网上银行安全认证及控制分析

Internet Bank Security Authentication and Control Analysis

文章论述了基于动态口令的网上安全认证问题。首先分析网上银行安全存在的隐患问题,提出了一种动态口令认证方法,并定义了此动态口令认证方法在系统中的模块组成,它可以分为口令模块、控制模块、服务器模块以及应用服务模块四个模块,并描述了使用此动态口令认证方法在系统中的实现流程,并针对目前广泛存在的安全性问题,提出了一些具体的安全控制策略。本方法目前已上线运行,运行情况良好,具有很强的实用性。

The dynamic password authentication in the intemet bank is researched. Firstly, the hidden trouble of intemet bank security is analyzed,and a dynamic password authentication method is proposed. The implementation of the dynamic password authentication method is defined. And the 4 modules （password module, control module, server module and application serve module） are described. The implementation flow in the system using the dynamic password authentication method is described, aiming at the current widely existing security problem. Some security control strategy is proposed. The method is operating well online and is proved applicable.