透過您的圖書館登入 IP:18.220.1.239
透過您的圖書館登入
IP:18.220.1.239
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

以Petri Net 為基礎之電子商務交易驗證流程建模

A Petri Net Based Verification Process Modeling for E-Commerce Transaction

賴宛妤(Wan-yu Lai)
指導教授 : 曾黎明
國立中央大學/資訊電機學院/軟體工程研究所/碩士(2013年)
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
未授權

摘要

在現今網際網路發達的社會,許多事情可以藉由網路的協助完成,甚至可以在線上完成商品交易。網路購物的便利性徹底改變了現代人的消費模式。電子商務日趨發達,除了帶給我們便利之外,我們更應該注重電子商務線上交易的安全議題。 本研究主要討論的電子商務營運模式是以B2C(Business to Consumer)企業透過網路銷售產品或服務給個人消費者為主。本研究從兩個方向解決電子商務交易可能產生的程式功能或流程邏輯錯誤: 1. 正確的系統設計與開發流程:以Petri Net 建立系統功能流程。 2.利用Petri Net產生正確的安全威脅模型:分析出系統的潛在威脅,依據其潛在威脅建立出一個安全的系統。 本研究利用Petri Net的概念,將電子商務交易的流程重新繪製成Petri Net圖形,藉此評估此系統之可達性(Reachability)及限制性(Boundedness),驗證此系統運行時是否有不當的行動會造成企業及消費者無法預期的損失。

關鍵字

派翠網 電子商務 威脅建模 安全政策

並列摘要

The Internet has been well developed nowadays. Many things can be done through the Internet, even we can go shopping on-line. The convenience of on-line shopping makes a radical change of the consumption pattern of modern people. E-Commerce becomes more and more developed, despite of its convenience, we should be more concerned about the security of on-line shopping. In this study, we will discuss the E-Commerce of B2C(Business to Consumer)and solve function or logic error which result from a poor-designed program through two ways: 1. Proper system design and development process : construct systematic process by using Petri Net. 2. Using Petri Net to build a correct security-threatening model : Find out latent threats of the system and construct a more secure system without these threats. We adopted the concept of Petri Net and redrew E-Commerce transaction process into Petri Net map to evaluate the reachability and boundedness of the system, and we can verify whether the system has improper behavior which may cause the enterprises and the consumers unpredicted losses.

並列關鍵字

Petri Net E-Commerce Threat Modeling security policy

參考文獻

[2]B. Anderson, et al. “The application of model checking for securing e-commerce transactions. ” Hacking and innovation, Communications of the ACM on, Vol 49, Issue 6, p.p.97-101, June 2006.
[3]Xu, Dianxiang and K.E., Nygard, “Threat-Driven Modeling and Verification of Secure Software Using Aspect-Oriented Petri Nets.”, Software Engineering, IEEE Transactions on, Vol 32, Issue 4, pp.265-278, April 2006.
[5]R. Accorsi, A. Lehmann, ”Automatic Information Flow Analysis of Business Process Models.” p.p. 172-187, 10th International Conference, Tallinn, Estonia, September 2012.
[6]Risk Management Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, July 2002.
[7]Ruth Sara Aguilar-Saven , “Business process modelling: Review and framework.” Production Economics, Vol 90, Issue 2, p.p129–149, July 2004.

延伸閱讀

未授權