簡易檢索 / 詳目顯示
| 研究生: |
黃宣銘 Huang, Shiuan-Ming |
|---|---|
| 論文名稱: |
使用XML簽章之行動商務系統設計與實現 The Design and Implementation of Mobile Commerce With XML Signature |
| 指導教授: |
頼溪松
Laih, Chi-Sung |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電機工程學系 Department of Electrical Engineering |
| 論文出版年: | 2002 |
| 畢業學年度: | 90 |
| 語文別: | 英文 |
| 論文頁數: | 88 |
| 中文關鍵詞: | XML 、行動商務 、電子商務 、密碼 、簽章 、安全 |
| 外文關鍵詞: | crypto, signature, mobile commerce, m-commerce, security, XML |
| 相關次數: | 點閱:87 下載:1 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
以往人們利用桌上型電腦藉由有線網路來進行電子商務,但由於行動手持設備如手機,PDA等的盛行,透過這些可攜帶的行動設備,人們可以用無線上網的方式直接在網路上購物,不必再受到時間地點的限制,行動商務的時代也開始來臨。
在電子商務和行動商務交接的時代,安全性是決定性的關鍵。除了要求更嚴謹的安全性,公平性和可靠性亦是不可或缺的一環。行動商務如同電子商務一般,交易雙方透過網路交易,無法如實體商店可達到「一手交錢,一手交貨」的交易模式。如何在交易過程中,確保交易雙方的公平性是行動商務的一大問題。
至於可靠性的問題,一般的電子商務系統僅採用SSL來保證交易的安全性。SSL 雖然可保障消費者在網路上流傳的付費資料不被第三者所得知,但是消費者下單付費之後,仍要擔心所購買的商品是否能順利到手,甚至買到的商品與網頁上瀏覽的不同,一切只能相信商家的信譽。且在行動通訊的環境中,消費者可能處於移動中的狀態亦不具有固定的網路位址,如何讓消費者在付款前即可確認商品比在電子商務環境中又更難達成。
目前雖然已有許多協定被電子商務所採用,但是在行動商務上,似乎沒有完整而成功的案例可依循。本論文的主要目標,即在於解決上述在無線網路及目前商業行為中所可能遇到的問題,並找出一個高安全性,高可靠性且適用於行動設備的交易模型。
People use desktop PC to perform electrical commerce by wired network. Since mobile equipments such as cell phone and PDA prevails over the world, people can shop on their mobile devices directly by wireless networks anytime and anywhere.
In the times that M-commerce supersedes E-commerce, security is undoubtedly the decisive factor. Except the tighter security, the fairness and the reliability are also the important factors. Mobile commerce has the same drawback with e-commerce, and that is the customer and the merchant trade through the Internet, therefore the customer cannot get products at the same time that the merchant gets the payment. Thus, how to ensure the fairness between the customer and the merchant is a big problem in the implementation of mobile commerce.
As to the reliability, web stores merely use SSL to ensure the security of transaction in general. Although SSL can protect the payment and personal information form been eavesdropped by the attacker, customer still has to worry about whether he can get the products in order, or even the products he received are different from the ones he browses on the web page after he pays for this transaction. All he can do is to believe the reputation of the merchant. Moreover, the customer with mobile device may keep moving and may not have a fixed IP address, therefore, how to avoid goods mismatching with the description is another problem that should be overcome.
Although there are many E-Commerce systems available in the market, there seems no complete and successful case to follow. In this thesis, we try to overcome the problems that we have mentioned above and find out a commerce protocol that has highly security, high reliability and suit for mobile device.
[1] AES homepage. (http://csrc.nist.gov/encryption/aes/)
[2] M.M. Anderson, “The Electronic Check Architecture Version 1.0.2”, September 29, 1998.
[3] S.Y. Chen, “A Research and Implementation on Off-Line Fair Payment Prototype System”, 2000 June.
[4] J. Daemen and V. Rijmen, “AES Proposal: Rijndael version 2”, March 9th 1999.
[5] W. Diffie and M.E. Hellman, “New Directions in Cryptography”, IEEE Transactions on Information Theory, Vol.IT-22, No.6, pp.644-654, Nov.1976.
[6] D. Eastlake, J. Reagle and D. Solo, “XML-Signature Syntax and Processing”, W3C Recommendation 12 February 2002.
[7] Federal Information Processing Standards Publication 180-1, April 17, 1995.
[8] Financial Services Technology Consortium (FSTC). (http://www.fstc.org/)
[9] IEEE Communications Society: Wireless Communications. (http://www.comsoc.org/livepubs/pci/public/2002/apr/index.html)
[10] India Infoline, “M-Commerce: Introduction”. (http://www.indiainfoline.com/cyva/repo/mcom/ch01.html)
[11] NTT DoCoMo homepage (http://www.nttdocomo.com/home.html)
[12] Peter’s Web Page, “mobile commerce”. (http://www.peterindia.com/M-CommerceOverview.html)
[13] Jim Poe, “Getting started with XML in eVB”, DEVBUZZ.COM, Inc., NJ. USA. (http://www.devbuzz.com/content/zinc_evb_xml_pg1.asp)
[14] I. Ray and I. Ray. “An Anonymous Fair Exchange E-commerce Protocol”, IEEE Conference, Parallel and Distributed Processing Symposium, Proceedings 15th International, 2001. Page(s): 1790 -1797
[15] R. Revest, A. Shamir and L. Adleman, “A method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications. Of the ACM, Vol.21, No.2, pp.120-126, Feb. 1978.
[16] W. Stallings, “Network Security Essentials: Applications and Standards”, Prentice Hall, April 15, 2000.
[17] United Nations Development Programmer (UNDP), “Electronic Commerce (e-commerce) and its Implications for Development”. (http://www.undp.org/info21/e-com/e1.html)
[18] VISA and MasterCard Inc., “Secure Electronic Transaction (SET) Specification: BOOK Ⅰ: Business Description”, Version 1.0, May 31,1997.
[19] VISA and MasterCard Inc., “Secure Electronic Transaction (SET) Specification: BOOK Ⅱ: Programmer’s Guide”, Version 1.0, May 31,1997.
[20] VISA and MasterCard Inc., “Secure Electronic Transaction (SET) Specification: BOOK Ⅲ: Formal Protocol Definition”, Version 1.0, May 31,1997.
[21] E. Weippl. “The Transition From E-Commerce To M-Commerce: Why Security Should Be the Enabling Technology”, Journal of Information Technology and Application.
[22] W3C Technical Reports and Publications. (http://www.w3.org/TR/)
[23] 人民日報社, “日本手機銀行漸成氣候”, 2001, 12, 31。(http://japan.people.com.cn/2001/12/31/riben20011231_15333.html)
[24] 東名 編著, “行動通訊發展”, 文魁資訊股份有限公司。
[25] 梁中平,徐子淵,謝鎮澤,“XML與電子商務標準”,經濟部財團法人資訊工業策進會,2000年11月。
[26] 楊先民,“實戰Pocket PC程式設計”,學貫行銷股份有限公司,2001年3月。
[27] 勞虎,“無廢話XML”,兩隻老虎工作室。(http://www.2tigers.net)
[28] 經濟部工業局八十九年度『無線行動通訊技術人才培訓班』。(http://photocomm.et.ntust.edu.tw/regulation/regulation.htm)
[29] 廣磁資訊, 通訊雜誌第85期2001. 2月號, “行動電子商務-消費者的惰性與慣性”。 (http://www.grandsoft.com/cm/085/afo859.htm)
[30] 頼溪松,葉育斌,“資訊安全入門”,全華科技圖書股份有限公司,2001年6月。
[31] 頼溪松,韓亮,張真誠,“近代密碼學及其應用”,松崗電腦圖書資料股份有限公司,1995。
校內:立即公開校外:2002-07-09公開