Research And Design On Identity Authentication System In Mobile-Commerce

The development and penetration each other of Internet, mobile communications and computer technologies creates Mobile-commerce. With the change from 2.5G to 3G, the mobile transform rate that it supports promotes fleetly, which provides essential support for Mobile-commerce extensively development. Mobile-commerce in the rapid development and popularization need a series of safe and efficient identity authentication system. At present, a lot of identity authentication systems are based on public-key authentication system which must depend on perfected CA (Certification Authority) system. Public-key authentication system as a whole is a huge project. This makes it costly and complex technology, and there are many questions in hardware, software and third-party certification and many other issues when it is applied in of the current mobile business environment. Therefore, adoption OTP (One-Time Password) without the third-party certification is an idea choice. This dissertation from them, research and design on identity authentication system in Mobile-commerce.The dissertation presents that the use of OTP technology can be a relatively simple, safe and effective Mobile-commerce identity authentication after Mobile-commerce identity authentication questions to be solved is proposed by analysis and research contraposition of Mobile-commerce characteristic and development environment at present.In this foundation, based on security risks of original OTP, the paper presents an improved OTP authentication system solution which is from the overall program design, user registration and bidirectional authentication to the hash time synchronization problem in server and client solutions and the security of sensitive information stored program. According the improved scheme simultaneously, do the system design and implementation in details, including a framework for systems, select system platform, choice the application of encryption algorithm through experiments and hash times. Finally carries on the emulate experiment in simulation development platform, with emphasis implementation of the client side registration and the system authenticates. Based on the results of the experimentation, analyses system security and performance, compares with original OTP system and other improved system. By do these things, validate improved solution feasible, effective and appropriate usage of the mobile environment.