- 學位論文
安全的NFC行動支付協議之研究
A Study of Secure Payment Protocols for NFC-enabled Mobile Phones
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
摘要
在近場通訊(Near Field Communication, NFC)的行動支付上,一直存在著安全與隱私的議題,例如假冒身份、重送攻擊,以及客戶個資隱私被揭露等。多數的研究成果都以解決上述問題而提出各種交易協議,為了能提高身份驗證與交易安全性,採用了多次加解密運算以及數位簽章,卻也因繁重的計算負擔導致協議整體運作效率較不理想,並且較無考慮到保護隱私的問題。本研究將先探討過去文獻所提出的交易協定,從中了解其優點與缺點,並尋找可用的安全技術,來設計安全的行動支付交易協定。除了考慮的交易的資訊安全性外,也將分別對行動支付的協議效率問題,以及行動支付的資料隱私問題進行探討與改善。在完成協議設計後,針對所提出的協議進行分析與討論,試著說明協議能抵禦常見的惡意攻擊,以及身分仿冒,確保交易協議的安全性足夠。除了交易的安全性外,也試著證實協議的整體效率充足,以及透過匿名的方法解決交易的資料隱私問題。
並列摘要
Although NFC mobile payment is fruitful and useful, security and customer privacy are of great concern to users. For example, attacks like identity impersonation, eavesdropping, and replaying might occur, also personal information and finance conditions could be exposed during payment transactions. Many protocols have been presented to solve these problems by using multiple times of encryptions and digital signatures times for higher security. However, the complicated computations introduce overheads and generate inefficient operations for these protocols. And then, those protocols have not concern consumer privacy problem clearly. We discuss those proposed protocols from literature and find out the advantage and weak point. And looking for the useful security technology to design the secure mobile payment protocol. Not only concern information security of the payment but also concern efficiency and consumer privacy problem. After design the protocols, we will analyze the protocol. And try to explain the protocol is secure and efficient that can defense common attack and cost a low computations. We also try to use the anonymous methods to solve the consumer privacy problem.
參考文獻
[4] M. Badra and R. B. Badra(2016), “A lightweight security protocol for NFC-based mobile payments,” The 7th International Conference on Ambient Systems, Networks and Technologies, Vol. 83, pp. 705-711.
[5] Y. L. Chi, I. C. Lin, C. H. Chen and M. S. Hwang(2015), “The Secure Transaction Protocol in NFC Card Emulation Mode,” International Journal of Network Security, Vol. 17, No. 4, pp. 431-438.
[6] S. M. Darwish and A. M. Hassan(2012), “A Model to Authenticate Requests for Online Banking Transactions,” Alexandria Engineering Journal, Vol. 51, No. 3, pp. 185-191.
[7] H. Eun, H. Lee, and H. Oh(2013), “Conditional Privacy Preserving Security Protocol for NFC Applications,” IEEE Transactions on Consumer Electronics, Vol. 59, Issue 1, pp. 153-160.
[8] T. Halonen(2002), A System for Secure Mobile Payment Transactions, Master Thesis, Helsinki University of Technology.
延伸閱讀
- 林哲瑋(2015)。以NFC HCE技術為基礎的行動支付之研究〔碩士論文,國立暨南國際大學〕。華藝線上圖書館。https://doi.org/10.6837/NCNU.2015.00310
- 林鴻全(2011)。運用NFC提升情境資訊品質之研究〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/CYCU.2011.00105
- 劉東相、孫漢傑、黃敦麟、劉秋宗、謝琬汝(2015)。利用NFC手機實作金融電子存摺的安全技術研究。電工通訊季刊,(),27-34。https://doi.org/10.6328/CIEE.2015.3.04
- 廖憶君(2016)。NFC信用卡便利性與可行性之研究〔碩士論文,淡江大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0002-0107201610464500
- Holm, Ø. E., Liu, S., & Ding, G. H. (2018). A Study of Mobile Payment Behavior in Four Countries. International Journal of Business and Information, 13(3), 349-384. https://doi.org/10.6702/ijbi.201809_13(3).0004