A银行网上银行安全体系的构建

发布时间：2018-02-12 14:21

本文关键词： 网上银行身份认证安全管理模型　出处：《天津大学》2016年硕士论文　论文类型：学位论文

【摘要】：当前互联网技术在持续提升,网上银行这个新型产品渐渐被人们重视起来,成为未来银行发展最主要的形式。A银行是我国的股份制商业银行,在我国的银行业占有非常重要的地位。本文全面分析了A银行网银的安全体系,提出了一个安全性更高的网银结构。本文研究的主要方向有以下三点:(1)创建一个完善的安全体系:一般来说,网上银行的安全体系牵涉到的东西比较多,过去的论文只涉及到其中的一个部分,但是本文将要从技术层面,构建一个完善的安全体系,一个让顾客能够放心使用的体系,其中包含了客户端安全、基础设施安全、动态密码以及灾难备份。(2)增添网银客户端安全的设置:长期以来,网上银行的客户端安全都是银行关注的重点,无论是防火墙、IDS/IPS等其他一些安全产品都是为了保证客户端安全的,然而这几年频频出现的“网银大盗”等一些软件利用不受关注的客户端来盗取钱财。因此,本文把客户端的安全当做是安全体系中非常关键的一部分。(3)使用动态密码:通常情况下,银行卡的密码都是由六位数的数字组成的,在ATM机或是银行中使用的时候,安全性可以有所保障,但是在互联网广泛应用的时期,非动态银行密码非常轻易地就会被犯罪分子窃取,因此一些银行将证书等认证方式引入到了网上银行中,但是这种方式在使用的过程中比较复杂,难以大面积推广使用。本文选择用动态密码的方法,因为这种方式在使用的时候比较方便,能够大面积推广使用。
[Abstract]:At present, Internet technology is continuously improving. Internet banking, a new product, has gradually been attached importance to by people and has become the most important form of bank development in the future. Bank A is the joint-stock commercial bank of our country. The banking industry in China occupies a very important position. This paper comprehensively analyzes the security system of bank A net silver. This paper proposes a more secure network silver structure. The main research directions of this paper are as follows: 1) create a perfect security system: generally speaking, the security system of online banking involves a lot of things. In the past, there was only one part of the paper, but this paper is going to build a perfect security system from the technical level, a system that customers can use safely, which includes client security, infrastructure security, Dynamic password and disaster backup. 2) add network bank client security settings: for a long time, online banking client security is the focus of attention of banks, Some other security products, such as firewall IDS / IPS, are designed to ensure the security of the client. However, in recent years, some software, such as "net silver theft" and so on, have used unattended clients to steal money. Therefore, This article regards client security as a key part of the security architecture.) use dynamic passwords: typically, the password for a bank card is a six-digit number, when used in an ATM or a bank. Security can be guaranteed, but in the period of widespread use of the Internet, non-dynamic bank passwords are easily stolen by criminals, so some banks have introduced certificates and other authentication methods into online banking. However, this method is more complex in the process of use, so it is difficult to be popularized in a large area. This paper chooses the method of dynamic cryptography because it is more convenient to use and can be widely used in a large area.
【学位授予单位】：天津大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：F832.2;TP309

【参考文献】