网络信息安全技术在手机银行系统中的应用与研究

发布时间：2018-03-12 08:07

本文选题：手机银行　切入点：网络安全　出处：《华北电力大学》2014年硕士论文　论文类型：学位论文

【摘要】：随着移动通信技术和网络安全技术的发展，手机银行以其便利、高效的特点极大丰富了银行系统服务的内涵。本文立足于网络安全技术，针对手机银行系统中存在的安全问题，，对手机银行系统进行了安全架构模型设计，对客户端程序反编译、信息窃取、软件篡改、病毒检测等核心安全防护问题进行了分析和处理，并利用SSL协议保证数据在手机客户端与服务器之间通信过程中不会被截取或窃听，从架构、应用、通信三个领域极大地提升了手机银行系统的安全性。本文首先从架构角度出发，基于安全性、性能和可靠性三个指标设计了手机银行系统模型，模型从外向内分别包括公网接入区、DMZ服务区、应用服务区和后台核心服务区四个部分，整体上有效地保护了内部网络的安全性。然后，从客户端应用角度出发，针对用户信息窃取、软件篡改和病毒检测分别采用代码混淆技术、随机生成图形键盘、以及安装病毒库进行了安全防护。最后，从手机客户端与服务器通信角度出发，采用SSL协议在运输层对数据进行加密和验证保障通信数据的安全性，通过详细分析中间人攻击和碰撞攻击的过程与防范手段，实现了SSL双向认证和RSA算法。通过实验分析，本文提出的客户端安全加固技术及加密算法和验证算法在复杂度上优于现有的一些方法，具有良好的执行效率。同时本文的安全架构方案能够有效地对攻击事件作出有效的屏蔽及记录跟踪。结合SSL安全协议，应用本文描述的方法能够完成基于网络安全设备建设安全的系统架构，有效地应对各类安全威胁。
[Abstract]:With the development of mobile communication technology and network security technology, mobile banking greatly enriches the connotation of banking system service with its convenience and high efficiency. This paper is based on network security technology, aiming at the security problems in mobile banking system. The security architecture model of mobile banking system is designed, and the core security protection problems such as client program decompilation, information theft, software tampering, virus detection and so on are analyzed and dealt with. The SSL protocol is used to ensure that the data will not be intercepted or eavesdropped during the communication between the mobile phone client and the server. The security of the mobile banking system is greatly enhanced in the three fields of architecture, application and communication. This paper first designs a mobile banking system model based on security, performance and reliability from the point of view of architecture. The model includes the public network access area and DMZ service area from the outside to the inside, respectively. The four parts of the application service area and the background core service area, as a whole, effectively protect the security of the internal network. Then, from the point of view of the client application, aiming at the user information theft, Software tampering and virus detection are protected by code confusion technique, random generation of graphics keyboard, and installation of virus library. Finally, from the point of view of communication between mobile phone client and server, The SSL protocol is used to encrypt and verify the data in the transport layer to ensure the security of the communication data. Through the detailed analysis of the process and preventive means of the man-in-the-middle attack and collision attack, the two-way authentication of SSL and the RSA algorithm are realized. Through experimental analysis, the security reinforcement technology, encryption algorithm and verification algorithm presented in this paper are superior to some existing methods in complexity. At the same time, the security architecture of this paper can effectively shield and record attacks. Combined with SSL security protocol, The method described in this paper can be used to construct the security system architecture based on network security equipment and effectively deal with various security threats.
【学位授予单位】：华北电力大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【共引文献】