What security threats have companies engaged in e-commerce encountered? How have they responded?

1. The introduction of NGN security issues

With the development of the information industry, information technology gradually dominates the development of the national economy and society. Countries around the world are actively responding to the challenges and opportunities of informatization. Informatization and networking are forming a new technological, industrial and social revolution on a global scale. To develop informatization, we must pay attention to information network security. It is not only an IT industry issue, but a social issue and a multi-disciplinary system security engineering issue, which is directly related to national security. Therefore, academician Shen Changxiang, a well-known security expert, called on us to pay as much attention to information security issues as we do to two bombs and one satellite. As the next generation communication network, NGN is the main carrier of future information transmission. Network security is related to national economy, politics, culture, and national defense, so security will be one of the most important topics in NGN research.

1. NGN security-related economic fields: With the construction of my country's online banking and the development of e-commerce, countless wealth will be transmitted on the network in the form of bits.

2. NGN security-related cultural fields: Currently, online chatting has become an important means of communication. The virtual society living in the Internet has become people’s second way of life. The Internet has become the second life style after newspapers, magazines, and radio. and important media after film and television.

3. NGN security-related government functions: Currently, our country is building a large number of e-government networks, that is, government functions are online, and a virtual government is established online to realize some functional work of the government.

4. NGN security-related national defense: With the progress of military and national defense informatization, information confrontation has become a part of war. A large amount of information may be transmitted over the Internet. In addition to the possibility of leaks, network security issues may also paralyze the chain of command.

5. NGN security-related national important infrastructure: Most national important infrastructure relies on the network. Network paralysis may cause power grid failure, airport closures, railway outages and other problems, which will lead to more and more serious problems.

2. Security threats facing NGN

Based on the current status of communication networks, NGN may face the following security threats.

1. Electromagnetic safety: With the development of interception technology and the enhancement of computer processing power, electromagnetic radiation may cause safety problems.

2. Equipment security: At present, the capacity of equipment is getting larger and larger, and the technology is becoming more and more complex. Complex technology and equipment are more prone to security problems.

3. Link security: The standardization of communication optical cable laying has declined. When laying optical cables on several major rivers such as the Yangtze River, Yellow River, and Huaihe River, they are basically laid and concentrated on railway bridges (or highway bridges), which may cause serious communication interruptions such as "bridge damage and cable breakage".

4. Communication infrastructure is too centralized: Several major domestic operators use integrated buildings in their long-distance communication bureaus (stations) in provincial capital cities. When emergencies such as earthquakes and fires occur, it is easy to cause communication problems. A situation of massive disruption.

5. Signaling network security: The signaling network of the traditional telephone network used to be a closed network and was relatively safe. However, with the introduction of soft-switching and other technologies, signaling networks are gradually becoming more open, increasing security risks.

6. Security outside synchronization: Synchronization network is an important guarantee for the normal operation of the current SDH transmission network and CDMA network. Currently, a large number of networks, including CDMA, mainly rely on GPS systems. If there is a problem with the GPS system, it will cause immeasurable losses to the existing network.

7. The network suffers war and natural disasters: When the network suffers war or natural disasters, network nodes may suffer devastating blows, resulting in a large number of link interruptions.

8. The network is impacted by traffic: When the network is impacted by traffic, an avalanche effect may occur, and network performance drops sharply or even stops serving. Network traffic impact may be caused by emergencies or malicious attacks.

9. Terminal security: A typical multi-service terminal is a computer. Compared with traditional dedicated dumb terminals such as telephones, the failure rate and configuration difficulty of intelligent terminals are greatly increased.

10. Network business security: Multi-service networks rarely distinguish users based on physical ports or lines, so disputes are prone to occur when services are stolen.

11. Network resource security: In a multi-service network, malicious or unintentional (virus infection) misuse of resources (such as bandwidth resources) by users will seriously threaten the normal operation of the network.

12. Security of communication content: Content transmitted over the network may be illegally stolen or used illegally.

13. Proliferation of harmful information: Traditional telecommunications networks are not responsible for whether the information content is illegal. With the development of new services, NGN should pay great attention to the problem of harmful information spreading through the network.

3. Analysis of NGN security issues

1. Network multi-services affect network security

The multi-services provided by the network and the consequent terminal intelligence The Internet brings more security risks.

On traditional telecommunications networks, most networks bundle a single service: the telephone network provides telephone services and some supplementary services; the DDN network provides point-to-point data dedicated line services; the frame relay network provides data dedicated lines and virtual dedicated services network services; the synchronization network provides network synchronization services; the signaling network provides signaling services for the telephone network; even ATM, known as a multimedia network, is basically used as a data dedicated line and a virtual private network. Most user terminals have low intelligence and are isolated from network signaling, so they generally do not affect network security.

With the emergence of new services, emerging operators are no longer satisfied with the idea of ??building one network for each service: the network not only needs to carry a variety of services, but also must be used when users use the same access line. Provide a variety of services under certain conditions. For this reason, in order to identify multiple services on a unified access line, the network inevitably transfers part of its intelligence to the terminal. IP networks have become an important choice for carrying multi-service networks. The IP network is a typical "intelligent terminal stupid network": the network is only responsible for forwarding data and does not participate in specific business processes. The terminal of the IP network is mainly a computer system, so user equipment needs to participate in the business process. Malicious users can use computer systems to interfere with business processes, and even launch hacker attacks to paralyze the network. This model seriously affects IP network security. Due to the current extensive use of packet voice, IP networks need to interoperate with traditional telephone networks. The security risks of IP networks will in turn affect the security of traditional telephone networks.

2. Multi-operator competition affects network security

Multi-operator competition not only expands the communications market and increases network backup, but also brings new security risks. my country's communications network has gone through a process from a single operator to multiple operators. When the original Ministry of Posts and Telecommunications led China Telecom to establish a communication network, the network carried a single service, the support network was designed uniformly, services were widely carried out, cable laying was planned uniformly, service quality was uniformly designed throughout the entire network, and telecom services and network security basically met the needs of the time. . In the current multi-operator competitive environment, my country's network scale has grown tremendously, adapting to the national economy's demand for communication networks, but it has also introduced some factors that are detrimental to security: due to the pressure of rapid construction and lack of network construction experience, The network construction of some operators lacks the overall guidance of the technical system, and the network without the guidance of the technical system lacks unified consideration of the entire network, which is not conducive to network security; out of considerations of input costs and profit yield, some operators are reducing prices to attract Customers and rapid large-scale network construction ignore network security facilities and investment; emerging operators lack long-term telecom operation experience and concepts in the early stages of construction, and lack attention to network security. Although the total network resources of the six major operators are larger than those of the original China Telecom, no current operator can have such rich resources as the original China Telecom; the networks of the six major operators are interconnected, but their security policies, security management efforts and security Facilities are different and safety hazards are prone to occur; due to the existence of vicious competition, operators may also cause man-made safety accidents when interconnecting.

3. The expansion of network scale and equipment capacity affects network security

The continuous increase of network scale and capacity not only brings benefits, but also causes complexity of equipment and management. , which will bring more security risks to the network.

With the growth of the national economy, communication needs continue to expand. my country's telecommunications network has developed into one of the world's largest fixed and mobile networks. There is no precedent or reference for the operation and maintenance of such a huge network, and it is very likely that some unexpected security problems will arise. As the network scale and equipment capacity expand, equipment becomes more and more complex, and uncontrollable factors increase.

On a network of unprecedented scale, security incidents will occur if a large number of users are unable to use services normally due to network management errors, malicious user attacks, improper handling of faults and other reasons. Moreover, most of the latest and large-capacity new equipment are imported products, at least most of the chips used are foreign products. The safety of imported products and chips cannot be evaluated, which makes communication network security risks difficult to predict.

4. Management affects network security more than technology

Advanced security technology and equipment will collapse due to poor management. Perfect management can eliminate the problems caused by technological backwardness to a certain extent. Disadvantages. So when it comes to cybersecurity, management is more important than technology. The management mentioned here is not limited to the generally known TNM telecommunications network management or the simple network management of the Internet, but also includes management systems, emergency systems, operation and maintenance regulations, personnel training, key distribution, confidentiality systems and other aspects.

In many cases, problems that can be easily solved through management may require ten or even a hundred times the effort and cost if purely technical solutions are used. For example, telephone network number resources are uniformly allocated. No matter how large-scale a program-controlled switch is, it only needs nearly a hundred office routes to solve telephone routing problems. On the Internet where IP addresses are randomly assigned, backbone routers need to reserve more than 100,000 routes. Only table entries can ensure the normal routing of IP packets. The resulting complexity of protocols and devices brings great security risks to the network. A complete network management mechanism can more effectively ensure network security.

Security auditing within the network is as important as filtering content outside the network. Internal security awareness and security management are as important as the use of complex and expensive firewall equipment. In addition, any security technology will eventually be implemented by people, and no matter how secure the operating system is, it will require managers to implement it; no matter how complex the security equipment is, it will also require people to maintain it; [WL2] No matter how sophisticated the encryption algorithm and encryption mechanism are, they cannot prevent the key Leaking or setting simple passwords.

5. New technologies, new businesses, and new operating models affect network security

New technologies and new businesses bring new operating models, and while establishing new value chains, they also bring new safety hazards.

With the widespread application of IP networks, information confidentiality, integrity and non-repudiation have become important aspects of network security; with the development of packet voice services, telecom operators must pay attention to sources from IP networks Tracing; with the emergence of soft terminals, operators must expand from port-based authentication and accounting to user identity-based authentication and accounting; with the explosive development of SMS services, mobile operators must pay attention to malicious sending and SMS fraud; with the To develop email services, operators must pay attention to spam; with the widespread use and huge influence of BBS, the management and supervision of BBS is urgent. Therefore, while new technologies, new services and new operating models bring growth points to operators, they also bring security uncertainties to the network.

6. The use of IP technology affects network security

On the one hand, the use of IP technology brings new business and new vitality to the industry; on the other hand, it brings new security risks to the network . Currently, IP technology is widely used, but IP is not a perfect network layer technology. There are also issues such as service quality, security, and operation model. Among them, security issues have always been one of the most concerning issues. The security issues of IP networks are partly due to the differences between computer network design concepts and telecommunications network design concepts: problems that are not problems in computer networks have become serious problems in telecommunications networks; on the other hand, they are due to the lack of operation and maintenance of IP networks in telecommunications. Management experience and means. Since the IP network cannot effectively verify the source address, user terminals can forge source addresses to initiate traffic impact on the network and affect the control level.

4. NGN Security Threat Response Principles

In the face of the above and unknown security threats that may arise in the future, the following response principles should first be clarified:

1. Security is not absolute, and security threats will always exist.

Security is not a stable state, and you can never assume that a safe state can be achieved by adopting any security measures. First of all, paying resources and management costs can increase security, but no matter how much the cost, permanent and absolute security cannot be achieved. Secondly, security is an unstable state. With the emergence of new technologies and the passage of time, originally relatively safe measures and technologies will become relatively unsafe.

Third, security technology and management measures are targeted and scope-based, and are usually only effective against known or assumed security threats. Security technology and security management measures do not ensure effectiveness against unknown or unanticipated security threats.

2. Security should be regarded as basic research and requires long-term efforts.

NGN security research has a wide scope, including laws and regulations, technical standards, management measures, network planning, network design, equipment reliability, service characteristics, business models, cable burial, encryption strength, encryption algorithms, The definition of harmful information and many other areas. Therefore, security research is not achieved overnight and requires long-term efforts. Safety investment itself cannot produce direct benefits, but can only prevent and reduce losses caused by unsafe factors. Security research should be regarded as a basic research, with long-term investment and joint efforts by the state, operators and relevant enterprises.

3. Security requires a price, and security requirements should be moderate.

NGN security is what everyone hopes for, but not everyone is aware of the price that needs to be paid to meet certain security standards. The price paid for safety may be human, material and financial resources, or it may be reduced efficiency. Therefore, security requirements should be moderate. The security requirements are meaningless when the price paid for confidentiality is greater than the possible loss due to leakage. It is of course ideal to ensure confidentiality during daily calls, but if the call cost needs to be increased several times to increase confidentiality (confidentiality can usually only be increased and cannot be absolutely guaranteed), I believe most users will not be able to accept it.

4. Safety hazards may be large or small, and they should be prioritized.

There are currently a large number of known and unknown security risks on NGN. For many potential safety hazards, they should be addressed separately according to the possible harm caused and the cost required. Generally speaking, security risks that may affect the provision of network services on a large scale should be resolved first, such as security risks that affect the security of synchronization networks and the normal operation of network routing protocols. Security risks that do not affect normal business operations, or are likely to affect only a small number of users and require a large number of funds and personnel, such as unencrypted user data on wireless interfaces, can be resolved later.

5. Security is not only a technical issue, but more importantly, management.

The vast majority of security risks can be solved through technical means, but security is more important than management. Under the current technical conditions, any security technology requires human participation. A sound management mechanism can prevent managers from intentionally or unintentionally increasing safety risks to the greatest extent. Usually such management mechanisms are backed by logs and audits, at the expense of reduced efficiency. Therefore, a network without a complete management mechanism cannot be a secure network. In addition, some problems that can be easily solved through management may require extremely complex technical means to solve.

6. Security issues have scope and are not all-inclusive.

NGN security has its own scope definition, and not all issues will affect NGN and information security. Randomly expanding the scope of security research and attributing a large number of topics unrelated to security to NGN and information security research may lose focus, which is not conducive to security research and the resolution of security risks. For example, bit errors within the design indicator range of the transmission network have nothing to do with security issues; similarly, the packet loss rate within the design range on the IP network, the dropped call rate within the telephone network drop rate, etc. have nothing to do with NGN security. The losses caused by users losing their passwords It also has nothing to do with cybersecurity.

7. Network security is not only qualitative but should also be evaluated quantitatively.

The current computer system has safety boarding evaluation standards that can be quantitatively evaluated. For a long time, communication networks have mainly provided voice services and have not been concerned about the information security of the voice itself and whether the content is legal. Therefore, business availability and equipment reliability are mainly used to reflect network security. However, current communication networks support the normal operation of important national security facilities, so it is necessary to quantitatively assess and classify network security. Different network applications should have minimum security level requirements. It is good to provide the highest level of security for all communications, but paying several times or even dozens of times the cost for this is obviously not what the public and operators expect.

8. Security issues of concern on different networks should have their own emphasis.

Traditional telecommunications networks mainly provide dedicated line data transmission and point-to-point voice services. Therefore, traditional telecommunications networks mainly focus on the security of the network itself and the security of network services.

The Internet is designed for educational and scientific research networks, with poor service controllability and lack of effective business models. Moreover, its characteristics of being able to transmit large amounts of data information and carry out BBS, point-to-multipoint, anonymous sending and other services also determine The Internet should pay more attention to service controllability and information security on the network.