摘要
SSL能够为电子交易提供认证性、私有性、完整性服务,却无法保证电子交易的不可抵赖性,无法为事后提供稳定的验证性。文章针对HTTP协议,在SSL基础上设计了SHL协议,有效地保证了电子交易的不可抵赖性。SHL协议工作在交易服务器和客户端,对交易请求和响应进行签名、验证、记录。SHL有SPC和SPS两个部分组成,SPC和SPS之间使用SSL安全通信。SPC对客户端请求签名,验证服务器签名;SPS验证客户端签名,对服务器请求签名。SHL为交易提供稳定的验证性,保证交易的不可抵赖性。
SSL protocol can provide authentication,privacy,integrity.It can't provide nonrepudiation for e-commerce,and can't supply any continuous authentication after transaction.For HTTP Protocol,it designs the SHL protocol based on SSL protocol.SHL protocol can guarantee the nonrepudiatoin of e-commerce.SHL protocol works on both the server side and the client side.It can signature,verify and record the request and response of transaction.SHL is composed by SPC and SPS.The Communication between SPC and SPS uses SSL protocol.SPC sign the client's requests,verify the server's responses.SPS verify the client's signature and sign the server's responses.SHL can offer continuous authentication for e-commerce and ensure the nonrepudiation to transaction.
出处
《计算机工程与应用》
CSCD
北大核心
2002年第24期28-30,共3页
Computer Engineering and Applications
基金
国家863计划"计算机软硬件技术主题"重点课题资助(编号:2001AA110342)
