基于PKI技术与指纹识别相结合的网上银行身份认证应用研究
发布时间:2018-11-19 21:31
【摘要】:随着互联网的发展,银行的业务也从线下走到了线上,在网上银行广泛应用的今天,也同时伴随着出现了很多的安全和信任问题。其中,包括系统的安全,网络的安全,业务的安全等等,但是最直接的安全问题就是身份认证安全,它也是网银系统安全的第一层保障,目前的网银身份认证方式大多是基于密码技术的,也就是我们常用的“用户名+口令”的方式来认证身份。其实,这种方法具有明显的缺陷,一个是不容易记忆,还有就是不能抵抗字典式的攻击。目前,作为信息安全技术研究领域的身份认证研究也是各研究人员从事的一个重要方面。 随着生物识别技术和计算机技术的迅速发展,在互联网上进行身份的认证,一般都会利用生物技术和计算机技术的结合。目前,广泛使用的将人的指纹作为身份确认的依据是比较合理的。本文主要对网银现有安全身份认证技术进行了理论研究,并且分析了其优缺点,得出基于PKI技术与指纹识别技术结合的可能性的结论。通过设计安全算法和模型,对如何将指纹识别技术和PKI技术有机结合起来进行了研究,设计出Local和Remote认证方案,并且给出了网银身份认证系统的实现,主要包括用户注册实现和用户登录认证实现,最后分析了此系统实现能够达到的效果。
[Abstract]:With the development of the Internet, the business of the bank has also moved from offline to online. Today, with the wide application of online banking, there are also many security and trust problems. Among them, including the security of the system, the security of the network, the security of the business, etc., but the most direct security problem is the security of identity authentication, which is also the first layer of the security of the network banking system. At present, most of the authentication methods are based on password technology, that is, "user name and password" which we often use to authenticate identity. In fact, this method has obvious shortcomings, one is not easy to remember, and is unable to resist dictionary attacks. At present, the research of identity authentication in the field of information security technology is also an important aspect of researchers. With the rapid development of biometrics and computer technology, the combination of biotechnology and computer technology is generally used to authenticate identity on the Internet. At present, the widely used fingerprint as a basis for identification is more reasonable. In this paper, the existing secure identity authentication technology of Internet silver is studied theoretically, and its advantages and disadvantages are analyzed, and the possibility of combining PKI technology with fingerprint identification technology is concluded. Through the design of security algorithm and model, how to combine fingerprint identification technology with PKI technology is studied, Local and Remote authentication scheme are designed, and the implementation of network silver identity authentication system is given. It mainly includes the implementation of user registration and user login authentication, and finally analyzes the effect that the system can achieve.
【学位授予单位】:内蒙古大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08;TP391.41
本文编号:2343480
[Abstract]:With the development of the Internet, the business of the bank has also moved from offline to online. Today, with the wide application of online banking, there are also many security and trust problems. Among them, including the security of the system, the security of the network, the security of the business, etc., but the most direct security problem is the security of identity authentication, which is also the first layer of the security of the network banking system. At present, most of the authentication methods are based on password technology, that is, "user name and password" which we often use to authenticate identity. In fact, this method has obvious shortcomings, one is not easy to remember, and is unable to resist dictionary attacks. At present, the research of identity authentication in the field of information security technology is also an important aspect of researchers. With the rapid development of biometrics and computer technology, the combination of biotechnology and computer technology is generally used to authenticate identity on the Internet. At present, the widely used fingerprint as a basis for identification is more reasonable. In this paper, the existing secure identity authentication technology of Internet silver is studied theoretically, and its advantages and disadvantages are analyzed, and the possibility of combining PKI technology with fingerprint identification technology is concluded. Through the design of security algorithm and model, how to combine fingerprint identification technology with PKI technology is studied, Local and Remote authentication scheme are designed, and the implementation of network silver identity authentication system is given. It mainly includes the implementation of user registration and user login authentication, and finally analyzes the effect that the system can achieve.
【学位授予单位】:内蒙古大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08;TP391.41
【参考文献】
相关期刊论文 前7条
1 杨永福;王乐;;基于PKI密钥管理的企业应用安全研究[J];光盘技术;2009年04期
2 张丽静;我国电子商务安全防范的现状及解决途径[J];北方经贸;2005年10期
3 侯勇;亓胜田;;电子商务安全技术[J];商场现代化;2007年26期
4 冯大鹰,晋玉星;我国电子商务认证的现状及解决方案[J];商业时代;2004年24期
5 刘志猛;彭代渊;;基于椭圆曲线加密体制的实现[J];信息安全与通信保密;2006年04期
6 江为强;杨义先;黄正全;;基于J2EE体系结构的CA认证系统的研究[J];武汉理工大学学报;2008年02期
7 魏利明,陈相宁;PKI技术分析[J];网络安全技术与应用;2005年03期
,本文编号:2343480
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2343480.html
