The Analysis on the Security Protocol of Electronic Commerce
|School||Xi'an University of Electronic Science and Technology|
|Keywords||Electronic Commerce (EC) SET/A++ Micropayment PayWord|
Electronic Commerce (EC) is based on the Internet. However, due to a global, open, dynamic and shared Internet, it has affects greatly the development and popularization of EC. Security protocol offers confidentiality, integrality, authentication and non-repudiation over an open network.In this paper, security protocol of EC is regarded as the main research object. Secure Electronic Transaction protocol (SET) is an open standard for the commerce industry as a way to facilitate secure payment of card transactions over Internet. This paper first introduces the concepts, the security technology and the security architecture of EC. SET protocol and its expansion protocol are analyzed and a secure agent-based SET/A+ protocol is focused on. Based on SET/A+, this paper proposes an improved protocol called SET/A++, which makes mobile agent for cardholder to fulfill payment transaction in many on-line merchants, improving the flexibility and the efficiency of protocol, afterwards analyzes its security issues. And then an agent-based electronic marketplace is introduced. Finally, we present several typical micropayment mechanisms in information product payment and evaluate their advantages and disadvantages. And based on the PayWord protocol, this paper puts forward an improved micopayment protocol which is more secure, fair and non-repudiated than the PayWord protocol.