浦发银行网上银行安全体系的构建
发布时间:2018-11-16 17:30
【摘要】:自从互联网大发展以来,网上银行提供的功能越来越丰富,2010年的网上银行交易额接近554万亿元人民币,相当于2010年国内生产总值的39万亿的14倍。由于互联网是一个开放的网络,网上银行已经成为不法分子恶意攻击的目标,据统计当前针对网上银行的犯罪案件数量快速上升。网上银行一旦出现局部安全事件,就会快速传播,产生全局性的影响,并且带来一系列严重的后果,不仅会给银行带来难以估量的声誉及经济损失,而且会影响到社会稳定。网上银行的安全性已经引起社会各个层面的关注。 浦发银行作为国内股份制商业银行之一,在我国银行领域占据举足轻重的地位。网上银行是浦发银行重要的业务窗口,其安全性始终是银行业务的重要关注点。本文通过对浦发银行网上银行安全体系的整体分析,提供了一个更安全的网上银行架构,确保网上银行业务的持续快速发展。 本文的创新之处在于以下四点: 1.构建完整的安全体系:网上银行的安全体系通常涉及面较广,以往的论文仅局限于安全体系的一个局部,而本文主要从技术方面,设计一个完整的安全体系,构建一个客户放心的安全的网上银行,主要包括基础设施安全、客户端安全、动态密码和灾难备份。 2.增加网上银行客户端安全的设计:长久以来,网上银行的服务端安全一直比较受到重视,不管是防火墙、IDS/IPS等安全产品也多针对银行端安全,但是最近频繁出现的“网银大盗”等安全威胁通过原本不太受重视的客户端来实施犯罪。所以,本文将网上银行客户端的安全作为安全体系中的重要的组成部分。 3.采用动态密码:银行卡密码一般为一个6位的数字密码,在传统的使用场景下,安全性能够得到保证;在互联网时代,固定的密码较容易被破解及获取,所以有些网上银行引入了证书等安全手段来进行客户认证,但其使用的复杂性较高、推广较为困难。本文采用了动态密码的方式,由于其易用性可以在网上银行安全领域推广使用。 4.设计网上银行异地灾备架构:为了提升客户服务体验,保证网上银行能够7x24小时运行,不会由于电力、通讯等环境因素导致服务异常,构建网上银行的异地灾难备份也成为保障业务连续运行的必须。同时,考虑到灾备环境的利用率,将网上银行灾备设计成双活的体系架构。
[Abstract]:Since the development of the Internet, online banking has provided more and more functions, with online banking transactions reaching nearly 554 trillion yuan in 2010, 14 times the 2010 gross domestic product (GDP) of 39 trillion. As the Internet is an open network, Internet banking has become the target of malicious attacks by lawless elements. According to statistics, the number of criminal cases against Internet banking is increasing rapidly. Once there is a local security event, the online bank will spread quickly and have a global impact, and bring a series of serious consequences, which will not only bring incalculable reputation and economic losses to the bank, but also affect social stability. The security of online banking has attracted the attention of all levels of society. As one of the domestic joint-stock commercial banks, Pudong Development Bank occupies a pivotal position in the banking field of our country. Internet banking is an important business window of Pudong Development Bank, and its security is always an important concern of bank business. Through the overall analysis of the security system of Pudong Development Bank online banking, this paper provides a more secure network banking architecture to ensure the continuous and rapid development of online banking business. The innovation of this paper lies in the following four points: 1. Building a complete security system: the security system of Internet banking is usually involved in a wide range of areas, the previous papers are limited to only one part of the security system, but this paper mainly from the technical aspect, design a complete security system, Build a secure online bank, including infrastructure security, client security, dynamic password and disaster backup. 2. Increasing the design of client security of Internet banking: for a long time, the security of service side of Internet banking has been paid more attention to, no matter it is firewall, IDS/IPS and other security products are also aimed at bank security, However, security threats such as cyber theft, which have been frequently seen recently, commit crimes through less valued clients. Therefore, this paper regards the security of Internet banking client as an important part of the security system. 3. Adopt dynamic password: bank card password is a 6-bit digital password, in the traditional use scenario, the security can be guaranteed; In the Internet era, the fixed password is easy to be cracked and obtained, so some online banks have introduced the certificate and other security means to authenticate their customers, but the complexity of their use is higher, so it is difficult to promote. This paper uses dynamic password, because of its ease of use can be used in the field of online banking security. 4. To improve customer service experience and ensure that Internet banking can run in 7x24 hours, it will not cause abnormal service due to environmental factors such as power, communication, etc. The construction of online banking disaster backup is also necessary to ensure the continuous operation of business. At the same time, considering the utilization of disaster preparedness environment, the disaster preparedness of online banking is designed as a dual-live architecture.
【学位授予单位】:复旦大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP309;F830.49
本文编号:2336165
[Abstract]:Since the development of the Internet, online banking has provided more and more functions, with online banking transactions reaching nearly 554 trillion yuan in 2010, 14 times the 2010 gross domestic product (GDP) of 39 trillion. As the Internet is an open network, Internet banking has become the target of malicious attacks by lawless elements. According to statistics, the number of criminal cases against Internet banking is increasing rapidly. Once there is a local security event, the online bank will spread quickly and have a global impact, and bring a series of serious consequences, which will not only bring incalculable reputation and economic losses to the bank, but also affect social stability. The security of online banking has attracted the attention of all levels of society. As one of the domestic joint-stock commercial banks, Pudong Development Bank occupies a pivotal position in the banking field of our country. Internet banking is an important business window of Pudong Development Bank, and its security is always an important concern of bank business. Through the overall analysis of the security system of Pudong Development Bank online banking, this paper provides a more secure network banking architecture to ensure the continuous and rapid development of online banking business. The innovation of this paper lies in the following four points: 1. Building a complete security system: the security system of Internet banking is usually involved in a wide range of areas, the previous papers are limited to only one part of the security system, but this paper mainly from the technical aspect, design a complete security system, Build a secure online bank, including infrastructure security, client security, dynamic password and disaster backup. 2. Increasing the design of client security of Internet banking: for a long time, the security of service side of Internet banking has been paid more attention to, no matter it is firewall, IDS/IPS and other security products are also aimed at bank security, However, security threats such as cyber theft, which have been frequently seen recently, commit crimes through less valued clients. Therefore, this paper regards the security of Internet banking client as an important part of the security system. 3. Adopt dynamic password: bank card password is a 6-bit digital password, in the traditional use scenario, the security can be guaranteed; In the Internet era, the fixed password is easy to be cracked and obtained, so some online banks have introduced the certificate and other security means to authenticate their customers, but the complexity of their use is higher, so it is difficult to promote. This paper uses dynamic password, because of its ease of use can be used in the field of online banking security. 4. To improve customer service experience and ensure that Internet banking can run in 7x24 hours, it will not cause abnormal service due to environmental factors such as power, communication, etc. The construction of online banking disaster backup is also necessary to ensure the continuous operation of business. At the same time, considering the utilization of disaster preparedness environment, the disaster preparedness of online banking is designed as a dual-live architecture.
【学位授予单位】:复旦大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP309;F830.49
【引证文献】
相关期刊论文 前1条
1 刘国斌;姜南;;高校财务网上银行业务的安全性分析[J];中国集体经济;2015年28期
相关硕士学位论文 前1条
1 王绍龙;网上银行操作风险及其防范研究[D];天津大学;2013年
,本文编号:2336165
本文链接:https://www.wllwen.com/guanlilunwen/huobilw/2336165.html
