中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
一种安全、公平的信息产品/服务电子付费协议
作者: 章江
答辩日期: 1997
专业: 计算机软件
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 协议 ; 电子付费 ; 因特网 ; 加密 ; SVO逻辑
摘要: 由于计算机及网络技术的发展,Internet已走进了机关、企业、学校及千家万户。随着Internet普及,网上购物和网上付费也孕育而生。美国是目前网上付费发展最快的国家,这几年都数倍地增长,去年网上零售额已近两亿美元。日本、香港等经济发达国家和地区今年也相继推出网上电子付费系统。今年8月,瀛海威信息科技公司与上海城市合作银行已率先开通可用于进行虚拟货币与现实货市的转帐的“明珠卡”系统。因此,网上电子付费已经开始进入中国百姓的生活。为了安全地进行电子付费,IBM公司研究所开发了一组安全支付协议——iKP协议组。它可用于实现基于信用卡/帐号模式的电子支付。但是对网上一些信息产品/服务的交易,iKP协议在功能、安全性、公平性方面有缺陷,难以确保交易双方利益不受损失。由于iKP协议仅仅是付费协议,它本身不生成信息货物传输的证据。加之由于信息货物传输的特殊性,仅仅简单地将iKP协议与非否认信息传输结合起来也存在安全间题。任何一方中止协议执行过程的行为都可能给另一方的利益造成损失,无法防止欺诈行为的发生。另外,iKP协议的不公平性在信息交易中也显得更加突出。因此有必要对iKP协议进行改进和充实,使之能安全、公平地服务于信息产品/服务的网上电子付费。本文就是基于这种想法,对iKP协议进行了修改与扩充,提出了一组服务于信息商品交易的iKP协议,希望将iKP协议与信息的非否认传输的过程完美地结合起来,安全、公平地应用于信息商品的交易。本文在介绍了iKPI协议的整个思想之后,还应用保密协议的形式化推理工具——SVO逻辑,对iKPI协议的安全性进行了详细的分析和论证,同时对其公平性也作了简要的分析。本文的最后还给出作者在Windows NT/95操作系统下,用Visual C++开发的一个iKPI协议应用示范系统的软件实现方案。iKPI协议的主要特点是解决了信息传输中生成证据和验证证据的方法,以及让信息的最后传输过程与会费行为同时发生的间题,这样才能有效地防止交易双方可能采取的欺诈行为。首先,iKPI协议将信息每周物的传输分割为货物密文的传输和货物密钥的传输这两个不可或缺的阶段。在第一阶段,商家加密信息货物,并将密文传给顾客。顾客收到密文后,由于没有密钥,他得不到自己所要的信息,所以他不会中止协议。于是他必须依照iKPI协议,对密文数字签名,证明自己已收到密文,并将给网关的付费信息与收到密文的签名证据一道提供给高家。第二阶段是密钥传输与付费信息传输密切结合的阶段。商家在收到顾客密文的证据后,通过验证,可确认顾客已正确收到密文。然后,商家用自己的签名密钥对密文和加密密文所用的密钥进行签名,并将结果与顾客的密文签名证据及付费信息一起交给网关。网关先核对顾客和商家对密文的签名是否吻合,然后将付费信息提交给金融网进行转帐和清算。付费成功后,网关将用自己的签名密钥对付费结果与货物密文的密钥签名,写入公共可读取的数据库、供顾客和商家读取,或可同时发送给商家和顾客。假如商家提供的密钥无法正确解开密文,顾客可将网关签名作为证据提请争议仲裁。商家在网关处注册时须提供一定的保证金,因此,网关对商家具有一定的处置能力,直至动用法律。其次,iKPI协议对iKP协议的支付系统模型也作了修改。网关除了有安全可靠的线路与商家相连以接收支付信息与货物密文密钥外,它还在Internet网上设立站点,建立公共可读取的数据库,供顾客和商家读取网关的认证证据和密文密钥。但这个数据库只有网关拥有写入的权限。这一数据库的建立,使iKPI协议的安全性和公平性得到进一步提高。即使在顾客或商家到网关的通信线路临时出现故障或网关认证信息丢失的情况下,顾客和商家也可以在故障修复后主动地去公共数据库中检取网关的认证信息。同时,由于建立了这一数据库,网关的证据无须经商家转交给顾客,使顾客与商家能同时获得网关的证据,避免了商家可能拖延发送和有意不发网关认证信息的情况。此外,iKPI协议还增加了价格协商阶段,便于顾客与商家协商货物价格及约定购买细节。在用SVO逻辑对iKPI协议进行分析的过程中,本文还从顾客、商家和网关对安全性的基本要求出发,逐一进行推理,同时也给出了争议仲裁的方法,并就iKPI协议的公平性和对COMMON签名的方法作了分析和说明。最后,我们还用面向对象的程序设计方法,按照iKPI协议的要求,编制了一个示范系统,用于演示iKPI协议软件的实施过程。
英文摘要: With the development of computer and network technology, Internet has entered government offices, enterprises, universities and thousands of homes. As Internet has been widely used, it becomes possible to go shopping and pay the bills on the network. The electronic payment develops rapidly in the United States in recent years. It increased over 200% every year. Last year the amount of retail on Internet has reached nearly two hundred million US dollars. Some electronic payment systems have started to run in a few developed countries or regions, such as Japan and Hong Kong. Chinese banks are now developing electronic payment systems. They have signed cooperation contract with VISA and MasterCard organizations. In August, Info-Highway Corporation and Shanghai City Cooperative Bank have put a MingzhuCard system into running, which can do exchange between virtual currency and real money. That perhaps means electronic payment on Internet has come into Chinese people's life. In order to implement credit card-based transactions on Internet between the customer and the merchant while using the existing financial network for clearing and authorization, IBM Research Division developed a family of secure electronic payment protocols——iKP in 1995. The protocols can be extended to apply to other payment models, such as debit cards and electronic checks. They are based on public-key cryptography and can be implemented in either software or hardware. Individual protocols differ in key management complexity and degree of security. It works well for just payment. However, iKP has some shortages on its security, fairness and function for some purchase of information products/services on Internet. It may not protect efficiently the profit of the two parties who involves in the transaction. As iKP is just a payment protocol, it does not produce proofs of transmission of information goods in its own process. Since the transmission of information goods is quite different from other kinds of goods' transmission, if we just only put iKP protocols and non-repudiation information transmission process together, it can not work securely. If any party interrupts the process at an appropriate point, the other party's profit may be hurt. It can not prevent the two parties from being cheated by the other. In addition, the unfairness of iKP becomes more unacceptable in transactions of information goods. So iKP protocols should be improved before it can serve the electronic payment on Internet for information products/services securely and fairly. On the base of iKP protocols, we develop a family of electronic payment protocols for information products/services——iKPI protocols. We try to combine the iKP protocols and non-repudiation information transmission perfectly and serve the information transaction securely and fairly. What iKPI protocols have done is to present a solution of producing and authenticating the proofs while the information goods' transmission and make the information transmission and payment take place at the same time. First iKPI protocols divide the transmission of information into two parts, ciphertext transmission and key transmission. At the former stage, the merchant encrypts the information goods and signs the ciphertext as the merchant's proof to the customer, then transmit the ciphertext and proof to the customer. In order to get the plaintext, the customer has to continue the iKPI protocols. He has to sign the ciphertext he received and transmit the proof to the merchant with his payment At the next stage, the merchant must sign the key and send this proof to the gateway with his sign on ciphertext, the customer's sign on ciphertext and the customer's payment. Having received all these information, the gateway will verify the proofs and check the payment. If all is valid, he will finish the payment using the existing financial network, then sign the key and the result of payment and put his sign as the gateway's proof onto the public accessible database on Internet. So the customer and the merchant can read it and keep a copy as a proof. If the key can not decrypt the ciphertext correctly, the customer can argue with the merchant based on the merchant signed ciphertext and the gateway signed key. The judge can resolve the dispute according to the method described in Chapter 4. Secondly iKPI protocols change the payment system model of iKP protocols. Besides a reliable connection between the merchant and the gateway to transmit payment information and the key, the gateway sets up a server on Internet to distribute his authentication proofs. It makes iKPI protocols more secure and fairer to both the merchant and the customer. In addition, iKPI protocols add a stage to let the customer negotiate the price with the merchant. After introduction of iKPI protocols, we analyze its security and fairness in details with SVO logic——a tool to reason about some features of both protocols and attacks on protocols. At last we present a software system programmed according to iKPI protocols. It is programmed with Visual C++ under Windows NT/95.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/7420
Appears in Collections:中科院软件所

Files in This Item:

There are no files associated with this item.


Recommended Citation:
章江. 一种安全、公平的信息产品/服务电子付费协议[D]. 中国科学院软件研究所. 中国科学院软件研究所. 1997-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[章江]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[章江]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace