基于CICS的网上银行安全转帐子系统的设计和研究

发布时间：2018-02-28 01:33

本文关键词： 网上银行转帐安全性大机子系统　出处：《复旦大学》2014年硕士论文　论文类型：学位论文

【摘要】：网上银行是传统银行的一种延伸和补充,它不仅可以降低银行的经营成本,还可以增加业务交易量,从而获得更大的利益。它是通过因特网技术向用户提供查询、转帐、投资理财等服务项目,其方便性越来越受到广大用户的青睐。由于网上银行是一种网络应用,它的所有内容都通过互联网传输,因此在网上银行应用中不可避免地存在着由互联网的自由、开放所带来的信息安全隐患,尤其是转帐应用涉及到资金的流动,更容易成为非法入侵和攻击的对象。本文首先分析了网上银行系统的发展现状,突出阐述了网上银行转帐服务对银行的重要性,通过横向和纵向的网银转帐安全的对比,然后明确了我国网银转帐存在的诸多安全性问题。在此基础上,分析了基于网银转帐存在的安全性问题的总体架构和子系统组成。基于大机CICS平台,以COBOL语言、JCL语言和ICSF工具分析了各个子系统的设计和实现。其中重点讨论了密钥管理子系统如何提供用户可视化界面给银行人员输入密钥、与网银前台的动态密钥传输机制来更新密钥、动态和静态密钥的安全性存储；口令管理子系统如何生成强壮性口令及口令的安全性存储；身份验证子系统如何更安全地验证用户口令以及如何完善收款人建立机制；MAC验证子系统如何利用ICSF生成MAC并判断转帐请求中数据的准确性以避免执行数据被篡改的转帐交易；审计和风险控制子系统如何生成交易日志以及与接口层系统连接实现转帐交易的在线监测和如何反洗钱等。最后本文得出结论该网上银行安全转账的所有子系统能很好地解决网上银行转帐存在的安全性问题并讨论了一些子系统的局限性,提出进一步的解决方案。
[Abstract]:Internet banking is an extension and supplement of traditional banks. It can not only reduce the operating cost of banks, but also increase the volume of business transactions, thereby obtaining greater benefits. Investment, financing and other services, its convenience is increasingly popular with the majority of users. Because online banking is a network application, all its content is transmitted through the Internet. Therefore, in the application of online banking, there is inevitably the information security hidden danger brought by the freedom and openness of the Internet, especially the transfer application involves the flow of funds. It is easier to be the object of illegal intrusion and attack. Firstly, this paper analyzes the current situation of the development of the online banking system, highlights the importance of the online banking transfer service to the bank, and compares the security of the net bank transfer between the horizontal and the vertical. On the basis of this, the paper analyzes the overall structure and subsystem composition of the security problem based on the net silver transfer. Based on the CICS platform of the mainframe, the paper analyzes the security problems of the network bank transfer in China. The design and implementation of each subsystem are analyzed by using COBOL language and ICSF tools, and the key management subsystem is discussed how to provide the user visual interface to input the key to the bank personnel. Update key, dynamic and static key security storage with dynamic key transmission mechanism of network bank foreground, how to generate strong password and password security storage by password management subsystem; How to verify user password more safely by authentication subsystem and how to perfect payee establishment mechanism how to use ICSF to generate MAC and judge the accuracy of data in transfer request so as to avoid execution of data tampered transfer transaction; The audit and risk control subsystem how to generate transaction log, how to monitor the transfer transactions online and how to counter money laundering, etc. Finally, this paper concludes that all the subsystems of the online bank security transfer are connected with the interface layer system. It can solve the security problems of online bank transfer and discuss the limitations of some subsystems. Propose further solutions.
【学位授予单位】：复旦大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08;TP311.52

【参考文献】