The Terminal Authentication Mechanism And Implementation In Online Payment Of Online Banking Based On SET Protocol

In recent years,with the development of network technology and the popularityof electronic commerce,online banking had a rapidly development and the user havebeing constantly increased.Online banking transactions hit the new record again andagain. But at the same time,unsafe events is also exists in online banking,such as theinformation is betrayed or juggled during transmitting in Internet，as well as thecheated and denied problems.how to ensure the security of transactions subject totransfer data into this emerging online banking bussiness model could popularizethe most critical issues.Accordingly, in order to develop the online banking, it isgreatly demanding to solve the security problem,and guarantee thesecurity,integrality,availability,authenticity and undeniable of online banking.The weakest link of online banking is the part of the client side authentication,asthe first line of defense of the online banking transaction system,identityauthentication is a vital role.Wth the development of network technology,the waywhich hackers attack client side of the online banking become more and more,and thesingle authentication method can not meet the current needs of the users of the onlinebanking.In this regard, this thesis mainly discusses the modes、fuctions and safetyrequirements of payment system of electronic commerce based on SET protocol, andproposed a improved method of terminal identity authentication mechanism in onlinepayment, and made a design and implementation to it.First the paper made detailed technical analysis and comparison for somecommon online banking authentication methods,and proposed a improved method ofidentity certification methods based on USBKEY and digital certificates.Comparedwith the original method,the new authentication method can effetively resist thereplay attack with random number technique,and then an analysis is made for thesecurity of the improved methods.Second,the thesis proposed a new system of identity certification system for thesecurity issues of online banking based on Kerberos protocol and Public KeyInfrastructure with usb key,the system verify the user’s physical identity with usb keyand availably keep password from guess attacks,The system encrypt and decrypt datawith ECC algorithm which promoted the efficiency and safety;The system managedcertificates with LDAP technique,it can increase the search speed and solve the burden overweight problem of TGS in original protocol,The system carry on serialnumber to the session to prevent from data packet replay attacks;At the same time,CA is used to distribute certificates for every side, so every side can recognize eachother successfully.The logic safety of the new system is proved by BAN theories,and its functionand efficiency are also analysised. According to the actual needs of the onlinebanking system, design and implementation is made for each module of the systemand the system is tested.