A Study On The Security Protocol Of Electronic Commerce--The Perfection And Improvement Of SET Protocol

The 21st century is an era of information. As the direct outcome of information revolution, Electronic Commerce ( E-commerce) has brought about significant influence on the thinking patterns, economic activities, work and life styles of common people. Nowadays, Electronic Commerce has become a popular business transaction. And with its great convenience, high efficiency and low-cost, Electronic Commerce will be a main form of economic and commercial activities in the future society.However, due to its basis on an open and free Internet, the weak security of Electronic Commerce has become a serious problem, which affects greatly the development of E-commerce. Accordingly, in order to develop the electronic commerce, it is greatly demanding to solve the security problem, and guarantee the security, integrality, availability, authenticity and undeniablness of E-commerce.Security Electronic Transaction protocol (SET) is an open standard for the commerce industry as a way to facilitate secure payment of card transactions over Internet. SET helps solve many security problems that once stranded the development of electronic commerce by laying down a series of standards and adopting various security code technical measures. At present, it has been acknowledged by IETF and become an actual industrial standard.This paper analyzes the basic concepts, the security infrastructure and payment system of electronic commerce, makes a thorough and comprehensive research on the security technology, authentication and transaction process, points out some deficiencies in SET protocol. And with regard to these deficiencies, the author of this paper puts forward: 1) nesting encryption technologies to improve the poor security, flexibleness and adaptability of SET protocol caused by multi-encryption algorithms; 2) enhancing the mediation function of the banks issuing cards to solve the dissension between the cardholders and the merchants, as well as the storage of the information in transaction. Finally, in allusion to the complexity, slow-speed and high-cost of SET protocol, the author proposes an architecture model of security control, and thoroughly analyzes its working principles and realization.