我国电子商务首个行业规范——网络交易平台服务规范(节选)

为规范网络交易平台交易服务，保障交易安全，保护相关当事人的合法权益，营造公平、诚信的交易环境，促进电子商务快速、健康发展，电子商务协会依据中华人民共和国有关法律法规制定了《网络交易平台服务规范》，并于去年4月18日正式实施，本刊特将《规范》与电子商务安全相关的条款摘录如下：[编者按]     

Web服务业务流程规范的比较研究

随着XML和WebService技术的逐步成熟,流程层集成成为主流的企业应用集成(EAI)方式,而Web服务业务流程规范是流程层集成的基础。因此该文对典型的Web服务业务流程规范进行了介绍、比较和分析,并讨论了现有Web服务业务流程规范存在的主要问题以及今后的发展趋势。     

互联网公共电子邮件服务规范（试行）

电子邮件是互联网最基本的应用服务之一．但是电子邮件的优良特性正受到垃圾邮件等网络滥用行为的侵害，电子邮件业务自身的安全性．可靠性以及服务质量保证由于没有明确的服务规范而困扰。为此，由中国互联网协会组织各网络服务提供者．电子邮件服务商起草制订了本服务规范．以期建立电子邮件规范的服务机制．促进电子邮件的经营者和使用者的健康发展．并承诺为网民提供更好．更具有质量保证的服务。     

持续提升电信服务为构建和谐社会贡献力量

近年来,凉山电信按照中国电信提出“坚持以客户为中心,以客户需求为导向,提升综合信息服务水平,着力打造以客户为中心的服务体系,为构建和谐社会再立新功”的指导方针,结合企业特点和实际,坚持“用户至上,用心服务”的理念,全面实现行风评议“回头看”工作目标,开展了“三项服务承诺”活动,今年开年又推出“双零”活动,营造诚信经营、和谐服务、放心消费的环境,针对人民群众最关心、最直接、最现实的利益问题,采取有效措施,切实保障广大电信用户合法权益,企业的社会品牌形象进一步提升。     

以质取胜贴心服务打造鹰潭电信服务品牌

鹰潭电信先后荣获“省用户满意企业”、 “省用户满意服务”、“省级文明单位”、 “省文明服务示范窗口”、“江西省青年文明号”、“省职工职业道德先进单位”等多项荣誉称号,并通过了ISO9001国际质量体系认证。 2001年鹰潭全市电信各项网络运行维护质量指标均有较大幅度的提高,网路接通率全年累计平均为96.42％,综合来话接通率为60.45％,呼叫到达率平均为97.49％,长市电路闭塞率平均为0.04％,本地网拥塞率平均为0.27％,各项维护指标均超额达标。 在省公司2001年年终考评中,鹰潭电信经营管理及业务发展排名全省第一,服务质量综合评比全省排名第二,用户综合满意度达89.16分排全省第一位,运行维护在全省排名第三,长线维护质量全省总评第二。在省通信管理局服务质量综合检查评比中,鹰潭电信总成绩排全省电信行业第一名。     

三网融合环境下数字内容服务元数据规范研究

依托国家863基于高可信网络的数字内容服务系统开发及示范课题,在分析了元数据理论及其在国内的相关应用的基础上,阐述了元数据在数字内容服务系统中的地位和作用;提出了一套在多系统并存、复杂资源形式、复杂存储模式条件下的资源组织和描述、资源集成、资源统一服务的元数据规范体系模型,并结合XML技术给出数字内容服务系统中元数据规范系统模型的XML实现方式。     

3G服务规范正式施行

《第三代移动通信业务服务规范（试行）》的正式实施应当是对三家运营商的一个敦促,要么瞄准规范、提升服务,要么退出竞争、回到老路。     

三星：规范服务流程管理

获奖理由：天津三星电子显示器有限公司多年来高品质的产品质量与专业贴心的服务相得益彰。在液晶显示器换代大潮中。三星显示器服务精益求精．树立了中国显示器服务的典范。     

一种改进UCONB的服务网格授权策略规范

针对基于职责行动的授权策略规范表达能力弱的缺陷,为了在服务网格中实现决策组件与执行组件的合理分工,促进独立授权过程的并发执行,提出一种基于改进UCONB的授权策略规范.用委托凭证处理过程的状态组合替换原来简单的访问状态,决策组件根据请求时系统状态输出合理的委托凭证,根据系统状态的变化再决策可转换委托凭证的处理状态.该规范有效避免了相同访问请求重复产生委托凭证,委托凭证能真实反映授权的实际需求.     

Web服务中的安全规范

Web服务安全与WS-Security 毫无疑问,SOAP和XML使得Web服务在交互操作和标准上,已经完全改变了电子商务领域的应用格局。 然而,直到近期,在Web服务技术领域仍然存在着一些缺憾,那就是处理消息级别的安全、认证、加密、数字签名、路由和附件等问题的能力有待提高。为了解决这些安全问题,像IBM、Microsoft和Verisign等公司与一些组织机构牵头,合作制定了统一的Web服     

Virtual machine support for zero‐loss Internet service recovery and upgrade

Software is critical for Internet service availability since an Internet service may become unavailable due to software faults or software maintenance. In this paper, we propose a framework to allow zero‐loss recovery and online maintenance for Internet services. The framework is based on the virtual machine (VM) technology and a connection migration technique called FT‐TCP. It can recover transient application/operating system faults and it allows fault recovery and online maintenance on a single host. The framework substantially enhances FT‐TCP so that it can be run efficiently in the VM environment. Specifically, we propose techniques to reduce the inter‐VM switches and communication. Moreover, we propose service‐specific optimizations to reduce the recovery time of FT‐TCP. Finally, the framework provides an interface for the service designers to implement more service‐specific optimizations. The framework was implemented by modifying an open source VM monitor, Xen, and the Linux kernel running on top of Xen. The effectiveness and efficiency of the framework were evaluated by running two Internet services, WWW proxy and FTP, on the proposed framework and measuring the impact on their performance. According to the experimental results, our approach causes only slight performance overhead (i.e. less than 4%) and memory overhead (i.e. less than 750 KB) for both the services. Copyright © 2007 John Wiley & Sons, Ltd.     

基于Socket长链接系统升级不中断业务服务方案

本文对基于Socket长连接的系统怎样实现升级过程不中断业务服务展开探讨,并提出具体的解决方案,从而使业务系统具备7＊24小时不间断提供服务的能力。     

Practical service level agreement negotiation scheme for multicast service in WiMAX

For multicast service in WiMAX, there are trade-offs between overall channel efficiency and the number of users under the commitment of service level agreements (SLAs). So, it is important to compromise between accommodating many users under the commitment of SLA and channel efficiency. In order to give an insight of multicast efficiency, we suggest a novel metric which is named as channel efficiency (MCE) factor. In addition, we proposed the practical SLA negotiation scheme based on proposed novel metric. Numerical results show that the proposed practical scheme significantly outperforms the conventional multicast transmission scheme.     

Fill-rate service level constrained distribution network design

The design of distribution networks that simultaneously consider location and inventory decisions seeks to balance costs and product availability. The most commonly observed measure of product availability in practical settings is the fill-rate service level. However, the optimal design of a distribution network that considers the fill rate to control shortages of fast-moving consumer goods (FMCG) is considered intractable and has only been addressed by heuristic methods. This paper addresses the optimal design of a distribution network for FMCG able to provide high fill-rate service level under a continuous review $(r,Q)$ policy. Considering the exact formulation for the provided fill rate, we formulated a joint location–inventory model with fill-rate service level constraints as a convex mixed integer nonlinear problem for which a novel decomposition-based outer approximation algorithm is proposed. Numerical experiments have shown that our solution approach provides good-quality solutions that are on average 0.15% and, at worst, 2.2% from the optimal solution.     

Create your own MUSE: A method for updating security level evaluation instruments

Number of security evaluation instruments and security maturity models have been developed to evaluate the security level of organizations. These instruments provide results that can be compared with industry-based benchmarks and track the dynamics of organizations’ security posture internally. Threat landscape is constantly changing and security evaluation instruments should be updated accordingly. These updates should preserve the instrument’s validity and ensure comparability with previous versions’ results. Although several studies describe the creation of maturity models, surveys, and other security evaluation instruments, there has been little discussion about instrument attribute maintenance and updating methods for security evaluation instruments. This study presents a method for updating the security level evaluation instrument (MUSE). The MUSE can be used to update the maturity model or questionnaire-based survey-type instrument attributes. Each MUSE activity supports different aspects of instrument attribute validation and states the criteria for successfully passing the activity or returning to previous activities. The MUSE process is evaluated with the case study to update security maturity evaluation instrument F4SLE which is based on the Estonian Information Security Standard (E-ITS) and cross-referenced with ISO27002 standard controls.     

Conformance analysis in networks with service level agreements

To achieve some level of Quality of Service (QoS) assurance, a network usually has Service Level Agreements (SLAs) with its users and neighboring domains, which describe the QoS level that the service provider is committed to provide, and the specification of traffic that users or neighboring domains are allowed to send. An interesting and important question arises as to whether a flow is still conformant to its original traffic specification after crossing the network since it may interact with other flows within the network. In this paper, we study analytically the extent to which a flow and an aggregate of flows become non-conformant through an analysis of the stochastic burstiness increase of flows after crossing a per-flow scheduling network and an aggregate scheduling network . The stochastic behavior of a server in aggregate scheduling networks is also studied to determine the conformance deterioration of individual flows, which provides the theoretical conformance deterioration bound and provides useful results for conformance analysis in an aggregate scheduling network with general topology. Our theoretical results are verified by extensive simulations.     

Security service level agreements for outsourced security functions

This article looks at the areas that should be covered in SLAs with regard to information security, and how they can be monitored.     

The impact of service level on the acceptance of application service oriented medical records

Service level is considered to be the most important criterion in evaluating application services. In our study we empirically investigated how perceived service level (PSL) influenced healthcare workers’ willingness to use application service oriented medical records. In particular, we extended the technology acceptance model (TAM) by embedding PSL as a causal antecedent. We found that PSL explained 61% of the variation in ease of use, which is twice as much as our current understanding. We also found that TAM was validated when tested in isolation but failed within the larger nomological network. We provided an explanation based on the notion of conditional independence. We further applied TETRAD III to explore the phenomenon and discovered two spurious associations in TAM, successfully confirming the explanation.     

创建1000号服务品牌为用户提供优质服务

1000号服务品牌的建立,是苏州电信分公司管理创新、技术创新和服务观念提升的结果。 为了创建1000号服务品牌,苏州电信分公司强化管理手段,按照系统性、可行性和可监督性的原则,建立健全了思想政治工作责任制度、岗位责任制度、服务质量管理制度、工作人员服务规范、绩效考核评价制度、现场管理制度、工作(业务)流程等一系列内部规章制度,不断提高管理水平,使管理实现标准化。 苏州电信分公司1000号服务中心把培养高素质的员工队伍看成是做好服务工作的根本。一方面,狠抓员工职业道德教育。在员工中,广泛开展树立职业理想、遵守职业道德、掌握职业技能、严守职业纪律的教育活动,不断深化“用户至上、用心服务”的服务理念,使员工自觉承担起主人翁的角色,为优质规范服务提供思想保证;另一方面,狠抓员工业务技能的培训,注重员工服务规范、服务标准、新业务、新知识的培训,帮助员工掌握工作要领、工作程序和方法,提高业务技能、工作质量和效率。