| The world we live is a real physical world, and everyone has his own unique physical identity. Now we also live in a digital world, because everything is expressed by a set of given data, including the identity of computer users. Computers only can recognize the digital identity of their users, and the authorization aims at digital identity of users. So how to guarantee the visitor with digital identity is the legal owner of this digital identity, that's to say how to ensure the accordance between physical identity and digital identity of operators, which is a vital security issue. To settle the problem, we established the identity attestation technology.In digital world, the major identify technology are mainly: password, Smart Card, dynamic password, USB certificates, biometrics and other authentication systems.Different security levels have various authentication methods. Although security is the foremost ingredient in authentication methods, it is not everything.With the rapid development of internet market, 3G times and E-commerce, electronic banks gradually become the inevitable choice instead of its original decoration function. On the other hand, more and more people focus attention on the security of electronic banks with appearance of filching or divulging of user's account and password online.One business bank in China adopts two ways in personal e-bank payment or given payment, One is certificate signature identification, another is static password confirmation. These two ways hold their own disadvantages and advantages.Certificate signature,although it enjoys higher safety, costs higher, too, from several dollars to several hundred dollars.. Static password,on the contrary, costs much lower, affected by the surroundings and, it doesn't have advanced technology which result in lower safety. So it is essential to introduce a low cost authentication mechanism to pubic with a characteristic of security and operation between certificate signature identification and static password confirmation.Based on the present bank mode, through analyzing the present identity attestation technology, this thesis mainly talks about the addition of changeable password identity attestation mode in the formal two ways--certificate signature attestation and the fixed password attestation. By comparing three technologies of the changeable password method which founded on challenging and answering mode, we finally choose it as the supplement for the formal bank attestation system.Customers of the bank can be divided into three types in the new identity attestation system:Customers who are using the fixed password payment: they belong to the non-certificate customers and the new auto-register customers of the bank. They have to use their fixed password attestation in their payments.Personal certificate customers: customers who have their certificate in the bank, they will still use their certificate attestation while the formal way of their fixed password attestation will be abolished. All of their business payments and deals must have their certificate signatures.Customers who are using the changeable password payment: they belong to the new customers of the bank. They use the challenging and answering mode to input the different data of their passwords and all of their payments should follow this way of attestation.In the thesis above, we talked not only the background and the analysis process of the theory, but also covered the operation process design of the system, its structure, its typical business process and its safety design.The network system of this bank had been improved since the application of this frame.cyber crime, such as viruses, fake emails and deceptive websites is defended well, consequently customer interest could be protected in maximum. Up to the end of this Jun. 2007, new customers from personal online banking of this bank is 7,410,000, and the accumulated amount exceeded 30,000,000,The new customers of dynamic password was 5,595,000, which brings great economical benefit to the bank.The identity attestation system construction is just one feasible way which based on the practical condition of the bank itself. In fact, with both advantages and disadvantages for these identity attestation technologies and based on"mutual attestation ways", we can make efficient combination with our personal needs or enterprise needs to meet our safety requirements. From the viewpoint of the future, with the development of biological identify technology and the cut down of cost, I do think biological identification will become the mainstream of the future identification. |
PDF Full Text Request