為台灣加入世界貿易組織並與各國簽署政府採購協定之後，勢必將開放新台幣二千億元政府採購市場到國際間，為了提高採購效率、擴大民間參與，我政府於民國88年5月27日正式實施政府採購法，以滿足我國對內及對外之政治經濟及法制等多方需求。根據行政院公共工程委員會的統計，政府採購法開始實施以來，以民國89年為例，10萬元以上的採購案件計有92,618件，其中決標金額低於100萬元的案件高達59,979件，佔總案件數64.76%；而這近6萬件的採購案決標金額總計約239億元，僅佔決標總額4千944億元的4.83%，可見決標金額低於100萬元的小額標案消耗最多行政資源及人力成本，但效益卻是最低的。針對這類型標案，如能以電子採購的方式進行，將能大幅降低採購行為所消耗的成本。

　　目前工程會正在運作的政府採購領投標系統，據了解，目前領投標的工作已經開辦，而開標決標的作業尚在試辦階段。本論文提出高安全性的電子採購系統，重點在於採購過程安全性的保障更甚於現有的系統。在安全技術上採用IC卡、電子信封與下一代加密標準（AES）等技術；在系統流程上，仍以政府採購法為法源依據。雖然本論文所研製的系統規模與完整的程度上不能與現行工程會系統相比擬，但在採購流程的完整上卻更勝一籌，也期望能從安全的角度上提供新的思維以提升我國電子採購系統之品質。

　　Because of joining World Trade Organization and subscribing Government Procurement Agreement, Taiwan will open the totally Government Procurement market, about NT$200,000,000,000, to the international society. In order to improve procurement efficiency and encourage private enterprises to participate in, the government takes the law of government procurement, on May 27th in 1999, to satisfy the political, economical and legal requirements domestically and internationally. According to the statistics of the Public Construction Commission in 2000, there are 92,618 government procurement cases that take more than NT$100,000, and 59,979 of them that are decided take less than NT$1,000,000. It is about 64.76% of total cases. However, the amount of the decided is about NT$23,900,000,000, only occupy 4.83% of total amount of decided, NT$494,400,000,000. We can find that the decided cases that take less than NT$1,000,000 use the most resource but cost the least. If we can deal with this kind of case in Internet, we can decrease a lot of procurement cost.

　　As we know, the government E-Procurement system, which is operated by the Public Construction Commission, can achieve the bidding procedure. However, the tender opening procedure is still on the testing stage. The highly secure E-Procurement system that we proposed emphasizes that the security of procurement procedure is better than current system. In security technology, we adopt IC card, digital envelope and Advanced Encryption Standard (AES); in system procedure, the highly secure E-Procurement system is also based on the law of government procurement. Of course, our system cannot compare with the current one in system scale and completeness; we hope to provide a new vision in the security aspect and to improve the quality of our country’s E-Procurement system.

[1]AES Homepage http://csrc.nist.gov/encryption/aes/

[2]Apache-SSL, http://www.apache-ssl.org/

[3]W. Diffie and M. E. Hellman, “New Directions in Cryptography”, IEEE Transactions on Information Theory, Vol. IT-22, No.6, pp.644-654, Nov. 1976

[4]Federal Information Processing Standards Publication 180-1, April 17,1995

[5]ITU-T Recommendation X.509 ”Information Technology Open Systems Interconnection－The Directory：Authentication Framework”, Jan 1997

[6]Mohammed J. Kabir, “Apache Server Bible”, IDG Books Worldwide Inc. 1998.

[7]B. Laurie and P. Laurie, “Apache: The Definitive Guide”, O’Reilly Inc. 2000.

[8]MySQL, http://www.mysql.com/

[9]PHP: Hypertext preprocessor, http://www.php.net/

[10]PKCS #7, “Cryptographic Message Syntax Standard”, http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/index.html

[11]”PKCS #11, ”Cryptographic Token Interface Standard”, http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html

[12]Rijndael Specification http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf

[13]R. Rivest, A. Shamir and L. Adleman, “A Method for Obtaining Digital Signature and Public-key Cryptosystems”, Communications of the ACM, Vol. 21, No.2, pp.120-126, Feb. 1978

[14]W. Stallings, “Network Security Essentials”, Prentice Hall, 2000

[15]The Apache Software Foundation, http://www.apache.org

[16]行政院公共工程委員會http://www.pcc.gov.tw/c2/c2a/2_a_8/2_b_8_5_6_10.htm

[17]台灣網路認證股份有限公司 http://www.taica.com.tw/education/ca-1-1.htm

[18]政府採購領投標系統 http://www.geps.gov.tw/

[19]政府憑證管理中心-政府採購單位機關專用 http://www.pki.gov.tw/gep

[20]陳俊良、黃景彰,“網際網路上安全的工程競標通訊協定”, 第八屆全國資訊安全會議, May 1998, Pages 187-196

[21]陳培德、陳坤元、賴溪松、王文能，”加速實現AES密碼器的方法”，第十一屆全國資訊安全會議論文集 頁207~214，2001。

[22]廖耕億、黃景彰，”網路競標研究的現況與展望”，資訊安全通訊，2000，Vol. 5，No.2，p41。

[23]賴溪松、葉育斌，”資訊安全入門”，全華科技圖書股份有限公司，2001。

[24]賴溪松、韓亮、張真誠，”近代密碼學及其應用”，松岡電腦圖書資料股份有限公司，1995