行欺诈和侵害。
移动电子商务平台应该加强对移动应用的审核和监管,减少用户下载和使用恶意软件的风险。
4. 假冒网站:移动电子商务平台经常遭受假冒网站的困扰。
黑客通过仿冒合法平台的方式,引诱用户泄露个人信息或进行虚假交易。
为了减少用户受骗的风险,移动电子商务平台应该加强对网站的验证机制,提供用户安全检测工具,警告用户避免访问假冒网站。
二、隐私问题分析1. 个人信息收集:移动电子商务平台为了提供个性化的服务,通常会收集用户的个人信息。
然而,一些平台可能会滥用个人信息,如将其出售给第三方广告商或用于其他商业目的。
为了保护用户隐私,移动电子商务平台应该建立严格的隐私保护政策,明确告知用户个人信息的收集、使用和保护方式,并提供用户选择是否提供个人信息的机制。
2. 交易记录保留:移动电子商务平台通常会保留用户的交易记录,以便用户查询和商家核实。
然而,长期保存这些交易记录可能存在泄露用户隐私的风险。
和移动商务相关的英语作文范文Here is an English essay on the topic of mobile commerce, with a word count greater than 1000 words, as per your instructions. The essay does not include a title and there are no extra punctuation marks in the main text.The rapid advancements in mobile technology have revolutionized the way we conduct business and engage with consumers. Mobile commerce, often referred to as m-commerce, has become an integral part of the modern business landscape, offering unprecedented opportunities for companies to reach and interact with their target audience. This essay will explore the various aspects of mobile commerce, its impact on the business world, and the key trends shaping its future.At its core, mobile commerce encompasses any commercial transaction or activity that is facilitated through a mobile device, such as a smartphone or tablet. This includes activities like mobile banking, mobile shopping, mobile payments, and even mobile marketing. The ubiquity of mobile devices, coupled with the increasing adoption of mobile internet and the convenience they offer, has made m-commerce a rapidly growing sector.One of the primary drivers of mobile commerce is the widespread use of smartphones. These powerful devices have become an integral part of our daily lives, serving as our primary means of communication, information access, and even entertainment. Consumers now expect to be able to conduct various transactions and access a wide range of services directly from their mobile devices. This has led businesses to prioritize the development of mobile-friendly platforms and applications to cater to this growing demand.The rise of mobile commerce has had a significant impact on the retail industry. Online shopping has long been a popular alternative to traditional brick-and-mortar stores, but the advent of mobile shopping has taken this trend to new heights. Consumers can now browse, compare prices, and make purchases directly from their smartphones, often while on the go. This has led to the emergence of mobile-optimized e-commerce platforms, mobile apps, and mobile-friendly websites, all designed to provide a seamless and convenient shopping experience.Moreover, mobile commerce has revolutionized the way businesses approach marketing and customer engagement. Mobile devices have become a powerful tool for targeted advertising and personalized promotions. Businesses can leverage location-based services, such asgeofencing and beacons, to deliver tailored offers and content to consumers based on their proximity to specific locations. This has enabled more effective and efficient marketing strategies, allowing companies to reach their target audience with greater precision and relevance.In addition to retail, mobile commerce has also had a significant impact on the financial services industry. Mobile banking and mobile payments have become increasingly prevalent, allowing consumers to manage their finances, transfer funds, and make payments directly from their mobile devices. The integration of mobile wallets, such as Apple Pay and Google Pay, has further simplified the payment process, reducing the need for physical cash and cards.The rise of mobile commerce has also led to the development of innovative mobile payment solutions, such as peer-to-peer (P2P) payment apps and mobile point-of-sale (mPOS) systems. These technologies enable seamless and secure transactions, catering to the growing demand for convenience and flexibility in financial transactions.The impact of mobile commerce extends beyond the traditional business landscape. In the healthcare sector, for instance, mobile apps and wearable devices have revolutionized the way patients manage their health and interact with healthcare providers. Patientscan now access medical records, schedule appointments, and even receive remote consultations through their mobile devices, improving the overall quality and accessibility of healthcare services.In the transportation industry, mobile commerce has transformed the way we book and pay for various modes of transportation. From ride-sharing services to public transportation, mobile apps have become the primary interface for booking, paying, and managing transportation-related services, enhancing the overall user experience.As mobile commerce continues to evolve, several key trends are shaping its future. One such trend is the increasing integration of artificial intelligence (AI) and machine learning (ML) technologies. These advanced technologies are being leveraged to provide personalized recommendations, predictive analytics, and intelligent decision-making capabilities within mobile commerce platforms. This integration can lead to more personalized shopping experiences, targeted marketing strategies, and enhanced customer loyalty.Another emerging trend in mobile commerce is the growing importance of mobile wallet and digital payment solutions. As consumers become more comfortable with the idea of making cashless transactions, the adoption of mobile wallets and digital payment methods is expected to continue to rise. This trend isfurther fueled by the increasing availability of secure and user-friendly mobile payment technologies, such as near-field communication (NFC) and biometric authentication.The rise of the Internet of Things (IoT) and the integration of mobile commerce with connected devices is another key trend to watch. As more everyday objects become interconnected, the opportunities for seamless and contextual commerce experiences are expanding. From smart home devices to wearable technology, the integration of mobile commerce with IoT can enable innovative shopping experiences and automated purchasing processes.Finally, the growing emphasis on mobile-first design and user experience is a critical trend in the mobile commerce landscape. As consumers become increasingly reliant on their mobile devices for various activities, businesses must prioritize the optimization of their mobile platforms to provide a seamless and intuitive user experience. This includes the development of responsive and mobile-friendly websites, as well as the creation of dedicated mobile apps that offer a tailored and engaging experience.In conclusion, mobile commerce has emerged as a powerful force in the business world, transforming the way companies interact with and serve their customers. The widespread adoption of mobile devices, the convenience they offer, and the integration of innovativetechnologies have all contributed to the rapid growth of m-commerce. As the industry continues to evolve, businesses must adapt and embrace the opportunities presented by mobile commerce to remain competitive and relevant in the digital age.。
我国移动电子商务应用安全问题探析摘要:移动商务作为一种移动互联的贸易方式,将成为全球具有战略意义的贸易手段和信息交换的有效方式。
移动网络的开放性和移动终端的移动性给移动商务的发展和工作效率的提高带来了诸多优势,但安全问题仍是移动商务推广应用的瓶颈。
文章主要探讨和分析当前移动电子商务应用安全存在的威胁问题并提出相应的解决策略。
关键词:移动电子商务;安全威胁;策略伴随因特网的迅猛发展,集互联网、移动终端、无线技术为一体的移动商务已对传统贸易方式形成巨大冲击,并将以其快捷、方便、高质高效的显著优势成为21世纪国际贸易的主要方式。
电信趋势国际公司预测,全球移动商务至2008年将吸引17亿用户,使用手机进行的交易额预计将突破5540亿美元。
据市场权威预测,2009年全球移动商务收入将突破880亿美元,手机铃声与标志logos 将成为手机购物的流行元素。
移动商务作为一种移动互联的贸易方式,将成为全球具有战略意义的贸易手段和信息交换的有效方式。
移动网络的开放性和移动终端的移动性给移动商务的发展和工作效率的提高带来了诸多优势,但安全问题仍是移动商务推广应用的瓶颈。
随着手机及相关移动终端功能的完善,信息存储量的加大,大量的商务数据和个人信息资料将存储于移动终端,移动终端的安全性、移动商务交易过程的安全性、移动商务交易信息及大量商业秘密的安全性都将面临日益严峻的安全威胁。
一、我国移动电子商务应用安全主要存在的安全威胁移动电子商务的发展对我们而言既是机遇也是挑战,我们可以充分利用这个机遇实现跨越式发展。
安全问题是移动电子商务的基石,更是移动电子商务能否取得成功最关键的因素。
由于我国移动电子商务的发展应用还处于起步阶段,如法律规范不完善,信用意识淡薄、移动终端限制了安全性能的提高和无线网络本身的开放性降低了安全性等原因导致移动电子商务应用过程中存在诸多安全威胁。
(一)无线通信网络的安全威胁无线通信网络可以实现不受时间地理环境的限制,给无线用户带来通信自由和灵活性的同时也带来了诸多不安全因素。
中南民族大学“移动电子商务案例分析”课程论文题目:移动电子商务安全姓名:官燕青学号:10122129专业:行政管理年级:2010级学期:2011-2012学年第2学期教师评语:摘要B2C商务是企业与消费者之间的电子商务,它是以Internet为02主要服务提供手段,实现奋众消费和提供服务,并保证与其相关的付袄方式电子化的一种模式。
B2C电子商务的发展一直被业界所关注。
我国电子商务的环境在不断改善,接受网上购物方式的消费者越来越多。
目前我国B2C 电子商务市场发展的红红火火,各大企业激烈的竞争,使B2C市场迅速发展并日益完善,国内B2C市场发展持续看好。
但综观其发展现状,B2C电子商务发展仍存在着一些问题,国内B2C电子商务网站近几年也都面临着严峻的挑战。
本文分析了当前中国B2C电子商务的困境;针对目前B2C电子商务企业所处的困境,提出了新的可能的发展思路,并对其发展前景进行了分析。
关键词B2C 电子商务问题发展思路发展前景AbstractB2C business enterprises and consumers of e - commerce, it is in the Internet service provider as the main means of implementation of the fenzhi unigenmata and consumption and provision of services, and guarantees associated with the way to pay for which the Chienyi electronization.B2C e - commerce development has always been these concerns.Electronic commerce in China environmental improvements, accept the way consumers online shopping more and more.but China 2001 no B2C and too many gratifying, even had a leading e - commerce Web site had to face the fate of their choice.the status of the reasons for not just e - commerce as a whole, some of the reasons are also included some effects of B2C e - commerce development of specific reasons.market development issues, such as the Internet environment and conditions, credit improremant, problom, legislative issues, operational problems, etc.these bottlenecks can be resolved, for the development of electronic commerce will be enormous.This paper analyzes the current Chinese B2C e - commerce; for the plight of B2C e - commerce business plight, has raised new possibilities of development thinking, and on their development prospects.Key wordsB2C e - commerce question environmenet the development prospects目录摘要 (Ⅱ)第1章移动电子商务的安全 (5)1.1 移动电子商务面临的威胁 (5)第2章移动电子商务的安全需求 (6)2.1移动电子商务的安全技术 (7)2.1.1 对称密码算法 (7)2.1.2 非对称密码算法 (8)第3章数字签名 (9)结论 (10)参考文献 (11)第一章移动电子商务的安全从全球电子商务的安全性上看,一般要满足四个要求:一是安全可靠的电信网络;二是保护有关网络的信息系统的有效方法;三是证实及确保电子信息的机密性,防止信息未经授权而使用的有效方法;四是电子商务交易的安全性,包括电子支付的安全和商品的安全。
毕业论文文献综述论文题目:经济型酒店如何发展移动电子商务——以七天连锁酒店的虚拟社区电子商务模式为例课程代码: 0215190学院(直属系):经济与贸易学院年级、专业: 09级电子商务学生姓名:张月学号: 312009********* 指导教师:郭胜经济型酒店发展移动电子商务文献综述【内容提要】移动电子商务作为电子商务在无线网络中的拓展和延伸,会进一步促进网络消费的成熟。
一些酒店就是充分利用了电子商务带来的机遇,获得了空前的成功。
这次移动电子商务的浪潮又将掀起一次电子商务的革命,必然会给酒店业带来无限的发展商机。
本文在充分证明电子商务给酒店的管理和营销带来巨大利益之后,通过对酒店移动电子商务平台的构建以及对移动电子商务平台为酒店适应现在旅游市场变化所带来优势的介绍,来充分说明移动电子商务给酒店业带来的发展契机。
【关键词】3G ;酒店电子商务;移动电子商务;酒店管理广义的移动电子商务的内容包括以下几个方面(曹淑荣, 田翠,2010):(1) 移动增值服务:个性化回铃音( 移动:彩铃;联通:炫铃);多媒体短消息服务(MMS);IVR(交互语音应答);彩话业务。
(2)移动位置服务:安全救援服务、交通和导航服务、位置跟踪服务、移动广告。
(3) 移动电子商务:销售终端服务;移动订票;移动博彩;手机银行。
(4) 移动多媒体:移动游戏业务;手机电视。
另外,包括无线客户关系管理、移动股市等也在快速发展。
对于酒店而言,开展移动电子商务的内容主要集中在移动位置服务、移动电子商务,无线客户关系管理也是酒店需要重视的内容。
二、酒店移动电子商务平台的构建移动电子商务作为电子商务发展的必然趋势,也就成了酒店业进行电子商务平台建设必须重视的环节。
根据中国旅游研究院2012年旅游经济运行分析和2013 年发展预测暨《中国旅游经济蓝皮书(No.2)》的数据,2013年,国内旅游人数将达21 亿人次,同比增长12%,国内旅游收入1.1 万亿,同比增长14%。
电子商务外文文献Title: E-commerce: A Review of the Literature and Perspectives for Future ResearchE-commerce, or electronic commerce, has become a fundamental aspect of business and economic activity in the globalized digital age. The交易研究领域的一个重要组成部分。
在这个日益数字化的时代,电子商务已经成为全球商业和经济活动的一个重要组成部分。
本文旨在回顾和分析电子商务领域的研究现状,探讨未来可能的研究方向和挑战。
The literature on e-commerce has been extensive, covering a range of topics from online retailing to global supply chain management. The Journal of Electronic Commerce in Organizations (JECO) and Journal of Electronic Commerce Research (JECR) are two of the leading journals in the field, publishing high-quality research on various aspects ofe-commerce. Additionally, several books and conference proceedings provide valuable insights into the development and evolution of e-commerce.E-commerce research has examined the impact of technology on business processes, explored innovative business models, andanalyzed the role of e-commerce in global trade and development. The literature has addressed a range of important issues, including security and privacy, electronic payment systems, and the impact of social media on e-commerce.Despite the significant progress made in e-commerce research, several areas for future exploration remn. These include the development of new e-commerce technologies, such as blockchn and artificial intelligence, and their potential impact on global trade and supply chns. Additionally, research on the role of e-commerce in sustnable development, particularly in terms of environmental sustnability and social inclusivity, represents an important area for future investigation.In conclusion, e-commerce has become a fundamental aspect of business and economic activity in the digital age. The literature on e-commerce has provided valuable insights into its development and evolution, but there remn several areas for future exploration. Future research should address these unexplored areas and contribute to the development ofe-commerce as a transformative force in global trade and development.商学院电子商务外文文献Title: E-commerce in Business Schools: A Critical Analysis of Curriculum, Teaching Methods, and Future TrendsThe rise of e-commerce in recent years has revolutionized business education, with business schools across the globe scrambling to keep up with the latest trends and prepare students for the digital economy. This article delves into the world of e-commerce education in business schools, exploring curriculum, teaching methods, and predicting future trends. E-commerce has become an integral part of modern business, and business schools are responding to this trend by incorporating e-commerce courses into their curriculum. The primary objective of these courses is to provide students with a comprehensive understanding of the e-commerce industry, including the latest trends, tools, and techniques. In addition to fundamental topics such as online marketing and web design, today's e-commerce courses also cover more specialized topics such as cloud computing, big data analysis, and social media marketing.Business schools are adopting a variety of teaching methods to impart knowledge on e-commerce, ranging from traditional classroom lectures to more innovative hands-onbs and simulations. These experiential learning opportunities allow students to gain practical experience in real-world settings, providing them with a deeper understanding of the dynamics and challenges of the e-commerce industry.With the continuous evolution of the internet and e-commerce landscape, it is essential to track and predict future trends in this field. Business schools are playing a crucial role in this regard by staying abreast of industry developments and incorporating relevant content into their courses. The trend towards more personalized and interactive learning experiences is likely to continue, with business schools tloring their teaching methods to suit the needs of individual students. Additionally, the integration of technology into every aspect of business will continue to drive changes in e-commerce education, with an increasing focus on areas such as cybersecurity and artificial intelligence.In conclusion, business schools have responded to the rise of e-commerce with a comprehensive approach that includes updating curriculum, adopting innovative teaching methods, and predicting future trends. However, there are still challengesahead, such as keeping up with the rapidly changing landscape and providing all students with equal opportunities to access e-commerce education. By continuing to adapt and innovate, business schools can help shape a brighter future fore-commerce and prepare students to thrive in the digital economy.电子商务外文翻译文献电子商务的发展及其影响:外文翻译文献随着全球互联网的迅速普及,电子商务在全球范围内得到了前所未有的发展。
移动支付安全英语作文Mobile payment has become increasingly popular in recent years, with more and more people choosing to use their mobile devices to make purchases and transfer money. While mobile payment offers convenience and efficiency, there are also concerns about its security. In this essay, I will discuss the security issues surrounding mobile payment and suggest some measures to enhance its security.Firstly, one of the major security concerns with mobile payment is the risk of unauthorized access to users' personal and financial information. Hackers may intercept sensitive data during the transaction process, leading to identity theft and financial losses. In addition, malware and phishing attacks targeting mobile payment users have become more sophisticated, making it easier for cybercriminals to steal users' information.Secondly, the use of public Wi-Fi networks poses a security risk for mobile payment users. Public Wi-Fi networks are often unsecured, making it easier for hackers to eavesdrop on data transmitted between the mobile device and the payment gateway. This can result in unauthorizedaccess to users' payment information and account credentials.To enhance the security of mobile payment, users should take certain precautions. Firstly, it is important to use strong and unique passwords for mobile payment apps and accounts. Avoid using easily guessable passwords or sharing them with others. Secondly, users should enable two-factor authentication whenever possible to add an extra layer of security to their accounts. This requires users to provide a second form of verification, such as a fingerprint or a one-time code sent to their mobile device.Furthermore, users should avoid making mobile payments over public Wi-Fi networks. Instead, it is recommended to use a secure and private network, such as a virtual private network (VPN), to protect their data from potential eavesdropping by hackers. Additionally, users should regularly update their mobile payment apps and operating systems to patch any security vulnerabilities and protect against malware attacks.In conclusion, while mobile payment offers convenience and efficiency, it is important for users to be aware ofthe security risks associated with it. By taking necessary precautions and following best practices, users can enhance the security of their mobile payment transactions and protect their personal and financial information from unauthorized access.。
附件1:外文原文(复印件)The Development of E-commerceA perfect marketMay 13th 2004From The Economist print edition E-commerce is coming of age, says Paul Markillie, but not in the way predicted in the bubble yearsWhen the technology bubble burst in 2000, the crazy valuations for online companies vanished with it, and many businesses folded. The survivors plugged on as best they could, encouraged by the growing number of internet users. Now valuations are rising again and some of the dotcoms are making real profits, but the business world has become much more cautious about the internet’s potential. The funny thing is that the wild predictions made at the height of the boom—namely, that vast chunks of the world economy would move into cyberspace—are, in one way or another, coming true.The raw numbers tell only part of the story. According to America’s Department of Commerce, online retail sales in the world’s biggest market last year rose by 26%, to $55 billion. That sounds a lot of money, but it amounts to only 1.6% of total retail sales. The vast majority of people still buy most things in the good old “bricks-and-mortar” world.But the commerce department’s figures deal with only part of the retail industry. For instance, they exclude online travel services, one of the most successful and fastest-growing sectors of e-commerce. InterActiveCorp (IAC), the owner of and , alone sold $10 billion-worth of travel last year—and it has plenty of competition, not least from airlines, hotels and car-rental companies, all of which increasingly sell online.Nor do the figures take in things like financial services, ticket-sales agencies, pornography (a $2 billion business in America last year, according to Adult Video News, a trade magazine), online dating and a host of other activities, from tracing ancestors to gambling (worth perhaps $6 billion worldwide). They also leave out purchases in grey markets, such as the online pharmacies that are thought to be responsible for a good proportion of the $700m that Americans spent last year on buying cut-price prescription drugs from across the border in Canada.And there is more. The commerce department’s figures include the fees earned by internet auction sites, but not the value of goods that are sold: an astonishing $24 billion-worth of tradewas done last year on eBay, the biggest online auctioneer. Nor, by definition, do they include the billions of dollars-worth of goods bought and sold by businesses connecting to each other over the internet. Some of these B2B services are proprietary; for example, Wal-Mart tells its suppliers that they must use its own system if they want to be part of its annual turnover of $250 billion.So e-commerce is already very big, and it is going to get much bigger. But the actual value of transactions currently concluded online is dwarfed by the extraordinary influence the internet is exerting over purchases carried out in the offline world. That influence is becoming an integral part of e-commerce.To start with, the internet is profoundly changing consumer behaviour. One in five customers walking into a Sears department store in America to buy an electrical appliance will have researched their purchase online—and most will know down to a dime what they intend to pay. More surprisingly, three out of four Americans start shopping for new cars online, even though most end up buying them from traditional dealers. The difference is that these customers come to the showroom armed with information about the car and the best available deals. Sometimes they even have computer print-outs identifying the particular vehicle from the dealer’s stock that they want to buy.Half of the 60m consumers in Europe who have an internet connection bought products offline after having investigated prices and details online, according to a study by Forrester, a research consultancy (see chart 1). Different countries have different habits. In Italy and Spain, for instance, people are twice as likely to buy offline as online after researching on the internet. But in Britain and Germany, the two most developed internet markets, the numbers are evenly split. Forrester says that people begin to shop online for simple, predictable products, such as DVDs, and then graduate to more complex items. Used-car sales are now one of the biggest online growth areas in America.People seem to enjoy shopping on the internet, if high customer-satisfaction scores are any guide. Websites are doing ever more and cleverer things to serve and entertain their customers, and seem set to take a much bigger share of people’s overall spending in the future.This has enormous implications for business. A company that neglects its website may be committing commercial suicide. A website is increasingly becoming the gate way to a company’s brand, products and services—even if the firm does not sell online. A useless website suggests a useless company, and a rival is only a mouse-click away. But even the coolest website will be lost in cyberspace if people cannot find it, so companies have to ensurethat they appear high up in internet search results.For many users, a search site is now their point of entry to the internet. The best-known search engine has already entered the lexicon: people say they have “Googled” a compan y, a product or their plumber. The search business has also developed one of the most effective forms of advertising on the internet. And it is already the best way to reach some consumers: teenagers and young men spend more time online than watching television. All this means that search is turning into the internet’s next big battleground as Google defends itself against challenges from Yahoo! and Microsoft.The other way to get noticed online is to offer goods and services through one of the big sites that already get a lot of traffic. Ebay, Yahoo! and Amazon are becoming huge trading platforms for other companies. But to take part, a company’s products have to stand up to intense price competition. People check online prices, compare them with those in their local high street and may well take a peek at what customers in other countries are paying. Even if websites are prevented from shipping their goods abroad, there are plenty of web-based entrepreneurs ready to oblige.What is going on here is arbitrage between different sales channels, says Mohanbir Sawhney, professor of technology at the Kellogg School of Management in Chicago. For instance, someone might use the internet to research digital cameras, but visit a photographic shop for a hands-on demo nstration. “I’ll think about it,” they will tell the sales assistant. Back home, they will use a search engine to find the lowest price and buy online. In this way, consumers are “deconstructing the purchasing process”, / says Professor Sawhney. They are unbundling product information from the transaction itself.It is not only price transparency that makes internet consumers so powerful; it is also the way the net makes it easy for them to be fickle. If they do not like a website, they swiftly move on. “The web is the most selfish environment in the world,” says Daniel Rosensweig, chief operating officer of Yahoo! “People want to use the internet whenever they want, how they want and for whatever they want.”Yahoo! is not alone in defining its strategy as working out what its customers (260m unique users every month) are looking for, and then trying to give it to them. The first thing they want is to become better informed about products and prices. “We operate our business on that belief,” says Jeff Bezos, Amazon’s chief executive. Amazon became famous for books, but long ago branched out into selling lots of other things too; among its latest ventures are health products,jewellery and gourmet food. Apart from cheap and bulky items such as garden rakes, Mr Bezos thinks he can sell most things. And so do the millions of people who use eBay.And yet nobody thinks real shops are finished, especially those operating in niche markets. Many bricks-and-mortar bookshops still make a good living, as do flea markets. But many record shops and travel agents could be in for a tougher time. Erik Blachford, the head of IAC’s travel side and boss of Expedia, the biggest internet travel agent, thinks online travel bookings in America could quickly move from 20% of the market to more than half. Mr Bezos reckons online retailers might capture 10-15% of retail sales over the next decade. That would represent a massive shift in spending.How will traditional shops respond? Michael Dell, the founder of Dell, which leads the personal-computer market by selling direct to the customer, has long thought many shops will turn into showrooms. There are already signs of change on the high street. The latest Apple and Sony stores are designed to display products, in the full expectation that many people will buy online. To some extent, the online and offline worlds may merge. Multi-channel selling could involve a combination of traditional shops, a printed catalogue, a home-shopping channel on TV, a phone-in order service and an e-commerce-enabled website. But often it is likely to be the website where customers will be encouraged to place their orders.One of the biggest commercial advantages of the internet is a lowering of transaction costs, which usually translates directly into lower prices for the consumer. So, if the lowest prices can be found on the internet and people like the service they get, why would they buy anywhere else?One reason may be convenience; another, concern about fraud, which poses the biggest threat to online trade. But as long as the internet continues to deliver price and product information quickly, cheaply and securely, e-commerce will continue to grow. Increasingly, companies will have to assume that customers will know exactly where to look for the best buy. This market has the potential to become as perfect as it gets.附件2:外文资料翻译译文日趋完善的电子商务当2000年科技泡沫爆发时,备受炒作的网上公司好象随之蒸发了,众多的网上贸易也被迫流产。
移动电子商务中的数据安全与隐私保护探究移动电子商务(Mobile e-commerce,简称M-commerce)是指通过移动设备进行的电子商务活动,如通过智能手机、平板电脑等移动设备进行在线购物、支付、预订等操作。
随着移动互联网的快速发展,M-commerce正逐渐成为人们生活中不可或缺的一部分。
然而,随之而来的是对于数据安全与隐私保护的关注。
数据安全对于移动电子商务的发展至关重要。
数据安全的目标是确保移动电子商务活动中涉及的数据不会被未经授权的人访问、修改、窃取或操作。
为了保障数据安全,在移动电子商务中采取一系列技术手段来保护个人用户的信息安全。
首先,加密技术是保障移动电子商务数据安全的核心手段。
通过对数据进行加密,可以防止黑客窃取用户的信息。
常见的加密方式包括对称加密和非对称加密。
对称加密采用同一个密钥对数据进行加密和解密,安全性相对较低;非对称加密使用公钥和私钥对数据进行加密和解密,安全性更高。
同时,在数据传输的过程中使用SSL(Secure Socket Layer)技术,建立安全通道,防止数据被窃取。
其次,移动电子商务平台需要建立健全的用户身份验证机制。
通过手机号、邮箱、指纹、人脸识别等多重认证方式,确保只有合法用户才能进行购买、支付等操作。
此外,平台还应加强对商家身份的审核,防止虚假商家的存在,保护消费者的合法权益。
再次,移动电子商务平台应建立完善的安全检测机制和防护系统。
及时发现和处理可能存在的安全漏洞,加强对移动应用程序和服务器的安全性检测,避免黑客攻击和恶意代码注入。
同时,平台应实施日志记录和安全监控,及时发现并阻止可疑活动。
除了数据安全,隐私保护是移动电子商务中另一个不可忽视的问题。
隐私保护涉及个人的权益和个人信息的收集、使用和存储。
在移动电子商务中,用户的个人信息包括姓名、联系方式、地址、购买记录等,需要谨慎处理,保护用户的隐私权。
首先,移动电子商务平台应制定明确的隐私保护政策,并在用户注册和使用过程中明确告知用户隐私政策,以获取用户的明确同意。
电子商务安全保障文献综述范文模板1. 绪论在当前数字化时代,电子商务的快速发展已经给商业活动带来了许多便利,同时也带来了一系列的安全威胁和挑战。
本文将对电子商务安全保障方面的相关文献进行综述,以期提供一个全面的理论框架和实践指导,确保电子商务的安全稳定运行。
2. 电子商务安全问题电子商务安全问题是阻碍其发展的重要因素之一。
有许多文献对电子商务安全问题进行了深入研究,主要包括以下方面:网络攻击与防御、信息隐私保护、支付安全和交易欺诈等。
2.1 网络攻击与防御网络攻击是指黑客对电子商务系统进行非法入侵、破坏和获取机密信息的行为。
为了保障电子商务的安全,研究者针对各种网络攻击手段提出了相应的防御策略,包括网络防火墙、入侵检测系统和加密技术等。
2.2 信息隐私保护在电子商务中,用户的个人和交易信息面临被滥用的风险。
为了保护信息隐私,文献中提出了多种策略和技术,如身份验证、访问控制和数据加密等。
2.3 支付安全和交易欺诈支付安全和交易欺诈是电子商务中的热点问题之一。
文献中主要探讨了支付系统的安全性和交易欺诈检测技术,以保证交易过程的安全可靠。
3. 电子商务安全保障措施为了应对电子商务安全问题,研究者提出了一系列的安全保障措施,以确保电子商务的正常运行。
主要包括以下几个方面:网络安全技术的应用、法律法规的制定和执行、企业内部治理和用户教育等。
3.1 网络安全技术的应用网络安全技术是电子商务安全保障的重要手段,包括网络防御技术、数据加密技术、身份认证技术等。
文献中介绍了这些技术的原理、应用场景和效果。
3.2 法律法规的制定和执行为了保护电子商务的安全,各国制定了一系列的法律法规,如信息安全法、消费者权益保护法等。
文献中对这些法律法规进行了分析和评价,并讨论了其实施的问题和挑战。
3.3 企业内部治理和用户教育企业内部治理和用户教育是电子商务安全保障的重要环节。
文献中提出了企业应建立完善的安全管理制度和培训机制,同时,用户也应加强自身的安全意识和知识。
移动电子商务的安全问题研究内容摘要:随着移动电子商务的发展,其安全问题倍受人们的关注。
本文对移动电子商务技术的安全现状作了简要讨论,然后对IEEE 802.11标准、WAP技术、WPKI技术等从安全角度进行了分析,并针对不安全的因素提出了改进建议。
关键词:移动电子商务IEEE 802.11 WAP WPKI随着无线通信技术的发展,移动电子商务已经成为电子商务研究热点。
移动电子商务是将现代信息科学技术和传统商务活动相结合,随时随地为用户提供各种个性化的、定制的在线动态商务服务。
但在无线世界里,人们对于进行商务活动安全性的考虑比在有线环境中要多。
只有当所有的用户确信,通过无线方式所进行的交易不会发生欺诈或篡改、进行的交易受到法律的承认和隐私信息被适当的保护时,移动电子商务才有可能蓬勃开展。
移动电子商务通信安全的现状由于无线通讯接入方式非常灵活,所以其对安全的要求更高。
实际上,主要的无线通信技术都有各自的措施、协议和方法来保证各自体制下的通信安全。
这里我们将从无线网络和电子商务应用两个方面作简要讨论。
无线局域网无线局域网络是以无线连接至局域网络的通讯方式。
它采用的是IEEE 802.11系列标准。
在该标准中,无线局域网的安全机制采用的是WEP协议(有线对等安全协议)。
在数据链路用WEP加密数据,保证了信道上传送数据的安全。
另外,无线局域网的网络管理员分配给每个授权用户一个基于WEP算法的密钥,这样就有效阻止了非授权用户的访问。
WAP(无线应用协议)技术WAP由一系列协议组成,用来标准化无线通信设备,例如:移动电话、移动终端;它负责将Internet和移动通信网连接到一起,客观上已成为移动终端上网的标准。
WAP协议可以广泛地运用于GSM、CDMA、TDMA、3G等多种网络。
WAP的安全机制是通过WTLS(无线传输层安全)协议来实现的。
WTLS协议类似于互联网传输层安全协议。
在无线技术的有限的发送功率、存储容量及带宽的条件下,WTLS能够实现鉴定,保证数据的完整性和提供保密服务的目标。
文章标题:The Evolution and Impact ofMobile CommerceIn today's fast-paced and technologically advanced world, mobile commerce, commonly referred to as m-commerce, has revolutionized the way we conduct business transactions. This emerging trend, which leverages the ubiquity and portability of mobile devices, has not only transformed the retail landscape but also altered consumer behaviors and expectations.The evolution of mobile commerce can be traced back to the early days of mobile phones, when basic functionalities like SMS and MMS were used for transactional purposes. However, with the advent of smartphones and the subsequent explosion of mobile internet usage, m-commerce has evolved into a robust and comprehensive platform that offers a seamless shopping experience.One of the most significant impacts of mobile commerceis its ability to reach a vast and diverse audience. With over billions of smartphones in use globally, businessescan now target customers across geographies and demographics, providing personalized offers and servicestailored to their specific needs. This has opened up new avenues for marketing and advertising, enabling companiesto engage with their customers in a more direct and interactive manner.Moreover, mobile commerce has also transformed the payment landscape. With the integration of mobile wallets, digital payment systems, and contactless payment methods, customers can now make purchases quickly and securely, eliminating the need for cash or physical cards. This not only enhances the convenience of shopping but also reduces the risks associated with traditional payment methods.Another key aspect of mobile commerce is itsintegration with social media and other digital platforms. Consumers can now share their shopping experiences, reviews, and recommendations with their friends and followers, creating a viral effect that can significantly influence purchase decisions. Businesses can leverage this social media influence to build brand awareness, enhance customer loyalty, and drive sales.However, the rise of mobile commerce has also presented some challenges. With the increasing number of mobileapplications and online stores, it can be overwhelming for customers to choose from. Additionally, security concerns and privacy issues have also emerged as major concerns, especially with the increasing incidence of cyber-attacks and data breaches.Despite these challenges, the future of mobile commerce looks promising. With the continued development of advanced technologies like artificial intelligence, machine learning, and augmented reality, mobile commerce is expected to become even more personalized, intelligent, and immersive. This will enable businesses to offer a richer and more engaging shopping experience, further enhancing customer satisfaction and loyalty.In conclusion, mobile commerce has revolutionized the retail industry, transforming the way we shop, pay, and engage with brands. While it presents some challenges, its potential and opportunities are immense. As the technology continues to evolve, we can expect mobile commerce to play an increasingly significant role in shaping the future of retail.**移动商务的演变与影响**在当今快节奏和技术高度发达的世界里,移动商务(通常简称为m-commerce)已经彻底改变了我们进行商业交易的方式。
移动电子商务探究论文1移动电子商务的概述移动电子商务移动移动电子商务(M-Commerce)是由电子商务(E-Commerce)的概念衍生出来的。
基于对我国移动商务的应用特征和未来发展趋势的判断来说,可以将移动商务定义为通过连接公共和专用网络,使用移动终端来实现各种活动,包括经营、管理、交易、娱乐等。
概括地说,移动电子商务是指通过手机、个人数字助理和掌上电脑等手持移动终端进行的商务活动。
与传统通过电脑平台开展的电子商务相比,拥有更为广泛的用户基础,因此具有更为广阔的市场前景。
相对于传统的电子商务,移动电子商务增加了移动性和终端的多样性,无线系统允许用户访问移动网络覆盖范围内任何地方的服务,通过对话交谈和文本文件直接沟通。
由于移动电子电话手持设备的广泛使用。
使其将比个人计算机具有更广泛的用户基础。
移动电子商务具有移动性、个性化和方便性等特点。
移动电子商务提供的服务因特网、移动通信技术和其它技术的完善组合创造了移动电子商务,但真正推动市场发展的却是多样的服务。
目前,移动电子商务主要提供以下服务:银行业务。
移动电子商务使用户能随时随地在网上安全地进行个人财务管理,进一步完善因特网银行体系。
用户可以使用其移动终端核查账目、支付账单、进行转账以及接收付款通知等。
交易。
移动电子商务具有即时性,因此非常适合股票交易等应用。
移动设备可用于接收实时财务新闻和信息,也可确认订单并安全地在线管理股票交易。
订票。
通过因特网预订机票、车票或入场券已经发展成为一项主要业务,其规模还在继续扩大。
移动电子商务使用户能在票价优惠或航班取消时立即得到通知,还可随时支付票款或在旅行途中临时更改航班或车次。
借助移动设备,用户可以浏览电影剪辑、阅读评论,然后订购邻近电影院的电影票。
购物。
借助移动电子商务,用户能够通过移动通信设备进行网上购物,如订购鲜花、礼物、食品或快餐等。
传统购物也可通过移动电子商务得到改进,例如用户可以使用无线电子钱包等具有安全支付功能的移动设备,在商店里或自动售货机上购物。
移动电子商务安全机制探讨文章分析了目前移动电子商务业务所面临的安全性问题,并结合移动电子商务的技术体系结构,从移动通信网络的角度出发,对影响移动电子商务发展前景的有关安全机制进行了探讨。
标签:移动电子商务安全机制移动通信移动电子商务(M-Commerce)是指通过手机、PDA、笔记本电脑等移动通信设备与无线上网技术结合所构成的一个电子商务体系。
相对于传统的电子商务体系而言,移动电子商务可以使使用者在任何时间、任何地点都能够得到整个网络的信息与服务,增加了商务活动的灵活性、便利性、随时性,为企业带来了更多的商业机会。
但由于电子商务本身存在的安全问题以及移动设施引发的新的商务安全隐患,使得移动电子商务的安全成为业内人士关注的热点,直接关系到移动电子商务模式的运行前景。
一、移动电子商务面临的安全性问题1.来自移动通信终端的安全威胁与有线终端相比,移动通信终端的资源状况非常有限,CPU的处理能力、内存的容量、数据传输速率等都与有线终端存在很大的差距,使得在有限的资源中开展的业务受到很大的限制。
移动通信终端体积小、重量轻,便于随身携带使用,但也容易丢失和被窃。
这使得攻击者可以通过所获取来的移动终端上的数据资源如数字证书、机密数据等,非授权访问企业内部网络的系统资源,或破坏移动通信终端中的数据完整性。
目前手持移动设备最大的问题就是缺少对特定用户的实体认证机制。
2.无线通信网络本身的威胁移动电子商务是基于移动通信系统的无线数据通信技术的。
无线通信网络是通过一个开放的信道进行通信,无法像有线网络那样依靠信道的安全来保护信息,这就使得它在给无线用户带来通信自由和灵活性的同时,也带来了诸多不安全因素。
这对于使用无线网络的用户信息安全、个人安全等都构成了潜在的威胁。
3.移动Ad-hoc网络存在的安全问题Ad-Hoc网络是一种没有有线基础设施支持的移动网络,在不依赖基础网络设施的前提下由一定范围内的移动终端动态的建立可以互联的网络。
Security issues in Mobile eCommerceDo Van ThanhProduct Line Mobile e-commerce, Ericsson Norway,P.B. 34, N-1375 Billingstad, Norwayvan.thanh.do@eto.ericsson.seAbstract. With Mobile e-commerce the mobile user can buy and pay forthings, pay his bill or make a bet via his mobile phone when on the move,anywhere and at any time. Mobile e-commerce will bring convenience andcontribute to improve life quality of the users. However, in order to be suc-cessful, security measures must be strong enough to protect the user from ille-gal abuses and to get confidence from him. Unfortunately, current securitymeasures for mobile phones are not yet sufficient. This paper describes theR&D activities in mobile e-commerce at Ericsson, which aim at making mo-bile e-commerce applications secure and enabling a full-scale developmentand deployment of them. The paper starts with a definition of mobile e-commerce. Next are a summary of the Wireless Application Protocol (WAP)and its achievements. The problems related to security in mobile e-commerceare then described. Thereafter, the solution to the problems is presented. Thepaper concludes with a look on the future and discussions on what can bedone.1 IntroductionThe convergence of mobile communications network and Internet has paved the way for a range of brand-new applications called wireless Internet applications. Which one of them will be the killer application is still unclear. However, there is one type of wireless Internet applications that are getting more and more popular and may even surpass their counterpart in the fixed Internet. They are called mobile electronic commerce applications. They enable the user to buy small things such as soft drinks, cinema tickets, train tickets, etc. or to pay his bills via mobile devices, i.e. mobile phones, PDAs (Personal Data Assistant), palmtops, etc. In a time when people are much on the move and focus is on life quality improvement, mobile e-commerce applications will bring both convenience and save a lot of time for the mobile user. However, in order to be successful, security measures must be strong enough to pro-tect the user from illegal abuses and to get confidence from him. Unfortunately, current security measures for mobile phones are not sufficient. This paper describes the R&D activities in mobile e-commerce at Ericsson, which aim at making mobile e-commerce applications secure and enabling a full-scale development and deploy-ment of them. The paper starts with a presentation of mobile e-commerce. Next are a K. Bauknecht, S. Kumar Madria, and G. Pernul (Eds.): EC-Web 2000, LNCS 1875, pp. 467−476, 2000. Springer-Verlag Berlin Heidelberg 2000468 D.V. Thanhsummary of the Wireless Application Protocol (WAP) and its achievements. The problems related to security in mobile e-commerce are then described. Thereafter, the solutions to the problems are presented. The paper concludes with a look on the future and discussions on what can be done.2 What is mobile e-commerce?Mobile e-commerce is e-commerce brought to mobile users via mobile devices such as palmtops, PDAs or most dominantly mobile phones. With an ever-increasing number of devices in the market, mobile phones will undoubtedly play a crucial role in promoting mobile e-commerce. Mobile e-commerce allows users to conduct e-commerce on their mobile devices: obtain marketing and sales information, receive ordering information, make a purchase decision, pay for it, obtain the service or product and finally, receive customer support required.Mobile e-commerce is more than a mobile and wireless extension of the Web-based e-commerce. It is an entirely new sales and promotion channel, and is the enabler for a whole range of new services such as buy a Coke, pay for parking, buy train ticket, etc. via mobile phone. Most importantly it is tailored to the users in many aspects. It follows the user and is available anytime and anywhere. Although mobility is a valuable characteristic to the user in general, it is especially precious for e-commerce because it enables a key factor, which is missing in other e-commerce forms, namely the ability to adapt to the user, his humor and his demands. In fact, the essence of commerce is to be able to satisfy the demands of the users. It is im-portant not only to be able to offer whatever the user wants but also whenever he wants. Mobile e-commerce can also be customised such it fits the preferences of the user in combination with time and location.Another important aspect of mobile e-commerce is the ability to mix electronic media with other media such as newspaper, TV, radio, natural communication in any of the commerce phases i.e. presentation, selection, ordering, payment, delivery and customer care. For example, the mobile user can browse on his mobile phone and obtain the location of the closest shop. He goes there and buys a Coke. In this case, the presentation and selection are done electronically via the mobile phone while the rest is done in a traditional way via natural communication. In another situation, the user buys groceries and pays via his mobile phone. The presentation, selection, ordering, delivery and customer care phases are carried out in traditional way and only the payment phase is done electronically.3 Mobile e-commerce and WAPThe Wireless Application Protocol (WAP) promoted by the Wap forum enables the access to the Internet for mobile devices. Taken into account the limited bandwidth of the wireless link, the limitation of mobile devices concerning processing, storage,battery life, size and weight, WAP is optimised for the wireless environment. The architecture of WAP is shown in Figure 1.Figure 1 The WAP architectureOf course, WAP will contribute to the success of mobile e-commerce but it is worth noting that mobile e-commerce exists also without WAP. For example, the first mo-bile e-commerce application in Norway, "The cinema ticket" that was jointly devel-oped by Ericsson and Telenor Mobile is not based on WAP. It is based on SIM appli-cation toolkit where the commerce application is implemented on the SIM (Sub-scriber Identity Module) of the mobile phone. In the future, mobile e-commerce can be extended further through the adoption of newer technology such as Bluetooth,which allows local communications between devices without the need of an on-line connection with the network.4 Security requirements in e-commerceIn e-commerce where the consumer and the merchant communicate indirectly via software entities and the Internet, trust must be somehow established between the two parties. In order to achieve trust the following security functions must be per-formed:- Authentication: Each party needs to be able to authenticate its counterpart, i.e.to make sure that the counterpart is the one he claimed to be.- Integrity: Each party needs to make sure that the received messages are not al-tered or fabricated by other than their counterpart.- Confidentiality: Each party wants to keep the content of their communication secret.- Message authentication: Each party wants to make sure that the received mes-sages do really come from his counterpart.469Security Issues in Mobile eCommerce470 D.V. Thanh- Non-repudiation: Each party wants to prevent that the counterpart later on de-nies the agreements that he has approved earlier.Usually, the two parties do not and must neither know each other in order to do trading. In such a case, the asymmetric cryptographic algorithm, also called the Public key algorithm is more appropriate than the symmetric cryptographic algo-rithm.Briefly, the public key algorithm uses a key pair, one private and one public for encryption and decryption. What encrypted by one key can only be decrypted by the corresponding one. It should also be practically impossible to derive one key from the other one. Confidentiality and integrity are prevailed when the sending party encrypts the message with the recipient's public key since only the later has the cor-responding private key to decrypt the message. Authentication and non-repudiation are achieved when the sender encrypts the message or part of it with his private key. The receiver decrypts the message with the sender's public key and can be sure that it comes from the sender because only he is the only to have the private key. This later encryption scheme is known as digital signature, which usually consists also of a message digest (hash function) to reduce the size of the message to be encrypted and to optimize the signing process. There are currently several public key algorithms such as RSA [1], Elliptic curves.The issue now is to be certain who owns what key pair. A certificate issued by a trusted authority also called Certificate Authority (CA) attests that a public key be-longs to an entity or individual with a certain name and attributes. Both certificates and keys need to be managed, i.e. generated, revoked, updated, recovered, etc. and a Public Key Infrastructure (PKI) is necessary for that.5 Commerce for the mobile user5.1 Ideal mobile e-commerce systemAt first glance, mobile e-commerce may appear to be identical to "fixed" e-commerce extended with mobile wireless access and the solutions used in Web commerce, e.g. Web shopping, Web banking can be applied directly to mobile e-commerce. How-ever, mobile e-commerce differs to "fixed" e-commerce in the following respects: Instantaneous delivery: The mobile user is of course interested in having service like web shopping where the delivery of non-electronic goods is carried out later. But, in addition he may want to have the goods delivered to him immediately or in a short delay. For example, after paying for a Coke via his mobile phone he expects the can to run out from the Coke automate. When paying for a cinema ticket he expects to be able to collect the ticket within the same day. It is therefore necessary to have user authentication and also receipt delivery.Micro payment: For mobile users it is also to be able to buy small things and to pay small amount of money. The fees for such payments must be small compared to the payments.Mobile context : The mobile user in many situations must be able to operate the services with only one hand. The user may be in environments that are distracting,e.g. crowded, noisy and interactions with the e-commerce services must both simple and small in numbers. The payment scheme of Web shopping described earlier where the user has to enter his personal data and his credit card number is hence not appropriate for the mobile user. A user-friendly payment scheme is required.An ideal mobile e-commerce as shown in Figure 2 should support the following features:- user authentication- merchant authentication- secure channel i.e., encrypted channel- user friendly payment scheme supporting micro payment- receipt delivery- simple user interfaceUser's mobile phoneMerchant's serverFigure 2 An ideal mobile e-commerce system471Security Issues in Mobile eCommerce472 D.V. Thanh5.2 Limitations of the mobile phonesAn ideal e-commerce system puts severe requirements that are difficult to be met by the mobile phone itself as follows:-It must also be equipped with a browser that has interface to the cryptographic functions.-It must be capable of digitally signing a message using the user private key in order to participate to the user authentication. For that, it must have public key cryptographic functions such as RSA. It must have a tamper-proof storage for storing the user's private key. It must also have enough storage for the user's certificate.-It must be capable of authenticating the merchant. For that, it needs to have enough storage for root certificates. It must have public key cryptographic func-tions.-It must also have symmetric cryptographic functions for the establishment of the secure channel between the mobile phone and the merchant' server.Let us consider successively different type of mobile phones and see what capabilities they have and how to enable them to participate in mobile e-commerce.Standard GSM phonesA GSM (Global System for Mobile communication) phone [4] [5] comprises of:-An ME (Mobile Equipment) which is actually the "empty" phone with the display, keypad, microphone, speaker.-And a SIM (Subscriber Identity Module) which is a removable smart card.The SIM contains the International Subscriber Identity (IMSI) which unam-biguously identifies the subscriber. Without a valid IMSI, GSM service is not accessible. The SIM contains also the security features for subscriber authen-tication such as authentication algorithm (A3), subscriber authentication key (Ki), cipher key generation algorithm (A8), cipher key (Kc)The ME is the master and initiates commands to the SIM and there is no mechanism for the SIM to initiate a communication with the ME. A standard GSM phone does not meet nay of the requirements mentioned above and is not capable to engage in mobile e-commerce.GSM SAT enabled phonesThe SIM Application Toolkit (SAT) provides mechanisms, which allows appli-cations, existing in the SIM, to interact and operate with any ME supporting the specific mechanisms required by the application. A browser, the public key crypto-graphic functions and a user private key can be installed in the SIM. However, the SIM does not have enough storage capacity for all the certificates needed and is hence not capable of generating complete digital signature. In addition, in order to communicate with merchant's web server, the SAT phone needs assistance from an intermediary server that has similar functionality as the WAP gateway. We will not consider pure SAT phones since more powerful WAP phones have emerged.WAP phonesThe WAP phone is a mobile phone that has a WML browser and a WAP protocol stack on the ME. It is hence capable of communicating with any Web servers via the WAP gateway. The connection with the WAP gateway can be based on different bearers such as GSM circuit-switched connection, GPRS, SMS, USSD, etc.The first version of WAP phones, called WAP 1.1 phones do not have public key cryptographic functions for digital signature. However, a combined WAP-SAT phones will both have a WML browser in the ME and public key functionality in the SIM. The only problem is the lack of the interface between the browser and the cryptographic functions on the SIM. The browser is hence not able to invoke the cryptographic functions necessary for user authentication.In the WAP 1.2 phone, there will be a Wireless Identity Module (WIM), which incorporates both the SIM and also local memory in the ME. Public key crypto-graphic functions and also the user private key can both be stored in the WIM. There will also be implemented an interface, which allows the browser to communicate with the cryptographic functions. WAP 1.2 phones will be capable of generating digital signature according to the PKCS#1 standard [6], but they will not able to generate an electronic signature according to the PKCS#7 that are required in the validation process of the signature. It is possible to say that even WAP phones are not capable to participate in mobile e-commerce by themselves but they need assis-tance from the system.5.3 The Mobil ePayTo allow mobile phones to perform digital signature, we introduce a proxy server,called Mobile ePay . The Mobile ePay is responsible to perform on behalf of the mobile phones the tasks that the latter are not capable such as:- Storing the user's certificates- Generating electronic signature, e.g. PKCS#7 message format from digitalsignature, e.g. PKCS#1 format, generated by mobile phones.- Validating of the merchant's serversIn addition to the security functions the Mobile ePay has also payment functions such as:- Prepaid account supporting micro payment- Interfacing with the systems of the financial institutionsTo illustrate the role of the Mobile ePay in our payment system two operations namely user authentication for WAP 1.1 phones and payment from WAP 1.1 phones are described.User authenticationThe user authentication as depicted in Figure 3 comprises of the following steps:1. The user visits a merchant site.2. The merchant server sends the content to the mobile phone via the WAP gate-way.473Security Issues in Mobile eCommerce3. The user wants to authenticate himself toward the merchant. The authentica-tion request is sent to the WAP gateway, which sends to the Mobile ePay. The Mo-bile ePay sends it to the merchant server.WAP-SAT phoneWAP gateway Merchant serverFigure 3 Mobile ePay role in user authentication4. The merchant server generates an authentication message, e.g. a random num-ber and sends it to the Mobile ePay, which sends to the SMS-C (Short Message Center). The SMC-C delivers it to the SIM on the mobile phone.5. The SIM asks for permission to sign.6. If the user accepts the SIM performs the signing, i.e. generating a digital sig-nature in PKCI#1 format.7. The SIM sends it back to the SMS-C, which sends it to the Mobile ePay.8. The Mobile ePay generates an electronic signature in PKCS#7 format by using the received digital signature in PKCS#1 format.9. The Mobile ePay sends the complete electronic signature to the merchant server.474 D.V. ThanhPayment from WAP 1.1 phones1. The user visits a merchant site.2. The merchant server sends the content to the mobile phone via the WAP gate-way.WAP-SATphoneWAP gateway Merchant server Figure 4 Payment from WAP 1.1 phones3. The user wants to buy. The request is sent to the WAP gateway, which forwards it to the Mobile ePay. The Mobile ePay delivers it to the merchant server.4. The merchant server sends an offer to the Mobile ePay.5. The Mobile ePay sends a request for payment type to the browser via the WAP gateway6. The user selects the payment type, e.g. prepaid account, credit cards, etc. and7. The payment type is sent to the Mobile ePay via the WAP gateway.8. The Mobile ePay sends the contract to the SIM via the SMS-C.9. After asking for confirmation from the user, the SIM performs the signing10. The SIM sends the digital signature back to the Mobile ePay via the SMS-C.475Security Issues in Mobile eCommerce476 D.V. Thanh11. The Mobile ePay executes the necessary transactions according to the payment type. This may include transactions towards financial institutions in case of payment by credit card.12. The Mobile ePay sends a confirmation to the merchant server.13. The merchant server returns a URL for the continuation of browsing.14. The mobile ePay generates a receipt and sends it together with the URL for continuation to the browser via the WAP gateway.The browser can then continue with the browsing from the received URL. The shopping is hence completed.6 ConclusionIn this paper a mobile e-commerce system is presented. Taking into account the physical and functional limitations that prevent mobile phones from participating to mobile e-commerce, the system introduces a proxy server that offers the necessary assistance to mobile phones. In addition to the security functions, the Mobile ePay also have payment functions such as prepaid account, interface towards financial systems. With Mobile ePay, the user can perform in a secure way any mobile e-commerce service such as doing bank transaction, buy goods or services, from mo-bile phones. The proposed solution is far from being perfect and quite a lot of issues remain to be done such as time stamping for electronic signature, the relation be-tween the private public key pair and the user, i.e. how many key pair should the user have and the relation between key pair and certificates, how many certificates can be associated to a key pair, etc.References1. Visa & Master Card: SET Secure Electronic Transaction Specification - Book One: Busi-ness Description, version 1.0, May 31, 1997, /download.html/#spec 2. Visa & Master Card: SET Secure Electronic Transaction Specification - Book Two: Pro-grammer's Guide, version 1.0, May 31, 1997, /download.html/#spec 3. Visa & Master Card: SET Secure Electronic Transaction Specification - Book Three: For-mal Protocol Definition, version 1.0, May 31, 1997, /download.html/#spec4. ETSI: GSM 02.17 V8.0.0 Digital cellular telecommunications system (Phase 2+); Sub-scriber Identity Modules (SIM); Functional characteristic5. ETSI: GSM 11.14 Digital cellular telecommunications system (Phase 2+); Specification ofthe SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME) Interface6. RSA Laboratories. PKCS #1: RSA Encryption Standard. Version 1.5, Nov 19937. RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, Nov1993。
