Research On Security Design Of Third Party Payment And Settement Platform

Security is the basic problem of the payment system constructs working. Actually, it has been a barrier of the E-commerce's development. Aiming at this, paper discusses how to make a safe Third Party Payment platform using the present technology. First, paper introduce the e-payment history and analyze its requirement, then combine the programming skills and related security standard, refining the security requirement of each module, in the end, from the final design. Our paper just wants to realize the security demand's maneuverability from the aspect of reality operation.E-commerce is more and more important for the Chinese economic development. Among the problems that E-commerce should be coping with, E-payment is the most important one. The third party payment module is the new one electrical payment mode that comes out now days. Compared with the traditional payment mode, the third party payment not only make a equal business environment between consumer and merchant, but also can using its favourable position(among the consumer, merchant and bank), collecting the information about the trade, and supplying different kinds of third party service. It is valuable to the trade, so there are increasing corporations coming into this business.In the front of this paper, it introduces the E-payment platform's development, and then comes out the differences between the third party payment platform and the others. From this get the functional requirement. On the aspect of practical realize, it give definition of the business stream and service stream, pointing out that the security requirement is one part of service stream.On the system design process, First, we choose the《Information security technology-Baseline for classified protection of information system》as the blue print, analysis its security demand ,then according to the threat of reality , make the security policy for the convent to the program. On the other hand, for the program work's operation, it introduce the MVC software design mode, and Framework's reality, pointing out that using the AOP module can join service stream and business stream together. At last, paper shows how to detail the security design of each module in the system, using the standard, security module, and J2EE framework.The topic of this paper comes from the business software project. We pay full attention to both theory and reality during the process of work, so the system should be good at manipulate. Now the services have been used in the OA system based on ActiveCollab, and it works well. In this paper, we make the work of building third party payment platform as background, analysis the security demand step by step form theory to practical, combine the software engineering method, giving the guide to the further work, when we design the system related.