银行信息系统统一认证的应用安全研究
[Abstract]:With the rapid development of economy, China's domestic banks have generally entered the stage of rapid development. Telephone banking, internet banking, mobile phone banking, television banking and other electronic channels are increasingly expanded and improved. At the same time, bank customers are highly concerned about transaction security, authentication tools diversity and ease of use. However, the current mainstream authentication method based on user name and password is a weak identity authentication method, because it has a series of weaknesses such as easy to guess, dictionary attack, illegal interception, responsibility determination, etc. In the current banking application environment, it can not meet the security needs of bank information system. Under the above background, the security of bank information system identity authentication has become the most important security in the research and construction of information security, and it is generally considered to be the primary link in the construction of bank information security. With the rapid development of bank Internet business, electronic trading is becoming more and more popular. Electronic trading applications include: electronic banking (online banking, ATM applications, POS applications, telephone banking, mobile banking, card payments), online securities, third-party payments, electronic stores, and so on. In recent years, electronic transactions have an annual growth rate of more than 40%. Among them, electronic banking shows a trend of parallel development to integration of various electronic channels, and the integration of channels can make business development and marketing more flexible. All kinds of electronic channel applications have common requirements for security, such as user authentication, transaction authentication, logging, access authorization, risk monitoring and prevention. In order to better support the business development and integration of various electronic channels, there is an urgent need to establish a unified authentication platform suitable for all electronic channels to handle user authentication, transaction authentication, risk monitoring and prevention. To unify the log, etc. This paper is to study the unified authentication under the environment of bank multi-information system and multi-authentication terminal, and realize the seamless integration of unified dynamic password authentication and unified digital certificate authentication into unified authentication. In the stage of unified certification trial operation and scheme verification, unified authentication can realize the unified management of multiple information systems, multiple authentication terminals, multiple user types, centralized control and authentication security in the whole bank. At the same time, unified authentication is also the development trend of bank information security and the development strategy of bank information security. The purpose of establishing unified certification is to improve banking service level, strengthen bank risk control, reduce the cost of system construction and operation and maintenance, so as to speed up the response of bank products to market demand.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP309
【相似文献】
相关期刊论文 前10条
1 屈卫清;数字证书的发展与应用[J];宁波教育学院学报;2003年S1期
2 周旭,郑乐黎,阎进,曲晖,李文俊;数字证书在检验检疫系统的应用[J];网络安全技术与应用;2004年08期
3 杨尔明;数字证书技术的进展[J];计算机安全;2004年09期
4 ;浙江万家企业拥有数字证书[J];每周电脑报;2005年08期
5 李红;网上也要身份证——数字证书应用全攻略[J];微电脑世界;2005年05期
6 柳坚;;因特网上的身份证 数字证书[J];电脑爱好者;2006年03期
7 辛凤艳;;数字证书颁发系统的研究[J];河北省科学院学报;2006年01期
8 唐春林;;电子商务与电子政务中的数字证书[J];长沙通信职业技术学院学报;2006年04期
9 ;数字证书产品—冀科安全锁[J];河北省科学院学报;2007年02期
10 张红兵;孟祥彬;;数字证书在网上银行的应用研究[J];河北广播电视大学学报;2007年05期
相关会议论文 前10条
1 胡红钢;;电子商务中的数字证书[A];第十六次全国计算机安全学术交流会论文集[C];2001年
2 杨博龙;赵保华;李景;;兼容双算法的数字证书认证框架的研究[A];2012年电力通信管理暨智能电网通信技术论坛论文集[C];2013年
3 刘顺利;洪晓光;安定;;数字证书在网上申报中的应用[A];第二十届全国数据库学术会议论文集(技术报告篇)[C];2003年
4 吴海明;;“一证通”技术解决方案[A];2005中国电子政务与信息安全论坛会议资料[C];2005年
5 金龙;刘海燕;;基于OpenSSL的CA系统的设计与实现[A];2008通信理论与技术新进展——第十三届全国青年通信学术会议论文集(上)[C];2008年
6 李枢平;;2K数字影院服务器数字证书的管理[A];2011中国电影电视技术学会影视技术文集[C];2011年
7 刘刚;梁野;李毅松;马骁;王文;李勃;陈贵凤;;数字证书技术在电力二次系统中的实现及应用[A];2006电力系统自动化学术交流研讨大会论文集[C];2006年
8 李元民;;CA数字证书在招投标过程中的应用[A];跨越发展:七省市第十届建筑市场与招标投标优秀论文集[C];2010年
9 何侠;;销售企业电子商务平台的建立[A];海南省通信学会学术年会论文集(2005)[C];2005年
10 赵希鹏;郭利;;中国气象局CA系统设计与应用[A];2011年中国气象学会气象通信与信息技术委员会暨国家气象信息中心科技年会论文摘要[C];2011年
相关重要报纸文章 前10条
1 ;数字证书在我省步入实用阶段[N];河北日报;2003年
2 弋游;数字证书为网银筑起安全屏障[N];金融时报;2006年
3 胡英;三大难点阻碍数字证书应用[N];计算机世界;2007年
4 记者 王斌邋通讯员 朱晔;海盐“数字证书”应用领先全省[N];嘉兴日报;2007年
5 实习记者 郑名智邋通讯员 沈雁;浙江加快企业数字证书应用[N];西部时报;2007年
6 ;商标数字证书申请流程[N];中国工商报;2009年
7 贵州省\汗乜局醒,
本文编号:2375086
本文链接:https://www.wllwen.com/guanlilunwen/yingxiaoguanlilunwen/2375086.html
