摘要
为了解决移动电子商务中数据信息在WAP网关中传输时的安全间隙问题,结合WAP安全体系结构和移动电子商务安全体系结构,提出一种基于WPKI(wireless public key infrastructure)的双层加密机制。该双层加密机制首先在移动终端将待发送的数据使用应用服务器的公钥进行加密,然后在无线网络中使用WTLS的安全链接加密和有线网络中使用TLS/SSL安全链接加密的方式实现数据信息双层加密传输,采用基于椭圆曲线算法的数字签名和验证过程,能快速验证双方身份。通过OPNET和C++对该系统进行了实现和仿真实验。仿真结果显示该系统具有安全性高、运算速度快、占用存储空间小的特点,能够满足移动电子商务的安全需要。
In order to solve the problem of security gap in the transmission of mobile E-commerce information through WAP gateway, a double layer encryption schemes based on WPKI is proposed, which combines WAP security architecture with mobile E-commerce security architecture. In this scheme, the data to be transferred is firstly encrypted with the public key of application server at mobile terminal, and then the encrypted data is encrypted again with security link eneryption of WTLS in wireless network and of TLS/SSL in wired networks, which realises the double layer encryption transmission. The digital signature and verification based on elliptic curve cryptography are adopted in this system, this can fast verify the identities of both parties. The implementation and simulation experiment are done based on OPNET system and C + +. Simulation results shows, this system has the characteristics of high security, fast calculation speed and small storage space, which can meet the safety need of mobile E-commerce.
出处
《计算机应用与软件》
CSCD
北大核心
2013年第9期61-63,66,共4页
Computer Applications and Software
基金
国家自然科学基金项目(51277149)
陕西省教育厅专项基金项目(08JK353)
