Research On Security Techniques Of Electronic Commerce In Regional Network Manufacturing System

The information technology centered on Internet has accelerated rapid growth of electronic commerce (e_commerce).The most serious challenge of e_commerce is security. The security is crucial to popularity and development of e_commerce. Database security and digital signature are very important in e_commerce.Traditional database security protection based on static protecting techniques such as identification and access control is challenged in network environment with numerous emerging threats.Unauthorized access and modification of database has been reported frequently.lt is imperative to develop defense-in-depth techniques to protect database security.Proxy signature is a new digital signature which gives solution to delegation of signing capabilities in electronic world.Problems like how to avoid abuse of proxy signing capabilities and how to protect privavy in proxy signature have not been solved thoroughly.Further research is needed to be done to solve these problems. The paper presents the research on database intrusion prevention and proxy signature for e_commerce.The paper is divided into two parts which describe research on database intrusion prevention and on proxy signature respectively.The content of research on database intrusion prevention is as follows :Firstly,Application-level attack model of database is proposed on the basis of analysis of threats in Internet to e_commerce and attacks to database.The significance of database intrusion prevention is presented.Based on attack model of database, A model of database intrusion prevention system (DIPS) is proposed.The model extends the COAST firewall model with intrusion detection and updates database security from passive protection to proactive protection.The model has following features (1).focusing on database application-level intrusion behaviors ;(2). integration of firewall and intrusion detection techniques to prevent damage caused by ongoing attacks in real time. (3). a layered intrusion prevention model which detect intrusion behavior according to session level, schema level and semantic level information of transactions.The architecture of a database intrusion prevention system is proposed.The database application-level intrusion detection model and its formal specifications are presented.An integrity-protecting method based on Merkle hash tree is presented.This method can check the integrity of security rules stored in database. Its space cost and time cost is modest.A prototype of DIPS is implemented. The impact of DIPS on database system and its intrusion detection and prevention is tested and analyzed.The content of research on proxy signature is as follows:Two proxy signature schemes are proposed in order to avoid abuse of proxy signing capabilities.In designated-receiver proxy signature scheme, an original signer nominates a person as signature receiver when he delegates his signing capability to a proxy signer, and the proxy signer can generate valid proxy signature on behalf of the original signer which none but the nominated receiver can verify and accept, thus the misuse of proxy signature is avoided. A proxy signature scheme with controlled proxysigning capabilities is proposed. In this scheme, the proxy signing times of a proxy signer are designated by an original signer when he delegates his signing capabilities to the proxy signer. The proxy signer can not sign on behalf of the original signer more than the proxy signing times designated by the original signer and it is easy for the original signer to revoke the proxy signing capabilities when needed. The security of the proposed proxy signature schemes is analyzed.A privacy-protecting proxy signature scheme is proposed to protect privacy of original signer.In this scheme, the messages an original signer entrust to a proxy signer to sign on behalf of him are secret from the proxy signer during the generation of the proxy signature and from other people except the receiver designated by the original signer. Therefore, the privacy of the original signer is protect...