SET协议的消费者隐私性保护改进与商家系统软件实现-智能与分布计算实验室

SET协议的消费者隐私性保护改进与商家系统软件实现

姓名	孔艳广
论文答辩日期	2002.05.10
论文提交日期	2004.08.17
论文级别	硕士
中文题名	SET协议的消费者隐私性保护改进与商家系统软件实现
英文题名	An Extension of SET to Enhance Consumers' Privacy and Implementation of Merchant System Software
导师1	卢正鼎
导师2
中文关键词	SET;假名SET;安全实现;商家系统
英文关键词	SET;pseudonymous SET;secure implementation;merchant system
中文文摘	SET协议是实现安全电子商务的最重要的支付协议之一。SET协议建立了在线电子交易的网络模型，描述了各参与方的交易流程，定义了交易过程中参与方之间的消息的格式和内容。SET协议具有信息的保密性、数据的完整性、持卡人的鉴别和商家的鉴别等特点，已经成为事实上的工业标准。 “SET协议的消费者隐私性保护改进与商家系统软件实现”是国家药品监督管理局委托我们开发的“网上药品信息监管系统”中为实现对药品网上交易的监督而预先研究的内容。为满足消费者保护隐私权的要求，电子商务协议必须实现匿名性。SET协议利用双重签名技术部分保护了消费者的隐私权，但是还不能完全满足消费的隐私要求。在不降低协议的安全性的前提下，对SET协议进行了扩展，建立了假名SET协议的模型。这种模型新增加了一个参与方：假名信用卡提供商，它负责为普通的信用卡持有人发放假名信用卡。消费者消费时可以用假名信用卡去支付，从而实现了匿名支付的要求。这种模型的基本思想是利用知识分离，使消费者的发卡行向假名信用卡提供商支付，而假名信用卡提供商向商家支付，因此实际上还是消费者的发卡行向商家支付。进一步描述了假名SET协议的PKI系统、交易流程以及各参与方的发送的消息的格式和内容。为了保证假名SET协议的安全性，从正面用形式化的验证方法NDL逻辑对协议的部分业务流程进行了验证，同时从攻击者的角度对假名SET的安全性进行了分析。针对SET协议的安全实现问题，就随机数生成、非对称公钥、非对称私钥和对称密钥、敏感的数据、内存泄漏等提出了指导原则，并就系统安全实现时如何运用这些原则进行了具体讨论。最后建立了SET中的商家系统软件的结构，对系统的功能做了具体的划分，然后利用ASP技术和组件技术对系统作出了具体实现。
英文文摘	SET protocol is one of the most important payment protocols to carry out the electronic commerce. SET protocol constructs online transaction network model, presents the transaction processes, and defines the messages between the involved parties. Confidentiality of information, integrity of data, cardholder account authentica- tion and merchant authentication feature in SET.SET has become the de facto industry standard. “An extension of SET to enhance consumers' privacy and implementation of merchant system software” is studied to provide the function of supervising leechdom trade over the Internet for the project??The System of Supervising Leechdom Information over the Internet, which has been consigned to us by the State Bureau of Leechdom Administration. An electronic commerce protocol must enable anonymous payment over the Internet for requirement of protection privacy of consumer. SET protects the consumers' privacy with dual signature to a certain extent, but it is not enough. In this paper, SET is extended and the pseudonymous SET model is constructed which doesn't weaken the security of SET.A new participant is added to the model: pseudonymous credit card provider, which issues pseudonymous credit card. A consumer can make anonymous payment by his pseudonymous credit card. This is achieved by distributing the knowledge of the whole transaction. The basic idea is that the consumer's real credit card pays the pseudonymous credit card provider and the pseudonymous credit card provider pays the merchant and that in the end it is still the consumer's real credit card that pays the merchant. The PKI system, transaction processes of the new protocol and the messages between the participants are described. With the formal logic verification method NDL logic, part of transaction processes is verified. The security of the pseudonymous SET is also analyzed against the attacks. To obtain an implementation of SET, some general guidelines are presented about random number generation, public asymmetric keys, private asymmetric and symmetric keys, sensitive data and memory leakage. That is discussed how to apply the general guidelines in the implementation of SET. The structure of merchant system software of SET is constructed, and the system functional modules are planed. With ASP and component technologies, the merchant system software is implemented.