金融IC卡—数据安全子系统设计与实现
发布时间:2019-03-24 18:02
【摘要】:随着金融电子化的发展,金融系统对安全性的要求越来越高,传统的磁条卡安全性低,容易被复制等缺陷越显突出,特别是自动取款机的普及,出现大量因为偷拍密码,刷卡门禁导致的磁条卡被复制资金被盗事件也引起社会的强烈关注,因此安全性更高,交易和维护成本更低的金融IC卡也被越来越多的银行接受并推广使用。金融IC卡的安全性是它被重视和推广的原因之一,所以金融IC卡的安全性设计成为了新的研究课题。本文从商业银行实际工作需求出发,系统的进行了可行性研究、需求分析、设计和实现、业务功能测试,工作重点从密钥的生成,制卡数据的加密,密钥的保存,密钥的使用获取等方面着手,务求建立高效、安全、标准、实用的金融IC卡—数据安全子系统。前期准备阶段查阅了大量的文献资料,并对国内外最新的研究成果进行了仔细了解。需求分析阶段进行了充分的业务需求收集和分析,与行方业务人员共同完成了可行性分析报告和软件需求规格说明书,并通过行里业务部门的严格评审。设计开发阶段严格遵循公司设计准则和开发规范。测试阶段编写了2000多个测试用例,进行了3轮完整的功能测试。系统的最大特色是服务的插件化和标准化,这是系统设计阶段的重点工作,也是我们的设计原则。在服务插件化和标准化设计原则下建立的金融IC卡—数据安全子系统,基于统一规划、统一管理,以确保整个系统的各种软件、硬件均符合相关的国际标准、国内标准,保证业务、功能的统一化和标准化,从而达到服务的规范化和管理的高效性。系统提供的加密功能完善,配置灵活,操作便捷。金融IC卡—数据安全子系统的加密标准采用PBOC3.0最新标准,最大限度地满足了西安银行的金融需求(金融应用)。在加密接口封装方面,系统进行了充分预留,为后期国密算法的扩展提供了良好的扩展支持。参考国际最新研究状况,自有算法(例如:国密算法)是未来金融IC卡行业应用发展的新趋势,后期可以进行一步优化升级数据安全子系统。商业银行科技部门会在这个方向上不断研究,扩充加密功能,提高卡片数据的安全性,让自身的产品更加具有竞争力。
[Abstract]:With the development of electronic finance, the security requirement of the financial system becomes higher and higher. The traditional magnetic stripe card is low in security and easy to be copied. Especially, with the popularization of ATM, a large number of clandestine passwords appear. The theft of magnetic stripe cards caused by card swiping has also aroused strong concern in the society, so the security is higher and the financial IC cards with lower transaction and maintenance costs are accepted and promoted by more and more banks. The security of financial IC card is one of the reasons why it is paid attention to and promoted, so the security design of financial IC card has become a new research topic. In this paper, the feasibility research, requirements analysis, design and implementation of the system are carried out from the actual working requirements of commercial banks, and the key generation, business card printing data encryption, and key preservation are the key points of the work, the business function test, and the design and implementation of the system. In order to establish an efficient, secure, standard and practical financial IC card-data security subsystem. In the pre-preparation stage, a large number of literature materials were consulted, and the latest research results at home and abroad were carefully understood. In the phase of requirement analysis, the business requirements were collected and analyzed fully, and the feasibility analysis report and software requirement specification were completed together with the business staff of the bank, and passed the strict review of the business department in the industry. The design and development stage strictly follow the company design guidelines and development standards. In the test phase, more than 2000 test cases were written and 3 rounds of complete functional tests were carried out. The most important feature of the system is the plug-in and standardization of the service, which is the key work in the system design phase and our design principle. The financial IC card-data security subsystem established under the principles of service plug-in and standardized design is based on unified planning and unified management to ensure that all kinds of software and hardware of the whole system comply with relevant international and domestic standards. To ensure the unification and standardization of business and function, so as to achieve the standardization of service and the efficiency of management. The encryption function provided by the system is perfect, the configuration is flexible, and the operation is convenient. The encryption standard of financial IC card-data security subsystem adopts the latest standard of PBOC3.0, which satisfies the financial demand of Xi'an Bank to the maximum extent (financial application). In the encryption interface encapsulation, the system has been fully reserved, which provides a good extension support for the later expansion of the national security algorithm. Referring to the latest research situation in the world, self-contained algorithms (such as national security algorithm) are the new trend of the future financial IC card industry application, and one-step optimization and upgrading of the data security subsystem can be carried out in the later stage of the development of financial IC card industry. The technology department of commercial banks will continue to study in this direction, expand encryption function, improve the security of card data, and make their products more competitive.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TN409;TP309
本文编号:2446557
[Abstract]:With the development of electronic finance, the security requirement of the financial system becomes higher and higher. The traditional magnetic stripe card is low in security and easy to be copied. Especially, with the popularization of ATM, a large number of clandestine passwords appear. The theft of magnetic stripe cards caused by card swiping has also aroused strong concern in the society, so the security is higher and the financial IC cards with lower transaction and maintenance costs are accepted and promoted by more and more banks. The security of financial IC card is one of the reasons why it is paid attention to and promoted, so the security design of financial IC card has become a new research topic. In this paper, the feasibility research, requirements analysis, design and implementation of the system are carried out from the actual working requirements of commercial banks, and the key generation, business card printing data encryption, and key preservation are the key points of the work, the business function test, and the design and implementation of the system. In order to establish an efficient, secure, standard and practical financial IC card-data security subsystem. In the pre-preparation stage, a large number of literature materials were consulted, and the latest research results at home and abroad were carefully understood. In the phase of requirement analysis, the business requirements were collected and analyzed fully, and the feasibility analysis report and software requirement specification were completed together with the business staff of the bank, and passed the strict review of the business department in the industry. The design and development stage strictly follow the company design guidelines and development standards. In the test phase, more than 2000 test cases were written and 3 rounds of complete functional tests were carried out. The most important feature of the system is the plug-in and standardization of the service, which is the key work in the system design phase and our design principle. The financial IC card-data security subsystem established under the principles of service plug-in and standardized design is based on unified planning and unified management to ensure that all kinds of software and hardware of the whole system comply with relevant international and domestic standards. To ensure the unification and standardization of business and function, so as to achieve the standardization of service and the efficiency of management. The encryption function provided by the system is perfect, the configuration is flexible, and the operation is convenient. The encryption standard of financial IC card-data security subsystem adopts the latest standard of PBOC3.0, which satisfies the financial demand of Xi'an Bank to the maximum extent (financial application). In the encryption interface encapsulation, the system has been fully reserved, which provides a good extension support for the later expansion of the national security algorithm. Referring to the latest research situation in the world, self-contained algorithms (such as national security algorithm) are the new trend of the future financial IC card industry application, and one-step optimization and upgrading of the data security subsystem can be carried out in the later stage of the development of financial IC card industry. The technology department of commercial banks will continue to study in this direction, expand encryption function, improve the security of card data, and make their products more competitive.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TN409;TP309
【参考文献】
相关博士学位论文 前2条
1 韩立东;RSA与背包公钥密码算法的安全性分析[D];山东大学;2010年
2 孔凡玉;公钥密码体制中的若干算法研究[D];山东大学;2006年
相关硕士学位论文 前7条
1 王茜;基于JavaEE的人事考核管理系统的设计与实现[D];厦门大学;2014年
2 杨丹;TaaS测试管理服务的研究与实现[D];西北大学;2013年
3 韦振中;基于web的在线站群自动化建设平台分析与设计[D];云南大学;2013年
4 刘雅丽;金融IC卡系统的设计与实现[D];电子科技大学;2012年
5 梁小英;RSA快速实现算法的研究与改进[D];北京邮电大学;2010年
6 蔡晓虹;智能化专家抽取系统[D];西安电子科技大学;2008年
7 李小朋;基于NFC技术的电子钱包系统设计与安全性研究[D];北京邮电大学;2007年
,本文编号:2446557
本文链接:https://www.wllwen.com/kejilunwen/dianzigongchenglunwen/2446557.html
