| Now the world already entered the information time and the information system is used in social each domain and the information importance is accepted widely. The security of the information system becomes more and more important in the enterprise for the increasing dependence and the risk, the opportunity and the income by the operating information system by the enterprise. The management level needs to guarantee the information system adapts its organization's strategy, its service strategy also must appropriately use information system superiority.But any information system in the real world is one string complex link, the security measure must seep to information system all aspects, even some link the designer, the realization and the users of the information system do not know. Therefore, the safety factor is always existent. Any information system is perfect, and any technology is the panacea.One organization's management level has the responsibility guarantees to provide the safe information system environment for all users, especially the government department. We should protect ourselves avoid the inherent risk by using the information system While realize the advantage of the safe information system.After the appearance of the e-commerce, the construction of the enterprise information had developed further. It made the enterprise information system more consummation, more convenient and satisfied the demand of the society now. But simultaneously, as a result of its network popularization, it also gave the enterprise information system more safety factors.This article first introduced the basic concept and the security knowledge of the e-commerce. Subsequently outlined the changes and the developments of the enterprise information system after the electronic commerce appears, and made the analysis of the enterprise information system security problem, the present method and the security model limitation. According to these characteristics, this article improved the present security model, established the data security model based on the electronic commerce system and the visit control security model and proposed the appraisal standard based on the electronic commerce enterprise information system security. Is for the purpose of through the guarantee information system secret, the integrity, the reliability and the usability manages to protect all of the organization's information property, through the policy, the principle, the procedure, the organizational structure and the software function to determine the control mode and the implementation control. According to this system frame, organization may continue to enhance the validity of the management and unceasingly raise own information safety control level, reduce the information safety's risk, finally safeguards the effective realization of the organization overall goal, and creates the new strategic development opportunity using the information technology for the organization. |
PDF Full Text Request