摘要
针对目前电子商务越来越普遍,现有的网上电子支付认证协议无法满足网络安全需求的问题。提出了一种基于可信的网上电子支付认证协议,该协议融合了PKI安全认证体系,分为电子支付登录协议和电子支付注销协议,把身份验证和签名验证分开两次进行网络安全验证。实验表明,该协议对恶意软件攻击、网络钓鱼以及网络嫁接和中间人攻击都有比较好的安全性能,比目前普遍使用的电子支付认证协议更加有效。
In view of problem that existing online electronic payment authentication agreement cannot meet the demand of network security,along with more and more widespread e-commerce,a kind of credible online electronic payment authentication agreement is proposed which combines the PKI safety certification system.This agreement is divided into the electronic payment login and electronic payment cancel agreement,and separates identity verification from signature verification to do network security authentication.Experimental results show that,this agreement has a relatively better safety performance for malware,phishing attacks and network grafting and man-in-middle attack compared with the existing commonly used electronic payment authentication agreement.
出处
《科技通报》
北大核心
2013年第1期157-160,共4页
Bulletin of Science and Technology
关键词
身份验证
签名验证
支付认证协议
网上支付
authentication
signature verification
payment authentication protocol
online payment