摘要
随着网上银行用户数量和交易金额的日益增多,网上银行系统成为很多攻击者的首选目标,其安全问题也成为很多用户选择网上银行时的主要考虑因素之一,这在一定程度上阻碍了网上银行业务的发展。在线支付的安全问题已成为各大银行和研究者的关注焦点。根据在线支付系统的一般流程,对客户端在登录和请求支付时可能面临的各类攻击模型进行讨论,根据攻击手段给出其安全性分析和具体的解决方案,重点分析了攻击者篡改签名数据的方法和流程,给出了相应的设计方案和防范措施。
With the increase of the number of users and the total amount of transactions of online banking, it has become the preferred target of some attackers. The security issue has become one of the main considerations of users. To some extent, this has hindered the development of online banking. The related security has become ane of the focused issues of the most banks and researchers. Based on analy- zing the basic processes of online payment and the mode of attack, we discussed its security and proposed related prevention techniques. The processes of tampering with the signature data were analyzed, then corresponding system model and design strategies were discussed in detail.
出处
《计算机工程与科学》
CSCD
北大核心
2013年第6期72-77,共6页
Computer Engineering & Science
基金
西安科技大学科研培育基金资助项目(A5150531)
关键词
网上银行
公钥基础设施
加密服务提供者
签名
智能卡
online banking
public key infrastructure
cryptographic service providers
signature
smart card