The Whole Process of E-commerce Security Management System: Design and Implementation 9811994579, 9789811994579

Table of contents :
Contents
1 Introduction
1.1 E-commerce and E-commerce Security
1.1.1 E-commerce from the Perspective of Security
1.1.2 E-commerce Security and Its Importance
1.2 E-commerce Security Requirements
1.2.1 E-commerce Security Elements
1.2.2 Logical Hierarchy of E-commerce and Its Security Requirements
1.3 Content of E-commerce Security Management
1.3.1 Connotation of E-commerce Security Management
1.3.2 E-commerce Security Management Means
Reference
2 E-commerce Security Management Plan
2.1 Basic Concepts
2.2 Elements and Types of E-commerce Security Management Plan
2.2.1 Elements of E-commerce Security Management Plan
2.2.2 Types of E-commerce Security Management Plans
2.3 Preparation and Optimization of E-commerce Security Management Plan
2.3.1 Preparation of E-commerce Security Management Plan
2.3.2 Optimization of E-commerce Security Management Plan
2.4 E-commerce Safety Management Emergency Plan
2.4.1 Overview of E-commerce Security Management Emergency Plan
2.4.2 Formulation of ERP for E-commerce Security Management
2.4.3 Formulation of DRP for E-commerce Security Management
2.4.4 Formulation of BCP for E-commerce Security Management
Reference
3 E-commerce Security Management Resources and Organization
3.1 Meaning and Relationship of E-commerce Security Management Resources and Organizations
3.1.1 Meaning of E-commerce Security Management Resources and Organization
3.1.2 Relationship Between E-commerce Security Management Resources and Organization
3.2 E-commerce Security Management Resources
3.2.1 Composition and Limitation of E-commerce Security Management Resources
3.2.2 Configuration of E-commerce Security Management Resources
3.3 E-commerce Security Management Organization
3.3.1 Establishment of E-commerce Security Management Organization
3.3.2 Operation of E-commerce Security Management Organization
3.3.3 Transformation of E-commerce Security Management Organization
References
4 Controlling Information Risk in E-commerce
4.1 E-commerce Information Security Risk Management Process, Participants, and Responsibilities
4.1.1 Information Security Risk Management Process
4.1.2 Participants in Information Security Risk Management and Their Responsibilities
4.2 E-commerce Information Security Risk Assessment and Decision-Making
4.2.1 Information Security Risk Assessment
4.2.2 Information Security Risk Disposal Decision
4.3 Implementation of E-commerce Information Security Risk Control
4.3.1 Overview of Risk Control
4.3.2 Technical Measures
4.3.3 Normative Measures
References
5 Controlling Network Risk in E-commerce
5.1 E-commerce Network Security Threats and Risk Identification
5.1.1 Security Threats to E-commerce Networks
5.1.2 E-commerce Network Security Risk Identification
5.2 E-commerce Network Security Risk Assessment
5.2.1 Elements of E-commerce Network Security Risk Assessment
5.2.2 E-commerce Network Security Risk Assessment Process
5.3 Implementation of E-commerce Network Security Risk Control
5.3.1 Network Security Model
5.3.2 Technical Measures
5.3.3 Regulatory Measures
References
6 Controlling Transaction Risk in E-commerce
6.1 Risk Identification of E-commerce Transactions
6.1.1 Pre-transaction of E-commerce Risks
6.1.2 Risk in E-commerce Transactions
6.1.3 Post-transaction Risk of E-commerce
6.2 Risk Assessment and Decision-Making of E-commerce Transactions
6.2.1 The Angle of E-commerce Transaction Risk Assessment Insurance
6.2.2 Evaluation Index System of E-commerce Transaction Risk
6.2.3 Risk Control Decision of E-commerce Transaction
6.3 Implementation of Risk Control of E-commerce Transactions
6.3.1 Concepts and Properties of the Specification
6.3.2 Compliance Transactions of the Participants in E-commerce Transactions
6.3.3 Market Regulation
6.3.4 Industry Self-Discipline and Social Supervision
7 Controlling Credit Risk in E-commerce
7.1 E-commerce Credit Risk Identification
7.1.1 Concepts of E-commerce Credit Risk Related
7.1.2 Impact Factors and Origin of E-commerce Credit Risk
7.1.3 Performance of E-commerce Credit Risk
7.2 E-commerce Credit Risk Assessment and Decision-Making
7.2.1 Overview of Credit Evaluation
7.2.2 Credit Risk Evaluation Process
7.2.3 Credit Risk Control Decision-Making
7.3 Implementation of E-commerce Credit Risk Control
7.3.1 Guiding Ideology and Basic Principles
7.3.2 Credit Risk Control Mechanism
7.3.3 Regulations, System, and Integrity Construction
8 Controlling Risk of E-commerce Personnel
8.1 Risk Analysis of E-commerce Personnel
8.1.1 Necessity of Risk Management for E-commerce Personnel
8.1.2 Risk Causes and Types of E-commerce Personnel
8.2 Risk Identification, Assessment, and Decision-Making of E-commerce Personnel
8.2.1 Risk Identification of E-commerce Personnel
8.2.2 Risk Assessment for E-commerce Personnel
8.2.3 Risk Control Decision of E-commerce Personnel
8.3 Implementation of Risk Control for E-commerce Personnel
8.3.1 Personnel Management System
8.3.2 Safety Education and Training
8.3.3 Enhance Safety Awareness
8.3.4 Honesty Education and the Construction of Integrity Culture
8.3.5 Improve the Personnel Training Mechanism
9 Supervision and Optimization Mechanism of E-commerce Security Management
9.1 Supervision Mechanism of E-commerce Safety Management
9.1.1 The Dynamic Mechanism of E-commerce Safety Management and Supervision
9.1.2 Formation of E-commerce Safety Management and Supervision Mechanism
9.2 Optimization Mechanism of E-commerce Security Management
9.2.1 Management Optimization and E-commerce Security Management Optimization
9.2.2 Significance and Objectives of Continuous Optimization of E-commerce Security Management
9.2.3 Realization of E-commerce Security Management Optimization
References

Citation preview

Advanced Studies in E-Commerce

Ronggang Zhang · Lijuan Fang · Xiaoping He · Chuan Wei

The Whole Process of E-commerce Security Management System Design and Implementation

Advanced Studies in E-Commerce Series Editors Zheng Qin, School of Software, School of Information Science and Technology, Tsinghua University, Beijing, China Qinghong Shuai, School of Economic Information Engineering, Southwestern University of Finance and Economics, Chengdu, China Ronggang Zhang, School of Management, Northwest University of Politics and Law, Xi’an, China Qiongwei Ye, Professor and Associate Dean in the Business School, Yunnan University of Finance and Economics, Kunming, Yunnan, China Li Xiong, Department of Information Management, Shanghai University, Shanghai, China Jie Cao, Professor in the College of Information Engineering, Nanjing University of Finance and Economics, Nanjing, China

Advanced Studies in E-Commerce takes a fresh and global viewpoint to E-Commerce development. It encompasses such issues as the basic concepts and principles of E-Commerce, the industry chain of E-Commerce, the security management of ECommerce; the architecture of E-Commerce; the analytics of E-Commerce; and some cutting-edge topics of E-Commerce.

Ronggang Zhang · Lijuan Fang · Xiaoping He · Chuan Wei

The Whole Process of E-commerce Security Management System Design and Implementation

Ronggang Zhang School of Management Northwest University of Politics and Law Xi’an, China

Lijuan Fang School of Management Northwest University of Science and Law Shaanxi Province, China

Xiaoping He School of Rule of Law Northwest University of Political Science and Law Xi’an, China

Chuan Wei Center for Risk and Crisis Management Northwest University of Science and Law Xi’an, China

Advanced Studies in E-Commerce ISBN 978-981-19-9457-9 ISBN 978-981-19-9458-6 (eBook) https://doi.org/10.1007/978-981-19-9458-6 Jointly published with Xi’an Jiaotong University Press The print edition is not for sale in China (Mainland). Customers from China (Mainland) please order the print book from: Xi’an Jiaotong University Press. © Xi’an Jiaotong University Press 2023 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publishers, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publishers nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publishers remain neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore

Contents

1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 E-commerce and E-commerce Security . . . . . . . . . . . . . . . . . . . . . . . . 1.1.1 E-commerce from the Perspective of Security . . . . . . . . . . . . 1.1.2 E-commerce Security and Its Importance . . . . . . . . . . . . . . . . 1.2 E-commerce Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.2.1 E-commerce Security Elements . . . . . . . . . . . . . . . . . . . . . . . . 1.2.2 Logical Hierarchy of E-commerce and Its Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Content of E-commerce Security Management . . . . . . . . . . . . . . . . . . 1.3.1 Connotation of E-commerce Security Management . . . . . . . 1.3.2 E-commerce Security Management Means . . . . . . . . . . . . . . . Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 E-commerce Security Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . 2.1 Basic Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.2 Elements and Types of E-commerce Security Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.2.1 Elements of E-commerce Security Management Plan . . . . . . 2.2.2 Types of E-commerce Security Management Plans . . . . . . . . 2.3 Preparation and Optimization of E-commerce Security Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.1 Preparation of E-commerce Security Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.2 Optimization of E-commerce Security Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4 E-commerce Safety Management Emergency Plan . . . . . . . . . . . . . . 2.4.1 Overview of E-commerce Security Management Emergency Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4.2 Formulation of ERP for E-commerce Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

1 1 1 4 6 6 7 8 8 11 13 15 15 16 16 16 17 18 19 19 19 21

v

vi

Contents

2.4.3 Formulation of DRP for E-commerce Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4.4 Formulation of BCP for E-commerce Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 E-commerce Security Management Resources and Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Meaning and Relationship of E-commerce Security Management Resources and Organizations . . . . . . . . . . . . . . . . . . . . . 3.1.1 Meaning of E-commerce Security Management Resources and Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1.2 Relationship Between E-commerce Security Management Resources and Organization . . . . . . . . . . . . . . . 3.2 E-commerce Security Management Resources . . . . . . . . . . . . . . . . . . 3.2.1 Composition and Limitation of E-commerce Security Management Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2.2 Configuration of E-commerce Security Management Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.3 E-commerce Security Management Organization . . . . . . . . . . . . . . . . 3.3.1 Establishment of E-commerce Security Management Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.3.2 Operation of E-commerce Security Management Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.3.3 Transformation of E-commerce Security Management Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

30 35 36 37 37 37 39 39 40 42 47 47 55 57 60

4 Controlling Information Risk in E-commerce . . . . . . . . . . . . . . . . . . . . . 61 4.1 E-commerce Information Security Risk Management Process, Participants, and Responsibilities . . . . . . . . . . . . . . . . . . . . . . 61 4.1.1 Information Security Risk Management Process . . . . . . . . . . 61 4.1.2 Participants in Information Security Risk Management and Their Responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 4.2 E-commerce Information Security Risk Assessment and Decision-Making . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 4.2.1 Information Security Risk Assessment . . . . . . . . . . . . . . . . . . 65 4.2.2 Information Security Risk Disposal Decision . . . . . . . . . . . . . 73 4.3 Implementation of E-commerce Information Security Risk Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 4.3.1 Overview of Risk Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 4.3.2 Technical Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 4.3.3 Normative Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Contents

vii

5 Controlling Network Risk in E-commerce . . . . . . . . . . . . . . . . . . . . . . . . 5.1 E-commerce Network Security Threats and Risk Identification . . . . 5.1.1 Security Threats to E-commerce Networks . . . . . . . . . . . . . . . 5.1.2 E-commerce Network Security Risk Identification . . . . . . . . 5.2 E-commerce Network Security Risk Assessment . . . . . . . . . . . . . . . . 5.2.1 Elements of E-commerce Network Security Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2.2 E-commerce Network Security Risk Assessment Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3 Implementation of E-commerce Network Security Risk Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3.1 Network Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3.2 Technical Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3.3 Regulatory Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

121 121 122 125 126

6 Controlling Transaction Risk in E-commerce . . . . . . . . . . . . . . . . . . . . . 6.1 Risk Identification of E-commerce Transactions . . . . . . . . . . . . . . . . 6.1.1 Pre-transaction of E-commerce Risks . . . . . . . . . . . . . . . . . . . 6.1.2 Risk in E-commerce Transactions . . . . . . . . . . . . . . . . . . . . . . 6.1.3 Post-transaction Risk of E-commerce . . . . . . . . . . . . . . . . . . . 6.2 Risk Assessment and Decision-Making of E-commerce Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2.1 The Angle of E-commerce Transaction Risk Assessment Insurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2.2 Evaluation Index System of E-commerce Transaction Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2.3 Risk Control Decision of E-commerce Transaction . . . . . . . . 6.3 Implementation of Risk Control of E-commerce Transactions . . . . . 6.3.1 Concepts and Properties of the Specification . . . . . . . . . . . . . 6.3.2 Compliance Transactions of the Participants in E-commerce Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.3.3 Market Regulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.3.4 Industry Self-Discipline and Social Supervision . . . . . . . . . .

181 181 181 185 189

7 Controlling Credit Risk in E-commerce . . . . . . . . . . . . . . . . . . . . . . . . . . 7.1 E-commerce Credit Risk Identification . . . . . . . . . . . . . . . . . . . . . . . . 7.1.1 Concepts of E-commerce Credit Risk Related . . . . . . . . . . . . 7.1.2 Impact Factors and Origin of E-commerce Credit Risk . . . . 7.1.3 Performance of E-commerce Credit Risk . . . . . . . . . . . . . . . . 7.2 E-commerce Credit Risk Assessment and Decision-Making . . . . . . 7.2.1 Overview of Credit Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . 7.2.2 Credit Risk Evaluation Process . . . . . . . . . . . . . . . . . . . . . . . . . 7.2.3 Credit Risk Control Decision-Making . . . . . . . . . . . . . . . . . . . 7.3 Implementation of E-commerce Credit Risk Control . . . . . . . . . . . . . 7.3.1 Guiding Ideology and Basic Principles . . . . . . . . . . . . . . . . . .

225 225 226 227 228 231 231 237 253 254 254

126 127 129 129 130 169 179

190 190 191 192 193 193 195 210 222

viii

Contents

7.3.2 Credit Risk Control Mechanism . . . . . . . . . . . . . . . . . . . . . . . . 255 7.3.3 Regulations, System, and Integrity Construction . . . . . . . . . . 260 8 Controlling Risk of E-commerce Personnel . . . . . . . . . . . . . . . . . . . . . . . 8.1 Risk Analysis of E-commerce Personnel . . . . . . . . . . . . . . . . . . . . . . . 8.1.1 Necessity of Risk Management for E-commerce Personnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.1.2 Risk Causes and Types of E-commerce Personnel . . . . . . . . . 8.2 Risk Identification, Assessment, and Decision-Making of E-commerce Personnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.2.1 Risk Identification of E-commerce Personnel . . . . . . . . . . . . 8.2.2 Risk Assessment for E-commerce Personnel . . . . . . . . . . . . . 8.2.3 Risk Control Decision of E-commerce Personnel . . . . . . . . . 8.3 Implementation of Risk Control for E-commerce Personnel . . . . . . . 8.3.1 Personnel Management System . . . . . . . . . . . . . . . . . . . . . . . . 8.3.2 Safety Education and Training . . . . . . . . . . . . . . . . . . . . . . . . . 8.3.3 Enhance Safety Awareness . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.3.4 Honesty Education and the Construction of Integrity Culture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.3.5 Improve the Personnel Training Mechanism . . . . . . . . . . . . . 9 Supervision and Optimization Mechanism of E-commerce Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.1 Supervision Mechanism of E-commerce Safety Management . . . . . 9.1.1 The Dynamic Mechanism of E-commerce Safety Management and Supervision . . . . . . . . . . . . . . . . . . . . . . . . . . 9.1.2 Formation of E-commerce Safety Management and Supervision Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.2 Optimization Mechanism of E-commerce Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.2.1 Management Optimization and E-commerce Security Management Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.2.2 Significance and Objectives of Continuous Optimization of E-commerce Security Management . . . . . . . 9.2.3 Realization of E-commerce Security Management Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

261 261 261 262 264 264 265 266 268 268 272 275 277 278 281 281 282 286 287 288 288 290 294

Chapter 1

Introduction

1.1 E-commerce and E-commerce Security The growth of electronic commerce from the bud to rise, and then occupying the main channel of business activities, the change and evolution of electronic commerce is very rapid and violent. The book argues that e-commerce is a transaction activity based on the media of information network. The transaction goods can be material products or non-material services, and the transaction process may also involve property rights. Since this book mainly studies and discusses the security management of e-commerce, all business activities realized through, relying on, based on, or with the help of information network can be included in the category of electronic commerce, that is to say, from the perspective of security, all business activities based on electronic information network are investigated.

1.1.1 E-commerce from the Perspective of Security 1. E-commerce must pursue systematic security First of all, e-commerce is a huge system of engineering. According to system theory, system generally refers to the whole which is composed of different subsystems in a certain range or the same kind of things in a certain order and internal connection. E-commerce consists of platform operators, product or service providers, network consumers, manufacturers, distributors, retailers, logistics service providers, regulators, and other groups involved in close cooperation, forming a huge system. Ecommerce from the perspective of security can be regarded as a system operating under security. Figure 1.1 shows the schematic diagram of the e-commerce system. Secondly, e-commerce security is systematic security. System theory holds that openness, self-organization, complexity, integrity, relevance, dynamic balance, timing, etc., are the common basic characteristics of all systems. System has both its own characteristics and the characteristics of communication with the outside world. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2023 R. Zhang et al., The Whole Process of E-commerce Security Management System, Advanced Studies in E-Commerce, https://doi.org/10.1007/978-981-19-9458-6_1

1

2

1 Introduction

Customer Supplier

Logistics providers

Platform operator

Manufacturers

Retailer Other partners

Distributor

Fig. 1.1 Schematic diagram of the e-commerce system

Based on this point of view, e-commerce security aims to maintain the dynamic balance between all parts, so that e-commerce system is relatively stable and has a certain continuity, in order to adapt to the changing links and ensure the smooth realization of development goals. From the view of the system management theory, with the traditional commerce, e-commerce by multiple main body participation to complete, each subject through trade, cooperation, competition, and other ways to participate in e-commerce, maintaining the electronic commerce system in the dynamic balance between each subsystem, the change of any subsystem will influence the change of other subsystems. Adverse selection or moral hazard of some subjects will seriously affect the performance and security of the whole system. Therefore, it is necessary to investigate the electronic commerce system as a whole. System management theory puts forward the concept system about the whole organization structure and its operation management, and points out that people can not only pay attention to the specific goal of a subsystem in the system but ignore its overall goal. Unlike traditional commerce, the results of e-commerce are formed through the joint efforts of various entities. Therefore, the book thinks that e-commerce security should be based on the overall security of the system as the core goal. 2. E-commerce is bound to move toward diversified collaborative governance First of all, the development of e-commerce is a process of multiple collaborative governance. Synergy theory mainly studies how an open system spontaneously presents an orderly structure in time, space, and function through its own internal synergy when there is material or energy exchange with the outside world. Based on the principle that “the cooperation of many subsystems is governed by the same principle and has nothing to do with the characteristics of subsystems”, synergy theory provides a new idea for people to solve complex problems. E-commerce is just a system that highly integrates engineering technology with economy, management, and social system. When considering the development of e-commerce from the perspective of security, it is natural to see the synergy. E-commerce is a multi-agent collaboration. Its subjects include not only business subjects such as enterprises and consumers, but also social management subjects such as governments and industry organizations.

1.1 E-commerce and E-commerce Security

3

Secondly, the development of e-commerce urgently needs a new governance model of multi synergy. When synergism is applied to the relationship between biological groups, it divides the relationship between species into three situations: competition, predation, and symbiosis. Each relationship must make various biological factors maintain a coordinated growth and decline and dynamic balance in order to adapt to the environment and survive. Synergetics has also designed many birth and death processes, ecological group networks, and social phenomenon models, such as “social public opinion model”, “ecological group model”, “meridians model”, “population dynamics model”, “predator prey system model”, “form formation model”, etc., in the foreseeable future, these models can be combined with e-commerce based on information network to form the basic model of e-commerce security management. Synergism also puts forward the concept of “functional structure”, which holds that function and structure are interdependent. E-commerce includes ecommerce platform, logistics, payment and settlement, manufacturing, service, and other functional structures. With the rapid development of information technology and the continuous emergence of various business innovations, the scattered but not unified e-commerce “functional structure” needs multiple collaborative governance to ensure its interdependence, mutual promotion, and common development with modern economy and society. 3. Derivative risks arising from e-commerce transaction mode E-commerce mode is a revolution of traditional business transaction mode, which can reduce the search cost, negotiation cost, and implementation cost of both parties. But this change brings not only opportunities but also new problems. For example, there are fake goods, false propaganda, brushing orders, stir-frying letters, excessive collection of personal information, and disclosure of privacy information in ecommerce transactions. Commodity quality, promotion, delivery, refund, customer service, logistics, and other issues are the source of risk for e-commerce security. According to the “2020 Q3 China E-commerce User Experience and Complaints Monitoring Report”, the top 10 online consumer complaints in China in the third quarter of 2020 are: refund problem, product quality, online fraud, delivery problem, after-sales service, overtaking terms, online sales of fake goods, false promotion, return and exchange difficulties, and order problems. It can be seen that the difficulty of refund, poor quality, and network fraud are still the hot issues of users’ complaints in e-commerce transactions.

4

1 Introduction

1.1.2 E-commerce Security and Its Importance 1. The definition of e-commerce security China’s National Standard (GB/T 28,001) defines “safety” as “a state in which the risk of unacceptable damage is exempted”. Security and risk are opposite concepts. The object of security management is risk, and the unique attribute of security is that there is no risk. Because of the above close relationship between security and risk, the terms “security” and “risk” are often used together in this book, but the concept of “risk” is highlighted. The definition of e-commerce security in this book is: through continuous e-commerce risk identification and risk management, reduce the risk of injury or property loss of participants, and maintain the risk in an acceptable range of a state, to achieve the expected risk level of e-commerce operation comprehensive evaluation. Traditional business activities also have security problems, but compared with traditional business security problems, e-commerce security problems are more complex, shorter time, a wider range of influence, and more likely to have overlapping effects with public events. E-commerce has many subjects and involves many aspects, and its security problems also come from these subjects or aspects, mainly including: Information security and network security: Different from traditional commerce, each participant of e-commerce does not need to conduct business activities face to face. Information flow and capital flow are transmitted through the network, which easily leads to the disclosure of confidential information or user’s personal information, resulting in the loss of interests of all parties. In addition, network provides the basic operating environment for e-commerce, which is an important factor affecting the security of e-commerce. Therefore, information security and network security is an inevitable consideration of e-commerce security. Transaction security: As a new business model, the main content of e-commerce is transaction, so transaction security must be the core content of e-commerce security. Credit and law: Market transactions need credit and law. Similarly, e-commerce also operates under a certain credit guarantee system and a series of laws and regulations. The security of e-commerce needs to pay attention to credit and legal issues. Personnel safety: E-commerce cannot operate without people, so it can be seen that the security of e-commerce participants is also an important content of e-commerce security. Generally speaking, in the above security problems, e-commerce security should pay particular attention to information security, network security, and transaction security, which are the high incidences of e-commerce security problems in the field. As can be seen from the definition of e-commerce security, risk and security are inseparable. Therefore, it is necessary to define the security risk of e-commerce.

1.1 E-commerce and E-commerce Security

5

In the broad sense, e-commerce security risks refer to all kinds of risks threatening e-commerce security, covering the whole process of e-commerce, involving all participants of e-commerce, all kinds of hardware and software facilities, internal and external operating environment, including information security risk, transaction risk, credit risk, personnel risk, etc. In the narrow sense, e-commerce security risks mainly focus on information security risks and network security risks that support or are related to commercial activities, excluding the risks of commercial activities themselves. 2. The importance of e-commerce security First, e-commerce security is an integral part of China’s overall national security. As an important part of the development of China’s digital economy, e-commerce is deeply integrated with the real economy, bringing profound impact on people’s lives. The role of e-commerce has gone beyond commerce itself, as an important way of resource allocation under information conditions, it has become an important force leading economic and social development. However, in recent years, in the field of e-commerce, the destruction of information system, forging or stealing accounts, fraud, infringement of e-commerce secrets, infringement of user privacy, infringement of intellectual property rights, and other crimes continue to increase. E-commerce security not only affects the normal operation and sustainable development of e-commerce, but also has an important impact on the overall security of China. Secondly, e-commerce security is an important part of enterprise security. Ecommerce security is an important guarantee for the safety of all e-commerce enterprises. It is of great significance for e-commerce platform operators and e-commerce product or service providers. As e-commerce platform operating enterprises are based on information system and network operation, its security problems are mainly related to information system and network security. For e-commerce products or service providers, their security issues are mainly related to product quality and their own production and operation security. Finally, e-commerce security is an important guarantee of consumer safety. In the digital era, e-commerce develops rapidly, and many consumers complete basic consumption and purchase life services through e-commerce. Therefore, e-commerce security is an important guarantee for consumers. On the one hand, e-commerce security guarantees the safety of individual consumers. In the e-commerce environment, individual consumers purchase goods or services through the Internet, and their safety is mainly reflected in the personal information security, property security, and health and safety caused by product quality, while considering the resulting communication, dispute resolution, and other safety issues. On the other hand, e-commerce security ensures the safety of consumer organizations. As consumers, organizations purchase various resources, such as equipment and services, through e-commerce. Their consumption process is not significantly different from that of ordinary individual consumers. However, once security problems occur, the consequences may be more serious.

6

1 Introduction

1.2 E-commerce Security Requirements 1.2.1 E-commerce Security Elements In general, e-commerce security should include security elements such as confidentiality, integrity, authentication, controllability, non-repudiation, availability, anonymity, credibility, compliance and legality, etc. Confidentiality usually means that only the sender and receiver can access the content of information, and unauthorized personnel cannot access trade secrets and personal information involved in e-commerce exchanges. Among them, personal information refers to the name, id number, address, contact information, location information, bank card information, transaction records, payment records, logistics records, and other information collected by e-commerce operators in e-commerce activities that can identify specific users independently or in combination with other information. E-commerce operators should improve the internal control system and the technical management measures, prevent information leakage, loss, and damage, to ensure the security of e-commerce activities. Integrity is to ensure that the information in the electronic commerce system is not illegally modified, damaged, lost, etc. By preventing or predicting risks, it prevents information loss, repetition, and malicious tampering by illegal users in the process of storage and transmission, in order to protect the integrity of information and information-related attributes that may be damaged in different forms. Authentication can also be called authenticity, that is, through a reliable authentication mechanism to ensure that the entity identity, information, and information source are true. In e-commerce activities, because the two parties cannot meet, the counterfeiter or attacker will forge the physical identity or information, so the premise of secure transaction is that the identity or information of the two parties is real, which usually requires the intervention of a third party and is guaranteed by a reliable authentication mechanism. Authentication includes authentication of the entity and information. Authentication of the entity is used to determine the authenticity of the identities of the parties to the transaction, and authentication of the message can be used to confirm whether the information is from the claimed information source, rather than forged. Controllability refers to the control of access rights, which is a security mechanism that determines whether the subject-to-object access mode is legal according to preset rules, so as to ensure that the system, data, and services are accessed by legitimate personnel and used legally. Non-repudiation, also known as non-repudiation, prevents both parties of communication or transaction from denying the received information or business. The e-commerce system should ensure that once the transaction is reached, the sender cannot deny the sent information, and the receiver cannot tamper with the information he received, so as to ensure that the transaction cannot be denied by both parties and prevent the occurrence of commercial fraud.

1.2 E-commerce Security Requirements

7

Availability refers to the assurance that information and information systems are always available to the grantee without interruption of service, even for a short time. When large e-commerce platforms such as Taobao, Tmall, Jingdong, etc., are broken down or attacked, even a few minutes of service interruption will lead to tens of millions of transactions being affected, resulting in great losses to the platform or merchants. Anonymity is to ensure that the privacy rights of legitimate users are not violated. E-commerce systems should prevent legitimate transactions from being tracked, prevent disclosure of users’ personal information, and ensure the anonymity of transactions. Credibility includes two fields, one is the credibility of the network environment of the transaction, the other is the credibility of the transaction behavior. The credibility of network environment needs to create a trusted verification space for network transactions through trusted computing. The credibility of transaction behavior is based on the authenticity and reliability of the transaction identities of both parties to ensure that their transaction behavior is credible. For example, the quality of the product or service, whether the after-sales service is consistent with the promise. Due to the uncertainty and highly dynamic nature of e-commerce transactions, the virtuality of transaction users, and the limitations of e-commerce technology and management, credibility requires a credit evaluation system to reduce the risks brought by e-commerce to both parties. Compliance and legitimacy refers to that the activities of the participants of e-commerce conform to national laws, regulations and relevant standards.

1.2.2 Logical Hierarchy of E-commerce and Its Security Requirements 1. Security requirements of different e-commerce logical layers Logically, e-commerce system can be divided into three layers: network layer, payment layer, and transaction layer. Different logical layers have different security requirements. Security requirements at the network layer include authentication, controllability, confidentiality, integrity, availability, non-repudiation, and compliance. The security requirements of payment layer include confidentiality, anonymity, authentication, real-time, non-repudiation, and compliance legitimacy. Transaction layer security requirements include credibility, confidentiality, integrity, availability, non-repudiation, and compliance legitimacy. Among the above logical hierarchy, the network layer is the base layer. The network layer needs to provide a secure and stable network environment for ecommerce, so it has a high demand for network availability. Since the payment layer involves private information, such as user name, account number, password, etc., it has a high demand for confidentiality and anonymity. Due to the virtuality

8

1 Introduction

Table 1.1 Analysis of consumer security requirements Security requirements

Consumer perspective

Confidentiality

My messages cannot be read by non-authorized parties other than the designated recipients

Integrity

I send or receive information that has not been tampered with or missing

Authentication

Make sure the person or merchant I’m dealing with is who he claims to be

Controllability

How do I get access to this website, what rights do I have, and I need to control the use of personal information

Non-repudiation

The person I’m dealing with can’t deny the transaction was made

Availability

I can use e-commerce websites or platforms when I need them

Anonymity

My information can’t be leaked, my transactions can’t be tracked

Credibility

No bad consumption record, no malicious evaluation

Compliance and legality Consumption behavior complies with relevant laws and regulations

and identity uncertainty of e-commerce, the transaction layer has a high demand for credibility. 2. Security requirements of different e-commerce participants The main participants of e-commerce are consumers, enterprises, and the government. The following takes B2C (business-to-consumer) e-commerce model as an example to analyze the security needs of consumers, enterprises, and governments for e-commerce. Table 1.1 Shows the analysis of consumer security requirements. Table 1.2 describes the analysis of enterprise security requirements. Table 1.3 shows the analysis of government security requirements. From the above analysis of the security requirements of the three participants in ecommerce, it can be seen that different participants have variant security requirements due to their different roles in e-commerce.

1.3 Content of E-commerce Security Management 1.3.1 Connotation of E-commerce Security Management E-commerce security management is an activity that integrates resources to achieve the goal of e-commerce security operation. The main purpose of e-commerce security management is to accurately identify the safety risk of e-commerce, correctly assess the severity of the loss caused by different risks to e-commerce, through the management theory and methods, the technical means and management means effectively

1.3 Content of E-commerce Security Management

9

Table 1.2 Analysis of enterprise security requirements Security requirements

Business perspective

Confidentiality

Information or confidential data cannot be accessed by unauthorized parties

Integrity

Data on information systems or websites is not generated, modified, or deleted by unauthorized parties, information is stored and transmitted securely

Authentication

Ensure the true identity of the consumer

Controllability

Ensure the normal operation of the information system or website, ensure the use of system resources and services by authorized users, and control the collection and use of consumers’ personal information and data within a reasonable range

Non-repudiation

The consumer cannot deny that the product was ordered, and the counterparty cannot deny that the transaction occurred

Availability

At any time can provide the required information or services to customers

Anonymity

Ensure that transactions are anonymous, untraceable, and protect the privacy of legitimate users

Credibility

Improve the credibility of the network trading environment, good reputation, no quality problems of goods, provide services consistent with the commitment, no brush single

Compliance and legality

Production and operation in accordance with relevant national laws and regulations, take effective measures to protect the platform or information

Table 1.3 Analysis of government security requirements Security requirements

Public management perspective

Confidentiality

Legal uploading, reading, and transmission of information or confidential data

Integrity

Information is stored and transmitted securely and the transmission system has not been severely tampered with

Authentication

Ensure the true and legal identity of all participants

Controllability

Ensure the normal operation of the information system, the collection and use of consumers’ personal information and data is legal

Non-repudiation

The parties to a transaction cannot deny that a transaction has taken place

Availability

Ensure system security and provide required information or services to users in time

Anonymity

Ensure that transactions are untraceable and protect legal privacy

Credibility

The network system used for transactions complies with the relevant standards of national level protection. All participating parties shall respect and care for their own reputation and have no acts of dishonesty

Compliance and legality

Comply with national laws and regulations, no bad political intention, no violation of social training, and good customs

10

1 Introduction

applied to the process of risk control, to minimize the occurrence of e-commerce risks. Security management runs through the whole process of e-commerce, and through planning, resources and organization, information security risk control, network security risk control, transaction security risk control, credit risk control, personnel risk control, supervision and optimization mechanism, and other management activities to ensure the safe and steady development of e-commerce. Plan: In modern society, people need to make all kinds of plans to ensure the success of their goals. Planning should precede other management activities and play an important role in management. E-commerce security management plan is to make e-commerce security management objectives specific. On the basis of dynamic balance of the external environment, internal conditions, and decisionmaking objectives of the electronic commerce security management system, the process of realizing the security objectives is determined by the decision-making of electronic commerce security management. E-commerce security managers in order to achieve security objectives, according to the plan of e-commerce security management objects, implement a series of influence and control activities, so that e-commerce security management activities achieve the best benefits. Resources and organization: Security is an important prerequisite for enterprises to carry out e-commerce, while resources and organization are important guarantees for e-commerce security. No matter the size of e-commerce, enterprises should pay attention to the construction of security resources and organization. E-commerce security management resources provide support for the realization of e-commerce security management goals and related activities. Electronic commerce security management organization by setting a reasonable organizational structure, achieve effective allocation of resources and ensure the effective implementation of electronic commerce security management. Information risk control and network security risk control: Information security risk and network security risk are important challenges for e-commerce security management. Based on risk management methods, information security and network security should be effectively controlled, resolved, avoided, and eliminated through relevant technical laws and regulations, so as to reduce the risk to an acceptable level. Transaction risk control: According to the different stages of e-commerce transaction risk, it can be divided into pre-transaction risk, in-transaction risk, and posttransaction risk. Pre-transaction risks mainly include identity risk, marketing risk, and platform trading rule risk. In-transaction risks mainly include contract signing illegal risk, transaction behavior default risk, payment risk, logistics distribution risk, etc. Post-transaction risks mainly include transaction evidence risk, after-sale service risk, transaction dispute settlement risk, and evaluation risk. Among them, identity risk, platform trading rules risk, logistics distribution risk, evaluation, and other risks will also affect the subsequent e-commerce activities. Credit risk control: Honesty and trustworthiness are the basic criteria of business. Essentially, market economy is credit economy. In economic activities, individuals or organizations want to gain the trust of others, need to meet two prerequisites, one is to keep faith, the other is to have the ability to keep faith. Credit is especially important

1.3 Content of E-commerce Security Management

11

in non-face-to-face e-commerce. The risk brought by the imperfect commercial rules and credit system is a great threat to the safe development of e-commerce. Personnel risk control: E-commerce personnel risk refers to the uncertainty of security incidents and the impact on the organization caused by the unintentional or intentional behavior of e-commerce employees. The construction and development of e-commerce is inseparable from the concrete implementation and operation of personnel, they are not only the main body of e-commerce system construction and application, but also the object of security management. Personnel risk is an important part of electronic commerce security management. Supervision and optimization mechanism: Security is a process of dynamic management, so is e-commerce security. To realize e-commerce safety management, it is necessary to supervise the whole management process objectively, fully and effectively, and at the same time form a certain optimization mechanism to ensure the healthy development of e-commerce in the safe threshold value.

1.3.2 E-commerce Security Management Means Electronic commerce security management means include technical means and management means. Technical means is the basis of electronic commerce security management, management means is the guarantee. Technical Means. E-commerce often faces a variety of security threats, different threats need one or more security technologies to protect. For example, authentication technology can protect against impersonation attacks, access control technology protects against authorization violations, encryption protects against eavesdropping attacks, encryption technology, digital signature technology, data integrity technology, authentication technology, security audit technology, security recovery, and other technologies can prevent integrity violations, digital signature technology, authentication technology, data integrity technology can prevent business repudiation threat, use authentication, access control, and data integrity technologies to protect against service denial threats. The following takes e-commerce as an example to analyze the common security problems in e-commerce and the corresponding technical means. The authenticity of the trading partner, that is, whether the real identity of the trading partner is consistent with its statement. Generally, authentication technology is used to determine whether the identity is true. Authentication technology can be combined with PKI (public key infrastructure) technology to obtain better security. The confidentiality of electronic documents is to ensure that the contents of electronic documents are not obtained by unauthorized third parties during transmission, storage, and management. The commonly used technical means are data encryption and decryption, decryption, and key management. The loss of electronic documents, that is, electronic documents may be lost during network transmission. Once the loss of electronic documents occurs, the sender can find it, and solve the problem by assigning the serial number to the documents,

12

1 Introduction

verifying the serial number of electronic documents, using digital timestamps, or through other means, such as specific message, email, telephone, etc. The integrity of electronic documents, i.e., to ensure that the contents of documents have not been tampered with. For example, if A (user) sends A message “transfer 1000 yuan to C”, and B (bank) receives A message “transfer 1000 yuan to D”, it indicates that the message has lost its integrity. This problem is mainly solved by message summarization technology. The authenticity of electronic documents, that is, electronic documents come from the expected sender, this problem is mainly solved by digital signature. Repudiation transaction problem, that is, both parties have disputes over electronic documents, including possible repudiation by sender or receiver. This problem is mainly solved by authentication technology and digital timestamp [1]. In addition to the above technology, to ensure the security of e-commerce also need other security technology, including network security technology, such as firewall technology, intrusion detection technology, virtual private network technology; System and application security technology, such as operating system security, database security, Web security, Email security and other technologies; Cloud security technology, etc. Management Means. There are three important factors affecting the safety of electronic commerce: human, process, and technology. Among these three factors, people and process are related to management, so they can be classified as management level. To solve the safety issue, technology for sure is necessary, however, management is more important. E-commerce safety management is inseparable from the safety management organization, which is responsible for assessing safety risks, developing safety management plans and safety management strategies and supervising their implementation, as well as developing safety standards. Since there are international standardization organizations, there are standardization organizations in some countries and some enterprise groups that make safety standards, for example, International Organization for Standardization (ISO), International Telecommunication Union Telecommunication Standardization Department (ITU-T), international Information Processing Federation information processing system security and Protection Committee (IFIP TC11), Institute of Electrical and Electronics Engineers (IEEE), American National Institute of Standards and Technology (NIST), American National Standards Institute (ANSI), etc. China is a member of the International Organization for Standardization, and the China Technical Committee on Information Security Standardization is responsible for the standardization of technical work related to information security in China. Safety management measures mainly include the relevant management system of e-commerce enterprises, industry standards related to e-commerce security, national laws and regulations and policies, etc. From the enterprise level, e-commerce is based on computer network business activities, so information security management system is an important part of ecommerce enterprise security management system. Information security management system provides for the security requirements of electronic commerce, which

Reference

13

is the norm and criterion of electronic commerce security management. The information security management system involves operation procedures, emergency treatment, daily maintenance, hardware and software file storage, information confidentiality, etc. For example, the daily management and maintenance system of the network system, including the daily management and maintenance of hardware, software, etc. Virus preparedness system; Confidentiality system; Tracking and auditing system; Emergency measures, etc. The safety management system of e-commerce enterprises also includes the safety management system for the stage of e-commerce transaction before, during, and after the transaction, as well as perfect reference management system and personnel safety management system. From the perspective of the industry and the country, in order to ensure the safe and healthy development of e-commerce, it is necessary to regulate and restrain the behavior of the participants of e-commerce, which needs the support of national laws and regulations and relevant industry standards. At present, China is actively promoting the construction of this aspect, and has successively issued a number of relevant laws and regulations and industry standards, and the social basic environment to ensure the safe development of e-commerce is gradually improving. To sum up, e-commerce security management is an organic combination of technology and management. Only by combining technical and administrative means can e-commerce security be realized.

Reference 1. Lifang Wang (2015) Security Technology of Electronic Commerce. Electronic Publishing House of Electronics Industry, Beijing

Chapter 2

E-commerce Security Management Plan

2.1 Basic Concepts In modern society, in order to complete complex tasks, people need to make various plans to ensure the smooth completion of tasks. Planning is a process in which an organization determines the goals to be achieved within a certain period of time according to its own needs and characteristics, and achieves the expected goals by coordinating various resources for planning, implementation, and supervision. Plan is the advance arrangement of future activities. It is the plan of future action, it precedes other management activities, has an important position in the organization management work. Planning plays an important role in safety management. On the one hand, safety management plan is an important guarantee for the realization of safety decision objectives. It decomposes the whole security goal, calculates and plans the manpower, material resources, financial resources, formulates the implementation steps and methods as well as the corresponding strategies and policies. On the other hand, the safety management plan is the guideline for the implementation of all activities in the safety management. In order to achieve the goal of safety management, safety managers implement a series of influence and control activities on the objects of safety management according to the safety management plan, and coordinate and make reasonable use of all resources to achieve the maximum benefit of safety management activities. Although not all enterprises will set up a special security management department, but security management is undoubtedly an important part of organizational management, and so are e-commerce enterprises. As e-commerce is a new business model, its security management has brought new challenges to the management of e-commerce enterprises, so we must attach great importance to it. E-commerce security management plan is a process in which e-commerce security managers coordinate related resources to achieve the expected security goals through preparation, implementation, and supervision. E-commerce security management can be understood from narrow and broad perspectives. In the narrow sense, e-commerce safety © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2023 R. Zhang et al., The Whole Process of E-commerce Security Management System, Advanced Studies in E-Commerce, https://doi.org/10.1007/978-981-19-9458-6_2

15

16

2 E-commerce Security Management Plan

management plan refers to the safety management plan formulated and implemented by e-commerce enterprises in the process of developing e-commerce activities. In the broad sense, e-commerce safety management plans refer to safety management plans formulated and implemented by e-commerce enterprises and related industries, governments, and departments. This book focuses on the narrow angle of e-commerce security management plan. In the electronic commerce security management plan, emergency plan is a very important part.

2.2 Elements and Types of E-commerce Security Management Plan 2.2.1 Elements of E-commerce Security Management Plan Electronic commerce safety management plan mainly includes three elements: electronic commerce safety management objectives, electronic commerce safety management measures and methods, and electronic commerce safety management steps. Electronic commerce security management objectives: Before formulating the e-commerce security management plan, it is necessary to research the status quo of ecommerce system operation, analyze the needs of e-commerce security management, and put forward the objectives of e-commerce security management. E-commerce security management objectives can implement e-commerce security management plan to know the results of e-commerce security management work in advance. Electronic commerce security management measures and methods: Ecommerce safety management measures and methods mainly refer to the means, conditions, resources, and responsibility to achieve the established e-commerce safety management objectives, They guarantee the smooth implementation of e-commerce safety management plan. E-commerce security management steps: E-commerce security management steps are about e-commerce security management procedures and specific arrangements of time, including the total time arrangement, each stage of the time arrangement, task description, the allocation and use of relevant resources, etc.

2.2.2 Types of E-commerce Security Management Plans According to different standards, e-commerce security management plans can be divided into many types. For example, e-commerce security management plans can be divided according to duration, organizational level, and degree of management control.

2.3 Preparation and Optimization of E-commerce Security Management Plan

17

According to the term, e-commerce security management plan can be divided into long-term plan, medium-term plan, and short-term plan. Long-term plan refers to a plan with a term of more than 5 years, which is generally programmatic and general. Long-term plans are usually equipped with medium-term plans and shortterm plans to further flesh out the plan. Medium-term plan refers to the plan with a period of about 5 years. It can not only specify the long-term plan in stages, but also provide a basic framework for the preparation of phased plans. It plays the role of connecting long-term plans with short-term plans, and is the basic form of ecommerce to achieve security management plans. The short-term plan usually refers to the annual plan with a term of one year. It is the security management tasks and related measures of the current year formulated according to the medium-term plan. The content is specific, including the allocation of task execution units and related resources, and is the specific action plan of the long-term plan and medium-term plan. According to the different organizational levels, e-commerce security management plan can be divided into high-level plan, middle-level plan, and grassroots plan. A high-level plan is a plan developed by senior management and implemented throughout the organization. It is a kind of strategic plan, which is the planning of the organization’s important, global, and long-term security management tasks. The middle-level plan is formulated and promulgated by the middle-level management organization, and reached the relevant grassroots implementation and is responsible for the inspection of the plan. Middle-level plan is generally a tactical plan or business plan, it is the specific arrangement of a strategic plan. Grassroots plan is prepared and published by a grassroots executive agency. Basic-level plan is generally an executive plan, mainly including safe operation plan, safe operation procedures, and regulations. According to the different degree of management control, e-commerce security management plan can be divided into mandatory plan, guiding plan, etc. Among them, the mandatory plan is issued by the superior unit according to the subordinate relationship, requiring subordinate units and individuals to complete the plan, with mandatory, authoritative, administrative, indirect, and other characteristics. The guiding plan only provides general guiding principles, but does not limit specific goals or specific action plans. It is a kind of plan that can be implemented by subordinate units by reference, and has the characteristics of constraint, flexibility, and indirect regulation [1].

2.3 Preparation and Optimization of E-commerce Security Management Plan There are many types of e-commerce security management plans, and they are subjective to a certain extent. Therefore, certain principles, procedures, and methods must be followed in the compilation, and they must be constantly modified and improved in the implementation process.

18

2 E-commerce Security Management Plan

2.3.1 Preparation of E-commerce Security Management Plan 1. Compilation Principle Scientific principles: Scientific principle refers to the security management plan preparation personnel must start from the actual situation of e-commerce security management, and carry out in-depth investigation and scientific analysis, so that e-commerce security management plan is established on a scientific basis. System principles: The systematic principle refers to that the relationship between each part of the planned object system and the relationship between the planned object system and related systems should be taken into account when the e-commerce security management plan is formulated. On the basis of taking into account the safety needs of e-commerce enterprises and consumers, the principle emphasizes that local interests are subordinate to the overall interests, so as to ensure the overall safety and long-term development of e-commerce. Practical principle: E-commerce security management plan, in order to enable e-commerce enterprises to achieve the established management goals through certain efforts, its implementation must have the corresponding conditions and resources to ensure the implementation. 2. Preparation procedure Step 1: Investigation and research to provide the basis for planning. Prior to the preparation of the plan, the history and current situation of the plan object must be investigated by means of personal investigation, entrusted investigation, key investigation, sampling investigation, and special investigation in accordance with the purpose and requirements of the preparation of the plan, so as to comprehensively grasp relevant materials and data and provide basis for the preparation of the plan. Step 2: Make security predictions. From the content of prediction, safety prediction includes equipment reliability prediction, system vulnerability or hidden danger development prediction, accident possibility prediction, etc. From the term of forecast, safety forecast includes long-term, medium-term, and short-term forecast [1]. Step 3: Draw up a plan. According to the results of investigation and security prediction, determine e-commerce safety management objectives, e-commerce safety management measures and methods, e-commerce safety management steps and related instructions, etc. Multiple alternatives can be prepared for the same e-commerce security management activity. Step 4: Evaluate and select the plan. Through scientific demonstration, combined with specific conditions, the pros and cons of each alternative plan are evaluated, and the most satisfactory plan is finally selected and approved by the management.

2.4 E-commerce Safety Management Emergency Plan

19

2.3.2 Optimization of E-commerce Security Management Plan After the e-commerce security management plan is established, the plan can be implemented. In the process of implementing the plan, it is necessary to optimize the e-commerce security management plan, including checking the e-commerce security management plan and revising it according to the specific situation. 1. Check the e-commerce security management plan First, check whether the plan is being implemented smoothly. After the implementation of the e-commerce security management plan, it is necessary to understand and master the implementation of the plan and whether each department completes the set tasks according to the plan. Next, check whether the plan is prepared in line with objective reality. Affected by factors such as people’s level of understanding, objective conditions, internal and external environment changes, e-commerce security management plan may not be consistent with the actual implementation. At this time, the reasons should be analyzed. If the plan itself does not conform to the actual situation, or there are unexpected problems in the implementation of the plan, such as major emergencies, the plan should be revised according to relevant procedures. Then, checks should be carried out throughout the plan. The inspection runs through the whole process from the plan to the end of the plan execution, such as checking whether the plan execution deviates from the target, the completion of the plan indicators, the problems existing in the plan execution process, whether the plan conforms to the actual situation, etc. 2. Optimization of e-commerce Security Management Plan After checking the preparation of the plan, e-commerce security management plan can be revised according to the situation, in order to make it always in a dynamic process, and constantly improve the adaptability of e-commerce security management plan.

2.4 E-commerce Safety Management Emergency Plan 2.4.1 Overview of E-commerce Security Management Emergency Plan E-commerce enterprises may encounter unexpected events in the process of operation, which will bring security risks to e-commerce enterprises. Therefore, ecommerce enterprises need to formulate safety management emergency plans for unexpected events. E-commerce safety management emergency plan, also known as e-commerce safety management emergency plan, is an important part of e-commerce

20

2 E-commerce Security Management Plan

safety management plan. In e-commerce activities, accidents are caused by multiple factors, but because information security in e-commerce occupies very important position, the impact of events caused by the information security problem is bigger, so the book talks about e-commerce security management emergency plan (hereinafter referred to as the contingency plan), focusing on talking about information security emergency plan. Contingency planning is the whole process of preparing an organization to deal with an unexpected event. Emergency planning is actually a working procedure for responding to security incidents caused by both natural and human factors. The goal of an emergency plan is to restore an organization’s business to an acceptable state of operation with minimal loss and disruption after an unexpected event occurs. In a broad sense, contingency planning includes all contingency plans, such as those involving legal, transaction, credit, and personnel. In a narrow sense, emergency plan consists of three parts: Emergency Response Plan (ERP), Business Continuity Plan (BCP), and Disaster Recovery plan (DRP). Emergency planning in this book refers to emergency planning in a narrow sense. Emergency planning in the narrow sense consists of emergency response plan, business continuity plan, and disaster recovery plan. If an unexpected event caused by natural or human factors causes actual damage or damage to the organization, but its severity does not reach the catastrophic level, such an event is usually treated as an accident and the emergency response plan is initiated. And when an incident (accident) occurs, if the organization does not inhibit or control events, or events cause the main facility very serious damage, making e-commerce enterprises difficult to quickly recover, it is time to determine the event for catastrophic events, at the same time start the disaster recovery and business continuity plans. Business continuity plans are used to ensure the continuity of critical operations in the event of a disaster. When a severe and prolonged disaster makes the current business site unavailable, a business continuity plan needs to be initiated to re-establish business functions in another business site, while the disaster recovery team focuses on rebuilding the technical infrastructure and restoring business operations. Of course, the adoption of a business continuity plan depends on the organization and its business needs, and some weak organizations may cease operations until major facilities are restored. In making the emergency plan, depending on the organization scale and business idea, the emergency response plan, business continuity, and disaster recovery plans as a whole, can be compiled with the three plans respectively, or business continuity and disaster recovery plans as a whole. For example, a large organization prepares an emergency response plan, a business continuity plan, and a disaster recovery plan, respectively, and sets up a corresponding emergency planning team consisting of a coordination lead and representatives from the emergency response planning team, disaster recovery planning team, and business continuity planning team. Smaller organizations often combine emergency response plans, disaster recovery plans, and business continuity plans into a single emergency plan, often with multiple members of the emergency planning team.

2.4 E-commerce Safety Management Emergency Plan

21

2.4.2 Formulation of ERP for E-commerce Security Management The formulation of emergency response plan for e-commerce security management (hereinafter referred to as emergency response plan) usually includes three stages: preparation, planning, and practice. 1. Preparation The preparation of emergency response plan includes three parts: risk assessment, business impact analysis, and emergency response strategy formulation. (1) Risk assessment Risk assessment is to determine the asset value of information system, identify the threat and vulnerability of information system, and analyze the possibility of various threats. The factors threatening e-commerce system can be divided into artificial factors and natural factors. Among them, human factors can be divided into malicious factors and non-malicious factors according to different threat motives, while natural factors mainly refer to force majeure in nature and other physical factors. Threats may take the form of direct or indirect attacks on information systems that compromise information systems in terms of confidentiality, integrity, and availability, or they may be accidental or deliberate incidents. Before analyzing the threat, we should consider whether the threat comes from natural or human factors. (2) Business impact analysis Business Impact Analysis (BIA) refers to analyzing the possible impact of various information security events on business functions on the basis of risk assessment, and then determining the recovery objectives of emergency response. In the business impact analysis, the first to analyze the business function and related resource allocation situation, also is for all business functions of an organization and analyze the correlation between the various business functions, support all business functions of information system resources and other resources, clear information confidentiality, integrity, and availability requirements. Secondly, the information system is evaluated to determine the key functions performed by the information system and the information system resources required to perform these key functions. A critical business function refers to a service or function whose interruption for a certain period of time will significantly affect business operations. Thirdly, quantitative or qualitative methods are used to evaluate the impact of information security events. Finally, determine the recovery objectives of emergency response, including key business functions and recovery priorities; Determine the recovery time range, namely, the range of recovery Time Objective (RTO) and Recovery Point Objective (RPO). Recovery time target refers to the time required for information systems or service functions to be restored after a disaster occurs. Recovery point is a point in time at which the system and data must be recovered after a disaster occurs. For e-commerce enterprises, the RTO and RPO that are suitable for the organization can be determined

22

2 E-commerce Security Management Plan

by estimating the loss caused by business interruption. For example, when the information system of an e-commerce enterprise goes down, the core database should be the first service function to be restored when the power supply is normal. (3) Formulation of emergency response strategy Emergency response policies can be used to quickly and effectively recover information systems after information security events such as service interruption, system breakdown, and network breakdown occur. These strategies should address the recovery objectives of the emergency response identified in the business impact analysis. First of all, determine the level of system recovery capability, system recovery capability is divided into six levels: basic support, backup site support, electronic transmission and partial equipment support, electronic transmission and complete equipment support, real-time data transmission and complete equipment support, data zero loss, and remote cluster support. Secondly, system recovery resource requirements. Requirements for different categories of resources are as follows. Data backup system: generally consists of hardware, software, and data backup media for data backup. If the data backup system relies on electronic transmission, it also includes data backup lines and corresponding communication equipment. For e-commerce enterprises, the data backup system can be built by the organization itself or obtained by renting the system of other organizations. Backup data processing system: refers to all data processing equipment required for system recovery. The methods of obtaining the standby data processing system include signing an emergency supply agreement with the manufacturer in advance; Purchase the required data processing equipment in advance and store it in the disaster backup center (used to replace the main system for data processing and support the operation of key business functions after the disaster event) or in the secure equipment warehouse; Utilize compatible equipment already available at commercial backup centers or institutions with reciprocal agreements. Standby network system means the network used by end-users to access the standby data processing system, including standby network communication equipment and standby data communication lines. The standby network communication equipment is acquired in the same way as the standby data processing system. There are two ways to obtain the standby data communication line: using its own data communication line and renting public data communication line. Backup infrastructure: refers to the buildings, equipment, and organizations required for system recovery and supporting the operation of the backup system, including off-site storage places for data backup media, backup equipment rooms, auxiliary facilities for system recovery, and living facilities allowing system recovery personnel to stay continuously. Standby infrastructure can be acquired by: owning or operating standby infrastructure by the organization; Access to standby infrastructure by multiple parties or through reciprocal agreements; Lease the infrastructure of a commercial backup center. Technical support ability: The ability to provide support and comprehensive guarantee for the operation of the recovery system to achieve the expected goals

2.4 E-commerce Safety Management Emergency Plan

23

of the system recovery, including the ability to solve problems in hardware, system software, and application software, and the ability to manage the safe operation and communication of the network system. You can obtain the technical support capability by: Full-time technical support personnel in the backup center; Signing technical support or service contracts with manufacturers; The technical staff of the main center should work part-time, but it should be considered that the technical support staff cannot provide support due to abnormal traffic when an information security incident occurs. Operation and management: Operation and maintenance management includes operation environment management, system management, security management, change management, etc. The acquisition of operation and management capability includes self-operation and maintenance; Entrust other organizations to operate and maintain. System recovery plan: a file that defines the tasks, actions, data, and resources required during system recovery. It is used to guide related personnel to restore key service functions supported by the system within preset system recovery goals. The methods of obtaining the system recovery plan include the e-commerce enterprise completes it independently; Hire external experts to guide the completion; Entrust it to an external organization. Finally, consider the cost. The e-commerce enterprise should ensure that it has sufficient personnel and funds to implement the chosen emergency response strategy. Expenses for various backup sites, equipment replacement, etc., should be consistent with the budget. The budget should include software, hardware, travel and transportation, testing, training, labor, contract services, etc. E-commerce enterprises should conduct cost–benefit analysis to determine the best emergency response strategy. 2. Planning The emergency response plan should provide quick and clear guidance to people unfamiliar with the plan or to systems requiring recovery operations during an information security incident. Emergency response plans should be clear, concise, and easy to implement in an emergency, using checklists and detailed procedures whenever possible. The emergency response plan document includes six parts: general rules, roles and responsibilities, prevention and early warning mechanism, emergency response process, emergency response safeguard measures, and attachments. (1) General rules The general provisions provide important background or relevant information on emergency response plans, making them easier to understand, implement, and maintain. The general provisions usually include the purpose of compilation, basis of compilation, scope of application, working principle, etc. (2) Roles and responsibilities (3) Prevention mechanism

24

2 E-commerce Security Management Plan

An e-commerce enterprise shall establish an information security emergency response organization based on its daily organization and clarify its responsibilities. The emergency response organization consists of management, operational, technical, and administrative logistics personnel. These personnel can be divided into five functional groups according to their roles: emergency response leading group, emergency response technical support group, emergency response expert group, emergency response implementation group, and emergency response daily operation group, as shown in Fig. 2.1. It should be noted that the emergency response plan must be implemented under the unified command of the emergency response leadership group, which should be a member of the top management of the organization. The responsibilities of the emergency response leading group mainly include supporting the emergency response work, including issuing official documents and providing necessary resources; Review and approve emergency response strategies; Review and approve emergency response plans; Approve and supervise the implementation of emergency response plans; Initiate regular review and revision of emergency response plans; Being responsible for internal and external coordination of the organization. On the one hand, organizations should monitor and report information. In addition to strengthening information security monitoring, analysis and early warning, information security incident reporting and notification system should be established. The unit or department that has an information security incident should immediately report to the emergency response daily operation team after the occurrence of an information security incident. After receiving the information security incident report, the daily operation team of emergency response shall conduct preliminary verification, report the relevant situation to the leading team of emergency response in a timely manner, and synthesize the relevant situation, analyze the possible damage, and put forward a preliminary action plan. The Emergency Response Leadership team convenes coordination meetings as appropriate to develop action plans and issue

Fig. 2.1 Emergency response organization

2.4 E-commerce Safety Management Emergency Plan

25

directives and orders. On the other hand, the organization should actively implement the information security protection system, and fully consider the damage resistance and disaster recovery mechanism when building basic information network and important information system. E-commerce enterprises should train relevant personnel in the prevention and early warning mechanism, so that they know how and when to use the prevention and early warning mechanism; Prevention and early warning mechanisms should be kept in good condition to ensure their effectiveness in information security incidents. (4) Emergency response process The emergency response process describes a series of steps to carry out the emergency response reasonably and effectively after the occurrence of information security events. The emergency response process includes five parts: information security event notification, event classification and grading, emergency response plan starting, emergency handling, and post-processing. • Information security event Notification. Information security event notification includes three parts: information notification, information reporting, and information disclosure. A communication is a “horizontal” communication. Information notification within the organization is that after an information security incident occurs, the unit or department that has an information security incident should notify the emergency response daily operation team, which will evaluate the damage degree and the next action to be taken. Upon completion of the damage assessment, the Emergency response Daily Operations Team shall inform the Emergency Response Leadership Team. Information notification determines the speed and efficiency of e-commerce enterprises to deal with information security incidents, and is the focus and key of information notification. Outside the information reporting refers to the information security incident, the unit of information security incidents or department shall promptly notify relevant information to the affected by the negative external agencies, related units as well as the important users, according to the needs of emergency response at the same time, accurately report the related information to relevant equipment, facilities, and service providers, in order to obtain the appropriate emergency response support. Information reporting is a “vertical” notification. After an information security incident occurs, the unit or department responsible for the incident shall, in accordance with relevant regulations and requirements, record the situation in a timely manner or report it to the relevant supervisor or supervisory unit/department. Generally, highlevel information security events need to be reported, while low-level information security events can be recorded and archived, or submitted to the superior supervisor or regulatory department in the form of monthly/quarterly/annual report, for long-term tracking research and security situation forecast research. Information disclosure is the organization according to the severity of information security incidents, designated specific groups to timely release relevant information to the news media, to avoid public speculation and fermentation of public opinion.

26

2 E-commerce Security Management Plan

• Event classification and grading. After an information security incident occurs, the emergency response daily operation team evaluates the information security incident and determines the category of the information security incident. Damage assessment focuses on the analysis of affected business systems or regions, potential additional impacts or losses (i.e. secondary disasters), causes of security incidents, logistics environment, total and functional status of system equipment, loss types of system equipment, items to be replaced, and the time required to restore normal services. After the damage assessment is completed, the type and level of information security events should be determined. Information security incidents can be intentional, negligent, or caused by nonhuman causes. It can be divided into seven basic categories: harmful program event, network attack event, information destruction event, information content security event, equipment and facilities failure, disaster event, and other information security events. Harmful program event refers to the information security event caused by intentionally creating and spreading harmful programs or being affected by harmful programs. Harmful programs will endanger the data in the system, applications, the confidentiality, integrity, availability of the operating system, or affect the normal operation of the information system. Network attack events refer to information security events that attack information systems through network or other technical means by using configuration defects, protocol defects, program defects, or violent attacks, resulting in information system anomalies or potential damage to the current operation of the information system. Information destruction events refer to information security events caused by tampering, counterfeiting, leakage, and theft of information in the information system through network or other technical means. Information content security incident refers to the use of information network to publish and spread content that will harm national security, social stability, and public interests. Facility equipment failure refers to the information security events caused by the failure of the information system itself or the failure of the peripheral support facilities, as well as the information security events caused by the intentional or unintentional damage of the information system caused by human use rather than technical means. Catastrophic event refers to the information security event caused by physical damage to the information system caused by force majeure. The classification of information security events mainly considers three elements, namely, the importance of information system, system loss, and social impact. The importance of the information system is determined by the importance of the business carried by the information system to national security, economic construction, social life, and the dependence of the organization business on the information system. It can be divided into special important information systems, important information systems, and general information systems. System damage refers to the damage caused by an information security event to the software, hardware, functions, and data of the information system, resulting in service interruption and loss to the organization. System loss can be divided into particularly serious system loss, serious system loss, large system loss, and small system loss. Social impact refers to the scope and extent of the impact of information security incidents on society, which can be

2.4 E-commerce Safety Management Emergency Plan

27

Table 2.1 Emergency levels of information security events Emergency response level

Content description

Level I event

The existing operating system is shut down, or suffers a serious attack or security event, or has a major impact on the business operation of the data center, and the event lasts less than 4 h. An event lasting more than 4 h will be upgraded to a major liability accident

Level II event

The operating performance of the existing system is severely degraded, the network performance is abnormal, or a security event seriously affects data center services. And the event lasts less than 8 h. An event that lasts for more than 8 h is upgraded to level I

Level III event

The operating performance of the system is damaged, and information security events (such as viruses) occur in a small range, but most business operations can still work normally, and the event lasts less than 8 h. An event that lasts longer than 8 h is upgraded to Level II

Level IV event

Information consultation or technical support is required for the functions, installation, or configuration of servers, storage devices, and security devices. The event has little or no impact on the service operation of the data center and lasts less than 4 h. An event that lasts longer than 4 h is upgraded to level III

divided into particularly significant social impact, significant social impact, greater social impact, and general social impact. According to the above elements, information security events can be divided into four levels: particularly significant events (I), mega-event (II), major events (III), and general events (IV). The emergency level of information security incidents is shown in Table 2.1. Level IV events belong to the category of daily operation maintenance services, Level III events are handled by daily operation maintenance personnel, but need to be informed to related personnel emergency response to levels II events and I belong to emergency response events, events from IV level upgrade to III level, and promptly notify the emergency response team by operation maintenance personnel and launch the emergency response plan. • Activate emergency response plan. Initiating an emergency plan puts the organization into emergency mode. Three rules should be followed when starting the emergency response plan, namely, the starting principle, the starting basis, and the starting method. Starting principle: The emergency response plan should be started quickly and orderly, that is, the notification of the start of the emergency response plan, the arrival of personnel, event handling, and the entry of external units (such as emergency equipment suppliers) should be carried out in an orderly manner according to the emergency response process. Starting basis: Start the emergency response plan immediately for sudden or critical information security events, such as service interruption, system breakdown,

28

2 E-commerce Security Management Plan

and network breakdown. The initiation of the emergency response plan can be based on four considerations: the extent of loss of personnel or facilities, the extent of loss of the system (such as the extent of loss of the system in terms of physical, operational, and cost), the extent of the impact of the system on the organization’s mission, and the expected end business duration. The emergency response plan is activated only when the damage assessment results show that one or more activation conditions have been met. Initiating method: The emergency response leading group issues the initiating order of the emergency response plan. After the emergency response plan is launched, the emergency response leading group shall check and supervise the personnel, financial, and material resources in place, and record the actual situation. • Emergency handling: After starting the emergency response plan and effectively controlling the impact of information security events, emergency treatment can be started. Emergency handling includes establishing temporary service processing capabilities (such as importing backup data), repairing damaged systems, and restoring service running capabilities. It mainly involves three elements: restoration sequence, restoration task, and restoration process. Recovery sequence: The recovery sequence is the priority of key service functions determined during service impact analysis. Recovery tasks: Recovery tasks include obtaining authorization to access damaged equipment for emergency personnel to carry out their work; Inform internal and external business partners of relevant systems, including those involved in emergency response and relevant personnel of the organization’s business units; Obtain the required emergency supplies and workplace, including software and data (such as operating system and application software, recovery of system data), hardware (hardware components required for system installation, storage devices/media and network monitoring equipment, backup equipment, etc.), and temporary workplace. Recovery process: The recovery process is sorted out for each emergency team based on the recovery task, and continuously improved in the emergency drill. • Post-processing. Post-processing includes information system reconstruction and emergency response summary. After emergency response to control the situation, it is necessary to promptly organize the restoration of damaged infrastructure and resume normal work as soon as possible. System reconstruction: First, collect all kinds of data and conduct statistical analysis to find out the cause of the accident. For example, by collecting and analyzing system logs, intrusion detection logs, and configuration logs, you can obtain information about the type, scope, and extent of the damage to the system. Secondly, the loss and impact caused by information security incidents and the ability of recovery and reconstruction are analyzed and evaluated. Thirdly, formulate the system reconstruction plan and carry out the system reconstruction work quickly. Finally, after the system reconstruction is complete, a risk assessment should be made of the measures taken to prepare for the next “state of war”.

2.4 E-commerce Safety Management Emergency Plan

29

Summary of emergency response: Including analysis and summary of the causes and phenomena of the event; Assessing the extent of damage and loss to the system; Analyze and summarize emergency response records; Assess the effectiveness and efficiency of emergency response measures and recommend improvements. (5) Emergency response guarantee measures Emergency response guarantee measures are an important part of the information security emergency response plan, and are the key elements to ensure the rapid and effective implementation of the emergency response plan after the occurrence of information security incidents. The guarantee measures of emergency response mainly include human support, material support, and technical support. In the whole emergency response process of information security, human security is the most important. Human resources guarantee includes management personnel guarantee and technical personnel guarantee. Material guarantee includes basic material guarantee and emergency response material guarantee. The demand for basic material support is related to technical support and daily management, that is, it should ensure the realization of daily technical support, the implementation of daily management work and the timely arrival of technical services in emergency response. Material support for emergency response includes financial support, transportation support, public security maintenance, and communication support. Financial support is to ensure emergency response funds. Technical support includes emergency response technical services and daily technical support. The emergency response technical support team is responsible for technical support, comprehensively investigating and managing the relevant technical basis, selecting appropriate technical service providers, and clarifying responsibilities and communication methods. (6) Appendix The annex provides key details that are not included in the main body of the emergency response plan. Its content generally includes specific organizational structure and personnel responsibilities; Contact information of each team member of the emergency response plan; Supplier contact information and external contact points of departure storage and standby stations; Standard operating procedures and check lists for system recovery or treatment; List of equipment and system requirements for hardware, software, and other resources supporting system operation; Storage and distribution methods of emergency response plan documents, etc. 3. Practice The practice of emergency response plan includes the test, training, and drill of emergency response plan and the preservation, distribution, and maintenance of information security emergency response plan document. Testing, training, and rehearsal of emergency response plans. To test the effectiveness of the emergency response plan, and make the relevant personnel to understand the goal of information security emergency response plan and process, familiar with the operation of the emergency response procedures, the electronic commerce

30

2 E-commerce Security Management Plan

enterprise of emergency response plan shall be in accordance with the following requirements test, training, and drills: Including testing, training, and drill plan in advance in the test, training, and rehearsal scene; The entire process of testing, training and drills should be recorded in detail and reported; Testing, training and drilling should not interrupt the normal business operation of the information system; Complete tests, training, and drills with end-user participation should be completed at least once a year. In addition, the emergency plan needs to be updated in a timely manner, because the organization’s business strategy will shift, technology will be updated, or policies will change. The exercise and update of the plan can be combined, and the results of the exercise and lessons learned, as well as information to improve efficiency, can be added to the emergency response plan. Save, distribute, and maintain information security emergency response plan documents. For emergency response plan documents that have been reviewed and approved, the following points should be done: Having multiple copies and being kept at different locations; Distributed to all personnel involved in the emergency response; Update all copies uniformly after each revision; Old versions shall be destroyed in accordance with relevant regulations; And so on. In order to ensure the effectiveness of emergency response plan, the emergency response plan document should be maintained from the following aspects: First, the change of business process, information system, and personnel should be reflected in the emergency response plan document in time; Second, the test and drill of emergency response plan as well as the actual implementation process after the occurrence of information security incident should be recorded in detail, and its effect should be evaluated; Third, emergency response plan documents should be regularly reviewed and revised.

2.4.3 Formulation of DRP for E-commerce Security Management E-commerce safety management disaster recovery plan (hereinafter referred to as disaster recovery plan) refers to the advance plans and arrangements made to reduce the losses of e-commerce enterprises caused by catastrophic events and ensure that the key business functions supported by the e-commerce system can be timely recovered and continue to operate after the disaster occurs. In order to better cope with catastrophic events, e-commerce enterprises should make disaster recovery plans. E-commerce enterprises can make disaster recovery plans by themselves, by hiring qualified external experts for guidance, or by entrusting qualified external organizations. The formulation of disaster recovery plan for e-commerce security management includes three stages: preparation, planning, and practice. 1. Preparation

2.4 E-commerce Safety Management Emergency Plan

31

The preparation of disaster recovery plan includes the determination of disaster recovery requirements, the formulation of disaster recovery strategy, and the implementation of disaster recovery strategy. (1) Determination of demand Disaster recovery requirements are determined on the basis of risk analysis, business impact analysis, and disaster recovery objectives. For risk analysis, business impact analysis, and disaster recovery target determination, refer to 2.4.2. (2) Strategy formulation Disaster recovery strategies should be based on cost–benefit analysis. According to the disaster recovery objectives determined in the business impact analysis, disaster recovery policies for each key business function are determined based on the risk balance principle (that is, the cost of resources required for disaster recovery is balanced with the possible loss caused by risks). Different disaster recovery policies can be adopted for different key business functions. Disaster recovery strategy should include all the resources needed for disaster recovery capability level (data backup system, backup, backup network system, a data processing system backup infrastructure, professional technical support, operation maintenance and management, disaster recovery plan) access, and disaster recovery capability level (Level 1: basic support; Level 2: backup site support; Level 3: electronic transmission and partial equipment support; Level 4: electronic transmission and complete equipment support; Level 5: real-time data transmission and complete device support; Level 6: zero data loss and remote cluster support). (3) Implementation of the strategy The realization of disaster recovery strategy should include the technical scheme of disaster backup system and the selection and construction of disaster backup center. • Technical scheme of disaster backup system. According to the disaster recovery strategy, make the corresponding disaster backup system technical scheme, including data backup system scheme, backup data processing system scheme, and backup network system scheme. To ensure that the technical solution meets the disaster recovery policy requirements, the relevant departments of the organization must confirm and verify the technical solution, and record and save the verification and verification results. According to the confirmed technical scheme of disaster backup system, implement the required data backup system, backup data processing system and backup network system, make the system installation and test plan supporting each key business function, and organize the end-users to jointly test.

32

2 E-commerce Security Management Plan

• Selection and construction of disaster backup center. Basic requirements: when selecting or constructing a disaster backup center, ensure that the disaster backup center and the primary center are not exposed to the same risks based on the risk analysis results. You can select same-city or remote disaster backup centers to avoid disaster risks in different areas of impact. The disaster backup center should have communication and power resources required for data backup and disaster recovery, and convenient transportation conditions for disaster recovery personnel and equipment to reach. Disaster backup centers should be rationally arranged in accordance with the principles of overall planning, resource sharing, and peacetime and wartime integration. Infrastructure requirements: The infrastructure of the disaster backup center shall meet the requirements of relevant national standards and disaster recovery objectives. Technical support capability requirements: E-commerce enterprises must obtain professional technical support capabilities for disaster backup systems based on disaster recovery policies. Technical support organizations should be established for the disaster backup center, and technical support personnel should be trained regularly. Operation and maintenance management capability requirements: In order to achieve the goal of disaster recovery, various operating procedures and management systems should be established for the disaster backup center to ensure that the standby data processing system and standby network system are in normal state and consistent with the parameters of the main system, improve the timeliness and effectiveness of data backup, and emergency response and processing capacity. 2. Planning The disaster recovery plan document includes seven parts: General rules organization and responsibilities, emergency response process, recovery and re-operation, postdisaster reconstruction and rollback, guarantee conditions, and appendix. (1) General rules Disaster recovery plans generally define terms and methods in disaster recovery plans, and describe disaster recovery objectives, including recovery time objectives (RTO) and recovery point objectives (RPO). This section describes the functions and scope of the disaster recovery plan, including daily operation of the disaster backup center, recovery and restart of key service functions in the disaster backup center, postdisaster reconstruction and rollback of the primary system, and emergency response measures after an emergency occurs. They also describe the problems solved by the disaster recovery plan. (2) Organization and responsibility

2.4 E-commerce Safety Management Emergency Plan

33

The organization and responsibilities section describes the organization of the disaster recovery organization, the responsibilities of each position, and the list of personnel. Disaster recovery organizations generally consist of emergency response teams and disaster recovery teams. In a disaster recovery group, you can set a disaster recovery leading group, a disaster recovery planning implementation group, and a disaster recovery daily operation group. The disaster recovery leading group is the leading organization of the disaster recovery work, and the leader should be a member of the top management of the e-commerce enterprise. The responsibility of the disaster recovery leading group is to make decisions on major issues of disaster recovery, mainly including the examination and approval of the budget of funds, examination and approval of the disaster recovery plan, examination and approval of the implementation of the disaster recovery plan, etc. The main responsibilities of the disaster recovery plan implementation team are to conduct disaster recovery needs analysis, develop disaster recovery strategies, develop disaster recovery plans, and organize disaster recovery plan testing, training, and drills. Disaster recovery is the primary responsibility of the daily operation team to assist the implementation of disaster recovery plan, disaster backup center daily management, disaster backup system running and maintenance, disaster recovery professional technical support, participation and assist in disaster recovery plan education, training and exercises, maintenance and management of disaster recovery plan, the disaster events occur loss control and damage assessment, recovery of system and business functions and external collaboration. E-commerce enterprises can hire external experts to assist in disaster recovery implementation, or entrust external organizations with corresponding qualifications to undertake part or all of the work of the implementation team and daily operation team. (3) Emergency response process The disaster response process includes four parts: event notification, evacuation, damage assessment, and disaster declaration. • Event notification. When any personnel discovers that an emergency related to the information system has happened or is about to happen, they shall report to relevant personnel according to the predetermined process, and relevant personnel shall make preliminary judgment, notification, and disposal. • Evacuate. Define evacuation methods, plans, procedures, etc., and provide designated assembly points and alternative assembly points. • Damage assessment. After an emergency occurs, the damage assessment personnel of the emergency response team shall first determine the severity of the situation, and then the person responsible for disaster recovery shall call the corresponding professionals to make a prudent assessment of the emergency, analyze the impact of the emergency on the system, and determine the next action to be taken. • Disaster declaration. Establish the conditions for the disaster recovery plan to start in advance. Once the result of damage assessment reaches one or

34

2 E-commerce Security Management Plan

more of the start conditions, the emergency response team formally issues a disaster declaration, activates the disaster recovery plan, and notifies the relevant departments. (4) Recovery and re-operation • Recovery. Restoration refers to the restoration of data, data processing systems, and network systems that support key service functions in the disaster backup center based on the priority of restoration of key service functions determined in service impact analysis. In this section, important times, locations, personnel, equipment, and detailed operation steps are described in the recovery process, instructions used to coordinate between teams in the event of a catastrophic event, and exception handling procedures are described. • Re-operation. A restart is to replace the primary system with a disaster backup center system to restore critical business functions. This section describes all operational procedures and regulations for the restart operation. (5) Post-disaster reconstruction and rollback Post-disaster reconstruction and rollback refers to the reconstruction of the primary center (the data center where the primary site, production center, and primary system reside), and the interruption of the disaster backup system to roll back to the primary system. This section describes the disaster recovery and rollback process. (6) Guarantee conditions Guarantee conditions include professional technical support, communication support, logistics support, and so on. (7) Appendix Appendix including disaster recovery-related personnel and organizations (including the disaster recovery team, operators, vendors, departments, media, etc.) of the contact table, evacuation plan, product manuals, standard operating procedure of information system, the service level agreement and memorandum, resource list, business impact analysis report, plans, preservation, and distribution method. 3.

Practice

The practice of disaster recovery plan includes the testing, training, and rehearsal of disaster recovery plan, and the preservation, distribution, and maintenance of disaster recovery plan documents. For details, refer to the relevant content in 2.4.2.

2.4 E-commerce Safety Management Emergency Plan

35

2.4.4 Formulation of BCP for E-commerce Security Management The business continuity plan for e-commerce security management (hereinafter referred to as the business continuity plan) includes a series of strategies and plans formulated in advance. It is a disaster prevention and response mechanism. It enables the key business functions of e-commerce enterprises to continue to operate when a disaster occurs, thus ensuring business continuity. The formulation, preparation, and practice of business continuity plan are similar to emergency response plan and disaster recovery plan. Refer to 2.4.2 and 2.4.3 for relevant content. The following is about the business continuity strategy in the business continuity plan. 1. Strategy formulation Business continuity strategy is an important basis for business continuity planning, which is formed on the basis of risk assessment and business impact analysis. Business continuity policies include prevention policies, response policies, service continuity policies, service recovery policies, and recovery policies. Prevention strategy includes prevention control strategy and prevention control strategy, its purpose is to reduce the possibility of disaster, prevention control strategy is used to protect the weak area of the enterprise, in order to prevent the occurrence of risk and minimize its impact. A response strategy is to initiate the necessary recovery schedule and perform the notification procedure, i.e. who needs to be informed, how, and by whom. A notification tree must be set up in a business continuity plan so that notifications are sent first to one group of people, then each of them to the other group, and so on. The people who belong to the tree have different responsibilities and roles. These people belong to different teams, such as management team, risk assessment team, technical team, operations team, etc. The continuity policy applies only to time-sensitive services, either immediately after interruption or within an acceptable period of time after interruption, but not to all services. A service recovery policy is used to restore services that are less sensitive to time. The start time of business recovery depends on how long it takes to continue those time-sensitive businesses. When making business recovery, it is necessary to restore the workplace (can be a major workplace or alternative), restore the operating system on the backup device, and according to certain ShuXu recovery necessary application system, and then restore the operating system from the backup, and restore the necessary application system in a certain order, and then restore the data from the data backup media. It is important to note that the recovered data should be consistent with the data at a preset point in time before service interruption. The selection of the point in time depends on the requirements of key service functions. A recovery strategy is to repair and restore the primary workplace and ultimately to fully restore all business in the workplace. If the original workplace cannot be restored after the disaster, business recovery needs to be carried out

36

2 E-commerce Security Management Plan

in a new workplace, but ensure that the workplace is equipped with the necessary hardware, software, etc., and test whether the workplace can handle all the business. 2. Strategy implementation The implementation of the business continuity strategy includes setting up the corresponding team and preparing the business continuity implementation plan; Implementing backup arrangements; Implementing risk mitigation measures; and Implementing business continuity policies. Business continuity plans are closely linked to disaster recovery plans, so most organizations combine them into a single plan. The combined plan must be able to support system rebuild operations in different locations—immediately at the backup site and eventually back to the primary workplace. Thus, while business continuity plans and disaster recovery plans can be combined into one plan when they are developed, different execution teams are required when they are implemented.

Reference 1. Shuicheng Tian, Guoxun Jing (eds) (2016) Safety Management, 2nd edn. China Machine Press, Beijing

Chapter 3

E-commerce Security Management Resources and Organization

Security is an important prerequisite for the development of e-commerce, and resources and organizations are the important foundation and guarantee for the implementation of e-commerce security management. When carrying out e-commerce activities, we should pay enough attention to the construction of security management resources and organizations.

3.1 Meaning and Relationship of E-commerce Security Management Resources and Organizations With the growing scale of e-commerce, e-commerce security situation is increasingly getting serious, e-commerce security management objectives related to e-commerce activities can be carried out smoothly, and the realization of e-commerce security management objectives depends on the effective allocation of resources and scientific and reasonable organization.

3.1.1 Meaning of E-commerce Security Management Resources and Organization 1. Meaning of e-commerce security management resources E-commerce security management resource is the essential resource support for ecommerce enterprises to achieve the goal of e-commerce security management and carry out related activities. It occupies a certain proportion in enterprise resources, which is affected by the strategic objectives of e-commerce security management, enterprise scale, enterprise business, enterprise strength, and management consciousness. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2023 R. Zhang et al., The Whole Process of E-commerce Security Management System, Advanced Studies in E-Commerce, https://doi.org/10.1007/978-981-19-9458-6_3

37

38

3 E-commerce Security Management Resources and Organization

E-commerce security management resources can be divided into many types according to different standards. According to the function of resources, e-commerce security management resources can be divided into human resources, technical resources, financial resources, information resources, and cultural resources. These resources are described in detail in Sect. 3.2.1. According to the different sources, resources can be divided into internal resources and external resources. Internal resources refer to the sum of various resources within an organization, which can be directly controlled and controlled by the organization, including but not limited to human resources, financial resources, material resources, information resources, relationship resources, cultural resources, customer resources, strategies, policies, and systems. External resources refer to resources outside the organization that are closely related to organizational activities. Although these resources are not directly controlled by the organization, they have a great impact on organizational activities, such as industry resources, industrial resources, market resources, and external environment resources. Different organizations are unequal in resource acquisition and utilization due to their differences in knowledge and ability. According to different forms of resources, organizational resources can be divided into tangible resources and intangible resources. Tangible resources usually refer to those resources existing in physical form, such as natural resources, buildings, machinery and equipment, physical products, capital, personnel, etc., on which an organization depends for survival and development. Intangible resources refer to those resources that do not have physical objects or substantial forms, such as social and cultural resources, information resources, relationship resources, rights resources, and so on. 2. Meaning of e-commerce security management organization An organization has two meanings. On the one hand, an organization is a group formed by people for a certain goal, a system with clear goals, well-designed structures, and coordinated activities, such as an enterprise. On the other hand, organization is a function of management, a process of allocating resources between people or between people and things. E-commerce security management organization also has the meaning of these two aspects, on the one hand, refers to the e-commerce security management organization, on the other hand, it is reflected in the e-commerce security management function. A perfect electronic commerce security management organization includes the following elements: There is a clear goal to protect business from loss; Personnel responsible for safety management; There is a corresponding system structure and rules to control and regulate the behavior of members, such as post setting, safety management rules or systems [1]. All organizations mentioned in this chapter, unless specifically stated, are e-commerce security management organizations. The function of organizing activities is not simply to gather individual forces together, but to gather and amplify individual forces on the basis of avoiding the mutual cancelation of the assembled individual forces. E-commerce security management organization is through a series of activities to effectively use the human, financial, material, and other resources, to maximize the interests, which has the function of convergence, amplification, and exchange. Convergence refers to the ability of an

3.2 E-commerce Security Management Resources

39

organization to gather together scattered individuals and complete tasks in a “group” manner. Amplification. Amplification refers to the effect that “the whole is greater than the sum of its parts” on the basis of convergence. Exchange. Exchange refers to the complementary relationship between individuals and organizations formed on the basis of equal exchange.

3.1.2 Relationship Between E-commerce Security Management Resources and Organization E-commerce security management resources have the following relationships with the organization. First, resources are the basis for the survival and development of an organization. Resources are the basis for the survival and development of organizations. The uncertainty of the environment and the scarcity of resources make organizations pursue more resources to protect their own interests and reduce and avoid the impact of environmental changes. Second, the organization implements resource allocation and use through management activities. Management activities include planning, organization, coordination, control, communication, decision-making, operation, public relations, and other activities. These management activities are actually activities that organizations must carry out in order to improve management efficiency. Organizations integrate limited resources through management activities, which run through the whole process of resource allocation. Third, the two influence each other and complement each other. The structure of an organization affects how its resources are allocated and used. For example, in the “pyramid structure”, the basic staff need to go through layers of approval to obtain a certain resource, while in the “flat structure”, the process of the basic staff to obtain resources is much simpler. At the same time, the type, quality, and quantity of resources will also affect the structure of an organization. For example, if an organization has abundant resources, it needs to set up a complex structure in order to allocate and use resources effectively.

3.2 E-commerce Security Management Resources Like other organizations, e-commerce security management organizations must be supported by certain resources to exist and develop. Having resources as the basic object of organization management, the organization is not only able to obtain the corresponding resources, but is also capable of efficient allocation of these resources.

40

3 E-commerce Security Management Resources and Organization

3.2.1 Composition and Limitation of E-commerce Security Management Resources Different e-commerce security management organizations have different types, quantity and quality of resources, and their ability to obtain resources is also different. 1. Composition of e-commerce security management resources As mentioned above, from the perspective of resource functions, e-commerce security management resources are mainly composed of human resources, technical resources, financial resources, information resources, and cultural resources. Human resource refers to the personnel of an organization with certain knowledge, skills, innovation ability, collaboration ability, and development potential. Human resource is the resource that any organization must have, and it is also the most important kind of resource. Only with an excellent security management team can an organization effectively deal with various internal and external security threats. The security management team of e-commerce security management organization can include chief security officer, security supervisor, security administrator, security analyst, security technician, security consultant, customer service personnel, legal personnel, auditors, security personnel, etc. The chief security officer is mainly responsible for the safe operation of the entire e-commerce enterprise, as well as the evaluation and management of the e-commerce security management project. The security supervisor is responsible for completing the e-commerce security management objectives set by the chief security officer and solving a series of problems raised by technicians, security administrators, and security analysts. The security administrator is responsible for the daily management of e-commerce security management projects, and the development of e-commerce security management plans. Security analysts are responsible for analyzing and designing e-business security management solutions. Safety technicians have certain technical qualifications and are responsible for specific safety technical work. Security consultants are experts in the area of e-commerce security management. Customer service staff can help the e-business security management team identify potential security issues. Legal personnel are personnel with legal expertise to ensure that the strategy and specific business of e-commerce enterprises are legal and compliant. Auditors are responsible for formulating audit plans, carrying out audit work, supervising, inspecting and evaluating the business activities and financial activities of e-commerce enterprises. Security personnel are responsible for the safety of equipment and personnel of e-commerce enterprises. Technical resources refer to the soft technology, hardware technology, patents, security products, and other resources owned by the organization that can be used for e-commerce security management. E-commerce security management is naturally dependent on technical resources, especially the application of big data and artificial intelligence technology, which provides new means and methods for the organization to carry out security management. But some managers will be safe in a variety of

3.2 E-commerce Security Management Resources

41

security software or hardware, and ignore the importance of management, resulting in a lot of safety equipment but poor safety effect. Financial resources refer to the capital or cash owned by the organization that can be used for the security management activities of e-commerce. Financial resources, to a certain extent, reflect the amount of resources an organization has, which is an important guarantee for the smooth implementation of e-commerce security management. Information resource refers to the sum of information resources owned by an organization that can be used in e-commerce security management activities, including knowledge information and non-knowledge information, which is a very important kind of resource for an organization. Information is a special type of data. With the diversification and facilitation of access, data has exploded, especially in the field of e-commerce. Although it is easier to obtain such resources than in the past, it puts forward higher requirements on the data governance ability of organizations. Organizations should eliminate information barriers and reduce information islands, and avoid the risk of privacy data disclosure in the process of data resource acquisition and application. Cultural resources, such as values, group consciousness, organizational system, and cultural structure, are unique and non-replicable resources generated in the process of organizational management. Cultural resources are the indispensable soft support of an organization, which has two forms of consciousness and reality. The cultural resources of e-commerce safety management cover safety concept, safety behavior, safety management (system), material form, etc., which have the function of condensing theory, standardizing behavior, and cognition orientation. In addition to the above resources, material resources and relationship resources are also essential to the organization’s basic resources. These resources are independent of each other but affect each other, forming an organic whole. The organization should fully develop and utilize these resources, and maximize the overall value of these resources through continuous scientific management and optimization. 2. Limitation of e-commerce security management resources First, the limitation of total resources. The resources of an organization are limited, and the effectiveness is not only due to the effectiveness of the resources themselves, but also due to the effectiveness of the organization’s understanding of security management and the effectiveness of the organization’s security management ability. The limitation of organizational resources has a great influence on the determination of organizational safety management goals. The organization must determine the objectives of electronic commerce security management based on the resources available for security management. Second, there may be invalid resources. The security management resources owned by an organization are not all effective. This is because some security management resources owned by an organization may become invalid due to obsolescence and low operability. Third, there is resource allocation consumption. The organization needs to arrange the limited resources through certain activities or work so as to maximize the output

42

3 E-commerce Security Management Resources and Organization

with the given input of resources, or minimize the input of resources with the given input of resources. These activities or activities are resource allocation. Resource allocation itself consumes resources. The organization should pay attention to the resource consumption of the allocation activity itself.

3.2.2 Configuration of E-commerce Security Management Resources To ensure the smooth realization of security management objectives, organizations should make full use of e-commerce security management resources and carry out resource allocation. 1. The concept of e-commerce security management resource allocation Resource allocation of e-commerce security management refers to the matching of different types of resources in terms of quantity and quality according to the set goals of e-commerce security management, and the matching relationship is always maintained in the output process. In the configuration of e-commerce security management resources, it is necessary to have a reasonable resource configuration structure, otherwise limited resources cannot be fully utilized. In e-commerce security management resources, human resources, because of their rich knowledge, experience, and skills, have great potential and incomparable high value-added of other resources, so they play a decisive role in the process of resource allocation. In addition, unlike other resources of an organization, human resources are variable in the allocation of resources because people’s knowledge, experience, and skills become more valuable as they accumulate. 2. Configuration mechanism of e-commerce security management resources Organizations usually rely on administrative mechanisms in the allocation of resources for electronic commerce management. The administrative mechanism of resource allocation mainly refers to the use of bureaucratic administrative organs to ensure the effectiveness of resource allocation by means of order, execution, inspection, and supervision. The advantages of this configuration mode are that the upper and lower information is easily communicated, and the resource configuration is more efficient. In addition, on the one hand, the strict hierarchy ensures the decomposition of organizational objectives and the formation of effective division of labor; on the other hand, resources can be used centrally to improve efficiency. 3. Personnel configuration As mentioned above, human resources play a decisive role in the allocation of resources in an organization. Only a reasonable allocation of personnel can make an organization run effectively. Each position in the organization needs to be equipped with corresponding personnel, and the organization needs to have appropriate people to carry out each activity.

3.2 E-commerce Security Management Resources

43

(1) The principle of personnel allocation The principle of selecting people for the occasion: Select personnel according to the needs of the post, and ask them to be engaged in the job required by the post, and have the corresponding knowledge and ability. The principle of selecting people according to the situation is the basic principle of personnel allocation. Use the principle of reason: According to the characteristics of people to arrange work, so that the ability of different personnel to get full play, only in this way to stimulate the enthusiasm of all kinds of personnel. The principle of dynamic balance of personnel: When the organization is in the continuous development, the allocation of people (personnel) and things (work) also needs to be adjusted constantly, in order to enable the competent personnel to assume a higher level, more responsibility for the work, so that the ability of ordinary personnel to undertake the work of their ability, so that all kinds of personnel can be reasonably arranged. (2) Determine the type and number of personnel Organizations in different industries set up different types and numbers of safety management departments, safety management positions, and safety management personnel. For Internet enterprises, if there are more than 1000 sets of equipment needed to carry out security management, it needs to be equipped with 1–2 full-time security managers (such as chief information security officer), 3–4 full-time security administrators or security technicians, 3–4 part-time security supervisors, 10–12 part-time security administrators or security technicians; If 100 to 1000 devices need to be managed, you can configure one full-time security administrator, one full-time security supervisor, and three part-time security administrators or security technicians. And if there are about 100 sets of equipment needed to carry out security management, it needs to be equipped with a full-time security supervisor, or by a full-time security technician part-time related management work, and equipped with 1–2 assistants. (3) Personnel selection To ensure that the assigned personnel have the required knowledge and skills, it is necessary to screen personnel. The personnel screened may come from inside or outside the organization, and they need to have corresponding knowledge and skills no matter from inside or outside the organization. (4) Personnel training Personnel training, especially management personnel training, is undoubtedly an important work in staffing. These tasks are not only the needs of the organization to adapt to technological change, but also the needs of personnel to achieve personal development. Therefore, according to the characteristics of personnel, the use of scientific methods, planned, organized, focused training, some training for all personnel, some training for specific personnel.

44

3 E-commerce Security Management Resources and Organization

4. Resource allocation in project management E-commerce security management is usually composed of a series of projects. Project execution cannot be separated from management. Project management refers to that project managers plan, organize, lead, control, and evaluate the whole process from the beginning of the investment decision to the end of the project under the condition of limited resources by using the theories, viewpoints, and methods of system theory, so as to achieve the project objectives. In the process of resource allocation in project management, it is necessary to first define the resource requirements of the project, then assess the resource constraints of the organization, and finally formulate the resource allocation plan according to the resource requirements and constraints. The organization manages resources based on the resource allocation plan to balance the relationship between resource requirements and resource constraints while ensuring the realization of security management goals to optimize the allocation of organizational resources. In project management, there are various methods and policies for resource configuration. The following describes several common methods and policies for resource configuration. (1) Resource allocation method • Critical path method: The critical path method (CPM) is to decompose a project into multiple independent tasks and determine the duration of each task, and then connect these tasks with logical relations. The task line with the longest duration thus formed is called the critical path. Prioritize missioncritical resources in project management. The critical path method can not only realize the optimal allocation of resources, but also shorten the total construction period and reduce the unnecessary cost input. So it’s also a low-cost way to allocate resources. • Critical chain method: Critical chain method is an extension of critical path method, so it is similar to critical path method. However, different from the critical path method, the critical chain method first considers the bottleneck resources, then balances the bottleneck resources, and finally takes the longest task route formed as the critical chain. In the critical chain method, the critical chain is the sum of tasks that restrict the completion of a project. The critical chain method emphasizes the constraints of time and resources on the project. On the one hand, the overall management of working time can reduce the impact on the project schedule; on the other hand, the overall resource conflict and resource competition between tasks can be considered to manage the project schedule by monitoring and setting buffers. The critical path approach analyzes the maximum possible duration of a project without considering any resource constraints. The critical chain rule holds that the project resource constraint is equally important as the logical relationship between tasks, and the duration of work, logical relationship, and resource constraint jointly determine the total project duration. Therefore, if the constraints of the project are considered, the critical chain method can be used to replace the critical path method.

3.2 E-commerce Security Management Resources

45

• Resource balance method: Resource balance method is one of the most widely used methods at present. This approach minimizes fluctuations in project resource requirements and enables efficient and balanced use of resources by the various tasks in the project. Resource balance method includes graphic method and formula judgment method. Graphic method refers to the use of charts to show and analyze the use and allocation of resources for each task in a project. This method can intuitively show the allocation of resources. The formula judgment method is to judge whether the resource allocation of each task of a project develops in a favorable direction through calculation. This method can make the judgment more scientific and accurate. Although the two methods are different in specific operation, they can achieve the purpose of promoting balanced resource allocation. (2) Resource allocation strategy Resource allocation in project management requires not only good methods, but also certain configuration strategies. Prioritize project tasks: In the process of project management, each task of the project has its own goal to achieve, but the priority of these tasks is not the same. In actual project management, project management units generally determine the priority of tasks according to their benefits and operability. In addition, according to the total duration of the project and the progress of the project, the priority of the task should be adjusted, only in this way can the actual needs of the project be more symbolic. Allocate resources based on task priorities to make resource allocation more scientific and reasonable. In general, priority is given to resource allocation for critical tasks. Determine the type and amount of resources required for each task in the project: Project management organizations can use the Work Breakdown Structure (WBS) approach to determine the type and amount of resources required for each task on a project, create a budget based on that, allocate those budgets to each task on a time-by-time basis, and make adjustments as necessary. Projects not only have high requirements on the quality of resources, but also have high requirements on the time limit of resource allocation. Therefore, the time limit must be taken into account when allocating resources in project management. This requires clear resource requirements at each time point in the process of resource allocation, so that resources can be timely and effective allocation. It should be noted that in the process of multi-project management, there are also problems such as capital, market, and personnel, which require certain constraints on the allocation of resources. Analyze resource constraints: The development of a project is subject to resource constraints. In the case of lack of resources, the project schedule will often be blocked, and in serious cases, the project will even fail. Therefore, it is necessary to analyze the problem of lack of resources in advance, that is, analyze resource constraints. Analyzing resource constraints in advance can prevent resource scarcity and ensure that all tasks in the project proceed according to plan. If resource constraint analysis is not carried out within the time limit, when the disposable resources of the project

46

3 E-commerce Security Management Resources and Organization

are insufficient, the project manager usually increases the investment. However, for any project, the investment cannot be increased without an increase. Therefore, it is necessary to do resource constraint analysis during resource allocation to ensure the rational utilization of resources. Task sequencing: In the process of project management, large projects will be decomposed into multiple tasks, which involves task allocation and scheduling. In the process of task allocation and schedule arrangement, certain methods are usually needed, among which network planning technology is commonly used. Network planning technology is a management technology used for project planning and control, through the form of network diagram, clear and intuitive project time point, resource consumption, and other information system, which can not only reflect the logical relationship between each task, but also reflect the time constraints of each task. Network diagram is a graphic model of network planning technology and an organic whole composed of various tasks according to certain logical relations. Network mapping is the basis of network planning techniques. The critical path is determined by calculating the time parameters in the network diagram. Tasks on the critical path are called critical tasks, and how quickly these tasks are completed directly affects the total duration of the project. After the critical path is determined, the initial scheme of the network plan is constantly improved, and the optimal project management scheme is sought under certain constraints. Another common method is the Gantt chart technique. Gantt chart is a simple and practical task sequencing tool. It uses the horizontal axis to represent the time, the vertical axis to represent the task, and the bar chart to represent the start, duration, and completion time of the task, showing the information related to the progress. Gantt chart can directly reflect the unfinished tasks and help judge whether the progress of a task meets the expected progress. (3) Multi-project resource allocation model If the organization is to run multiple projects at the same time, in order to make the highest utilization rate of resources and the shortest total duration, the need for multi-project resource allocation model is established, and the specific method is: Duration estimates and resource identification, namely in determining the duration of each project and the resources needed to identify each project, on the basis of drawing each project network diagram, and find there is a resource competition relationship of the project; Priority setting is to set the priority of each project, so as to achieve the purpose of multi-project resource allocation by meeting the resource demand of the project with high priority. Identify key chain and set buffer, that is, find out key chain by analyzing resource constraints, and set buffer to improve resource utilization; Improve technology and schedule control, that is, timely find the problems existing in resource allocation, schedule planning and duration optimization of multi-project management, and make continuous improvement. Figure 3.1 shows the multi-project resource configuration model.

3.3 E-commerce Security Management Organization

47

Fig. 3.1 Multi-project resource allocation model

3.3 E-commerce Security Management Organization E-commerce security management organization is becoming more and more important in e-commerce enterprises. Whether the design of e-commerce security management organization structure is reasonable, whether the task is appropriate, whether the rules and regulations are implemented directly affects the efficiency of e-commerce security management. Below the establishment of e-commerce security management organization, the operation of the e-commerce security management organization and the transformation of the electronic commerce security management organization are analyzed.

3.3.1 Establishment of E-commerce Security Management Organization 1. Basic requirements of the security management organization Safety management is a planned and organized behavior, and the realization of safety management goals depends on reasonable safety management organization and appropriate resource allocation. The safety management organization should be a unified system with free command from top to bottom. It enables e-commerce enterprise security management work to achieve centralized management, layer upon layer. The establishment of an electronic commerce security management organization shall meet the following requirements. Presence of reasonable structure design. Structure design refers to the e-commerce enterprises on the basis of the division of management functions and determination of the responsibility, power, and internal structure of the e-commerce security management organization. At the same time, in the horizontal should be reasonably set up departments, in the vertical should be reasonably divided hierarchy, so as to form a horizontal to the edge, vertical to the end of the electronic commerce security management organization system. Responsibility and authority are clearly assigned. In order to make a clear division of the work content of all departments and levels within the e-commerce security management organization, it is necessary to make clear the responsibilities and powers of these departments and levels, so as to avoid conflicts of interest between different departments and levels.

48

3 E-commerce Security Management Resources and Organization

Staffing is reasonable. E-commerce security management organizations should be reasonably equipped with personnel according to the responsibilities of different departments and different levels based on the actual needs of development. The personnel, especially security administrators and security technicians, should have good quality and professional knowledge and skills. Rules and regulations have been effectively implemented. Electronic commerce safety management organization to formulate and effectively implement the rules and regulations, to ensure that each work is safe and effective. The information communication should be unobstructed. Electronic commerce security management organization should establish effective information communication mode, so that the information communication within the organization is smooth. Ensure communication with the outside world. E-commerce security management organizations should not only ensure the smooth communication of information between internal departments, but also ensure their own communication with the outside world, such as communication with relevant enterprises or institutions, accept the supervision and guidance of relevant government departments. 2. Factors influencing the establishment of e-commerce security management organization (1) E-commerce security management strategic objectives Electronic commerce security management organization is an important guarantee to realize the strategic goal of electronic commerce security management. The structure of electronic commerce security management organization should be designed according to the strategic goal of electronic commerce security management. E-commerce security management organization for simple e-commerce security management strategic objectives, can adopt organic organizational structure, this organizational structure is loose, flexible, high adaptability, with low complexity, low regularization, and decentralization characteristics; For the complex security management objectives of e-commerce, mechanical organizational structure can be adopted, which is stable, rigid, and has the characteristics of high specialization, centralization, and standardization. (2) Scale of e-commerce enterprises The scale of electronic commerce enterprise and the resources that can be called determine the scale of electronic commerce security management organization. For example, a large e-commerce enterprise will set up a complete e-commerce security management organization to be responsible for e-commerce security management, which has a chief security officer, a number of security directors, a number of security administrators, and a number of security technicians. Generally speaking, the larger the scale of e-commerce enterprises, the larger the scale of e-commerce security management organizations; A small e-commerce enterprise usually does not have a complete e-commerce security management organization, and even only one security administrator is responsible for e-commerce security management, or other

3.3 E-commerce Security Management Organization

49

personnel, such as system administrator or network administrator, concurrently do related work. (3) Business and security requirements of e-commerce enterprises The business and security requirements of e-commerce enterprises will also affect the establishment of e-commerce security management organization. If e-commerce enterprises carry out third-party payment, network finance, and other businesses with high security requirements, they will attach great importance to security management, and then establish a relatively perfect e-commerce security management organization. (4) E-commerce security culture E-commerce safety culture refers to the sum total of the safety values or safety concepts gradually formed by e-commerce enterprises in long-term management activities, the safety characteristics reflected by employees’ professional behaviors, and the enterprise safety atmosphere. It is also an important factor in the establishment of electronic commerce security management organization. E-commerce enterprises with high level of safety culture will pay more attention to the construction of ecommerce safety management organization. 3. Organizational structure and functions of e-commerce security management (1) Security management organization structure and functions of large ecommerce enterprises Large e-commerce enterprises generally refer to large e-commerce platform enterprises. E-commerce platform enterprises provide online trading platforms for merchants and consumers, and ensure the smooth operation of online trading. Merchants can make full use of the network infrastructure, payment platform, and management platform provided by e-commerce platform enterprises to carry out business activities effectively. Large e-commerce enterprises need to establish largescale e-commerce security management organizations because of their large scale, wide business scope, and high security requirements. Figure 3.2 shows the example of e-commerce security management organization structure. In Fig. 3.2, the security management committee is the highest-level security department of an e-commerce enterprise that fully performs security responsibilities and is responsible for making decisions on major security management affairs. Its main members include some directors of the board of directors and the chief security officer. In addition to other duties, the CEO shall be fully responsible for daily safety management and report major safety incidents to the safety management committee.

50

3 E-commerce Security Management Resources and Organization

Fig. 3.2 Example of the e-commerce security management organization structure of a large ecommerce enterprise

For large e-commerce enterprises, the status of information technology department is very important, which generally consists of data department, operation and maintenance department, research and development department, and information security department. Among them, the information security department can set up attack and defense security department and business security department, the attack and defense security department focuses on the traditional attack and defense field, usually set up the following groups: security emergency team is mainly responsible for vulnerability collection, vulnerability analysis, emergency response technology research, etc.; The application security group is responsible for Web security, App security, security solutions of its own products, and safe development life cycle (SDL) practice; The architecture security group is responsible for information system security operation and maintenance, network security, security system construction, and other work; The safety product group is responsible for the independent development of safety tools. The service security department focuses on the field of service security risk control. Usually, the following groups are formed: Account security team, which is mainly responsible for account risk control, anti-scan number, anticollision database, etc. The Risk Control Product group is responsible for business risk control, such as anti-fraud, transaction security, etc. [2]. In addition to the information technology department, the human resources department, the financial department, the administrative department are also involved in enterprise security management departments, they assume the corresponding security responsibilities. For example, the human resources department is responsible for the recruitment and dismissal of personnel safety issues, safety education, training of employees, etc. The legal department is responsible for ensuring that the business activities and relevant policies of the enterprise comply with the requirements of the existing laws and regulations; The audit department is responsible for standardizing the financial accounting of enterprises and promoting the lawful and compliant operation of enterprises. Although the marketing and sales departments are not directly involved in the security management of the enterprise, their background permissions may also cause

3.3 E-commerce Security Management Organization

51

some security problems, so they also have to undertake the corresponding security responsibilities. (2) Security management organization structure and functions of small and medium-sized e-commerce enterprises The organization structure and function of security management of small and medium-sized e-commerce enterprises are closely related to their information security application structure and information security system construction mode. • Information security application structure of small and medium-sized e-commerce enterprises Figure 3.3 shows the information security application structure of small and mediumsized e-commerce enterprises. As can be seen from Fig. 3.3, information security of small and medium-sized e-commerce enterprises is divided into information security of e-commerce service domain and information security of enterprise office management domain. E-commerce service domain is a functional area for small and medium-sized ecommerce enterprises to provide e-commerce services to Internet users through the Internet, including front-end data processing area, back-end data processing area, and service platform security management area. Front-end data processing area, namely e-commerce platform service system, including e-commerce application system and its database, is the interaction area between small and medium-sized e-commerce enterprises and users. The front-end data processing area allows Internet users to

E-commerce service domain

Enterprise office management

Safety equipment

Safety equipment

Front-end data processing area (E-commerce platform service System)

Internet user

Background data processing area (E-commerce platform management system)

Service platform security management area (Security policies, security systems, identification systems, etc)

Office network security management area (Employee identification, antivirus, system upgrade, etc)

Security administrator

Office data processing area (Office Business System)

Enterprise staff

Fig. 3.3 Information security application structure of small and medium-sized e-commerce enterprises

52

3 E-commerce Security Management Resources and Organization

authorize access, and can publish and modify user-related information after obtaining user authorization. Back-end data processing area refers to various management systems of e-commerce platform, including e-commerce management system and its database, such as commodity management system and user management system, which are allowed to be accessed by employees. The security management zone of the service platform includes security policies, security systems, and identity authentication systems. It is an area for security administrators and provides unified resource management services, user rights management services, and authentication management services for the secure operation of the e-commerce service platform. Only security administrators can access the service platform security management zone. Enterprise office management domain refers to the area where small and mediumsized e-commerce enterprises do work and process internal business, including office data processing area and office network security management area. The office data processing area is the office business system, including file sharing, personnel system, financial system, and other databases. It is the office area for employees and only employees are allowed to access it. The security management area of the office network provides services such as employee rights management, system security management, and system upgrade. The security management area is accessible only to security administrators. Information security devices and access control policies can be used to prevent unauthorized access between e-commerce service domain and enterprise office management domain. • The construction mode of information security system for small and mediumsized e-commerce enterprises In the information security application structure of small and medium-sized e-commerce enterprises, the enterprise office management domain is usually constructed by the enterprise itself, that is, the enterprise constructs and maintains the information security system within the region, and undertakes all the risk management responsibilities of the information security system. According to the different scale and business needs of enterprises, the information security system construction of e-commerce service domain can adopt three modes: self-construction, resource renting, and shop renting. It should be noted that the information security system of small and medium-sized e-commerce enterprises involves physical security, host security, network security, application security, and data security. Different construction modes of information security systems lead to different risk management responsibilities for enterprises. The self-build model: Self-built mode refers to that small and medium-sized e-commerce enterprises rely on Internet access services provided by telecom operators to build and maintain e-commerce platforms that provide external transaction services, including physical infrastructure, hosts, network services, and corresponding information system security. Small and medium-sized e-commerce enterprises will assume all risk management responsibilities for information security.

3.3 E-commerce Security Management Organization

53

Resource renting mode: There are three resource lease modes: physical resource lease, physical and host resource lease, and physical, host, and network service resource lease. In the mode of renting physical resources, small and medium-sized e-commerce enterprises rely on the physical infrastructure provided by service providers such as telecom operators and Internet data centers to build e-commerce platforms. Small and medium-sized e-commerce enterprises bear the risk management responsibility of host security, network security, and basic data security, and resource service providers bear the risk management responsibility of physical security. In the mode of renting physical and host resources, small and medium-sized e-commerce enterprises rely on the physical infrastructure provided by resource service providers, such as telecom operators and Internet data centers, and rent hosts provided by resource service providers to build e-commerce service platforms. Resource service providers bear the risk calendar responsibility of physical security and host security, and small and medium-sized e-commerce enterprises bear the risk management responsibility of network security, application security, and data security. In the mode of renting physical, host, and network service resources, small and medium-sized e-commerce enterprises rely on the physical infrastructure provided by resource service providers such as telecom operators and Internet data centers, and rent system hosts and network service resources provided by resource service providers to build e-commerce platforms. Resource service providers bear the risk management responsibility of physical security, host security, network security and basic data security, and small and medium-sized e-commerce enterprises bear the risk management responsibility of application security and partial data security. Store rental mode: Store rental mode refers to the mode in which small and medium-sized e-commerce enterprises rent online store resources provided by thirdparty e-commerce platforms to provide e-commerce services for consumers. Small and medium-sized e-commerce enterprises only undertake the risk management responsibility of network security within the office management domain, while resource service providers undertake the risk management responsibility of physical security, host security, application security, and data security. That is to say, the information security system of small and medium-sized e-commerce enterprises using the store rental mode is provided by the third-party e-commerce platform, and enterprises provide e-commerce services for consumers through the third-party e-commerce platform. • Security organization structure of small and medium-sized e-commerce enterprises: The organizational structure of security management of small and medium-sized ecommerce enterprises is also different due to different information security system construction modes. Self-built security management organization structure: If small and mediumsized e-commerce enterprises adopt self-built information security system, their

54

3 E-commerce Security Management Resources and Organization

Fig. 3.4 Example of security management organization structure of resource renting mode

security management organizational structure can refer to the security management organizational structure of large e-commerce enterprises. Resource renting mode security management organization structure: If a small and medium-sized e-commerce enterprise adopts the resource rental mode to construct an information security system, it will not only be responsible for the network construction and security management within the enterprise office management domain, but also undertake certain information resource construction and security management. Figure 3.4 shows an example of its security management organization structure. Figure 3.4 shows that the security department is the core department in the security management organization architecture in resource lease mode. The responsibilities of its relevant departments are as follows. Senior management: The senior management is responsible for formulating safety policies and safety management principles, implementing scientific management of all kinds of safety management personnel, coordinating various safety management work, organizing and carrying out various information infrastructure construction, supervising and checking the implementation of safety management system. As well as the implementation of safety protection measures, investigate all kinds of violations, violations of discipline events, reported and assist in investigating all kinds of illegal and criminal events. Security audit department: Security audit department is the best means to restrain and discover computer crime. The security audit department is responsible for the top management organization, and its main responsibility is to monitor the operation of the e-commerce system, find, collect and record all kinds of violations, violations and illegal events, and report to the superior leadership.

3.3 E-commerce Security Management Organization

55

Security management department: The security management department is responsible for part of the security management in the enterprise office management domain and part of the e-commerce service domain. Its main responsibilities are to supervise the installation and upgrade of software and hardware of ecommerce system, daily operation and maintenance, as well as the operation, inspection and maintenance of various security facilities, record and report various violations of discipline, violation and violation, and be responsible for the operation and daily maintenance of business application software data center. Establish emergency response mechanism, formulate emergency response plan, and carry out emergency response drill. Security guard department: The partners of small and medium-sized ecommerce enterprises, because of the convenience of site access, system super user password, software security review, and other aspects, find it easy to carry out nonbusiness intrusion and damage to enterprises, thereby leading to computer crime cases. In this case, security departments should do a comprehensive job of prevention. Store rental mode security management organization structure: If small and medium-sized e-commerce enterprises adopt the store rental mode to build information security system, the information security in their e-commerce service domain is mainly provided by the third-party e-commerce service platform of the rental store. Store usually refers to the merchants on the platform, and refers to the legal person, the actor appointed by the legal person, other organizations,or natural persons who rent the e-commerce platform for business activities. The merchants involved in the security organizational structure mainly refer to the first three types. The information security of these enterprises or organizations on the platform is mainly provided by the network trading platform. The security of merchants on the platform mainly focuses on the security of the boundary of Internet access platform, such as the security of office network and business network. There are large enterprises, but most of them are small and medium-sized enterprises. Its security organization is relatively simple. It can set up a special security department with special security personnel, but it can also not set up a special security department, or only equipped with a specialized engineer responsible for security, and security outsourcing can also be adopted. Therefore, its security management organizational structure is relatively simple. It can either set up a special security management department with special security management personnel, or it cannot set up a special security management department, or it can outsource the security management work.

3.3.2 Operation of E-commerce Security Management Organization The following mainly discusses the operation of e-commerce security management organization from two aspects of operation mechanism and operation guarantee.

56

3 E-commerce Security Management Resources and Organization

1. Operation mechanism of e-commerce security management organization First, the motivational mechanism of e-commerce safety management organization operation. E-commerce security management organization is the basis of the implementation of e-commerce enterprise security strategy, its operation to e-commerce enterprise security strategy as the goal, within the scope of the law with as little investment to achieve the maximum security benefits. Second, the decision-making mechanism of organization operation. The leadership of the e-commerce safety management organization, such as the safety management committee and senior managers, has the highest decision-making power of safety management. They are responsible for starting the safety management work, make sure safety management, safety management roles assigned, clear responsibility to protect information assets, set up information processing facilities and related resources authorization management operation flow, implement safety management measures, and through the appropriate commitment and provide sufficient resources to promote the safety management work. Third, the information mechanism of electronic commerce security management organization operation. Information is an important basis for decision-making. Ecommerce security management organizations must establish sensitive and efficient information mechanism, form the mode and channel for information collection, transmission, processing, storage, retrieval and analysis, and provide decision-makers with all kinds of decision-making-related information, such as the advice of security experts. In addition, appropriate contacts should be maintained with law enforcement authorities, competent authorities, service providers, etc. Fourth, the social responsibility of e-commerce safety management organization operation. E-commerce enterprises exist in a certain social environment, has certain social functions, is a kind of social organization, and so its safety management organization should also perform certain social responsibilities in operation. 2. Operation guarantee of e-commerce security management organization The operation of e-commerce safety management organization directly affects the realization of e-commerce safety management objectives, so its operation process needs to have corresponding rules and regulations guarantee, resource investment guarantee, performance assessment guarantee, and safety culture guarantee. First, the guarantee of rules and regulations. The establishment and implementation of rules and regulations is the basic guarantee of e-commerce safety management organization operation. The rules and regulations shall cover the organizational structure, responsibilities, operation procedures, personnel, operation norms, and the distribution of decision-making rights of e-commerce safety management. The formulation and implementation of rules and regulations is a process of continuous accumulation and improvement. Second, the guarantee of resource input. The operation of electronic commerce security management organization needs sufficient resource input as guarantee. Only with sufficient resource input, can there be enough manpower, material resources, financial resources to ensure the smooth development of e-commerce security management organization.

3.3 E-commerce Security Management Organization

57

Third, the guarantee of performance appraisal. The establishment of reasonable and perfect performance assessment, through detailed, clear, and reasonable assessment indicators to guide the behavior of relevant personnel, is also an important guarantee for the operation of e-commerce security management organization. Performance assessment is a kind of supervision mechanism, only through this mechanism can track, record, evaluation of e-commerce security management organization of the relevant personnel to undertake the completion of the security management objectives, so as to ensure the realization of the organization’s overall security management objectives. Fourth, the guarantee of safety culture. The safety culture of electronic commerce safety management organization is embodied in the safety concept of its management and the safety behavior of all members. Safety culture has the function of automatic correction, so that the electronic commerce safety management organization can self-restraint, so as to run smoothly.

3.3.3 Transformation of E-commerce Security Management Organization Electronic commerce security management organization is an organism composed of many elements. When its internal factors and external environment change, it needs to be reformed. Organizational reform of e-commerce security management refers to that in order to achieve the goal of organizational security management, managers take the initiative to change the original organizational structure, organizational system, organizational members, organizational culture, organizational behavior, etc., in order to adapt to the change of external environment and improve the work performance of the organization. The organizational reform of e-commerce security management is usually closely related to its overall development goals. Ecommerce security management organization in its overall development goals or safety target changes, you need to through reforming the organizational structure, establish and improve the organization operation mechanism to improve its flexibility, as well as the external environment adaptive ability, and on the basis of promoting self innovation, constantly improve the organization safety management knowledge, skill, behavior, and consciousness, in order to improve the work performance. 1. Reform trend of e-commerce security management organization The organizational reform of e-commerce security management presents the trend of weakening organizational hierarchy, flattening organizational structure, team-based organizational structure, and networking. The weakening of organizational hierarchy is mainly manifested in the following aspects: First, the increase of vertical communication. The status gap between different levels of the organization becomes smaller, the concept of hierarchy is weakened, and the direct communication between the employees of the organization increases. Second, increased horizontal exchanges. The communication

58

3 E-commerce Security Management Resources and Organization

between employees of different functions at the same level of the organization increases, and employees become generalists. For example, security technicians in small e-commerce companies often work part-time as administrators. Third, humanbased management is strengthened. The organization fully authorizes employees or departments to enhance their autonomy and independence. The main reason why traditional hierarchical organizations are mechanical, rigid, and dysfunctional is that they have a large middle management. Flattening is to streamline the middle management, shorten the chain of command, speed up the transmission of information, improve the way of communication, so as to improve management efficiency and reduce management costs. The universal application of computer network makes organizations realize modernization in information collection, collation, transmission and management control, and promotes the change of organizational structure from bureaucratic structure to flat structure. Team organization structure refers to the organizational structure in the dissecting structure to team as procedural structure, in this kind of organization structure, organization staff to break the original department boundaries, around the middle management level, directly to the organization’s overall security management objectives, forming a relatively equal, independent and innovative team or group. The increase of groups and teams has enhanced the resilience of the organization. Such organizational structure also meets the need of flexible operation of the organization. The networking of organizational structure means that the boundaries between departments are broken in an organization. All departments and employees are connected to each other in the form of a network, so that information can be spread quickly within the organization and resources can be shared to the maximum extent. 2. Driving factors of organizational change in e-commerce security management E-commerce safety management organization with the passing of time, as well as external and internal double pressure, there may be limited business, coordination blocked, unclear responsibilities, buck-passing, negative slow down, and other undesirable phenomena, which seriously hindered the realization of e-commerce safety management goals. Therefore, the organizational reform of e-commerce security management is an indispensable part of the development of e-commerce. Specifically, the driving factors of reform mainly include external factors and internal factors. External factors driving organizational change mainly include the development and application of information technology, the promulgation and revision of relevant laws and regulations, international and domestic economic development situation, network security situation, etc. The internal factors driving organizational change mainly include management system, control responsibility, performance appraisal system, division of labor, and so on. If the responsibilities and powers of the management are not clear, the phenomenon of buck-passing among the employees shows that the organizational structure is in urgent need of reform.

3.3 E-commerce Security Management Organization

59

3. Factors influencing the organizational structure reform of e-commerce security management Environmental factors, strategic factors, scale factors, and so on have great influence on the organizational structure reform of electronic commerce. Environment usually includes general environment and specific environment. General environment includes political, economic, cultural, scientific, and technological environmental factors that have a universal and indirect impact on the organization. Specific environment includes environmental factors such as competitors, partners, and the composition of the organization itself, which are different for each organization and will change with the general environment. The continuous change of the environment determines that only the organization structure adapted to the external environment can become an effective organization structure. Therefore, managers need to constantly adjust the organizational structure to make it adapt to the environment. The strategy here mainly refers to e-commerce security management strategy. Ecommerce security management strategy refers to the overall goal of determining and influencing the nature and direction of e-commerce security management organization, as well as the path and method to achieve the overall goal, which determines the organizational structure and its changing direction. To implement e-business security management strategy effectively, there must be an organizational structure adapted to the strategy. Strategic factors require managers not to consider the organizational development strategy from the perspective of the existing organizational structure, but to formulate new strategies to adjust the original organizational structure according to the changes of the external environment. Organizational size is an important factor affecting organizational structure, that is, the increase of organizational size will increase the complexity of the organization, and will improve the degree of specialization and standardization of the organization. As the business of an organization expands, the number of employees increases, the number of management layers increases, and the division of specialization continues to become more and more complicated. This will greatly increase the organization’s security management control difficulty. 4. Process of organizational structure reform of e-commerce security management The organizational structure reform process of electronic commerce security management mainly includes organizational structure diagnosis, determination of organizational structure reform plan, implementation of organizational structure reform, organizational structure evaluation, and feedback. First, organizational structure diagnosis. Organizational structure diagnosis includes organizational structure investigation, organizational structure analysis, and goal determination. Investigate the existing organizational structure and find problems through organizational structure chart, job description, and business flow chart. Then analyze the existing organizational structure, find out the gap between the status quo and the expectation of the status quo, determine the problem to be solved, and achieve the goal.

60

3 E-commerce Security Management Resources and Organization

Second, determine the organizational structure reform plan. Propose and determine organizational structure change plan. The organizational structure reform plan should clarify the nature and characteristics of the problem, the conditions needed to solve the problem, the path of organizational structure reform and the implementation results, etc. There can be multiple organizational structure reform programs, and the optimal one needs to be determined through evaluation. Third, implement organizational structure reform. Organizational structure change is a process, the implementation of organizational structure change mainly includes three stages. Stage 1: Change preparation. The change of organizational structure will touch every employee. Because of the fear that the change will impact the working mode they have been used to and the existing business knowledge and skills, employees will lose the sense of job security and tend to resist. In order to ensure the smooth transformation of organizational structure, managers should pay attention to the transformation strategy and implementation methods, guide employees to analyze the internal and external environment, structure, and function of the organization, do a good job of investigation, strengthen publicity, so that employees fully understand the necessity of change, stimulate the enthusiasm of employees for organizational structure change. Stage 2: Change implementation. The effective way to implement reform is to promote advanced experience, so that employees can have positive psychological reaction to the new behavior mode and gradually accept the reform. Stage 3: Consolidation of change. In the process of organizational structure reform, certain measures should be taken to fix the new attitude and behavior of organizational employees, so that they can be fixed and developed [3]. For example, vigorously carry out personnel training programs that adapt to the organizational structure change, so that employees can master new business knowledge and skills and adapt to the post after the change. Improve the basic work, improve the rules and regulations, and clear responsibilities and authority of the department. Fourth, organizational structure evaluation and feedback. Analyze the organizational structure after the change, understand whether it has achieved the purpose of the change, analyze the positive and negative impact of the organizational structure after the change, as well as the existing problems, and prepare for the future organizational structure adjustment.

References 1. Shuicheng Tian, Guoxun Jing (eds) (2016) Safety management, 2nd edn. China Machine Press, Beijing 2. Yan Zhao, Hu Zhao, Qianwei Hu (eds) (2016) Advanced guide for internet enterprise security. China Machine Press, Beijing 3. Mingjie Rui (ed) (2013) Management: a modern point of view, 3rd edn. Truth & Wisdom Press, Shanghai

Chapter 4

Controlling Information Risk in E-commerce

The rapid development of information technology provides a strong technical foundation for the development and application of e-commerce, and makes information security an important challenge for the survival and development of e-commerce enterprises. Managing and controlling information security risks is an important part of e-commerce security management.

4.1 E-commerce Information Security Risk Management Process, Participants, and Responsibilities The more rapid the development of e-commerce, the more important the status of information security risk management. Risk management refers to the management process that reduces the occurrence probability of various risks, or reduces the loss caused by it when a certain risk occurs suddenly. Risk management includes planning, organization, leadership, coordination, and control activities to provide effective loss prevention programs, usually targeting the uncertainty of small-probability events that have potential adverse effects on business operations. The goal of risk management is to limit the impact caused by a potential threat to an acceptable degree.

4.1.1 Information Security Risk Management Process Information security risk management refers to the core management object, namely the “business”, around its data, carrier, environment, and boundary, from the perspective of confidentiality, integrity, availability, not credit, information security attributes, and on the basis of comprehensive coordination personnel, technology, © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2023 R. Zhang et al., The Whole Process of E-commerce Security Management System, Advanced Studies in E-Commerce, https://doi.org/10.1007/978-981-19-9458-6_4

61

62

4 Controlling Information Risk in E-commerce

Fig. 4.1 Specific process of risk management

finance, information, communication and coordination, clear status, risk identification, risk analysis, risk assessment, risk disposal and monitoring and review, information security risk management, monitoring, and review. The information security risk management process is shown in Fig. 4.1. Every link of information security risk management requires communication and consultation between internal and external stakeholders. Therefore, in the early stage of information security risk management communication and consultation plan, the plan should be related to the risk itself, risk causes, risk consequences, and risk disposal measures, take effective communication and coordination measures, to ensure that in the process of information security risk management responsibilities, and let stakeholders understand the basis of the decision-making and take specific measures. Clear status refers to the clear environment, including clear external and internal conditions, risk management process status, the determination of risk criteria, etc. Risk identification is the activity that discovers and lists risk elements and characterizes them. The purpose is to identify the events that may affect the achievement of the system or organizational goals, and what losses they can cause, while gaining insight into the location, time, and reasons why these potential losses may occur. The task of risk identification is to identify the entity objects (information assets) that need to be protected within the organization, identify the potential threats facing the entity object, identify the inherent vulnerability of the entity object itself, and assign its value, while also identifying the security protection measures already taken to protect the entity object. Risk identification methods include evidence-based methods such as checklist methods and review of historical data, systematic team methods such as

4.1 E-commerce Information Security Risk Management Process, …

63

a team of experts using structured tips or problems, and inductive reasoning methods such as Hazard and Operability analysis (HAZOP) methods. Risk analysis is the process of determining the size of already identified risks. The main task of the risk analysis stage is to use the risk identification results, thorough analysis of possible information security events, risk sources (threat) and risk cause (vulnerability) of vulnerability, threat and vulnerability after the loss of the entity object, and the analysis of the existing information security risk management measures on the basis of finally determine the size of the risk. Risk assessment is the process of comparing and analyzing the results of risk analysis with the preset risk assessment criteria, so as to determine the risk level [2]. The results of risk evaluation often serve as the basis for risk disposal. Organizations should determine risk assessment criteria for the strategic value of the business; the crisis of relevant information assets; regulatory requirements and contractual obligations; the confidentiality, integrity, and availability of protected systems and data; expectations and perceptions of stakeholders, and the negative impact on reputation. Risk management is the management process of selecting and implementing risk response measures. The purpose of risk disposal is to control the risk within a certain tolerance range. The risk tolerance range is usually determined according to the risk assessment results and the risk assessment criteria. When risks exceed the scope of risk tolerance, it is necessary to design, select, and implement appropriate risk disposal strategies. Common risk disposal strategies include risk avoidance, risk reduction, risk transfer, risk acceptance, etc. Monitoring and review run through the whole information security risk management cycle. Its purpose is to find the information security problems by continuously tracking the changes of the protected entity objects and their environment, and timely correcting the deviations through the corresponding measures to ensure the continuous and effective information security risk management process.

4.1.2 Participants in Information Security Risk Management and Their Responsibilities Participants in information security risk management generally include national information security authorities, business competent departments, information system owners or operators, information system contractors, information security services or integration institutions, and information system-related institutions (institutions associated with the information system due to information system interconnection, information exchange and sharing, system procurement, etc.). These participants have different responsibilities in risk management. The competent state information security authorities shall be responsible for formulating policies, regulations, and standards on information security, and for inspecting and guiding the information security risk management work of all units. The competent business department is responsible for proposing, organizing,

64

4 Controlling Information Risk in E-commerce

formulating, and approving the department’s information security risk management strategy, leading and organizing the information system security assessment of the department, judging whether the residual risk is acceptable based on the result of the department, and deciding whether to approve the information system into operation; check the safety status report and conduct new risk assessment regularly or irregularly. The owner or operator of the information system is responsible for formulating information security risk management strategy and security plan and report to the superior for approval; organize the self-evaluation of information system, cooperate with inspection and evaluation or entrusted evaluation work, and provide necessary documents and other resources; propose a new round of risk assessment suggestions to the national information security authority, improve information security measures, and handle information security risks. The information system contractor is responsible for submitting the information system construction plan to the relevant parties for risk analysis, and revising the information system construction plan according to the results of the risk analysis, so that it can control the risks more effectively and reduce the new risks introduced in the construction stage. The Information Security Service or integration agency is responsible for conducting independent risk assessment and making adjustments to reduce or eradicate vulnerability in the information system to effectively combat security threats; protecting sensitive information in the assessment from irrelevant personnel and units; and using assessment and certified security products to help develop risk management strategies and security plans according to the needs of the information system owner or operator. The affiliates of the information system are responsible for complying with the security stupidity, laws, regulations, contracts, etc., reducing the information security risks, assisting in determining the work boundaries of the information security risk management, and providing the necessary resources and materials for the risk assessment.

4.2 E-commerce Information Security Risk Assessment and Decision-Making Information security risk assessment is an important stage in the information security risk management of electronic commerce. The basis and starting point of e-commerce information security risk management is the information security risk assessment, which uses the results of the risk assessment to determine the subsequent risk control, monitoring, and review activities. Information security risk assessment can help ecommerce enterprises to identify strategies and tools for information security risk management, and to focus their risk management activities on key issues. A large number of practices have proved effective in risk management methods based on risk assessment.

4.2 E-commerce Information Security Risk Assessment and Decision-Making

65

4.2.1 Information Security Risk Assessment The core of the information security risk assessment is the key business of the ecommerce enterprises, and the information systems related to the key business are the focus of the evaluation. Information security risk assessment shall follow the principles of controllability, minimum impact, recovery, and confidentiality. Information security risk assessment refers to the use of scientific methods and means to assess the information security risk of e-commerce. It systematically analyzes the threats faced by computer systems and their vulnerabilities, evaluates the harm degree of information security incidents, and puts forward targeted countermeasures and rectification measures to resist threats, prevent and resolve the information security risks of e-commerce, or control the risks within an acceptable range. The purpose of e-commerce information security risk assessment is to comprehensively and accurately understand the information security status of e-commerce enterprises, find out the existing problems, analyze the information security needs of e-commerce enterprises, formulate information security strategies suitable for their actual needs, and ensure the information security of e-commerce enterprises. Information security risk assessment mainly includes two forms: self-assessment and inspection assessment. Self-assessment is a risk assessment activity initiated by e-commerce enterprises themselves on the information system and its management according to relevant national laws, regulations, and standards. The inspection and evaluation is a mandatory risk assessment activity for the information system and its management initiated by the superior competent authority of the evaluated e-commerce enterprise and conducted according to the relevant national laws, regulations, and standards. Information security risk assessment is mainly to evaluate the security risk of the information system, and it should be carried out in accordance with the risk assessment process stipulated in the Information Security Technology and Information Security Risk Assessment Specification (GB/T 20984-2007). The risk assessment process can be divided into three stages, namely, risk identification, risk analysis, and risk assessment. 1. Risk identification Risk identification mainly completes the identification of the elements of information security risk components, namely, assets, threats, and vulnerabilities, as well as the identification and effectiveness of existing security measures. The quality of the raw information obtained during the risk identification phase determines the objectivity and accuracy of the risk analysis results. (1) Preparation of risk assessment Before conducting risk identification, a series of preparations are required, including environment establishment, preliminary investigation, tool preparation, etc. Establishing an environment refers to determining the

66

4 Controlling Information Risk in E-commerce

risk assessment criteria, risk assessment scope, and risk assessment objectives, establishing an appropriate assessment management team and implementation team, determining the risk assessment methods, and formulating the risk assessment plans. The preliminary survey refers to the questionnaire, personnel interview, site inspection, and verification form, including the security management strategy and security management system of ecommerce enterprises; business functions and requirements; network structure and environment; system boundary; data and information; hardware and software; sensitivity of system and data; personnel who support and use the system, etc. Tool preparation is the risk assessment tool selected to complete the assessment activity. (2) Asset identification First, the assets of e-commerce enterprises are identified and presented in the form of an asset classification table. In the information security risk assessment type, assets are information assets, including data assets, software assets, hardware assets, service assets, personnel assets, etc., as shown in Table 4.1. The identified assets are then assigned the values. In the information security risk assessment, the value of assets is not measured by the economic value of assets, but based on the three information security attributes of the confidentiality, integrity, and availability of assets. According to the different importance and protection requirements, they respectively assign values to the three information security attributes of the asset, namely, confidentiality, integrity, and availability. When assigning confidentiality, assets can be classified into five levels according to the different requirements of confidentiality, namely, high, high, medium, low, and the numbers 5, 4, 3, 2, 1, corresponding to the different degrees of confidentiality, or the lack of confidentiality on the entire e-commerce enterprise. When assigning integrity, it can be divided into high, high, medium, low, and very low five grades according to the different integrity requirements of the assets, and assigned with the numbers 5, 4, 3, 2, 1, corresponding to the different degrees of integrity of the assets, or the impact of missing integrity on the entire ecommerce enterprise. When assigning availability, assets can be divided into very high, high, medium, low, and very low levels according to the different availability requirements, and assigned by the numbers 5, 4, 3, 2, 1, corresponding to the different degrees of availability of the assets, or when the availability is indeed on the entire e-commerce enterprise. The asset value can be obtained through comprehensive evaluation based on the assignment of assets in terms of confidentiality, integrity, and availability. The comprehensive evaluation method can be either to compare the confidentiality, integrity, and availability of assets and assign the assignment of one of the most important information security attributes to assets, or to weigh the assignment of three information security attributes and assign the final calculation result to assets. (3) Threat identification

4.2 E-commerce Information Security Risk Assessment and Decision-Making

67

Table 4.1 Asset classification table Asset type

Instance

Data assets

Electronic documents: all kinds of data stored on the information media, including source code, database data, system documents, operation and management procedures, plan, report, user manual, all kinds of paper documents, etc.

Software assets

System software: operating system, database management system, language processor, service program, etc. Application software: office software, database software, various tools, software, etc.; Source program: various source codes that can be shared, and various codes developed by itself or in collaboration

Hardware assets

Network equipment: router, gateway, switch, etc. Computer equipment: mainframe, minicomputer, server, workstation, desktop computer, portable computer, etc. Storage devices: tape drive, disk array, tape, CD, floppy disk, mobile hard disk, etc. Transmission lines: optical fiber, double lines, etc. Guarantee equipment: uninterruptible power supply, substation equipment, air conditioning, safe, file cabinet, access control, fire fighting facilities, etc. Security equipment: firewall, human intrusion detection system, identity authentication system, etc. Other: printer, photocopier, scanner, fax machine, etc.

Service assets

Information service: various external services relying on the system; Network services: Network connection services provided by various network equipment and network infrastructure; Office service: the management information system developed to improve the efficiency, the configuration management, file flow management, and other services provided;

Personnel assets

Personnel who master important information and core business, such as host maintenance supervisor, network maintenance supervisor, and application project manager

Other assets

Including corporate image, customer relations, etc.

Threats are objective, and it is because of threats that the information system is at risk. There are two main methods to identify threats: personnel interview and tool detection. Personnel interviews enable ecommerce companies to quickly understand all of the recent threats to the evaluated information system. However, because personnel may have the ability or technical limitations, cannot detect all threats to the system of the information system, then need to test with special tools. Tools detection mainly starts from network traffic and logging, and uses certain analysis tools, such as protocol analysis tools and log analysis tools. The above analysis tools are used to identify the threat of e-commerce enterprises being evaluated by information systems. Threats generally come from physical risks, information and network risks, and personnel risks. Physical risk is the risk caused by the insecurity of the physical entity, which

68

4 Controlling Information Risk in E-commerce

occurs more frequently and has a great impact on the security of the information system. Physical risks mainly come from hardware and software own faults, peripheral support facilities faults, physical attacks, physical environment impact, etc. Hardware and software failure refers to the equipment and hardware failure, communication line interruption, software defects, and other problems that affect the business implementation or system operation. The failure of the peripheral support facilities refers to the loss of the basic service function of the peripheral guarantee facilities, such as air conditioning or water supply system failure, power supply failure, telecommunication equipment failure, etc. Physical attack refers to the damage to software, hardware, and data caused by physical contact. Such as physical destruction, theft, etc. Physical environmental impact refers to the physical environment and natural disasters that affect the normal operation of the information system. In addition to physical risks, information and network risks are the most important risks causing e-commerce security problems. Such risks occur with high frequency and have a great impact on information system security, such as malicious code and viruses, overreach or abuse, information leakage, information tampering, denial, information counterfeiting, information theft, network attacks, etc. Among them, the network attack refers to the use of network vulnerabilities and security defects on the network system hardware, software, and data attack. An attacker may attack either from outside the enterprise to the internal network and information system of the enterprise, or from inside the enterprise, or illegally exceed the authority through the other local area network or information system of the enterprise. Intra-enterprise personnel may also launch pseudo-remote attacks, that is, in order to hide the identity of the attacker, after obtaining the relevant information from the local target, to launch remote attacks from the outside, creating the illusion of external invasion. Personnel risk exists in each link of e-commerce activities, which is the most extensive category of risks. For example, some physical threats, information, and cyber threats may be caused by people intentionally or unintentionally. Personnel risk may come from within or outside the enterprise. Internal personnel risks include maintenance errors and operation errors caused by the failure of relevant personnel or operation errors; inadequate management personnel management, such as imperfect management system and management strategy, lack of management procedures, unclear responsibilities, inadequate supervision and control measures, etc. External risks include hacking attacks or deliberate attacks by criminals. After the threat identification is completed, the identified threat will also be assigned a value. The frequency of threat occurrence determines the severity of the threat to some extent, so assigning the frequency of threat occurrence is an important work for threat identification. Generally, threats are divided into five levels, namely 5 (very high), 4 (high), 3 (middle), 2 (low), and 1 (very low), which respectively represent the frequency of threats. The higher the rank value, the more frequently the threat occurs.

4.2 E-commerce Information Security Risk Assessment and Decision-Making

69

In the process of threat identification, counting the frequency of all threats is very difficult, usually for the frequency of the following three types of threats. First, the occurring threats recorded in the information security incident reports. Second, threats found through detection tools as well as various logs. Third, the information security threats recently released by authoritative organizations at home and abroad. (4) Frailty identification Vulnerability is threatened, it may cause damage to assets, so vulnerability identification is an important part of risk assessment. Frailty identification is mainly carried out from two technical and management aspects. The main methods adopted include questionnaire survey, tool testing, manual verification, document inspection, permeability testing, expert analysis, and special research. The severity of the identified vulnerability can be assigned in a hierarchical fashion, based on the degree of damage to the assets, the difficulty of technical implementation, and the prevalence of the vulnerability. Because many weaknesses cause the same result, or reflect similar problems, the severity of this vulnerability can only be confirmed when assigned together. In addition, the management vulnerability of e-commerce enterprises will also have an impact on the severity of the technical vulnerability of some kind of asset. The severity of vulnerability can be divided into five levels, namely 5 (very high), 4 (high), 3 (middle), 2 (low), and 1 (very low), which represent the severity of vulnerability, respectively. Grade higher indicates higher vulnerability severity. (5) Identification and effectiveness confirmation of safety measures Security measures are specific methods to manage risks. They are various practices, procedures, and mechanisms implemented to protect assets, resist threats, reduce vulnerability, reduce the impact of information security incidents, and combat information crimes. Security control measures directly determine the possibility of information security incidents and the scope of their adverse effects. Therefore, the existing safety measures must be identified and their effectiveness confirmed before risk analysis. The identification of existing safety measures is carried out through questionnaires or checklists. To confirm the effectiveness of existing safety measures means to check whether they meet the expectations of the assessed. Safety measures can be divided into technical measures and normative measures according to their nature. Technical measures usually include firewall, intrusion detection, security audit, security test, operation approval, emergency plan, etc. Technical measures are generally identified according to the system level, such as network layer, system layer, application layer, and data layer. The methods to determine the effectiveness of technical measures include interview and investigation, working principle analysis, harmless test, etc. Normative measures usually refer to the construction, development, operation, and

70

4 Controlling Information Risk in E-commerce

Fig. 4.2 Main content of the risk analysis

management of information systems in accordance with national standards, industry norms, laws, and regulations. Normative measures are mainly identified by means of interviews and surveys. The specific process is as follows: Formulating evaluation forms; Determine the interviewees; Conduct interviews and surveys; Statistics and presentation of survey results; Determine the normative measures according to the statistical results. 2. Risk analysis Risk analysis is also required after completing asset identification, threat identification, vulnerability identification, and security measures identification and effectiveness confirmation. (1) The main content of the risk analysis The main content of the risk analysis is shown in Fig. 4.2. Identify the assets and assign the value of the assets. Identify threats, describe their attributes, and assign their frequency. Frailty was identified and the severity of asset vulnerability was assigned. Determine the possibility of information security events according to the frequency of threat and the severity of vulnerability. Calculate losses resulting from information security events based on the severity of vulnerability and asset value. According to the possibility of information security events and the loss caused by information security events, calculate the impact of information security events on e-commerce enterprises, that is, the risk value. (2) Risk analysis method Risk analysis can adopt a variety of methods, such as quantitative analysis methods and qualitative analysis methods, which can be used to find out the risks facing the assets and their impact, and the gap between the current information security level of e-commerce enterprises and their security needs. In conducting risk analysis, determine what analysis method is to be used according to the importance of e-commerce enterprise assets, the scope of known vulnerabilities, and previous events related to e-commerce enterprises. Such as qualitative analysis, quantitative analysis, or a combination of the two. In fact, because qualitative analysis methods are usually simpler and cheaper than quantitative analysis methods, qualitative analysis

4.2 E-commerce Information Security Risk Assessment and Decision-Making

71

methods can be used first to derive general risk levels or detect major risks, and then to do further quantitative analysis as needed. Qualitative analysis methods use descriptive levels (e.g., low, medium, and high) to describe the possibility of information security events and losses caused by information security events. The advantage of qualitative analysis method is the advantage of being easy to understand, and its deficiency is that the determination of grades depends on subjective judgment. When using qualitative analysis methods, the grade can be adjusted to suit the actual situation, and adopt different descriptions of the different risks. Qualitative analytical methods are generally used in initial screening efforts to identify risks that require further specific analysis. Quantitative analysis methods describe the possibility of information security events and the loss caused by information security events through different data levels. The quality of the analysis depends on the accuracy of the quantification, the integrity of the data, and the effectiveness of using the model. In many cases, the quantitative analysis method analyzes the historical data directly related to the information security objectives and their concerns; deficiency is the lack of data on new information security risks or vulnerabilities. (3) Calculation of the risk value The risk value is calculated according to the possibility of the asset vulnerability using the threatened information security event, the loss caused by the information security event, that is:Risk value = R(A, T, V) = R(L(T, V), F(IA , VA )) Where, R represents the risk calculation function; A refers to assets; T indicates the frequency of threat occurrence; V indicates the severity of vulnerability; IA refers to the value of assets affected by information security events; VA indicates the severity of asset vulnerability; L indicates the possibility of information security incidents caused by the threatened use of assets; F refers to the loss caused by information security incidents. Var calculation includes the following three key links. First, the likelihood of information security events is calculated. Based on the frequency of threat and the severity of weakness, the possibility of threat utilization vulnerability leads to security events. Possibility of information security event = L (frequency of threat, severity of vulnerability) = L (T, V). Second, calculate the loss caused by information security events. Based on the value of the asset acted on by the information security event, and the severity of the asset vulnerability, to calculate the losses caused by the information security event. Loss from information security event = F (value of asset acted on by information security event, severity of asset vulnerability) = F (IA , VA ). Then, the risk value is calculated. The risk value is calculated based on the calculated probability of the information security event, and the loss caused by the information security event.

72

4 Controlling Information Risk in E-commerce

Risk value = R (possibility of information security event, loss of information security event) = R (L (T, V), F (IA , VA )) [1]. When conducting the risk analysis, the appropriate method can be selected, such as the matrix method or the multiplication method, to calculate the risk value. The matrix method constructs a two-dimensional matrix to give a twodimensional relationship between the probability of information security events and the loss caused by information security events. Matrix method has high flexibility and is widely used in the value of risk analysis. When calculating the risk value, it is usually necessary to calculate another factor value determined by two elements, for example, to determine the possibility of information security events by the frequency of the threat and the severity of the vulnerability, and the severity of the asset value and the loss caused by information security events. This situation allows for the calculation of risk values using multiplication. By constructing the empirical function, the possibility of the information security events and the loss caused by the information security events are calculated. The multiplication method is simple and clear, according to the unified formula calculation, you can get the desired results. The multiplication method is mainly used in situations where another element value is determined by two element values. 3. Risk assessment Risk assessment refers to the comprehensive analysis of risk after analyzing and evaluating assets, threats, vulnerability, and current security measures in the process of risk assessment, and the analysis results obtained are compared with the given criteria, or comparing the analysis results of various risks, so as to determine the level of risk. The risk evaluation method is to calculate and analyze the security risks of different levels according to the various risk levels faced by e-commerce enterprises, and to determine the overall risk evaluation results according to the proportion of each level of risk in the overall risk. An example of the risk assessment is shown in Table 4.2 [2]. For intolerable risks, the residual risks should be evaluated after selecting appropriate control measures. According to the risk assessment criteria, it is the Table 4.2 Example of risk assessment

Risk grade

A proportion of the overall risk

Overall risk assessment results

Very high

≥10%

High

High

≥30%

High

Medium

≥30%

Medium

Low

Low

Very low

Low

4.2 E-commerce Information Security Risk Assessment and Decision-Making

73

management of the e-commerce enterprise to decide whether to accept the risk or increase the safety measures. After the overall risk results are determined, a risk assessment report is generally given to summarize the whole risk assessment process and results. The risk assessment report includes the risk assessment plan, risk assessment procedures, asset identification analysis, threat identification analysis, vulnerability list, identification and effectiveness confirmation of existing safety measures, risk treatment plan, risk assessment records, and other contents. In addition, e-commerce enterprises should regularly review the risk assessment report to confirm whether the risk assumptions are still valid; whether the internal environment assumptions and external environment assumptions are still valid; whether the risk assessment results are practical; whether the risk assessment technology is used correctly; whether the risk control measures are effective; and whether the risk assessment reaches the expected results.

4.2.2 Information Security Risk Disposal Decision After risk assessment, e-commerce enterprises need to determine how to deal with information security risks according to the results of risk assessment. 1. Information security risk disposal process Information security risk disposal is a series of plans and methods adopted to control the information risk within a tolerable range at a minimum cost. The general process of information security risk disposal is as follows. First, to determine the information security risk disposal target. In the information security risk disposal, the first goal of information security risk disposal should be clear, that is, to obtain the maximum benefit with the minimum disposal cost. The basic principle of information security risk disposal is to accept risks moderately. The objectives of information security risk disposal can be determined through cost–benefit analysis. Second, determine the priority of each information security risk disposal item. Based on the risk level determined by the risk assessment, each information security risk disposal item is prioritized. Information security risk disposal items with high priority should be handled first, such as those with priority risk level assignments of “5” and “4”. This step outputs actions ranging from high priority to low priority. Third, the cost–benefit analysis of safety measures. Conduct a cost–benefit analysis of the possible safety measures, and on the basis of the cost–benefit analysis, find out the best cost–benefit safety measures to reduce the risk of e-commerce enterprises. Fourth, formulate information security risk disposal plan. The information security risk disposal plan mainly includes the following contents: information security risk disposal items and specific contents. Including risks and

74

4 Controlling Information Risk in E-commerce

risk levels, recommended safety measures, priority actions, selected expected safety measures, resources required to achieve the expected safety measures, etc.; List of information security risk disposal team and personnel; Work plan; Time schedule; Expected results. Fifth, implement the selected safety measures. Implement personnel to allocate responsibilities, mobilize resources to realize the selected safety measures, evaluate the residual risk, and decide whether to conduct risk disposal according to whether the residual risk is within the tolerance range. Residual risk is the risk that the information system may remain after security measures are taken. Taking safety measures usually only reduces part of the risk, and the goal of reducing part of the risk is usually possible, but more costs are needed if further risk is to be reduced. This means the existence of a residual risk. Residual risks should be closely monitored, and they may induce new information security events in the future. If the level of residual risk is unacceptable, further safety action is required. 2. Information security risk disposal methods Information security risk disposal methods are mainly divided into control methods and financial methods. The main goal of the control method is to avoid and reduce information security risks, and to minimize the loss caused by information security risks, including risk avoidance, risk transfer, risk dispersion, and risk reduction, and other information security risk disposal measures. The financial method tries to reduce the cost of information security risk processing through financial arrangements. Financial methods include risk acceptance and risk transfer (insurance transfer and non-insurance transfer) and other information security risk disposal measures. E-commerce enterprise managers shall finally determine the information security risk disposal method or scheme according to the information security risk disposal decision. In addition, they also need to supervise and review the information security risk disposal objectives, disposal methods, and disposal plans. This runs through the whole information security risk disposal process.

4.3 Implementation of E-commerce Information Security Risk Control Information security risk control is an important guarantee for e-commerce-related enterprises to maintain the current service standards and win the market share. Information security risk control needs to be implemented based on certain risk control strategies and based on cost–benefit measures.

4.3 Implementation of E-commerce Information Security Risk Control

75

4.3.1 Overview of Risk Control 1. The concept and classification of information security risk control Information security risk control refers to managers to take specific measures to eliminate or reduce the possibility of information security events, or to reduce the loss caused by information security events. E-commerce system often has loopholes or defects due to technical and management deficiencies, and has become a vulnerability that may be exploited by human or non-human factors, thus being in an unsafe state. Information security risk management is an important way for e-commerce enterprises to reduce the possibility of various information security risks and reduce the loss of information security risks, and information security risk control is an important part of information security risk management. There are many methods to classify information security risk control. According to the application level of risk control in the technical architecture, it can be divided into single-level risk control and multi-level risk control. The e-commerce system architecture includes multiple levels, such as the Internet, External Internet, Enterprise Intranet, Value added network (VAN), network connection devices (including switches, routers, firewalls, etc.), computer systems (including mainframes, servers, and desktop computers), applications and data, etc. Some information security risk control applications at one level, such as the firewall risk control is usually applied between the extranet and the enterprise intranet. Some information security risk control is used at multiple levels from the extranet to applications. For example, all the passwords set in the system need to be composed of eight or more characters. According to the function of information security risk control, it can be divided into preventive control and detection control. Preventive control prevents vulnerabilities from being exploited by using security facilities or strengthening security rules. For example, using multiple certification techniques as an alternative to a single certification technique. Detection risk control warns when vulnerabilities in the system are exploited or security rules are broken. For example, intrusion detection, audit tracking, scanning monitoring, and so on belong to such control technologies. According to the information security risk control, the security elements can be classified into confidentiality control, integrity control, availability control, authentication control, authorization control, responsibility ownership control, privacy control, etc. Confidentiality control means the confidentiality of risk control measures in the storage, processing, or transmission of data or information. For example, use a secure socket layer (SSL) protocol in a Web server. Integrity control is to properly receive, complete, process, store, and query information assets in a continuous and correct state through risk control measures. For example, monitor unauthorized changes to the directory and structure of key system files. Availability Control Risk control measures to ensure that critical information assets or resources are accessible and available. For example,

76

4 Controlling Information Risk in E-commerce

deploying network operations centers ensures optimal network availability with high-performance network monitoring tools. Authentication control means to ensure that the identity of the user is consistent with the recognized information asset user through risk control measures. Authorization control means to ensure that users (individuals or computers) access, update or delete the systems or resources within reasonable permission control through risk control measures. For example, the authorization mechanism for a database can verify whether a user is an active user. Responsibility attribution control means that through the risk control measures to ensure that each measure can be attributed to a specific user or automated process. For example, the audit log can track the operation information for each computer, such as user logon and logout operations. Privacy control means that personal information is obtained, accessed, updated, or deleted in accordance with relevant laws and regulations. According to the information security risk control means, it can be divided into technical means and management (normative) means. Technical means include information security technology, network security technology, system security technology, application security technology, e-commerce security technology, cloud security technology, etc. Management (normative) means are mainly based on but not limited to: current laws and regulations; international standards, national standards, and industry standards; requirements and system of business system of industry competent authorities; safety protection level requirements of system interconnection units; safety requirements of system interconnection units; real-time or performance requirements of the system itself. 2. Strategy for information security risk control In the field of information security, the more typical risk control strategies include four categories: risk avoidance, risk transfer, risk reduction, and risk acceptance. Risk avoidance strategies are usually used where risk losses are unacceptable and it is difficult to reduce risk control measures (for example, the identified risk is high, or the cost of implementing risk disposal exceeds the benefits). This strategy strives to avoid risk, rather than processing after the risk occurs, and it is often used as a preferred strategy. In the specific implementation of this strategy, it can be carried out by formulating a management system, avoiding threat avoidance, using a security technology control and protection system, and carrying out education and training. For example, if risk managers need to regulate passwords strictly, they need to develop a password use management system. Threat avoidance means that e-commerce enterprises do not process particularly sensitive information in insecure information systems to prevent leakage of sensitive information; do not use the Internet for information systems that only process internal business to avoid external harmful intrusion and bad attacks; use laws and regulations to ensure their legal activities within the scope of national laws and regulations; refuse to deal with dishonest manufacturers, and immediately stop relevant business transactions if problems are found at the beginning of the business. Using safety techniques to control and protect systems is a common practice to reduce system risk. For example, installing and using

4.3 Implementation of E-commerce Information Security Risk Control

77

firewalls can reduce threats from outside the system. Teach and train employees, enhance their safety awareness, and take necessary measures for end-users to establish a safer and more controllable organizational environment. When the risk cannot be completely avoided, the risk reduction strategies can be selected. To reduce the risk means to take certain risk disposal measures for the information assets at risk to reduce the risk. This strategy is usually adopted when security input is less than risk loss. In the selection and implementation of control measures, a variety of constraints should be considered, such as time constraints, financial constraints, technical constraints, operational constraints, cultural constraints, moral constraints, environmental constraints, legal constraints, ease of use constraints, personnel constraints, etc. Specific ways to reduce risk are reducing threat sources, reducing threat capacity, and reducing vulnerability. Reducing threat source refers to the use of legal means to sanction computer crimes, play the deterrent role of law, and effectively curb the motivation of threat source. Computer crime includes the theft of confidential information, attacking a critical infrastructure for information systems, spreading viruses, unhealthy information, and spam. Reducing threat capability means the ability to adopt technologies such as identity authentication to reduce identity counterfeiting threat. Reducing vulnerability is reduced by timely patching the system and closing the useless network service ports; or by improving risk detection and response capabilities, such as emergency response plan, disaster recovery plan, business continuity plan, etc. Risk transfer is a kind of risk treatment method that transfers the risk to another person or unit through contract or non contract. This strategy is usually adopted only when the risk cannot be avoided or reduced and is accepted by a third party (the transferred party). This strategy is generally used for those risks with a small probability but will have a significant impact on e-commerce enterprises once they occur. Risk transfer can be divided into two types: insurance transfer and non-insurance transfer. When transferring risks, it can be realized by reproviding services, outsourcing projects, purchasing insurance, or performing service contracts with suppliers. Accept risk refers to the loss caused by e-commerce enterprises not taking further measures to bear the risk. Acceptance of risk is usually not a wise business decision, but risk acceptance is a reasonable choice under the condition that the risk clearly meets the e-commerce enterprise strategy and risk acceptance criteria, or when the cost of disposing of the risk is much greater than the benefits. Acceptance risk can be specifically divided into two types, namely, passive acceptance risk and active acceptance risk. Passive acceptance of risk usually refers to the e-commerce enterprises failing to identify the various risks facing, or failing to passively accept the risk losses even if they fail to take measures to identify the risk. Active acceptance of risk means that e-commerce enterprises take conscious and planned measures to deal with and accept risk losses on the basis of identifying risks. Whether the e-commerce enterprises ultimately accept the risk needs to consider the frequency of risk occurrence and the degree of risk loss.

78

4 Controlling Information Risk in E-commerce

3. Cost–benefit analysis of information security risk control Information security risk control needs to strike a balance between the cost of implementation and the benefits obtained. An e-commerce enterprise invested in asset control and protection should not exceed the value of the asset itself, and such a decision-making process is called cost–benefit (CBA). Cost is the investment made to protect information assets. Determining the cost of controlling and protecting assets is often a difficult task. In general, the main factors affecting the cost of controlling and protecting assets are the cost of developing and acquiring software, hardware, and services; training costs, mainly for staff training; implementation costs, including the installation, configuration, testing, and service of software and hardware; maintenance costs, including inspection and uninterrupted testing; maintenance and update costs. Benefit is a good effect for ecommerce enterprises to control and protect their assets. The result is expressed by the annual loss expectation value (ALE). Asset appraisal is the assessment of the design, development, installation, maintenance, recovery, and the actual and projected costs of preventing losses. Asset evaluation is extremely challenging, it is the process of allocating value for each asset, but some asset costs are easy to calculate, such as the equipment purchased, and the cost of some assets is almost impossible to be accurately calculated, such as the economic value of key information that can improve the market share. The objects of asset appraisal usually include the cost of creating or obtaining information, updating, rebuilding, or restoring information, maintaining information, more than the value of the owner, the value to competitors, the cost of protecting information and intellectual property, and the loss of productivity and corporate income caused when the information is not available. There are methods of cost–benefit analysis using annual loss expectation (ALE). When calculating the annual loss expectation value, the single loss expectation value is calculated first, even if the formula is as follows: Single Loss Expectation(SLE) = Asset Value (AV) × Exposure Factor (EF). Among them, the exposure factor is the percentage of losses resulting from a known attack. A single loss expectation value calculates the value of the loss resulting from each attack, taking into account the value of the asset and the percentage of the loss resulting from the known attack. A single loss expectation value can be used to calculate the annual loss expectation value [5]. Example 4.1 The asset appraisal value of an e-commerce website is RMB 100,000. 10% of the loss suffered by the website is caused by hacker attacks (exposure factor). What is the single loss expectation of the website? Solution: SLE = AV × EF = 100000×10% = 10,000 (yuan). Second, the annual loss expectation value is calculated. In general, the annual rate of occurrence (ARO) is used to indicate the probability of a threat. For example, if an attack occurs every two years, it has an annual probability of 0.5 (50%). Annual loss expectation (A LE) is calculated by the following formula:

4.3 Implementation of E-commerce Information Security Risk Control

79

A LE = SLE × ARO Example 4.2 The assessed asset value of an e-commerce website is RMB 100,000, and 10% of the losses suffered by the website are caused by hackers (exposure factor). The annual probability of hacker attacks is 50%. What is the annual loss expectation of the website? Solution : SLE = AV × EF = 100000 × 10% = 10000 (yuan) ALE = SLE × ARO = 10000 × 50% = 5000 (yuan) The annual loss expectation of the site is 5000 yuan. In other words, if the e-commerce site does not improve its security level, it will lose 5000 yuan every year due to hacker attacks. When the annual cost expectation calculation is completed, the cost–benefit analysis formula is as = ALE (before implementation of control measures) − follows:CBA ALE (after implementation of control measures) − ACS Where: ALE (before implementing control measures) is the annual loss expectation before implementing control measures; ALE (after implementing control measures) is the annual loss expectation after implementing the implementation of control measures; ACS is the annual safety protection cost [5]. After the implementation of the information security risk control measures, the cost–benefit analysis generally continues to determine when to adjust or optimize them.

4.3.2 Technical Measures E-commerce security technology is an important means to realize e-commerce information security. In e-commerce activities, whether it is information protection, or network protection, system security, application security, and others need to use the corresponding security technology. In network-based e-commerce activities, various information is stored in ecommerce information systems or related devices, and is transmitted with the help of the network. There are various risks in the relevant business quotation, business scheme, negotiations, payment, and other confidential information in the process of preservation and transmission. If this information is stolen and tampered with, it will cause great harm to e-commerce activities. Therefore, it is necessary to take technical measures to prevent e-commerce information security. 1. Password system The original information that is not encrypted is called plaintext, and the information after camouflage transformation is called ciphertext. The usual encryption and decryption process cannot be separated from the cryptosystem and key.

80

4 Controlling Information Risk in E-commerce

The cryptosystem is the algorithm of encryption and decryption, and the key is the key information for encryption and decryption. There are many classification methods for cryptosystems. According to whether the encryption algorithm and decryption algorithm use the same key, cryptosystems can be divided into symmetric cryptosystems and asymmetric cryptosystems. (1) Symmetric password system Symmetric cryptosystem is the same cryptosystem with the same encryption key and decryption key [7]. As long as this cryptosystem can reverse the solution (plus) secret algorithm as long as you know the plus (solution) secret algorithm. The information sender encrypts the plaintext into dense text, and the information receiver decrypts the dense text into plain text using the same key. Depending on the encryption mode of plaintext, passwords can be divided into group passwords and stream passwords. Common grouping passwords are data encryption standard (DES), triple data encryption standard (3DES), advanced encryption standard (AES), common flow passwords are RC4, RC5, SEAL, etc. (2) Asymmetric cryptographic system The idea of asymmetric cryptosystem was proposed by Whitfield Diffie and Martin Hellman of Stanford University in 1976. Asymmetric cryptosystem is also called public key cryptosystem. It has two keys. One is kept by the key owner, which is called private key; The other can be made public, which is called public key. There is a close relationship between public key and private key. The information encrypted with public key can only be decrypted with the corresponding private key, and the information encrypted with private key can only be decrypted with the corresponding public key. The encryption algorithm and decryption algorithm of an asymmetric cryptosystem can be disclosed. Commonly used algorithms include RSA, Diffie Hellman key exchange algorithm, ElGamal algorithm, etc. According to the different functions of the public key, the asymmetric cryptographic system can realize two functions, namely, information encryption and identity authentication. When the sender encrypts the sent information with the public key of the receiver, and the receiver decrypts the received encrypted information with its own private key, the information encryption and decryption functions can be realized. When the sender encrypts the sent information with its own private key, and the receiver decrypts the received encrypted information with the sender’s public key. In this process, when the receiving party B receives the information encrypted with the private key of the sender A, it can decrypt with the public key of A. If the decryption is successful, then B can conclude that the message is sent by A, because the information encrypted with the private key of A can only be decrypted with the public key of A. In turn, if the information can be successfully decrypted with the public key of A, then the message is encrypted with the private key of A, so that the identity of the message sender

4.3 Implementation of E-commerce Information Security Risk Control

81

can be authenticated. This lays the groundwork for the digital signature technology. The specific applications of the asymmetric cryptographic system include confidential communication, digital signature, identity authentication, key sharing, and so on. Asymmetric cryptography can achieve confidential communication, but because of the slow speed of this algorithm, it is not suitable to encrypt large amounts of information. Asymmetric cryptography system can realize the digital signature, which can replace the traditional manual signature. It is widely used in commercial fields, such as signing with digital signature technology. Sending sensitive information in the open letter is prone to tampering, replay, or counterfeiting by attackers. The asymmetric password system can be used to verify the authenticity and integrity of the information, and the identity authentication of the communication subject can be realized by verifying the public key certificate. Key sharing refers to the information of a secret information split into n sharing factors and distributed to n members. Only the sharing factor with k (k