The Research And Implementation Of Security Architecture Of Electronic Payment

With the economic development, the speed of gaining popularity and wide applications of electronic information technology, E-Commerce is receiving more and more recognitions and confidences from the society with the advantages of being swift, convenient, and in common use. E-Payment, being the core technology of E-Commerce, is widely used in handling business transactions. However, due to the dependence on the way customers are distributed and also its openness nature, E-Payment system unavoidably inherits some security issues. This dissertation presents a systematic research on the security aspects of the E-Payment process, states its security risks, provides recommendations for the implementation of security services and security systems, provides the E-Payment security system architecture, gives the model of security E-Payment, and deliveres it in the project.Researchs in the dissertation include:1. Introducing the current status of security E-Payment technical research and development nationwide and worldwide. Analyzing the requirements, characteristics and model of E-Payment, as well as investigating the underlying risks.2. Investigating the key technologies of security E-Payment, including Cryptographic System, Digital Signature, Identity, Public Key Infrastructure, Access Control, SSL protocol, SET protocol, Anti-Virus, Backup and Disaster Recovery. The main focuses are on the Group Signature and Authentication. Based on the application environment of E-Payment, designs a secure and efficient E-Payment System.3. Foreseeing the future trend of E-Payment security, and indicate relevantkey technologies.Major achievements in the dissertation:1. Investigated and improved the Group Signature.The defects of Attacking Forgeability were identified through detailed analysis, and proposed methods in order to defend against forgery attack and improve the unlinkability. The solution promotes the arithmetic in the Galois field GF(p) of the original Group Signature solution to the ring Zn in order to identify bigger generator g, meanwhile via modifying value of r,, it increases the secure performance and improves the processing efficiency which could be migrated to some new cryptographies, such as elliptic curve on ring, etc. Therefore, it is easy to build more powerful E-Payment system based on the solution.2. Based on Petri Nets theory, explored and established security model of E-Payment.Petri Net covers both the strict definition and graphic language. It provides rich and strict model definition and a graphic language with clear view and easy understanding. This dissertation presents security controls on the E-Payment against the security risks related to the E-Payment. An E-Payment Security Model was established through adopting logical Petri Nets based analysis method and utilizing Petri Nets theory to describe secure E-Payment process, with focus on the research of Petri Nets Model with sender encryption, receiver decryption and applicant registration. It makes use of the reachability tree to analyze the correctness, safeness, fairness, reachability and liveness of the Petri nets model of security electronic payment. The another objective of building a secure Petri Nets model for E-Payment is to provide new methods and thoughts for researching information security.3. Built a new practical E-Payment Security Architecture.Introduced security architecture such as OSI, CDSA, XDSF, PPDR etc., analyzed and compared these architectures, identified the shortages, built one applied four-layer E-Payment Security Architecture including target layer, organization layer, management layer and technical layer.4. Through software development, implemented functions such as the password encryption, data verification, data transfer and DES arithmetic.Using C programming language to produce common computing program, primarily on achieving Encryption/Decryption arithmetic, therefore enabling the various calls in software engineering project.5. Based on the security architecture and relevant technologies, designed and successfully implemented an international Real-time Money Transfer System in the bank.The research is carried out based on the projects of "international Real-time Money Transfer System" and "International Business System" which were sponsored by Sichuan University and the Agricultural Bank of China. The Author accumulated much practical experience from the research and was driven to run an in-depth study on the current status of E-Payment utilization and new solution to the system. As the project leader, the author was in charge of the overall project design related to the Security E-Payment Model, and integrated Password Management, Group Signature, Smart Card, cryptography machine, firewall, and Monitoring Management into the security system that the theoretical analysis and practical verification had proven it is correct. It is obvious that the same security architecture can also be adopted by other financial enterprises for implementing their E-payment systems.