Method and system for online security trading

A safe transaction and legal technology, applied in the field of information security, to achieve the effect of restricting replay attacks, increasing security, and ensuring smooth progress

Active Publication Date: 2010-07-28
FEITIAN TECHNOLOGIES
View PDF0 Cites 93 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The present invention is proposed in view of the problem of security risks in online transactions. Therefore, the main purpose of t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for online security trading
  • Method and system for online security trading
  • Method and system for online security trading

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0084] figure 2 and image 3 It is a flow chart of the online secure transaction method in Embodiment 1 of the present invention. Such as figure 2 and image 3 As shown, an online secure transaction method is provided. In this embodiment, a USB Key is used as a smart key device, and an example is illustrated by taking a user to conduct online banking transactions through a USB Key. A unique identification code is written inside the USB Key. It is used to authenticate the legality of the USB Key, and there is a server authentication code stored in the USB Key, which can be used to judge the legitimacy of the server, and at the same time, the legal server stores the unique identification code of the USB Key , this embodiment uses the RSA algorithm as an example for illustration. The online banking transaction method includes peer-to-peer entity authentication and a session process. Peer-to-peer entity authentication is a process in which the USB Key and the online banking ...

Embodiment 2

[0295] Figure 4 and Figure 5 It is a flow chart of the online secure transaction method in Embodiment 2 of the present invention. Such as Figure 4 and Figure 5 As shown, an online secure transaction method is provided. The difference from Embodiment 1 is that in this embodiment, a process of negotiating a session key is added to the process of peer entity authentication, and the negotiated key is used during the session. The session key encrypts and decrypts the signature instruction, making the entire online transaction process more secure

[0296] Such as Figure 4 As shown, the specific steps of the peer entity authentication process are as follows:

[0297] Step S3001 to step S3015 are the same as step S1001 to step S1015 in Embodiment 1, and will not be repeated here.

[0298] Step S3016, the server decrypts the third ciphertext to obtain the second session ID and the second random number, the server authenticates the third ciphertext M3, the second session ID, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for online security trading, wherein the method for the online security trading comprises the following steps that: intelligent key equipment and a server verify the validities of each other by mutually exchanging authentication information; after both sides are verified be valid by each other, the server integrates the operational data of the user into a signature command, and transfers the signature command and signature information to the intelligent key equipment by a client; after the intelligent key equipment verifies the validity of the signature information, the intelligent key equipment executes the signature command and returns the signature result to the server; and the server processes the operational data of the user according to the signature result. By the mutual authentication of the server and the intelligent key equipment and operations such as verification on the data in a session, the system can effectively judge whether the received data are valid and further prevent the replay attach of the hackers and protect the security operation of the system.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a method and system for secure online transactions. Background technique [0002] With the vigorous development of the network, the online banking business has also penetrated into the Internet in every corner of the world by using the rapidly developing computer and computer network and communication technology. So far, most domestic banks have launched their own online banking business. During the development of online banking, the security of online transactions has also become the focus of attention. [0003] At present, the security measures taken by most banks are to provide users with USB Key, and to join the participation of USB Key in the process of conducting online transactions. USB Key is a hardware device with USB interface. It has a built-in single-chip microcomputer or smart card chip, has a certain storage space, can store the user's private...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/32H04L9/08G06Q40/00G06Q40/04
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap