Nowadays the Electronic Commerce brings the new attempts and convenience for work and life of people, but it is not deeply popular as people's imagination. One of the important reasons should be the security of EC which become the obstacle of EC's development.In the study of EC's security, the Secure Electronic Transaction protocol came to the world, which was designed for electronic payment. The SET protocol involved much of data and strictly limited the format of data; therefore it was very cockamamie and inflexible. However, the XML, as the basic of Web Services, is a flexible technology of data processing. It has the structured and expansible characteristics, which is suitable to conduct the complex and anomalous data. Thus this technology can help SET improve its flexibility and expansibility.At the same time, in the structure of this protocol, this thesis will provide a kind of innovative amelioration: in the EC's process, the shipment is an indispensable part, so we take consideration of adding the shipagent into the part of SET structure, which is able to make the whole electronic payment process better and avoid the credit card cheat through fake commerce in some degree.This thesis also studies and analyzes the Web Services technology. The parts in EC process are so many and their systems should be different platforms, so the Web Services technology is just able to solve this problem. Therefore, the thesis studies the base, the structure and technology standard of Web Services in detail, especially about the security of Web Services. WS-Security is a kind of integrated specification about XML encryption, signature and authentication for Web Services. And XKMS is the XML key management specification. These two can provide the authentication center, encryption and signature services for SET structure.Finally, the thesis designs an application model of security EC electronic payment system with the structure of SET and the Web Services technology and gives the realization of it based on J2EE platform. |