The Safety Method Research And Realization Of Electronic Commerce System Based On The SET Protocol

With the vigorous development of Internet, as well as information on all areas of society to further deepen the impact of e-commerce business model in this emerging countries around the world wide unfolded, however, since e-commerce is conducted in an open Internet on the business activities in the an open Internet to transmit business information are faced with potential security threats, such as theft, tampering and so on. Therefore, the development of e-commerce is being constrained by security concerns. Therefore, for e-commerce, the development of electronic commerce the key is to solve the e-commerce security issues.Because of the importance of e-commerce security, and therefore continue to develop security technologies and applications, such as encryption, firewalls, digital signatures, digital certificates and secure transaction agreements. The invention and application of security technology enables rapid development of e-commerce. As e-commerce security technology continues to evolve, both in software or hardware, both for the development of e-commerce provides a good security guarantees and development environment. However, there is not a valid e-commerce system security evaluation system. While some e-commerce security technology have developed appropriate safety standards, but on the whole system, this is not enough. E-commerce system security elements include: validity, confidentiality, integrity, reliability (non-repudiation) to examine the capability. Thus a measure of security of e-commerce systems is necessary to study from several aspects.At this stage to solve the most basic e-commerce security technology is data encryption technology. For the most basic data encryption technology is the comprehensive application of e-commerce security protocol used by the two: SSL protocol and SET protocols.SSL (secure sockets layer) protocol is an international standard encryption and authentication communication protocols, originally developed by Netscape Corporation for the United States on the Internet to send confidential documents and research and development, and later became the Internet, communications and transaction standards. SSL protocol was first proposed by Netscape in November 1994 the company introduced and the first to achieve, that is, SSL Internet-Draft version, followed by the version revised after 5 times, in March 1996 introduced the SSL V3.0Internet-Draft version. It not only solve the SSL V2.0 exist in many of the problems, improved many of its limitations, and supports more cryptographic algorithms, was eventually adopted by the IETF. SSL is based on TCP / IP to provide secure communication security protocol, which has two sides to provide a reliable communication connection under the anti-wiretapping, anti-tampering, forgery prevention information, is secure communications. Initially through the SSL encrypted http connections to provide security for the Web browser was introduced, and now has become a common Internet services, security tools.SSL is a layered protocol, ranging from a reliable transport layer protocols (TCP / IP) and application layer protocol between the two sides for communication TCP / IP connectivity to provide server authentication, message integrity, communication, data encryption, and optional client Client certification services. This is because this setting, it can independently operate at Internet applications and connectivity protocols.SSL use public key cryptography systems and technologies to communicate the identity of the two sides of the communication entity authentication and session key consultations, the use of symmetric cryptographic algorithm for SSL connections to encrypt sensitive data transmitted. Through a combination of these two technologies, SSL protocol mainly provides services in three areas: the legitimacy of the client and server authentication, encrypted data is transmitted to hide data, protect data integrity.SET (Secure Electronic Transaction) Secure Electronic Transaction Protocol by the World Organization of the two major credit cards VISA and MARSTERCARD developed, the aim is to establish a credit card-based electronic payment system. SET protocol for e-commerce online payment link provided a safe trading environment. SET protocol main core technology, including data encryption, digital signatures, digital certificates and other security technology. The main role of the SET protocol is the ability to ensure the participation of the main e-commerce transactions, such as users, merchants and bank transfer information when making online payment the confidentiality, integrity, and the transaction status of the authenticity of transactions between the principal and so on. SET protocol, after utilization of these security technologies, we can provide users with greater integrity, greater security, and more accurate and complete transactions.In an open e-commerce activity carried out on the Internet, how to ensure the security of transactions subject to transfer data into this emerging e-commerce business model could popularize the most critical issues. Because the SSL protocol itself shortcomings, in order to overcome its shortcomings, the two credit card associations, Visa and Master Card have jointly developed the SET e-commerce transaction security protocols. SET protocol is to this open nature of the Internet to conduct online transactions on the network established and open to electronic currency-based electronic payment system specifications. SET protocol not only for credit card authentication, but also to authenticate the identity of the businesses, which need to pay for the transaction in terms of e-money is very important. As designed, SET protocol has been a lot of big companies such as IBM, HP, Microsoft and other support, has become the de facto industry standard. At present, SET protocol has received recognition IETF standards.SET protocol is an open network environment in card payment security protocol, which uses public key encryption system and X.509 digital certificate standard, through the corresponding software, digital certificate, digital signature and encryption technology in the trading process and providing greater confidence in degrees, more complete transaction information, higher security and less subject to the possibility of fraud. SET protocol can be used to support this type of B2C e-commerce model, namely, on-line card consumer shopping and trading patterns.This paper's focus on research topics of SET protocol based on the security of e-commerce systems and how to solve existing problems, can improve the whole SET protocol-based online payment system's security framework and mechanisms, SET protocol development and the establishment of a password-based science and cryptography, the study of SET protocol based on the security of e-commerce for the promotion of cryptography has a certain theoretical value and significance.This paper discusses some basic concepts of e-commerce and e-commerce security system involved in the basic security technologies, focusing on analysis discusses the basic technical principles of SET protocol, as well as online transaction process. Through the SET protocol and SSL protocol security analysis of the performance comparison, was designed and implemented a security protocol based on SET payment system, given the detailed division of function modules and the module implementation process.