文献类型：期刊文献

中文题名：新的复合型电子商务安全协议

英文题名：New compound electronic commerce security protocol

作者：陈莉[1];郭清溥[1]

第一作者：陈莉

机构：[1]河南财经学院计算中心

第一机构：河南财经政法大学

年份：2010

卷号：46

期号：11

起止页码：14-17

中文期刊名：计算机工程与应用

外文期刊名：Computer Engineering and Applications

收录：CSTPCD;;北大核心:【北大核心2008】；CSCD:【CSCD2011_2012】；

基金：国家高技术研究发展计划(863)No.2007AA01Z471;国家自然科学基金No.60473021;河南省重点科技攻关项目(No.072102210029);河南省科技攻关计划No.0624260017~~

语种：中文

中文关键词：复合型安全协议;安全属性;认证性;非否认性;公平性

外文关键词：compound security protocol; security property; authentication; non-repudiation; fairness

摘要：针对典型电子商务安全协议存在的安全目标单一,不能满足日益增加的安全需求等问题,提出了一种能够满足多种安全属性的复合型电子商务安全协议,该协议包含认证子协议和支付子协议两部分。认证子协议基于令牌概念实现了高效认证及协商会话密钥。改进匿名电子现金支付协议,提出了支付子协议,引入电子证书证明交易主体的身份,确保协议非否认性的实现;借助可信方传递付款收据,避免交易主体不诚实所导致的公平性缺失;引入FTP传输方式传送电子货币和付款收据,确保实现可追究性与公平性,进一步增强协议的鲁棒性。
In response on the existing problems of the electronic commerce protocols,e.g.security goal is single,increasing security requires are not been satisfied.The paper proposes a compound security protocol,which has general security properties required by e-commerce protocols.The new protocol includes authentication sub-protocol and payment sub-protocol.The authentication subprotocol can authenticate identities of important entity in the foremost time,as well as session keys used for transaction are negotiated efficiently.The payment sub-protocol is designed by improving the anonymous e-cash payment protocol.To realize its nonrepudiation,certificates are used to prove the identities of the transaction entities.To avoid unfairness arisen by the dishonest transaction entities,the transmission of payment receipt is achieved by the trusted party.The proposed protocol uses FTP to transmit electronic cashes and payment receipts,which ensures achievement of accountability and fairness,and enhances the robustness of the protocol.