【作者】 邢诒俊；

【导师】 沙跃家；

【作者基本信息】 北京邮电大学 ， 通信与信息系统， 2008， 硕士

【摘要】 随着电子商务(包括移动电子商务)的迅速发展,网上支付、移动银行、无限多媒体点播等电子业务已经进入了人们的生活。电子商务的发展带来无限商机的同时,也对电子商务交易过程中的安全问题提出了更高的要求,而身份认证是确保电子商务安全的第一道屏障,也是最重要的一道屏障。如何对电子商务交易双方的有效身份进行验证,是一个急需解决的课题。现有的电子商务种类与技术繁多,但在身份认证方面没有统一的标准,如果能借鉴目前互联网中的各种身份认证技术,结合移动应用自身的特点,提出一种支持多种业务接入的基于移动设备的移动身份认证方案,对电子商务的开展将会有重要的意义。本文首先分析了目前电子商务中面临的安全问题,对网络安全中的基本技术和服务进行了分析;然后,对当前比较流行的几种身份认证技术优缺点进行了研究和分析;在此基础上,结合电子商务面临的安全问题,提出了一种电子商务中的移动身份认证服务方案,以统一接口服务的形式,支持多种应用业务的接入。该方案将动态口令认证、无线PKI认证、智能卡认证相结合,对双因子认证、X.509数字证书认证、LDAP证书管理等服务都提供了支持。该方案能够解决大部分的安全问题,如静态密码漏洞、数据完整性问题、不可否认性问题、密钥的生成、保存、传送问题、设备丢失问题等。该移动身份认证方案与其它方案相比存在以下优势:在客户端方面,只需要移动设备例如手机的支持,可以实现密钥生成、用户数字签名等功能,还可以提供客户端对服务器的认证,有更好的安全性能;在服务器方面,采用认证请求分发,根据不同的客户请求类型,进行不同类型的认证,可以支持动态口令认证、PKI认证等多种认证方式;将智能卡认证与PKI认证相结合,用户通过手机中的智能卡即可实现身份认证;最后,结合中国农业银行手机银行项目的实现,说明移动身份认证服务方案在移动电子商务中的具体应用。更多还原

【Abstract】 Electronic applications, such as wireless payment, mobile bank, wireless multimedia has come into our lives with the development of electronic commerce. The development of electronic commerce brings us unlimited commerce opportunities. At the some time, there are more requirements about the security. The identity authentication, which is the first barrier to enter a electronic commerce, is the most important defense in the electronic commerce. How to authenticate the identity in the electronic commerce is an urgent problem. There are numerous application business and technologies, but there is no uniform standard for identity authentication. It will make great significance for the development of electronic commerce if we could put forward a kind of authentication scheme referencing to the various identity authentication technologies and combining the features of mobile applications.Firstly, this paper analyses the current security problems which are exist in the electronic commerce and introduces the basic technology for network security services. Then, it researches and analyses the advantages and the disadvantages of several identity authentications which are currently using popularly and prospects of the development trend of identity authentication technology. And then, Combining with the security problem in electronic commerce, there will brings forward a kind of unified identity authentication schema. This schema which combines the biology identification, WPKI and smart card, provides many kinds of services by uniform interfaces. This schema also makes use of the dynamic password, SSO, X509, and LDAP. This schema can solve most of network attack problems such as static password leak, data integrality and so on. Finally, the realization of the mobile bank will specify the application of the schema.更多还原