共查询到20条相似文献,搜索用时 453 毫秒
1.
利用简化的SET协议实现手机支付的设计 总被引:1,自引:1,他引:0
在安全电子交易的前提下,分析目前流行的SET标准协议,指出SET协议在电子交易过程中的缺陷.针对手机支付自身的特点,将简化的SET协议框架应用于手机支付系统的设计,提出手机小额支付与转帐支付2种支付形式,并分析这2种支付形式的安全性与有效性.这2种支付形式满足了手机支付的安全性、实时性、便捷性等要求. 相似文献
2.
Recently, mobile phones have been recognized as the most convenient type of mobile payment device. However, they have some security problems; therefore, mobile devices cannot be used for unauthorized transactions using anonymous data by unauthenticated users in a cloud environment. This paper suggests a mobile payment system that uses a certificate mode in which a user receives a paperless receipt of a product purchase in a cloud environment. To address mobile payment system security, we propose the transaction certificate mode (TCM), which supports mutual authentication and key management for transaction parties. TCM provides a software token, the transaction certificate token (TCT), which interacts with a cloud self‐proxy server (CSPS). The CSPS shares key management with the TCT and provides simple data authentication without complex encryption. The proposed self‐creating protocol supports TCM, which can interactively communicate with the transaction parties without accessing a user's personal information. Therefore, the system can support verification for anonymous data and transaction parties and provides user‐based mobile payments with a paperless receipt. 相似文献
3.
As the technology of mobile devices spreads fast, the price of mobile devices is getting cheaper. Most of the people have mobile devices, and these devices have the technology of near field communication (NFC). With the long time development and research, the mobile devices use NFC technology on the payment and authentication applications, and replace the smartcard, the access control card, and the credit card by using the card emulation mode. It helps the development of NFC applications. In recent years, more and more users begin using NFC technology on mobile payment and authentication. Many researches have proposed the related NFC authentication protocols, but their schemes are still lack of some security properties and functions, which are necessary for NFC authentication protocols. In this paper, we propose a secure and efficient NFC authentication scheme between two NFC devices by the help of the authentication server that provides mutual authentication. 相似文献
4.
5.
6.
基于对称密钥的移动支付协议 总被引:1,自引:0,他引:1
提出一个基于移动协议的无线网络安全系统,协议采用对称密钥,和当前的移动协议相比较,大大减少了运算量。此协议能提供和SET,SSL相同的安全性。而且,在交易的过程中,信用卡的信息不需要发送,增强了系统的安全性。 相似文献
7.
随着互联网的快速普及,网络中传输的信息流越来越多样,在网络中出现的数字化商品也日益丰富。数字化商品在现代电子交易中占据越来越重的比例,在线数字化商品交易支付的安全性是考虑的关键问题。在对安全电子交易(SET)协议进行简单介绍的基础上,指出了在进行网上数字化商品交易时SET协议的安全性方面的不足,提出了一个新的基于SET协议的改进方案,并对该方案作了详细分析。 相似文献
8.
Short message service (SMS) provides a wide channel of communication for banking in mobile commerce and mobile payment. The transmission of SMS is not secure in the network using global system for mobile communications or general packet radio service. Security threats in SMS restricted the use of SMS in mobile banking within certain limits. This paper proposed a model to address the security of SMS using elliptic curve cryptography. The proposed model provides end‐to‐end SMS communication between the customer and the bank through the mobile application. The main objective of the proposed model is to design and develop a security framework for SMS banking. Further, the protocol is verified for its correctness and security properties because most of the protocols are not having the facility to be verified by using the formal methods. Our proposed framework is experimentally validated by formal methods using model checking tool called automated validation of internet security protocols and Scyther tools. Security analysis shows that the proposed mechanism works better compared to existing SMS payment protocols for real‐world applications. 相似文献
9.
10.
结合当前移动支付方式的多样性和便捷性特点以及移动过程可能出现的各类安全问题,重点从移动支付终端的安全性、支付过程的安全性以及后台支付端的安全性进行全方位一体化的论述,涉及到终端卡片(各类SIM卡芯片)、服务器、第三方支付平台服务、移动支付应用软件、支付信息加密、支付协议通道安全性甚至用户自身使用安全性等方面。 相似文献
11.
A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks
Daojing He Chun Chen Maode Ma Sammy Chan Jiajun Bu 《International Journal of Communication Systems》2013,26(4):495-504
Password‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd. 相似文献
12.
基于PPV的公平移动支付协议 总被引:3,自引:0,他引:3
结合CEMBS的设计思想,在尽量满足移动网络特性的情况下,设计了一个能在移动终端观看视频服务的即看即付的公平协议.该协议在服务请求阶段通过利用CEMBS,在乐观情况下,可信第三方移动网络运营商不需参与,就可使互不信任的User与VASP完美地实现双方的认证与会话密钥协商,同时完成了服务请求的建立,双方均是不可否认的,且整个过程只需三条消息;在支付阶段,也可以保证双方公平地进行交易.通过分析,该协议满足公平性、不可否认、原子性、认证性以及保密性等一些必备性质,且协议比较简单,应用范围比较广泛. 相似文献
13.
本文提出了一种基于电子现金的新型支付协议,该协议通过第三方实时核算客户拥有的电子现金,但不进行实时转账。协议模型较好地克服了现有在线支付的交易瓶颈问题以及离线支付中电子现金容易被重用、伪造或篡改的问题,在交易过程中有效地保证了安全性,并且实现了电子现金的原子性、匿名性、可分割性和可验证性。 相似文献
14.
15.
简要介绍了翼支付业务网络概况,分析了移动支付的安全风险和安全技术,提出了端到端整体安全解决方案。指出在移动支付中交易过程和手机终端比网络基础设施的风险可控性更弱,需要交易参与方重点去完善解决。 相似文献
16.
Instead of the traditional credit card payment system, we propose a new electronic payment system for use in a mobile environment.
The idea behind this payment service is that a user (customer) applies a message delivery service to obtain a varied authentication
token from a servicing bank through his cell phone. The token is used to ensure the validity of the transaction and the legality
of the user. On the other hand, because only the user knows the authentication token, he/her cannot later deny that he/her
made the transaction. Therefore, in addition to authentication, the property of non-repudiation can also be achieved by using
our proposed scheme. Most importantly, our scheme does not require any credit card or tamper-resistant device (i.e. smart
card) to store critical information. Consequently, the electronic payment system enhances the security of the traditional
credit card payment system. The proposed scheme eliminates the risks of losing a card and duplicating the content of a user’s
card by a dishonest merchant. 相似文献
17.
本文在分析现有移动用户认证协议与因特网认证协议基础上,针对移动计算网络的技术特点设计了一个用于移动用户与收费信息服务网络相互认证和用户进行小额电子支付的协议,该协议的新颖之处在于把小额支付方案融入认证协议当中,使移动用户可以利用笔记本电脑或掌上电脑进行付费的网面浏览、购买低价位信息商品以及进行移动电子商务,同时也为移动用户漫游时的记费提供了依据.协议不仅在公共参数的存储空间需求和用户端计算负荷上是适当的,而且可以保护用户不被错误收费,同时提供服务网络防止用户抵赖的合法证据.该协议基于一个全局的公钥基础设施,适用于未来的基于第三代移动通信系统的网络计算环境. 相似文献
18.
MULTI—ITEM FAIR EXCHANGE SCHEME 总被引:2,自引:0,他引:2
ZhengDong ChenKefei 《电子科学学刊(英文版)》2002,19(4):363-368
As more ubsiness is conduced over the Internet,the fair exchange problem assumes increasing importance,However,the problem of multi-party fair exchange has not been studied as widely as the more fundamental problem of 2-party fair exchange,Recently,Franklin and Tsudik proposed two protocols for n-parth multi-item exchange on FC‘98,SUCEX-1 and SUCES-2,This paper first gives an attack on the proposed protocol SUCEX-1,then presents two protocols for multi-item exchange,one is an improoved protocol of SUCEX-1,another is the extension of protocol SUCEX-2. 相似文献
19.
移动计算网络环境中的认证与支付研究 总被引:4,自引:0,他引:4
该文针对移动计算网络的技术特点设计了一个用于移动用户与收费信息服务网络相互认证和用户进行电子支付的方案,该方案的新颖之处在于把小额支付方案融入认证协议当中,方案不仅在公共参数的存储空间需求和用户端计算负荷上是适当的,而且可以保护用户不被错误收费,同时提供服务者防止用户抵赖的合法证据。该方案基于一个全局的公钥基础设施,适合于未来的基于第三代移动通信系统的网络计算环境。 相似文献