论文标题:基于WAP的移动电子商务安全支付协议架构的研究
Research on WAP Based Protocol Framework for Mobile Commerce Secure Payment
论文作者
论文导师 姚卫新,论文学位 硕士,论文专业 管理科学与工程
论文单位 东华大学,点击次数 79,论文页数 82页File Size4262K
2007-12-10论文网 http://www.lw23.com/lunwen_600648742/
Mobile Commerce;; Mobile Payment;; Payment Protocol;; Formal Analysis
互联网技术的日新月异和计算机设备的日益普及促成了电子商务产业的蓬勃发展。在电子商务时代的影响下,随着移动终端设备制造技术的不断成熟以及相关技术标准的升级换代,移动电子商务作为传统电子商务的分支,也日益受到人们的重视。作为移动电子商务最关键的支付环节,很多客观条件并不尽如人意:众多支付标准令用户莫衷一是,移动网络的丢包、时延和滞后现象时有发生,个人隐私消息泄露令人烦恼不堪,迫切需要良好的移动支付解决方案。 问题的解决方案是,首先分别从移动电子商务的技术标准、业务模型和加密技术方面,对比分析当前移动电子商务安全支付存在的问题、需要改进的方面和可以借鉴的因素。然后,以此为基础,对借鉴的业务模型进行优化,定义移动支付的业务流和数据流。随后使用安全性能较高、密钥长度较短的椭圆曲线密码体制设计出数据加密和数字签名方案,并将其与业务流程结合,构建出一种移动安全支付的协议架构。最后,以无线应用协议为技术标准,对提出的协议架构进行效率优化,最终使用形式化分析,对协议的“不可抵赖性”、匿名性、数据真实性、数据完整性和效率进行验证及分析,证明提出的协议架构具有良好的通用性、安全性、严密性及改善的效率。 通过创新性地使用最新的无线应用协议标准和加密算法,期待此方案能够为当前的移动支付领域提出一些建议的方向。
As Internet technologies are changing with each passing day and computer devices are becoming more and more popular, the Electronic Commerce industry has been promoted dramatically. Influenced by the development of Electronic Commerce, people are now witnessing great progress in mobile device manufacturing and the upgrading of related technological standards. As a critical branch of Electronic Commerce, Mobile Commerce has attracted more and more attraction from users. However, as the most important part of Mobile Commerce, Mobile Payment doesn"t satisfy users a lot: people are confused about the diversity of mobile payment standards; packet loss, latency and lagging happen from time to time in mobile network; private information tends to be easy to leak... People urgently call for a better solution for Mobile Payment. One of the solutions for this problem is as follows. Firstly, through comparison and analysis, point out the existing problem, improvable aspects and referencable facts in Mobile Commerce"s secure payment. The analysis is based on three perspectives: technology standards, business models and encryption techniques. Secondly, optimize the business model and define the business flow and data flow of Mobile Payment. Thirdly, merge Elliptic Curves Cryptography solutions for data signature and data encryption into the business model and build the secure protocol framework for Mobile Payment. At last, optimize the efficiency of the protocol framework based on Wireless Application Protocol standards. Then use Formal Analysis and other approaches to prove the non-repudiation, anonymity, data authenticity and data integrality of the protocol framework. It can be proved that this solution has good universality, security, rigour, and improved efficiency. Through creatively introducing in the latest Wireless Application Protocol standard and cryptographic algorithm, this solution is expected to direct a propositional direction for the research field of Mobile Payment nowadays.
|
