Design And Implementation Of Dynamic Key Exchange Mechanism For The Banking Authorization Front-end System

With the rapid development of social and economic,the banking industry is developing rapidly,all kinds of new technologies have been widely used which have greatly improve the working efficiency and the quality of service from banks.While IT have brought convenience for the banking industry and people,there are also risks like information leakage which affect the banking information security directly.As a subsystem in the banking system,eBAFES connect to all kinds of terminals and host which provide 7x24 hours of support to all kinds of business.Currently the exchange key between eBAFES and EAS(HOST)is static key which is easily been attacked.Once an attacker capture the static key and use it to decrypt data information from the bank,he or she can get customer card password and other important information and cause damage.Therefore,we need to design an efficient,safe,and stable key exchange mechanism for the security of banking system.The topic is from a safety project from Citibank.The main content of it is to design and implement a dynamic key exchange between eBAFES and EAS.The paper has analyzed the research status of banking security home and abroad,as well as the key exchange machanism related fields such as encryption algorithm and encryption system.Then we analyzed the demand for dynamic key exchange for eBAFES and concluded the goal of key exchange.We used the ideas of modules with sequence diagrams to divided the module into: terminal processing module,network communication module,encryption module,monitoring module and test module such five modules which improve the effect of system.This paper has fully analyzed the banking system during the the design,because the situation of current banking system may cause some constrains to the architectural design as well as the trend of technology.In the choice of the encryption technology for the existing system,meantime,we need to consider the advantages and disadvantages of each scheme and choose the best scheme to meet the security requirements,and to meet the requirements of banking business,the cost budget and other conditions.After analysis,dynamic key exchange mechanism is based on symmetric key encryption algorithm DES / 3 DES amd connect HSM box using the hardware encryption devices,based on the multi-layer key system which is a local master key,the key exchange key and the issuer working key to meet the business requirements and the safety requirements.The project has applied in the citibank banking system and running smoothly which is proved successfully.