| With the development of mobile commerce in the fields of bank, commerce, office and so on, its security is gradually being paid attention to by more and more people and it also becomes "bottleneck" which restricts development of mobile commerce. To find the solution to security problem becomes a most important problem in the development of mobile commerce. Security protocol is one of the most effective methods to solve the problem of security of mobile commerce at present. Authentication between entities, confidentiality and integrity of message passing and non-repudiation of origin are assured through security protocol. As the first line of defence in the mobile commerce system, identity authentication is the most important security service, all of others depend on it, and the whole system will be defeated if identity authentiection losts.According to characteristics of mobile commerce and development environment at present, and after analysis of existing problems in mobile commerce, an effective and safe solution with RFID (Radio Frequency Identification) to the mobile commerce authentication is presented, referring to safety criterion of protocol design and Machine-readable characteristic of the second generation ID card.Authentication protocol based on RFID technology is presented which includes user registration sub-protocol, bidirectional authentication sub-protocol and password modification sub-protocol. The security of the authentication protocol is proved after attack analysis as well as BAN logic analysis to the authentication system is given. According the protocol, an authentication system is designed and detailed design as well as implementation of the system is presented. Embedded board base on S3C2410 is used to simulate the mobile phone. Linux system is chosen as operating system at the implementation section. Then bootloader programming , transplantation of Linux operating system and file system are implemented on the development board. SL-13.56MOD radio frequency card is used to design the hardware circuit and it communicates with development board by serial port. According to the need of practice, Linux system is chosen as operating system at the implementation section. Then bootloader programming, transplantation of Linux operating system and file system are implemented on the development board. SL-13.56MOD radio frequency card is used to design the hardware circuit and it communicates with development board by serial port. MIRACL cryptography algorithms library is used to realize the opetations on the curve and user interface is also compiled with software of Qt. MySQLdatabase is adopted to to store user information and log file in the server.The communication between client and server is implemented by socket communication way. At last,the results of experiment are given.At the end, a summary of authentication scheme in mobile electronic commerce is made. we also make a conclusion to the thesis's main study , and put forward prospects for future studies. |
PDF Full Text Request