Research On SME E-commerce Security Technology And Methods

E-commerce due to its high efficiency, fast and convenient features make moreand more small and medium-sized enterprises to choose this way of trading activities.However, with the popularization of e-commerce applications, attacks against itstransactions, ever-changing attack techniques and tools, security issues becomeincreasingly serious, and small and medium-sized enterprises due to the backwardtechnology and management mode, and when conducting e-commerce security issuesoften cannot be guaranteed. This paper studies the small and medium-sized enterpriseelectronic commerce security technology, puts forward the corresponding securitystrategy and methods.First, this paper analyzes the current cross-site attack prevention technology,testing and limitations Forms authentication header for its proposed generating arandom number from the server and save it in a hidden field and server sessions page,submitted When the form included in the request by determining the legality of themethod in a hidden field with a random number stored in the session random numberto determine whether the same request to block cross-site attacks. Secondly, in viewof the database connection database field stolen leak caused the problem, in this paperthe XML encryption technology based on database connection field encryptionscheme, and applies the advantage of symmetric and asymmetric encryption toencrypt, connected to the field of hybrid encryption. Third, for excessiveadministrative rights database data leakage problem caused by the proposed userinformation encryption scheme based on AES encryption technology, the comprehensive analysis of database encryption demand, fields and encryptiongranularity selection factors, such as the establishment of user information encryptionmodel; And the traditional way of key management shortcomings, puts forward thekey and plaintext, separate management as the key to add a life cycle to modify keyplan on a regular basis.Finally, the security technology is proposed in this paper is implementedusing, and analyzes the feasibility and safety, and finally prove that the proposedsecurity technology can improve the security of electronic commerce, at the sametime, less impact on the performance of the system.