摘要
安全电子交易SET(Secure Electronic Transaction)协议通过制定标准和采用各种加密算法和身份认证来解决阻碍电子商务发展的许多安全问题。首先对SET协议注册阶段和购买阶段过程进行抽象,给出其形式化模型及模型描述。发现由于SET本身的缺陷可能导致的入侵者的攻击,以及该攻击对购买阶段中商家和持卡人造成的安全威胁,对协议的改进提供了有益的参考。
By establishing standards and adopting various technologies of encryption and authentication, SET ( Secure Electronic Transaction) has resolved almost all security problems that once stranded the development of e-commerce. The process of the registration phase and the purchase phase of SET protocol is analyzed in this paper, and its formal model and description of model are given. An attack from intruder as a result of SET' s limitation is discovered, together with some safety threaten it may bring to the Merchant and the Cardholder. The analysis is beneficial to the improvement of SET protocol.
出处
《计算机应用与软件》
CSCD
2009年第5期81-84,共4页
Computer Applications and Software
基金
陕西省自然科学基金项目(20060F50)
航空科学基金项目(06ZC31001)
