论文标题:移动电子商务安全措施研究
Research on Security of M-commerce
论文作者
论文导师 杨波,论文学位 硕士,论文专业 密码学
论文单位 西安电子科技大学,点击次数 466,论文页数 53页File Size14466K
2006-01-01论文网 http://www.lw23.com/lunwen_67410902/
M-commerce;WPKI;WAP;Dynamic Password
随着Internet与移动技术的飞速发展, Internet技术与移动技术的巧妙结合产生了移动电子商务这一新概念,移动电子商务的出现为IT业创造了新的机会与挑战。但由于制约移动电子商务发展的安全支付问题没有得到很好的解决,这成为移动电子商务不能迅速普及的瓶颈。本文分析了移动电子商务的特点与优势,针对移动环境特点,寻求基于移动安全技术的解决方案。本文详细介绍了WPKI体制的组成以各部分的功能,WPKI证书和X.509证书的区别;基于WAP的安全构架,讨论了WAP的框架结构、各分层协议以及WAP1.X中存在的安全隐患;SIM卡和WIM卡功能上的区别,指出SIM卡和WIM卡的结合产品WSIM卡的优越性。对动态口令(SDPA)进行了改进并进行了形式化验证。改进的SDPA协议在提高安全性的同时减少了协议的计算复杂度。最后改进的SDPA协议与SIM卡、WIM卡结合提高了移动终端到服务器的安全性。
Recent years, as the high development of Internet and Mobile technology, a new concept of M-commerce was brought forward which was the skillful combination with Internet technology and Mobile Communication technology. A new challenge and chance was appeared in IT field because of M-commerce. Unfortunately, the problem of secure payment was not solved validly which was the key of popularization. In this paper we analyzed the characteristic and the advance of M-commerce, the next we looked for the scheme of secure payment in the mobile communication environment. The following, we introduced WPKI and function of its component, the difference between WPKI certification and X.509 certification; we discussed the structure of WAP, its sub layers protocol and the hidden trouble in security on the infrastructure of WAP. We distinguished between SIM and WIM card on their function, and pointed out the prospect of WSIM the combination of SIM and WIM card. We improved the SDPA (Secure Dynamic Password Authentication) and the formal verification was done; the improved scheme increased the security level and decreased the complexity. It enhanced the security between client and server after combined with SIM and WIM card.
|
