| With the rapid development of mobile communication technologies and mannfacturing of computer, the cost of mobile communication has been reduced, and it makes common citizen be willing to accept mobile business as daily necessity. However, people used to control risks by reducing trade sum or scope because of no appropriate security mechanism. The security blocks the development of mobile business.The thesis introduces security system of mobile business. It summarized J2ME and XML, and analyzed information security model of mobile business. The thesis brings forward a security model for mobile business using XML and J2ME, XmlSec. It put forward a protocol of mobile payment for business to consumer (B to C) basing on XmlSec.In XmlSec, XML document is taken as format of information, and the J2ME procedure running in mobile terminal encrypts the XML document. It provides security of end to end for mobile business because XmlSec is independent of transport protocols. Compared to other security model of mobile business, the XmlSec has thereinafter characters:1. Implementing different security strategys accord to content in a document.2. Using standard format of information is propitious to synretize web service.3. Using public secret key infrastructure and digital certificate to implement secret key management safely.4. Reducing mobile client side complexity by trusted third party.5. Properly grant role and function to trusted third party to reducing comuting cost of mobile terminal and protecting user's information safely.6. Choosing appropriate work pattern according to all kinds business and network status.At last, the work of the thesis is summarized, and future work about the thesis is point out. |
PDF Full Text Request