| The proliferating mobile commerce (m-commerce) is encouraging new applications to debut in wireless environments. Various countries and industries have attached more importance to mobile commerce. A comprehensive study on mobile commerce is presented in this thesis, we firstly analyze the characteristic, limitation and security demand of mobile commerce, then propose two secure mobile commerce models which provide high perform efficiency: a WAP-based model and a SMS-based model, we also analyze and evaluate the security strength and computation load.In the WAP-based model, we point out the security hole in the standard model from WAP Forum, and provide two end-to-end security models, including WAP Server and Application level security. We introduce OTA and STK to implement end-to-end security and key refresh in the SMS-based model.Mobile ticketing plays a significant role in m-commerce. In the mobile ticketing protocol, base the two models mentioned above, we employ a trusted third party to lighten the computation load and reduce the storage space required for secure transaction on mobile devices. The issuing, transferring, refunding, and redeeming of mobile tickets are managed more effectively by establishing the third party as the ticket-manager. Thus, double redemption, counterfeits, and alterations of tickets are avoided. To maintain the integrity and efficient authentication, we introduce the MAC code.
|
PDF Full Text Request