| With the rapid development of network technology and the increase of the modern life pace, the online bank attracts more and more people's attention which is a convenient, swift capital transfer method.Traditional fixed password identity authentication has natural weakness.With the development of the online bank, the attack aim at it is more.This situation affect the customers' confidence in online banks in a certain degree. The dissertation does some research about identity attestation and introduces a new method based on dynamic password.At first, this paper presents the development status of online banks briefly, then, sums up and compares three kinds of identity authentication methods and educes the concept of dynamic password. The math base of the identity authentication system is AES and RSA encryption arithmetic which have strong anti-cracking ability. The arithmetic theory, programming and quick implement are introduced. The system is consist of two parts, one is client software which is realized by Java Swing, the other is online bank server which is realized by Apache Server, JDBC, JSP. Using the database connection pool method to improve the execution efficiency. Imitating the patent software—time fairy of CAS (Chinese Academy of Sciences) and using SQL Server2000 and ActiveX technology to complete a control which can set the client's current time according to server's time. Mixing with time gene or random number gene, a dynamic password which only can be used by a single card number is built. At last, enumerate the resist ability of common network attack methods.After debugging, this system works well and can simulate the whole logging in process of online banks. |
PDF Full Text Request