Study On Security Problems Of Mobile E-commerce

Vigorously promoting the informationization construction is a major strategic initiative influencing the overall economic development, which is proposed clearly in the fifth Plenum of the 15th CPC Central Committee. As a new business model, mobile e-commerce has become an important component of the national economy and social information. However, mobile e-commerce in China is still in its infancy, and security is the main bottleneck constraining the development of this emerging business model. Therefore, it has an important theoretical and practical significance to study security problems of mobile e-commerce further and promote the healthy development of mobile e-commerce.Solving security problems of mobile e-commerce, and enhancing the safety of mobile e-commerce, on the one hand can attract more of the public to devote into mobile e-commerce, applying and developing mobile e-commerce; on the other hand can effectively ensure the smooth implementation of the national economic activities in the digital, networked environment.Firstly, the paper analyzes the features of mobile e-commerce security, carries out a detailed distinction of the security between mobile e-commerce and traditional e-commerce, and analyzes security needs of mobile e-commerce. Secondly the paper conducts a detailed investigation into the status on the security of mobile e-commerce in China, in-depth analyzing the existing security problems of mobile e-commerce in China from technical and management perspective. On this basis, through research and adoption advanced technology and safety management experience in mobile e-commerce from other developed countries, the paper analyzes the security risks of the existing WAP application model and proposes a new WAP-based end-to-end security solution method. In virtue of two important process, namely the security session key generation process and the use of digital signature data end-to-end process, the solution method improves the security of data transmission. At the same time the paper analyzes the security flaws of existing SMS application model system, and proposes a solution method based on SMS (STK) security, using the CMPP acting modules between short message gateway and safe access to server to realize the data communication between the two, and adopts corresponding authentication mechanisms to achieve mobile terminal to short message service center's end-to-end security. In the security management perspective, in light of China actual thesis, the paper proposes practicable security management strategy, at the same time lays emphasis on the important role of the laws and regulations in the management of mobile e-commerce security, and put forward the proposal of mobile e-commerce security legislation in view of the national conditions.