本文選題：貼片智能卡 + APP支付安全��； 參考：《廣西師范大學(xué)》2017年碩士論文

【摘要】：隨著手機(jī)銀行用戶(hù)飛速增長(zhǎng),移動(dòng)互聯(lián)網(wǎng)的支付安全問(wèn)題日益突出。欺詐分子通過(guò)病毒、釣魚(yú)網(wǎng)站和木馬遠(yuǎn)程控制等方式竊取客戶(hù)銀行卡信息,盜取客戶(hù)資金,給移動(dòng)金融安全帶來(lái)更多挑戰(zhàn)。因此,研究出移動(dòng)環(huán)境能夠適用的安全支付方案成為當(dāng)下迫切需要解決的問(wèn)題。本文通過(guò)分析與研究移動(dòng)終端在無(wú)線環(huán)境中的安全隱患,將公鑰證書(shū)技術(shù)與貼片智能卡相結(jié)合,提出了符合銀行安全需求的手機(jī)銀行安全解決方案。手機(jī)銀行的安全架構(gòu)包含客戶(hù)端身份認(rèn)證的安全、交易數(shù)據(jù)傳輸?shù)陌踩徒灰讛?shù)據(jù)抗抵賴(lài)性,貼片智能卡通過(guò)結(jié)合公鑰證書(shū)技術(shù),保護(hù)手機(jī)銀行安全。同時(shí),貼片智能卡直接與SIM卡貼合安裝于手機(jī)內(nèi)部,解決了音頻Key和藍(lán)牙Key攜帶不便捷問(wèn)題,也解決了 SDKey無(wú)法兼容iOS問(wèn)題。具體工作如下:(1)分析手機(jī)銀行安全問(wèn)題及需求:對(duì)手機(jī)銀行系統(tǒng)進(jìn)行了安全問(wèn)題分析,主要針對(duì)用戶(hù)系統(tǒng)和手機(jī)銀行系統(tǒng)進(jìn)行安全需求分析和安全風(fēng)險(xiǎn)分析,得出手機(jī)銀行主要需求解決身份認(rèn)證問(wèn)題、傳輸安全問(wèn)題和抗抵賴(lài)問(wèn)題。針對(duì)問(wèn)題,本文結(jié)合公鑰證書(shū)技術(shù),設(shè)計(jì)了手機(jī)銀行系統(tǒng)安全流程,包括客戶(hù)端銀行PIN碼保護(hù),客戶(hù)端與應(yīng)用服務(wù)器間消息完整性和關(guān)鍵域加密流程,證書(shū)申請(qǐng)流程,證書(shū)登錄流程,數(shù)據(jù)簽名及驗(yàn)證簽名流程。(2)設(shè)計(jì)與實(shí)現(xiàn)COS安全體系:本文參考國(guó)家密碼局智能卡相關(guān)規(guī)范,設(shè)計(jì)并實(shí)現(xiàn)貼片智能卡安全COS。安全COS設(shè)置指令解析和權(quán)限控制機(jī)制為上層應(yīng)用提供入口,設(shè)置密鑰管理機(jī)制保證密鑰安全,設(shè)置訪問(wèn)認(rèn)證機(jī)制保證貼片智能卡的訪問(wèn)安全,還設(shè)置了敏感數(shù)據(jù)硬隔離等方案,保護(hù)COS的安全。根據(jù)監(jiān)管要求,金融行業(yè)信息安全產(chǎn)品需要進(jìn)行國(guó)密改造,逐步禁止使用國(guó)外產(chǎn)品。結(jié)合銀行實(shí)際需求,安全COS除了支持RSA算法外,同時(shí)還支持SM2非對(duì)稱(chēng)算法,手機(jī)銀行可根據(jù)需求修改證書(shū)參數(shù),即可支持國(guó)密證書(shū)。(3)設(shè)計(jì)與實(shí)現(xiàn)安全中間件:設(shè)計(jì)并實(shí)現(xiàn)安全且便于集成的中間件,安全中間件由API接口、通道管理、安全狀態(tài)控制和分散密鑰存儲(chǔ)四個(gè)部分組成。安全中間件API接口參考CSP接口設(shè)計(jì),為手機(jī)銀行提供數(shù)據(jù)加解密,簽名和驗(yàn)證簽名等API,使得貼片智能卡可以便捷的集成到已有的手機(jī)銀行APP中。通道管理、安全狀態(tài)控制和分散密鑰存儲(chǔ)部分共同作用控制API訪問(wèn)安全,提升手機(jī)銀行APP的安全性。(4)貼片智能卡綜合測(cè)試:通過(guò)編寫(xiě)正向用例和反向用例,分別對(duì)安全中間件和安全COS進(jìn)行了全面的測(cè)試。測(cè)試實(shí)際輸出結(jié)果與預(yù)期一致,驗(yàn)證了安全中間件和安全COS的各項(xiàng)功能,安全性達(dá)到預(yù)期要求。本文設(shè)計(jì)與實(shí)現(xiàn)的貼片智能卡安全解決方案基本能解決手機(jī)銀行交易的安全問(wèn)題,同時(shí)提供較好的便捷性,并在銀行實(shí)際應(yīng)用中取得不錯(cuò)的效果。
[Abstract]:With the rapid growth of mobile bank users, the payment security of mobile internet is becoming more and more serious. Fraudsters steal customer bank card information through virus, phishing website and Trojan horse remote control, steal customer funds, bring more challenges to the security of mobile finance. Therefore, it is urgent to solve the problem of security payment scheme which can be applied in mobile environment. By analyzing and studying the security hidden danger of mobile terminal in wireless environment, this paper combines the technology of public key certificate with the chip smart card, and puts forward a mobile bank security solution that meets the security requirements of the bank. The security architecture of mobile banking includes the security of client authentication, the security of transaction data transmission and the non-repudiation of transaction data. At the same time, the chip smart card is installed directly with the SIM card in the mobile phone, which solves the problem that audio Key and Bluetooth Key are not convenient to carry, and that SDKey is not compatible with iOS. The specific work is as follows: (1) analyzing the security problems and requirements of mobile banking: the security problems of mobile banking system are analyzed, mainly for the security requirements analysis and security risk analysis of user systems and mobile banking systems. The main requirements of mobile banking are to solve the problem of identity authentication, transmission security and non-repudiation. Aiming at the problem, this paper designs the security flow of mobile banking system, including the PIN code protection of client bank, the message integrity between client and application server, the encryption flow of key domain, the certificate application process, and the security flow of mobile banking system combined with public key certificate technology. Certificate login process, data signature and verification signature flow. 2) Design and implementation of COS security system: this paper designs and implements the security COSs of smart card with reference to the relevant specification of smart card of the State Cryptography Bureau. The security COS setting instruction parsing and permission control mechanism provides the entrance for the upper layer application, the key management mechanism guarantees the key security, the access authentication mechanism guarantees the access security of the smart card, and sets the sensitive data hard isolation and so on. Secure COS. According to the regulatory requirements, financial industry information security products need to be modified, gradually prohibit the use of foreign products. Considering the actual requirements of the bank, the secure COS not only supports the RSA algorithm, but also supports the SM2 asymmetric algorithm. The mobile bank can modify the certificate parameters according to the demand. Security middleware is designed and implemented. The middleware is composed of four parts: API interface, channel management, security state control and decentralized key storage. The API interface of security middleware refers to the design of CSP interface, and provides data encryption, decryption, signature and verification signature for mobile bank, so that the chip smart card can be easily integrated into the existing mobile bank APP. Channel management, security state control and decentralized key storage part work together to control API access security, enhance the security of mobile bank APP. The security middleware and the security COS are tested respectively. The test results are consistent with the expected results and verify the functions of the security middleware and the security COS. The security meets the expected requirements. The security solution of the chip smart card designed and implemented in this paper can solve the security problems of mobile banking transactions and provide good convenience, and achieve good results in the practical application of the bank.
【學(xué)位授予單位】：廣西師范大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類(lèi)號(hào)】：F49;TP311.56;TP309

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 ;手機(jī)銀行向我們走來(lái)[J];金融經(jīng)濟(jì);2000年07期

2 張保軍;手機(jī)銀行——把銀行裝在口袋里[J];中國(guó)信用卡;2001年05期

3 劉燕玲;手機(jī)銀行:“聯(lián)網(wǎng)”尚待時(shí)日[J];電腦知識(shí)與技術(shù);2004年27期

4 韓慶黎;手機(jī)銀行現(xiàn)狀及存在的問(wèn)題[J];中國(guó)信用卡;2004年11期

5 小靜;手機(jī)銀行:全球流行的貼身金融管家[J];計(jì)算機(jī)與網(wǎng)絡(luò);2005年08期

6 羅茜文;;建行開(kāi)通我國(guó)首個(gè)“手機(jī)銀行”[J];移動(dòng)通信;2006年06期

7 張智敏;潘辛平;馬春峰;繆爾寧;曹雪森;郝付國(guó);馬景麗;石曉新;;手機(jī)上網(wǎng)催生手機(jī)銀行熱?[J];金融電子化;2008年02期

8 王開(kāi)宇;;手機(jī)銀行質(zhì)優(yōu)才能量升[J];互聯(lián)網(wǎng)天地;2008年09期

9 大琦;;手機(jī)銀行業(yè)的發(fā)展問(wèn)題與對(duì)策[J];數(shù)碼世界;2008年11期

10 Pp娜;;手機(jī)銀行,隨身的銀行服務(wù)[J];電子商務(wù);2009年01期

相關(guān)重要報(bào)紙文章 前10條

1 ;手機(jī)銀行：小荷才露尖尖角[N];中國(guó)財(cái)經(jīng)報(bào);2000年

2 記者 沈娟;手機(jī)銀行緣何再受青睞[N];國(guó)際金融報(bào);2004年

3 洪靜;手機(jī)銀行：全球流行的貼身金融管家[N];國(guó)際商報(bào);2005年

4 吳新忠;手機(jī): 你身邊的銀行[N];計(jì)算機(jī)世界;2005年

5 清晨;手機(jī)銀行　門(mén)前三道坎[N];市場(chǎng)報(bào);2005年

6 記者 何慧;手機(jī)銀行何日“平民化”[N];上海金融報(bào);2004年

7 嚴(yán)蓓;“手機(jī)銀行”的現(xiàn)狀與前景[N];深圳商報(bào);2002年

8 中國(guó)工商銀行總行 王廣宇;中日手機(jī)銀行發(fā)展的比較[N];網(wǎng)絡(luò)世界;2001年

9 本報(bào)記者 筱軻;國(guó)內(nèi)首家“手機(jī)銀行”開(kāi)通[N];亞太經(jīng)濟(jì)時(shí)報(bào);2004年

10 楊麗媼;手機(jī)銀行：貼身的金融管家[N];中國(guó)城鄉(xiāng)金融報(bào);2006年

相關(guān)博士學(xué)位論文 前1條

1 劉海二;手機(jī)銀行、技術(shù)推動(dòng)與金融形態(tài)[D];西南財(cái)經(jīng)大學(xué);2013年

相關(guān)碩士學(xué)位論文 前10條

1 林欣;我國(guó)手機(jī)銀行發(fā)展問(wèn)題研究[D];首都經(jīng)濟(jì)貿(mào)易大學(xué);2012年

2 袁萍萍;我國(guó)手機(jī)銀行的發(fā)展現(xiàn)狀及監(jiān)管對(duì)策[D];山東大學(xué);2013年

3 崔曉英;消費(fèi)者手機(jī)銀行初始信任影響因素分析研究[D];西南財(cái)經(jīng)大學(xué);2013年

4 黃金榮;中國(guó)手機(jī)銀行商業(yè)模式外部影響因素研究[D];云南財(cái)經(jīng)大學(xué);2014年

5 閆楊杰;H銀行校園手機(jī)銀行業(yè)務(wù)發(fā)展方案[D];河北金融學(xué)院;2014年

6 郝平平;石家莊市手機(jī)銀行客戶(hù)持續(xù)使用行為及其影響因素分析[D];遼寧大學(xué);2015年

7 王宇;B銀行手機(jī)銀行營(yíng)銷(xiāo)管理研究[D];西南交通大學(xué);2015年

8 蘇玉坤;華夏銀行“學(xué)生e家”手機(jī)銀行設(shè)計(jì)方案[D];河北金融學(xué)院;2015年

9 田甜;手機(jī)銀行使用意愿影響因素研究[D];鄭州大學(xué);2015年

10 趙飛虎;孝道卡—家庭財(cái)富管理系統(tǒng)設(shè)計(jì)與實(shí)現(xiàn)[D];蘇州大學(xué);2015年

，

本文編號(hào)：1945688