《事实信息理论与证据法学理论的变革.docx》由会员分享,可在线阅读,更多相关《事实信息理论与证据法学理论的变革.docx(12页珍藏版)》请在三一文库上搜索。
1、电子商务安全导论-名词解释(Introduction to e-commerce security - term interpretation)1 e-commerce: as the name suggests, is based on the electronic business operation based on the use of technology to accelerate the expansion of people to enhance its business related to the change of the process2, EDI: electroni
2、c data exchange is the first generation of electronic commerce technology, to achieve BTOB transactions3, BTOB: e-commerce activities among enterprise organizations.4, BTOC: e-commerce activities between business organizations and consumers.5, intranet: refers to the internal network based on TCP/IP
3、 protocol, it through firewall or other security mechanisms to establish connection with intranet. The services provided on intranet are mainly oriented to the enterprise.6, Extranet: refers to the enterprise domain network based on the TCP/IP protocol, it is a cooperative network.7, confidential bu
4、siness data, business data confidentiality or secrecy refers to the process of information transmitted over the network or stored is not stolen by others will not be leaked or disclosed to unauthorized persons or organizations, or encrypted camouflage, the unauthorized persons cannot understand its
5、content8, mail bomb: an attacker sends a large amount of junk mail to the same mail box to plug the mailbox.9, TCP hijacking: intrusion is one of the biggest threats to the server, the basic idea is to control a computer connected to the target network intrusion, and then disconnect from the Interne
6、t, make the network server to think that hackers are the actual client.10, the memory state of the HTTP protocol: that is, the server forgets some interaction after sending the response to the client. Protocols such as TLENET are memory states, and they need to remember a lot of information, request
7、s, and responses from both parties to the protocol.11, plaintext: original, not disguised message called plaintext, also known as the source. Usually expressed in M.12, ciphertext transforms plaintext into a pseudo message through a key and encryption algorithm, called ciphertext, usually expressed
8、in C13, encryption: it is to encode the information with the program based on the mathematical algorithm and the encrypted key, and generate the symbols which are difficult to understand by others, that is to say, the plaintext is converted into ciphertext. Usually expressed in E.14, decryption: the
9、 process of restoring ciphertext to plaintext is called decryption. Usually expressed in D.15, encryption algorithm: a set of rules used to encrypt plaintext, that is, the logic of encryption program is called encryption algorithm.16, the decryption algorithm message to the receiver after the cipher
10、text to decrypt the use of a set of rules called decryption algorithm.17, keys: the operations of encryption and decryption algorithms are usually carried out under the control of a set of keys, called encryption keys and decryption keys. Usually expressed in K.18, single key cryptosystem: encryptio
11、n and decryption using a frame or a substantially identical key encryption system. When using a single key cryptosystem, A B must exchange the key between each other. When A sends information B, A encrypts with its own encryption key, while B receives the data and decrypts it with the A key. Single
12、key cryptosystem is also called secret key system or symmetric key system.19, double key cryptosystem is also called public key system or asymmetric encryption system. This encryption method uses a pair of keys in encryption and decryption process, one for encryption and another for decryption. That
13、 is, the information encrypted by a key can be decrypted only by using another key. In this way, each user has two keys: public key and personal key, public key is used for encryption key, and personal key is used for decryption. The user will give the sender public key or public, the sender uses th
14、e recipients public key encryption information is only the recipient can decrypt.20, the integrity of data: data integrity refers to the data in an undamaged state and to maintain the integrity or segmentation of the quality or state.21, the digital signature is the use of digital technology to achi
15、eve additional personal markers in the network to transfer files to complete the system of handwritten signature, the role of the seal to confirm, responsible for handling, etc.22,Dual password encryption: its a pair of keys that are used in matching. One is the public key, which is open, others can
16、 get; the other is the private key, which is owned by the individual. This pair of keys is often used for encryption, one for decryption.23, digital envelope: the sender with a randomly generated DES key to encrypt a message, and then use the receivers public key encryption key DES, called the news
17、digital envelope, digital envelope and DES encrypted message to the receiver. After receiving the message, the receiver first uses the private key to find the digital envelope, then gets the senders DES key, and then uses this key to decrypt the message. Only the receivers RSA private key can be use
18、d to find the digital envelope to ensure the identity of the receiver.24, hybrid encryption system: comprehensive use of message encryption, digital envelope, hash function and digital signature to achieve security, integrity, authentication and non repudiation. As the standard mode of information s
19、ecurity transmission, it is generally called hybrid encryption system, and is widely used.25, digital time stamp: how to stamp the digital timestamp on the file is an important security technology. The digital time stamp should be guaranteed: (1) the timestamp stamped by the data file is independent
20、 of the physical media of the stored data. (2) it is impossible to make any changes to the file that has been stamped with time stamp. (3) it is impossible to stamp a document with the current date and time.26, indisputable signature: it is impossible to verify the signature of the signature without
21、 the cooperation of the signer himself. It is undeniable that the signature is to prevent the copy of the document being signed, which is beneficial to the owner of the property to control the distribution of the product.37, message authentication: enables the receiver to verify whether the sender a
22、nd the message have been tampered with.28, deterministic digital signature: its plaintext and ciphertext correspond to one another, it does not change the signature of a particular message.29, the random type digital signature also has the corresponding change according to the signature algorithm ra
23、ndom parameter value to the same message signature30, blind signature: in general digital signatures, it is always necessary to know the content of the document before signing it. But sometimes you need someone to sign a file, but dont let him know the content of the file31, completely blind signatu
24、re: 1 is an arbitrator, 2 to 1 signed a document, but do not want to let him know what is the contents of the documents signed, while the 1 does not care about the signed content, just make sure he will be when it to arbitration, then it can be realized by completely blind signature protocol. Comple
25、tely blind signature is that the current content of the signed documents do not care, do not know, but later, when necessary, can testify for arbitration.32, backup: is one of the ways to restore the error system, you can use the backup system to restore the latest system backup to the machine.33, a
26、rchiving: the process of transferring files from computer storage media to other permanent media for long term preservation.34, computer virus: refers to the destruction of computer functions compiled computer program inserted in the program, or destroy data, the impact of computer use and self repr
27、oduction of a group of computer instructions or code.35, mirror technology: one of the data backup technology, mainly network data mirroring, remote mirroring disk, etc.36 network physical security: physical equipment reliable, stable operation environment, fault-tolerant backup archiving and data i
28、ntegrity prevention37, parity: also a feature of the server. It provides a mechanism to ensure detection of memory errors, and therefore does not cause loss of data integrity due to server errors.38, boot virus: refers to parasitic in the disk boot area or the main boot area of the computer virus.39
29、, file virus: refers to the computer virus that can be sent to the file. Such virus programs infect executable or data files.40, benign viruses: those are just to show themselves, do not completely destroy the system and data, but will take up a lot of CPU time,A class of computer viruses that incre
30、ase system overhead and reduce system efficiency41, malignant virus: refers to those once attacked, will destroy the system or data, resulting in computer system paralysis of a computer virus. Double signature: in an electronic commerce 1, firewall: is a generic measure of preventive measures.42, no
31、n trusted network: generally refers to the external network.43, provide control point inside and outside two network access control44, the trusted network generally refers to the internal network.45, LAN refers to the network within a certain area.46, VPN (virtual private network): refers to the est
32、ablishment of a temporary, secure link through a public network. There may be two contact messages at the same time, M1. M2,47 access control: access or access control is an important means to guarantee network security, it takes a different authorized access to target resources in the implementatio
33、n of the use of cyber source on the theme of safety management certification through the main control mechanism of a group of different levels.48 independent access control: = DAC. It allocates access rights to the resource owner, and realizes access control based on the identification of each user.
34、 The access rights of each user are established by the owner of the data, which is often implemented by access control table or permission table49 mandatory access control: = MAC. It distributes the access authority and the implementation control by the system administrator, and is easy to coordinat
35、e with the network security strategy, and realizes the multi-level security control by the sensitive mark.50 bridge encryption technology: a encryption / decryption card encryption technology developed on the basis of the bridge can be realized in the existing encryption security strength under the
36、condition of lower bypass, to encrypt the database field storage, retrieval, indexing, operation, delete, modify the interface function until the offer, and it is realized and the cipher algorithm password, device independent.51 access authority: the right that the subject can access to the object.
37、Access rights should be defined according to each subject and object, including reading, writing, execution and so on. The meaning of reading and writing is clear, while the executive power means the search and execution of the document when the target is a program.To digitally sign them at the same
38、 time.52 rejection rate or false report rate: the quality index of identity authentication system is the probability of legitimate users being rejected.53 false negative rate refers to false user forged identity success probability54 pass word: pass word is a method to verify identity according to k
39、nown things, but also a research and use of the most widely used authentication method.55 domain authentication; CLIENT applies to SERVER application within the authentication domain of the KERBEROS.Authentication between 56 domains: CLIENT applies to SERVER application within the authentication dom
40、ain of the KERBEROS.57 digital authentication refers to the digital method to identify and authenticate the identity of the information exchange or server on the authentication networkThe 58 public key certificate links the public key to a particular human device or other entity. The public key cert
41、ificate is signed by the certificate authority, which contains the exact identity of the holder59 public key digital certificate: a proof file on the network, which proves that the public key owner in the dual key system is the user recorded on the certificate.60 single public key certificate system
42、: all users in a system share the same CA.More than 61 public key certificate system: mutual authentication for users with different certificates.62 client certificate confirms client identity and key ownership63 server certificates confirm the identity and public key of the server64 secure mail cer
43、tificate: verify the identity and public key of e-mail.65CA certificate confirms CA identity CA signature keyThe 66 certificate authority CA is used to create and publish certificates, which are usually issued by a limited group called security domain67 security server: for ordinary users, for the p
44、rovision of certificate applications, browser, certificate revocation table and certificate download and other security services.68.CA server: the core of the whole certificate authority, responsible for the issue of certificates.69 database server: the core part of the certification authority,Stora
45、ge and management of log and statistical information for authentication institutions data (such as key and user information).70 public key users need to know that the public key entity is the public key user.71 certificate update: when the certificate holders certificate expires, the certificate is stolen, and the certificate is updated when it is attacked, so that it can continue to participate in the online certification with the new certificate. The renewal of certificate includes two cases: Certificate replacement and certificate extension.