电子商务支付模型的安全性研究

发布时间：2018-05-29 02:51

本文选题：电子商务 + 电子支付　；参考：《上海交通大学》2015年硕士论文

【摘要】：在近十年中,电子商务发展迅速,国内产生了淘宝、天猫、京东这样的大型购物购物网站。电子支付是电子商务中最重要的一个环节,它完成了资金流的转移,是商品买卖最重要的标识。电子商务和电子支付极大地提高人们购物和支付的方便性,也为经济发展做出了重大贡献。然而,电子商务也伴随而来许多安全问题,限制了自身的发展。因此,研究电子商务特别是电子支付的安全性意义重大。对电子商务安全的需求主要集中在保密性、认证性、完整性、不可否认性以及物品原子性等。而保障电子商务的安全性主要是基于SSL协议、SET协议和3D-Secure协议。SSL协议内置于浏览器中,简单,容易实现;SET协议详细规定了交易各方的交易动作和数据格式,协议复杂,却具有很强的安全性;3D-Secure协议则相当于为信用卡支付添加了一个密码保护。在竞争中,基于SSL协议和3D-Secure协议模型的电子支付模型慢慢占据了主流。基于当今“大数据”概念的火热的背景,以及对现行演进B2C商业模式流行的原因分析,本文提出了基于增加“支付权威”的改进SET协议模型。它克服了原协议中买家支付信息需要由商家商家转发给网关而遗留下来的风险。随后,文章对改进模型的支付流程进行了分析,以及对模型各部分进行了简单设计。此外,文章还总结了其它对SET协议的改进的措施。
[Abstract]:In the past decade, e-commerce has developed rapidly, and Taobao, Tmall, JingDong and other large shopping websites have emerged in China. Electronic payment is the most important link in electronic commerce. It completes the transfer of capital flow and is the most important mark of commodity trading. E-commerce and e-payment greatly improve people's convenience of shopping and payment, and also make great contribution to economic development. However, e-commerce is accompanied by many security problems, limiting its own development. Therefore, it is of great significance to study the security of electronic commerce, especially electronic payment. The security requirements of e-commerce mainly focus on confidentiality, authentication, integrity, non-repudiation and the atomicity of items. The security of electronic commerce is mainly based on SSL protocol set protocol and 3D-Secure protocol .SSL protocol built into browser. It is simple and easy to implement set protocol, which specifies the transaction action and data format of each party in detail, and the protocol is complex. However, the 3D-Secure protocol with strong security is equivalent to adding a password protection for credit card payment. In the competition, electronic payment model based on SSL protocol and 3D-Secure protocol model has gradually occupied the mainstream. Based on the hot background of the concept of "big data" and the analysis of the reasons for the popularity of the current evolving B2C business model, this paper proposes an improved SET protocol model based on increasing the "payment authority". It overcomes the risk that the buyer's payment information needs to be forwarded by the merchant to the gateway. Then, the paper analyzes the payment flow of the improved model and designs each part of the model simply. In addition, the paper also summarizes other measures to improve the SET protocol.
【学位授予单位】：上海交通大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP309;F832.2

【参考文献】