《电子商务安全与支付》教学大纲-祝凌曦.docx

《《电子商务安全与支付》教学大纲-祝凌曦.docx》由会员分享，可在线阅读，更多相关《《电子商务安全与支付》教学大纲-祝凌曦.docx（24页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、电子商务平安与支付课程教学大纲Syllabus of Information Security and Electronic Payment一、课程基本信息Basic Information of This Course1、课程编号：50L147Q1. 1 Course Code： 50L147Q2、课程名称（中文）：电子商务平安与支付课程名称（英文）：EC Security and Electronic Payment1.2 Course Name （Chinese）:信息平安与支付Course Name （English）:EC Security and Electronic Paymen

2、t3、课程层次/性质：专业课/必修课（专业主干课）1.3 Course Level or Attribute ： Professional class/required courses （professional major course）4、学时/学分：64学时/4学分1.4 Hours and Credits： 64 hours / 4 credits5、先修课程：大学计算机基础、C语言程序设计、电子商务概论、计算机 原理面向对象的程序设计，数据结构，计算机网络与互联网（JAVA或C + +）,数 据库原理及应用开发技术Pre-Studied Courses： College Comput

3、er BasisX C language programming、 On trod uction to Electronic Commerce、principle of computer、（Object oriented Programming、data structuredcomputer network and internet、JAVA、The principle and applicat ion of the database development technology6、适用专业：电子商务Suitable Majors： E-commerce二、课程教学目标及学生应到达的能力本课程

4、为电子商务专业本科生开设的一门专业必修课，属于电子商务专业的主干课。授 课对象为电子商务专业的本科生，要求具备一定得电子商务专业基本知识，是一门融合多门 课程进行电子商务设计的综合类课程。平安是商务活动中的重要内容，特别是对于电子商务来说，由于其本身的特殊性更加决 定了平安是电子商务生存的基础。而电子商务平安从信息平安开展而来又具备其自己的特性。 平安本身并不是目的，无论是信息平安、主机平安、传输平安还是交易平安，其最终的目的 是实现支付，也就是通过各种手段来保证电子商务支付系统的平安。本课程分理论与实践教学两局部，并融合一体，突出基于互联网的电子商务支付系统的 平安策略的制定，平安技术的采用

5、，到达对学生实施工程能力训练与综合素质培养。1 Teaching Objectives and Ability TrainingThe course is specifically for e-commerce majors and belongs to the electronic comm erce specialized backbone lesson. Teaching object is the undergraduate student of e-comme rce, and the student should master electronic business profess

6、ional basic knowledge. This c ourse combines many courses for electronic business design of integrated curriculum.(2)掌握我国电子汇兑系统的基本构成以及中国国家现代化支付系统的构成，主要系 统及其功能。(3) 了解国外的主要电子汇兑系统包括SWIFT、CHIPS. Fed Wire等。重点内容：电子汇兑系统的概念、特点、类型以及基本的功能操作。我国电子汇兑系统 的基本构成以及中国国家现代化支付系统的构成，主要系统及其功能。国外的主要电子汇兑 系统包括 SWIFT、CHIPS、Fe

7、d Wire 等。难点内容：电子汇兑系统的概念、特点、类型以及基本的功能操作。学时分配：课堂学习4学时。其中电子汇兑系统的概念、特点、类型以及基本的功能操 作，2学时。掌握我国电子汇兑系统的基本构成以及中国国家现代化支付系统的构成，主要 系统及其功能，1学时。国外的主要电子汇兑系统包括SWIFT、CHIPS. Fed Wire等，1学时。(十四)网络银行平安及应用(4学时)主要内容：主要包括网络银行的概念、模式、特点、网上银行系统的组成。网上银行的主要业务及 其开展的基础条件。重点讲述了网上银行的具体使用过程以及在使用过程中存在的典型风向 与防范措施。基本要求：(1)掌握网络银行的概念、模式、

8、特点、网上银行系统的组成。(2) 了解网上银行的主要业务及其开展的基础条件。(3)掌握网上银行的具体使用过程以及在使用过程中存在的典型风向与防范措施。重点内容：包括网络银行的概念、模式、特点、网上银行系统的组成。网上银行的主要 业务及其开展的基础条件。网上银行的具体使用过程以及在使用过程中存在的典型风向与防 范措施。难点内容：网上银行的具体使用过程以及在使用过程中存在的典型风向与防范措施。学时分配：课堂学习4学时。其中包括网络银行的概念、模式、特点、网上银行系统的 组成，1学时。网上银行的主要业务及其开展的基础条件，1学时。网上银行的具体使用过 程以及在使用过程中存在的典型风向与防范措施，2学

9、时。（十五）移动支付平安及应用（2学时）主要内容：本章主要讲述了移动支付的概念、分类、开展阶段、业务、模式、终端解决方案及其发 展的主要障碍等基本内容。重点讲述了移动支付的具体使用过程以及在使用过程中存在的典 型风向与防范措施。基本要求：（1） 了解移动支付的概念、分类、开展阶段、业务、模式；（2）掌握移动支付的终端解决方案；（3）掌握移动支付的具体使用过程以及在使用过程中存在的典型风向与防范措施。重点内容：移动支付模式及终端解决方案。移动支付的具体使用过程以及在使用过程中 存在的典型风向与防范措施。难点内容：移动支付的具体使用过程以及在使用过程中存在的典型风向与防范措施。学时分配：课堂学习2

10、学时。理论占1学时，实践占1学时。（十六）总结（4学时）对全文重点内容进行条理化分析与总结（不拘形式）。课堂讨论局部（一）经典密码学课堂讨论（2学时）主要内容：对经典密码学分为十个小组，每个小组分配一个加密算法，按照各组不同的题目，查找 相应的资料，完成调研论文，以及演讲PPT。论文要求按照标准来完成，并且不少于5篇参 考文献和5个引用。对于引用的局部要有标准，按照科技论文的要求进行写作。经典密码学 分成enigma密码和哈格林、重合指数法、Playfair、hill、porta图像隐藏6个。（二）银行卡应用讨论（2学时）主要内容：将学生分组，每组分配不同的银行，按照各组不同的题目，查找相应的

11、资料，完成调研 论文，以及演讲PPT。论文要求按照标准来完成，并且不少于5篇参考文献和5个引用。对 于引用的局部要有标准，按照科技论文的要求进行写作。信用卡可分为应用、年费、功能、 犯罪、利息、种类、取现、分期、积分调查报告9个。（三）第三方支付平安讨论（2学时）主要内容：将学生分组，不同的小组分配一个第三方支付网站，每组完成对规定内容的调研，写出 调研报告，报告中写明每个支付平台的产生、开展、关键技术、具体应用、优势劣势、平台 背景、使用情况、未来的开展。上交作业中包括调研报告、PPT、的所有的资料。每组 完成一个PPT,由一位同学负责主讲。第三方可以选择中国国家现代化支付系统、闪付、快 钱

12、、钱袋网、北京数字王府井、联动优势、天翼电子商务、捷银、付费通以及联通沃易付。上机实验局部（一）防火墙上机实验（2学时）主要内容：下载一个常用的防火墙，对该防火墙完成安装和配置。主要以RG-Wall60为例，通过 对该软件的端口、应用程序的访问权限等进行设置，了解防火墙的主要配置策略，以及该策 略的具体实现。（二）SSL协议配置（2学时）主要内容：上机完成对SSL协议的安装和配置工作。（三）数字证书实验（2学时）主要内容：在实验室上网完成对数字证书的申请，安装、备份和使用。（四）网络支付实验（2学时）主要内容：选择第三方支付平台或网上银行，完成用户注册，实名认证以及实现一次网上交易的电 子支付

13、。课程设计局部课程设计是对本次课程所学内容的一次综合性的集成工作。课程设计要求学生独立完成 一个平安的电子支付模拟系统的设计。从模拟系统的需求分析做起，相应完成总体设计、详 细设计报告。在行有余力的情况下进行程序的开发，建议实现通过SOCKET端口进行平安通 信的程序。对于有程序支持的同学，根据实际程序的难度和工作量给予一定得加分。课程设计要求完成：需求分析报告、总体设计报告、详细设计报告、源程序、测试报告。3 Contents and Requirements课程主要知识点、重点、难点及课时分配。This course is for 64 hours, a total of 4 credit

14、s, general course arrangement is divide d into three aspects, on one hand, the classroom lectures and discussion part, accounting f or 54 class hours; Another part of the computer for laboratory, accounting for 10 hours; One of the students* autonomous learning, and the course for design part, dont

15、take up th e number of hours in the course, they are finished after the class.Lectures part:(1) e-commerce security overview (4 hours)Main contents:The main teaching contents are e-commerce security situation of electronic commerce, the requirement of safety, and every safety requirements are expoun

16、ded, introduced the contents, typical risk and its preventive measures; at the same time, tells the story of the electronic commerce security trading standards and its basic legal protection.Basic requirements:(1) To understand the present situation of electronic business safety;(2) To understand th

17、e basic requirements content of electronic business safety;(3) Master the safety hazard risk and its preventive measures of e-commerce safety;(4) Master e-commerce basic security agreement;(5) To understand the electronic commerce security law protection status.Key content: The content of basic requ

18、irements of electronic commerce security; E-commerce security risk and its typical preventive measures; E-commerce security trading standards.Difficulties content: Electronic commerce security requirements, e-commerce security trading standards.School distribution: 4 hours to classroom learning.(2)

19、Cryptography and its application (6 hours)Main contents:This part mainly introduce the stage of development of cryptography: the ancient password, classical encryption and modern password, introduces the typical cryptographic algorithm, also told the basic theory of cryptography, including symmetric

20、 cryptography and asymmetric cryptography, digital signature, digital certificate and other areas of basic principle and characteristics.Basic requirements:(1) To understand what is cryptography, the necessity of cryptography;(2) To understand the basic theory of classical cryptography, password cod

21、e learn and password analysis of the concept of learning, type;(3) Master symmetrical encryption and asymmetric encryption, the basic principle of typical algorithms and characteristics;Master digital signature and its basic principle;(4) To understand digital certificate and CA certifications main

22、functions.Key content: the advantages and disadvantages of symmetrical cryptography and asymmetric cryptography and their application.Difficulties content: the advantages and disadvantages of symmetrical cryptography and asymmetric cryptography and their application.School distribution: 6 hours to c

23、lassroom learning.(3) The identity authentication and access control (2 hours)Main contents:This part is mainly about identity authentication, and access control. Basically tells the concept, foundation and basic methods of identity authentication; the concept, elements and types and its realization

24、 strategies of access control.Basic requirements:(1) To understand the basic meaning of identity authentication;(2) The identity authentication of the master basic method;(3) To understand the concept of access control and its factors;(4) To understand the type of access control;(5) To the realizati

25、on of the access control strategy.Key content: the method of the identity authentication and the realization of the access control strategy.Difficulties content: the method of the identity authentication and the realization of the access control strategy.School distribution: 2 hours to classroom lea

26、rning.(4) Firewall technology (2 hours)Main contents:This part is mainly about the overview of the firewall, firewall related concept and definition, the basic system structure, firewall system structure of all kinds of changes and combination, and the basic type of the firewall, the future of the f

27、irewall and firewall product introduction. Firewall security strategy, and security policy Settings.Basic requirements:(1) The related concepts and definition of the firewall;(2) The basic system structure and wall changes and combination;(3) The basic type of the firewall;(4) The main firewall prod

28、ucts;(5) A firewall security strategy, and security policy settings;Key content: firewall security strategy, and security policy settings.Difficulties content: firewall security strategy, and security policy settings.School distribution: 2 hours to classroom learning.(5) Computer virus and its count

29、ermeasures to prevent and control (2 hours)Main contents:This part mainly tells what a computer virus is; Computer viruses, including computer virus began, development and spread of the way and the working way; a computer virus and the characteristics of the vandalism, action mechanism; Common DOS v

30、irus analysis. The computer virus classification, behavior and characteristics, as well as computer virus prevention and cleared method; The network computer virus characteristic; The computer virus detection, prevention, and cleared; Virus defense solutions.Basic requirements:(1) To learn what a co

31、mputer virus is and its transmission mechanism, including computer virus began, development and spread of the way and the working way;(2) To understand a computer virus and the characteristics of the vandalism, mechanisms;(3) To understand common DOS virus;(4) The classification of the computer viru

32、s, behavior and characteristics, as well as computer virus prevention and cleared method;(5) To understand the computer virus detection, prevention, and cleared; Virus defense solutions.Key content: computer virus and its transmission mechanism. The computer virus classification, behavior and charac

33、teristics, as well as computer virus prevention and cleared method.Difficulties content: computer virus and its transmission mechanism. The computer virus classification, behavior and characteristics, as well as computer virus prevention and cleared method.School distribution: 2 hours to classroom l

34、earning.(6) E-commerce security agreement-SET (4 hours)Main contents:This chapter is mainly about the concept of electronic trading safety agreement SET, the information structure of the agreement, part of the agreement, the processing of agreement logic, the expansion theory knowledge, and how to u

35、se safe electronic trading agreement SET for shopping, etc.Basic requirements:(1) Master the concept of electronic trading safety agreement SET, the information structure of the agreement;(2) To understand SET part of the agreement;(3) The processing of the agreement to SET logic;(4) To understand t

36、he expansion theory of SET, and how to use safe electronic trading agreement SET for shopping, etc.Key content: the concept of electronic trading safety agreement SET, the information structure of the agreement, part of the agreement, the processing of agreement logic.Difficulties content: the proce

37、ssing of agreement logic.School distribution: 4 hours to classroom learning.(7) E-commerce security agreement-SSL (2 hours)Main contents:This chapter is mainly about the overview of protocol SSL, record layer protocols, shake hands agreement; SSL protocol of condom safety analysis, and SET agreement

38、 and the comparison of the SSL protocol;Basic requirements:(1) To understand the concept of protocol SSL, shake hands agreement;(2) To learn SSL protocol of condom safety analysis;(3) Master SET protocol and the comparison of the SSL protocol.Key content: the overview of protocol SSL, record layer p

39、rotocols, shakes hands agreement; SSL protocol of condom safety analysis, and SET agreement and the comparison of the SSL protocol.Difficulties content: SET agreement and the comparison of the SSL protocol.School distribution: 2 hours to classroom learning.(8) Overview of electronic payment (4 hours

40、)Main contents:Basically tells payment and payment system, including payment and payment system of production and the development of the composition of the payment system in our country. Include the present situation of electronic payment, the definition of electronic payment, classification and the

41、 main problems of electronic payment industry in our country.Basic requirements:(1) Master pay, and pay for the concept of system of our country and the composition of the payment system.(2) To understand the present situation of electronic payment, the definition of electronic payment, classificati

42、on and the main problems of electronic payment industry in our country.(3) To understand the concept of online pay and conditions, characteristics, and main ways.Key content: payment and payment system in our country, the concept and the payment system composition; the main way of online pay.Difficu

43、lties content: our pay system composition; the main way of online pay.School distribution: 4 hours to classroom learning.(9) ATM and POS safety and application (4 hours)Main contents:The main contents include the generation and development of bank CARDS, types, credit CARDS, VISA, MARSTCARD and vari

44、ous bank to use fee is introduced. Introduce the basic configuration and network organizations of ATM system, ATM transaction processing flow, the ATM system design and related security technology. Introduce the basic composition and network organizations of POS system, POS transaction processing fl

45、ow, POS system design and related security technology. Focusing on the ATMs specific use process, combined with case analysis the ATM use of the existence of the typical risk, and provide the corresponding measures.Basic requirements:(1) To understand the generation and development of bank CARDS, ty

46、pes, credit CARDS, VISA, MARSTCARD and various banks to use fee.(2) Understand the basic components and ATM system network organizations, ATM transaction processing flow, the ATM system design and related security technology.(3) To master ATM specific using process, and the further understanding of

47、the potential risks and concrete measures.(4) Understand the basic composition of POS system and network organizations, POS transaction processing flow, POS system design and related security technology.Key content: the basic configuration and network organizations of ATM system, ATM transaction pro

48、cessing flow, the ATM system design, ATM specific application, safety risk and its preventive measures. Introduce the basic composition and network of POS system, the POS transaction processing flow, the POS system designing and related security technology.Difficulties content: the basic configuration and network organizations of ATM system, ATM transaction processing flow, the ATM system design, ATM specific application, safety risk and its preventive measures. Introduce the basic composition and network of POS system