题名

以複合式文件強化線上電子現金之安全性

并列篇名

Using Compound Document to Enhance E-cash Security

DOI

10.6285/MIC.5(1).18

作者

張浩銘(Hau-Ming Chang);陳志誠(Patrick S. Chen);陳泰呈(Tai-Cheng Chen)

关键词

複合式文件 ; 電子現金 ; 信息驗證碼 ; Compound Document ; E-cash ; Message Authentication Code ; MD5

期刊名称

管理資訊計算

卷期/出版年月

5卷1期(2016 / 03 / 01)

页次

217 - 230

内容语文

繁體中文
中文摘要

在電子商務環境裡,以電子現金支援行動付款將是一種新的付款方式。然而電子現金的安全性弱點是複製以及重複使用等。本研究針對線上電子現金交易的安全性、正確性和可分割性等設計了一套交易協定與系統,此系統具有兩大特點:一、電子現金每進行一次交易時會自動產生新的信息驗證碼(Message Authentication Code),此方法具有統整性(Integrity)和不可否認性(Non-Repudiation)。二、利用複合式文件檢視電子現金的狀況,以及防止重複消費等問題。因此,本研究貢獻具有防止電子現金竄改和複製等問題,再以複合式文件強化電子現金之安全性,若核對不符合時,還可以反推找出問題點。本研究所建議之協議可以實現無實體之安全電子現金系統,具實用價值。
英文摘要

Paying by e-cash is a common practice in e-commerce environment. However, e-cash has major weaknesses of forge and replicated use. The aim of this study is to design a transaction protocol from the aspects of security, accuracy and divisibility of e-cash which can be used conveniently on the Internet. There are two characteristics in this system, (1) A new message authentication code will be automatically generated when the e-cash is used representing its newest state. This supports integrity and non-repudiation in the transaction. (2) It uses compound documents to update the e-cash status to avoid the problem of replicated consumption. Therefore, the proposed protocol can not only solve the problem of duplication of E-cash or illegal modification, but enhance E-cash security using compound documents in which discrepant problems can be traced. Thus, the proposed protocol is of practical value.
主题分类 基礎與應用科學 > 資訊科學
社會科學 > 管理學
参考文献
  1. 郭幸宜 (2012),Visa 調查:65%台灣Y 世代認為未來交易可靠手機完成。鉅亨網新聞,http://news.cnyes.com/Content/20120814/KFM4S00TEEZX2.shtml (Access on Date Jun 2015)
  2. 中時電子報新聞,http://news.chinatimes.com/tech/171706/122013041900073.html Access on Date 2013/06/12
  3. 維基百科,http://en.wikipedia.org/wiki/Compound_document (Access on Date Dec 2015)
  4. 資策會FIND 網站,http://www.find.org.tw/find/home.aspx?page=news&id=6757 (Access on Date Apr 2015)
  5. 鄭雅仁(2012) , " 指尖上的商機: 手機購物使用者比去年多了50 % " http://tw.marketing.campaign.yahoo.net/emarketing/contentF4.php?main=A07&sub=B01&tri=C02&literary=587.(Access on Date Jun 2014)
  6. 數位時代新聞精選,http://www.bnext.com.tw/focus/view/cid/103/id/21237 (Access on Date Jun 2014)
  7. Chen, Y.,Chou, J.-S.,Sun, H.-M.,Cho, M.-H.(2011).A novel electronic cash system with trustee-based anonymity revocation from pairing.Electronic Commerce Research and Applications,10(6),673-682.
  8. Elaalim, K. O.,Yang, S.(2012).A Fair Electronic Cash System with Identity-Based Group Signature Scheme.Journal of Information Security,3(2),177-183.
  9. Fan, C.-I.,Huang, V. S.-M.,Yu, Y.-C.(2012).User efficient recoverable off-line e-cash scheme with fast anonymity revoking.Mathematical and Computer Modelling
  10. Kosek, J.,Nálevka, P.(2006).Relaxed-on the Way Towards True Validation of Compound Documents.International World Wide Web Conference Committee
  11. Lee, J.-K.,Jun, M.-S.(2010).Security Protocol Design for Electronic-Cash Transactions in a Mobile-PKI Environment.2010 IEEE/ACIS 9th International Conference on Computer and Information Science
  12. Liu, J.,Meng, F.,He, J.,Wu, S.(2009).Analysis of DB Files Based on Compound Document Format.2009 Second Asia-Pacific Conference on Computational Intelligence and Industrial Applications
  13. Pour, M. M. H.,Husin, A. R. C.,Dahlan, H. M.(2012).BESTCASH A new E-Cash for Micropayment.Management and Technology Research (ICIMTR2012),Malacca, Malaysia:
  14. Rabindranth, S.,Keerthan, Kumar T.G.,Vijayalakshmi, B.(2012).The Design of an Anonymous and a Fair Novel E-cash System.International Journal of Information & Computation Technology
  15. Salama, M. A.,E.-Bendary, N.,Hassanien, A. E.(2011).Towards Secure Mobile Agent Based E-Cash System.Conference: ACM /IEEE Proceedings of the First International Workshop on Security and Privacy Preserving in e-Societies
  16. Simplot-R. I.,Traore, I.,Everaere, P.(2009).Distributed architectures for electronic cash schemes: a survey.International Journal of Parallel, Emergent and Distributed Systems,24(3),243-271.
  17. 王建森(2012)。碩士論文(碩士論文)。朝陽科技大學資訊工程系。
  18. 周淑羚(2004)。碩士論文(碩士論文)。長庚大學資訊管理研究所。
  19. 黃明祥、林詠章(2011)。資訊與網路安全概論:建構雲端運算安全。台灣:高立圖書。
  20. 葉怡君(2010)。碩士論文(碩士論文)。國立高雄第一科技大學資訊管理系。
print cancel