欢迎来到天天文库
浏览记录
ID:37659195
大小:176.90 KB
页数:12页
时间:2019-05-27
《Security Enhanced Direct Store Delivery System》由会员上传分享,免费在线阅读,更多相关内容在行业资料-天天文库。
1、SecurityEnhancedDirectStoreDeliverySystemNitinDevikarandYuliangZhengDepartmentofComputerScienceUniversityofWollongongWollongong,NSW2522,AUSTRALIASeptember2,1999AbstractCurrentlythereislimitedsecurityprovidedincarryingoutbusinessusingElectronicDataInterchange(ED
2、I).TheaimofthispaperistoenhancethesecurityofDirectStoreDeliverySystemwhichisaspecialformofEDI.Thewholecommunicationprocessiscarriedoutusingatrustedthirdpartyserviceproviderwithaviewtomaximizetheperformanceofthesystem.ThemodeldescribesauthenticityusingX.500recom
3、menda-tions,condentialityandintegrityusingpublickeycryptographyandprovidesalowcostsolutiontotheexistingsystem.ThetransactionsarecarriedoutintheUN/EDIFACTformatusingtheX.435standards.1IntroductionTheprimarypurposeofEDIistoprovidecommunicationstandardsthatpromot
4、etheinterchangeofcommonbusinessinformationtofacilitatetheelectroniclinkageswithouthumanintervention.Inrecentyears,bothpublicandprivatesectorsuseEDIfortradingpurposes.TheincreasinguseofEDIinnancialtransactionshasmadeitnecessarytoconsidernetworksecurityingreater
5、detailandenhancethesecurityinthesesystems.ThefollowingissuesneedtoberaisedinviewofsecurityoftheexistingEDIsystems[13].ThereislimitedsecurityinmostofthepresentdayEDIsystems.Theyrelyonpasswordtoaccessthesystemthusmakingitvulnerabletopasswordguessingattacks.Asmo
6、reandmorebusinessinformationistransmittedbetweencomputersystems,weneedtoprotectthesetransactionsfromunauthorizedviewingand/oralteration.Unauthorizedviewingcanprovidecompetitiveinformationwhichwemaynotwanttodisclose.Withtheintroductionofthirdpartiesandincreasedr
7、iskofunauthorizedaccesstocondentialinformation,weneedtorestructuretheexistingsecurityfeatures.Generally,EDIsystemsworkonapointtopointbasisorhavelimitednumberoftradingpartners.ThesecurityandcontrolfeaturesincorporatedinthesystemisasstrongastheweakestlinkintheE
8、DIchain.Across-vulnerabilityresultingfromtechnicallimitationcancompromisetheintegrityofthedependentEDIsystems.Dierentsecuritystandardsmaycreateproblemswhentradingpartnersa
此文档下载收益归作者所有