IBM的电子商务全面解决方案

电子商务正在为了适应全球化市场的变化而迅猛发展,它可以使商家与供应商更紧密地联系,更快地满足客户的需求,也可以让商家在全球范围内选择最佳供应商,在全球市场上销售产品。电子商务利用Internet技术解决客户的业务问题.如连接分布在各处的工作组,接触新的客户,通过完善的客户服务,提高用户对产品的信任程度.提高企业的效率。目前,越来越多的公司利用Internet开展商务活动,并已经获得明显的投资回报。电子商务的兴起,为许多公司的发展和扩张带来了商机。各式各样的电子商务解决方案层出不穷,从中看出,电子商务确实已成了Internet上的焦点。IBM公司在电子商务上的战鼓擂得最响。该公司具有一个比较全面的解决方案,IBM公司提出,实现电子商务,不仅仅是提供硬件和软件的问题.而且要将有效的解决方案与客户已有的硬件和软件集成在一起。在发展电子商务的各个阶段,IBM都有完整的产品     

一种新型的匿名公平电子商务协议*

针对电子商务中客户、商家和第三方的信任问题,在Brands离线电子货币方案基础上,借鉴盲解密思想,设计了一种简单、有效的匿名公平电子商务协议。协议引入了一个离线半可信第三方,以保证交易双方公平交换。但交易过程中,STTP得不到任何对交易双方有价值的信息。该协议通过客户和商家签发CEM证书,将订单、商品和支付证据紧密绑定在一起,使交易双方不可否认。分析和实验表明,该协议满足安全性、客户匿名性、可追究性、公平性和原子性,并具有很高效率,对大数据商品的交易也具有很好的适用性。     

行为原语自动生成的电子商务协议可组合设计策略及应用研究

针对电子商务协议设计复杂度较高且手动组合设计效率较低的问题,构建了行为原语自动生成的可组合设计策略:利用自动生成工具从挑战/应答、现时值/秘密创建、加密/解密的角度描述电子商务活动各阶段的核心安全行为,根据身份认证、信息保密、信息完整、不可否认性、可追究性、客户隐私的可组合性设计规则规范消息项结构,通过多事件顺序、安全属性组合以及信息精简等规则将多个原语组合为复合协议。经过应用研究,设计出一个新的安全支付协议,实现了多个客户和商家对同时交易的电子商品和实物商品的在线支付安全。从安全性和设计效率的角度与现有的组合设计方法进行比较,分析表明,该策略是一种更加便捷安全的电子商务协议组合设计新策略。     

一种分析电子商务安全协议的新逻辑

针对典型电子商务安全协议逻辑分析方法存在的问题,如安全属性分析存在局限性、缺乏形式化语义、对混合密码原语的处理能力不强等,提出了一种新的逻辑分析方法。新逻辑能够分析电子商务安全协议的认证性、密钥保密性、非否认性、可追究性、公平性及原子性。以匿名电子现金支付协议ISI作为分析实例,证明了新逻辑方法的有效性。分析找出了该协议的安全漏洞和缺陷:不满足商家的非否认性、密钥保密性、可追究性、公平性以及原子性,客户面临商家恶意欺骗的潜在威胁。     

3Com电子网络——现代电子商务的网络基础

综述　　Internet的迅猛发展,标志着一个新的网络时代的到来,它深刻影响和推动了从企业的商业模式和经营模式的变革,乃至个人工作和生活方式的巨大变化。而这一e时代的核心就是Internet和电子商务。面对全球化的Internet经济浪潮,3Com公司将以其电子网络解决方案为基础,帮助客户建立现代电子商务体系,它包括以下三个组成部分：　　电子商务应用系统　　建立面向Internet的e－commerce电子交易应用系统以拓展企业业务。建立面向消费者与商家或商家与商家的客户关系管理应用系统以支持其客户。建立面向供应商/分销商的供应链管理应用…     

亚洲第三代电子商务可后来居上

香港互联网热方兴未艾,大部分企业均矢志发展电子商务。初级的电子商务只是将企业本身的产品及服务资讯上网,供人查阅。深入一步,企业的网站会加上贷品订购及交收功能。这种供应商与客户之间的联系,在生产流程较简单的行业,问题自然不大。不过,当生产涉及多家供应商,企业便需与个别供应商联系,如何有效地将供应链与各家供应商及客户联系在一起,提高生产效率,便成为未来电子商务战场的决胜关键。     

现代电子商务的网络基础

面对全球化的Ｉｎｔｅｒｎｅｔ经济浪潮,３Ｃｏｍ公司将以其电子网络解决方案为基础,帮助客户建立现代电子商务体系,它包括以下三个组成部分：电子商务应用系统建立面向Ｉｎｔｅｒｎｅｔ的ｅ－ｃｏｍｍｅｒｃｅ电子交易应用系统以拓展企业业务。建立面向消费者与商家或商家与商家的客户关系管理应用系统以支持其客户。建立面向供应商／分销商的供应链管理应用系统以协同商务合作。建立企业资源规划应用以优化内部运作。建立多媒体远程教育应用系统,以提高员工素质……网络联接使客户、商业合作伙伴、员工可在任何时间和地点以任何方式访…     

基于大数据技术的供应商优选策略

电子商务通过把传统的商业活动信息化,使用信息网络技术来实现对于商品的交换,也就是在网络上借助电子交易的形式完成商业活动,属于网络技术应用的全新发展方向。商家可以选择通过网络平台给消费者提供商品,和物流公司建立合作关系,给企业和客户群体节省了较多的时间和空间成本,如此也有助于提升交易效率。要想能够确保这种商业形式的运行,就需要正确选择供应商,要是企业对于供应商关系的管理没有一个正确的认知,就可能产生效率较低并且资源浪费等情况。在这种情况下,就需要合理地使用大数据信息平台来选择供应商,确保电商企业和供应商之间可以保持一个良好的关系,实现共赢的目的。     

SET协议认证机制的形式化分析

移动支付是移动电子商务的重要组成部分,而安全性成为移动支付的发展瓶颈,因此电子商务协议的安全性成为此问题的核心。为了解决上述问题,使用串空间模型的测试理论,对SET协议中用户和商家、商家和支付网关之间的认证性进行形式化分析,分析结果表明商家与支付网关之间的认证是安全的;用户和商家的认证性不满足安全需求,在支付交易流程中双方易受到攻击。     

电子商务未来发展趋势

从早期将传统销售生搬硬套到因特网,到现在商家和客户随时随地交易,电子商务技术在短短二十多年得到了突飞猛进的发展,但电子商务仍然存在很多问题,这将影响电子商务的持续发展。要想电子商务发展的越来越好,除了健全相应的法律法规、提高商家诚信等,关键有待提升电子商务应用技术。本文提出了一些构想,期望对电子商务未来发展有所启发。     

Privacy-preserving e-payments using one-time payment details

The recent increase in data breaching incidents involving high profile e-commerce companies is alarming as such privacy threats can seriously thwart the healthy growth of electronic commerce. We propose a privacy-preserving e-payment scheme that guarantees authenticity while keeping the customer’s sensitive details secret from the respective parties involved in the online transaction. Using a non-reusable password-based authentication approach, the proposed protocol allows consumers to anonymously purchase goods from an online merchant, thus achieving the ideal privacy environment in which to shop. The protocol can be easily deployed in an e-commerce environment without requiring great changes to the current processes.     

A flaw in the electronic commerce protocol SET

The Secure Electronic Transaction (SET) protocol has been developed by the major credit card companies in association with some of the top software corporations to secure e-commerce transactions. This paper recalls the basics of the SET protocol and presents a new flaw: a dishonest client may purchase goods from an honest merchant (with the help of another merchant) for which he does not pay. Fortunately, by checking his balance sheet, the merchant may trace with the help of his bank the client and his accomplice. We also propose a modification to fix the flaw.     

Cryptanalysis of an inter-bank E-payment protocol based on quantum proxy blind signature

We analyze the security of an inter-bank E-payment protocol based on quantum proxy blind signature, and find that there is a security leak in the quantum channels of this protocol, which gives a chance for an outside opponent to launch a special denial-of-service attack. Furthermore, we show that the dishonest merchant can succeed to change the purchase information of the customer in this protocol.     

基于信任区和可信计算技术的移动钱包系统

通过移动电子商务，终端用户可以在任何地方、任何时间进行电子交易，给用户提供了方便和舒适的生活，移动电子商务的安全性主要体现在终端的安全性。目前的手机安全措施还不是很完善，针对存在的安全问题，通过对现有的手机的硬件架构基础改进，实现了基于信任区和可信计算技术的移动钱包系统，保证了顾客和商家交易的安全性。     

Optimal scheduling in queuing network models of high-volume commercial web sites

The optimal control of various performance-based measures in high-volume commercial web sites requires a fundamental understanding of the interactions between the diverse set of Internet services that support customer needs and the different importance levels of these services to both the customer and the e-commerce merchant. We present here a study of the control policy for each server in a multiclass queuing network that maximizes a particular function of profit, or minimizes a particular function of cost, across the different classes of Internet services.     

Resuscitating privacy-preserving mobile payment with customer in complete control

Credit/debit card payment transactions do not protect the privacy of the customer. Once the card is handed over to the merchant for payment processing, customers are “no longer in control” on how their card details and money are handled. This leads to card fraud, identity theft, and customer profiling. Therefore, for those customers who value their privacy and security of their payment transactions, this paper proposes a choice—an alternate mobile payment model called “Pre-Paid Mobile HTTPS-based Payment model”. In our proposed payment model, the customer obtains the merchant’s bank account information and then instructs his/her bank to transfer the money to the merchant’s bank account. We utilize near field communication (NFC) protocol to obtain the merchant’s bank account information into the customer’s NFC-enabled smartphone. We also use partially blind signature scheme to hide the customers’ identity from the bank. As a result, our payment model provides the customer with complete control on his/her payments and privacy protection from both the bank and the merchant. We emulated our proposed mobile payment model using Android SDK 2.1 platform and analyzed its execution time.     

Website features that gave rise to social commerce: a historical analysis

Social commerce is a form of commerce mediated by social media and social network services (SNS). As a multifaceted phenomenon, social commerce can be studied from different angles and analyzed through the lens of various disciplines. This article examines website technical features to depict the transformation of e-commerce into social commerce. We first develop a conceptual framework to capture three emphases of e-commerce: transactional, relational and social. Then, we use the framework to conduct an historical analysis of the actual website screen captures for five top e-commerce companies since their websites were established. We were able to identify and classify a total of 174 emerging technical features. Our results show that: (1) all three emphases were expressed in the websites and have been reshaping their business and marketing strategies over the years; (2) there was a clear blooming of social features in 2007; and (3) there has been a significant effort to strengthen customer and merchant ties through relational features. Our findings signal that there still is room for further exploration of the social emphasis.     

一种基于ECC的安全移动支付协议

由于移动终端和网络带宽的限制,基于RSA加密算法的电子支付安全协议SET不能被直接用于移动支付。现有移动支付系统都采用对称加密算法,存在一定安全风险,本文提出一个新的基于椭圆曲线加密算法ECC的移动支付协议。该协议除了提供高效的支付认证过程,还确保交易信息从商家到用户的传递,增强用户信息安全性。理论分析证明,ECC不仅能在很短的时间里产生符合条件的密钥,而且在同样破解时间下RSA与ECC密钥长度比大于5：1,这个比例随着破解时间增加而越来越大。新的协议在签名、证书验证、非对称和对称加密次数上较SET协议也明显减少,这样当前移动终端和网络能力完全可以支撑该协议,保证安全有效的移动支付过程。     

A CSP and Z combined modeling of document exchange processes in e-commerce protocols

E-commerce protocols comprise a vital component of the trading infrastructure over the Internet. Effectiveness and reliability of trading transactions likely depend on the quality of such protocols. However, building a quality e-commerce protocol may be more difficult than traditional protocols, as they are deployed in an open environment and data context-dependent. Application of formal methods has been suggested by many researchers as a viable approach for improving the reliability of software systems. But, can formal methods really help with the current crop of e-commerce protocols?As such, this paper made a study to formally formulate e-commerce protocols and identify their key features. A formal approach for modeling e-commerce protocols in a language combined of CSP and Z is developed. Compared to other works in formal modeling and analysis of e-commerce protocols, our approach concentrates on the XML document exchange processes of the protocols, which are a central part of most e-commerce protocols. The approach is illustrated by applying it to the Internet Open Trading Protocol, a trading protocol recommended by the Internet Engineering Task Force. The illustration demonstrates how the quality of a trading protocol can be improved through formalization.     

电子商务客户流失的DBN预测模型研究

在电子商务迅速发展,企业快速抢占市场的背景下,客户成为企业竞争的核心因素。现有相关研究多致力于采用全数据输入模式解析客户流失现象,不同类型客户造成的差异性还有待进一步探讨。鉴于传统RFM模型不能精确解释电子商务客户流失原因,该研究将客户分为活跃与非活跃两个集群,提出一种优化的RFM理论模型与深度信念网络实证模型对电子商务客户流失进行预测。结果表明,不同类型客户流失因素的影响强度不同。对活跃用户而言,客户购买总金额是影响客户流失的主要因素;对非活跃用户而言,客户进入店铺的时间越长越可能留住客户。通过剖析非活跃用户不流失和活跃用户流失的原因,可帮助企业制定有效的客户管理策略,以最大程度地吸引潜在客户及保留现有客户,获取最多的市场利益。