ZHANG Fei,CHEN Zi-chen,XIONG Li

DOI: https://doi.org/10.3969/j.issn.1006-5911.2006.10.012

2006-01-01

Abstract:To improve the performance and network security of collaborative commerce chain system and to deal with shortcomings of existing solution to electronic commerce,Mobile Agent technology was introduced into the modeling of network-based collaborative commerce chain system.Based on Mobile Agent properties,problems of security and network security confronted with Mobile Agent in the transaction process of network-based collaborative commerce chain were analyzed.Finally,a prototype system between the customer Agent and the supplier Agent was used to expatiate security negotiation bargain procedure based on Mobile Agent under the public key infrastructure and certification authority.Research results showed that Agent's submission permit to the supplier server during authentication process could enhance the network bargain security of the collaborative commerce chain system.

Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

Chen Tianzhou,Mao Haixia,Dai Hongjun

2006-01-01

Abstract:This paper briefly analyzes the security mechanisms of GSM/UMTS and finds their security defects, such as unidirectional authentication and cipher key transmission without encryption. For these defects, existing mobile communication systems can not prevent hostile attacks to satisfy high-level security demands. To solve these problems, we propose the robust Middleware Architecture for Mobile Communication Security (MAMCS), which employs new Authentication and Key Agreement (AKA) protocols, chooses different encryption algorithms for different applications and implements integrity control mechanism. In the end, we analyze the performance of MAMCS and show that MAMCS gets a 200%~2% improvement in security only at the cost of 1.51% descent in bandwidth and 18.14 ms extra latency.

WU JiYi,LI Wen Juan,HUANG JianPing,ZHANG JianLin,CHEN DeRen

DOI: https://doi.org/10.1360/n112014-00277

2015-01-01

Scientia Sinica Informationis

Abstract:The Mobile Internet is an integrated product of the traditional internet and mobile communications, and represents one of the most rapidly growing IT fields for the current and a long period of time.However, data show that the global mobile internet is still in its infancy, there exist many problems to be solved and clarified.This paper first outlines the basic concept of the mobile internet, including its definition, features, and architecture.Then, based on the current architecture, we discussed in detail the research status, problems, and solutions of its various components, including mobile terminals, access network, applications and services, as well as security and privacy.Finally, future research and development trends of cloud computing were discussed.

Qingtao Zeng,Jianping Wu,Pingping Li,Yilin Zeng

2002-01-01

Abstract:The mobile Internet exits already in very many forms on the market. However, there are definitely still a lot of possibilities to improve the current concepts and solution, and thus a lot of room for future RD Secondly, the basic concept of mobile Internet is introduced, and its’ develop- ment status is described simply; Thirdly, the process of come into being M-commerce based on Internet and the existing modes of M-commerce are discussed respectively; the differences between E-commerce and Mcommerce are also shown in the paper; Fourthly, an M-commerce system model is presented, the model involves its’ basic elements such as hierarchical architecture, management mechanism, system decision-making, application procedure etc; Fifthly, development trend and application fields for coming the new economics times are forecasted; Finally, how to build a M-commerce management system and make applications for business via CERNET** (one of the biggest Internet platform in China) are introduced primarily in end of the paper.

邓锦红,陈德人,苏斐琦

DOI: https://doi.org/10.3785/j.issn.1008-973X.2003.02.005

2003-01-01

Abstract:Security is an important element in the design of e-business sites. However, performance is the price to be paid for it. To learn how the mechanisms and protocols used to support security may impact system performance, an analysis of the security mechanisms such as TLS and SET protocol is provided. After identifying the dominant factor, i.e. bottleneck, Some auxiliary methods can be used to improve the performance of it. Dynamic load balancing, proxy servers and caches can be used for security at the network level; a combination of firewall and the single Sign-on technology can also be used at this level. For security at the server level, the use of cryptographic accelerator cards, more and faster processors, and the use of faster cryptographic algorithms can substantially reduce the time spent in the most expensive cryptographic operations so that performance is increased. In addition, an improved model based on Distributed Calculating environment and DES Cipher algorithm can effectively reduce the impact of security mechanisms on system performance.

J. Chen,X. Peng

DOI: https://doi.org/10.4028/www.scientific.net/AMM.443.561

2013-10-01

Abstract:The payment system of wireless communication is a whole of the various types of software used by the wireless communication network, wireless payment terminals and payment terminals, which together constitute the user applications. Compared to traditional network, wireless communication network is an more open system. According to this, users personal is easier to be stolen in the transfer process and the type of attack has become more diverse and innovative. The article introduces two types attack and solutions. Fishing Wifi is a common means of attack in the wireless network nowadays. Mobile banking is a typical example too. It involves the security of payment in mobile banking which becomes the new problem within e-commerce.

Business,Computer Science

KY Lam,SL Chung,M Gu,JG Sun

DOI: https://doi.org/10.1016/s0140-3664(03)00188-9

IF: 5.047

2003-01-01

Computer Communications

Abstract:This paper describes a lightweight security mechanism for protecting electronic transactions conducted over the mobile platform. In a typical mobile computing environment, one or more of the transacting parties are based on some wireless handheld devices. Electronic transactions conducted over the mobile platform are gaining popularity and it is widely accepted that mobile computing is a natural extension of the wired Internet computing world. However, security over the mobile platform is more critical due to the open nature of wireless networks. Furthermore, security is more difficult to implement on the mobile platform because of the resource limitation of mobile handheld devices. Therefore, security mechanisms for protecting traditional computer communications need to be revisited so as to ensure that electronic transactions involving mobile devices can be secured and implemented in an effective manner. This research is part of our effort in designing security infrastructure for electronic commerce systems, which extend from the wired to the wireless Internet. A lightweight mechanism was designed to meet the security needs in face of the resource constraints. The proposed mechanism is proven to be practical in real deployment environment.

Chen Tianzhou,Huang Yu,Chen Feng,Hu Wei

2006-01-01

Abstract:There are many security defects in existing mobile communication systems, such as unidirectional authentication and cipher key transmission in plaintext. With the expansion of the mobile communication services, the mobile security becomes more and more important, but the existing communication systems can not prevent hostile attacks to supply high-quality service because of their defects in security. To solve these problems, we propose a new Security Architecture for Mobile Communication (SAMC), which employs new authentication protocols, chooses different encryption algorithms for different requirements and implements integrity control mechanism. Good security is developed in an open environment with the collaboration of experts. It has the robust security and the outstanding performance, just a slight and acceptable loss.

廖旭,凌力

DOI: https://doi.org/10.3969/j.issn.1000-3428.2003.19.043

2003-01-01

Abstract:This paper introduces wireless applications and J2ME security architecture, shows how to exchange sensitive data more securely over wireless links for end-to-end m-commerce applications by using data encryption and SSL protocol.

MAO Hai-xia,CHEN Tian-zhou,DAI Hong-jun

DOI: https://doi.org/10.3969/j.issn.1001-3695.2006.08.029

2006-01-01

Abstract:This article briefly analyses the security mechanisms of GSM and UMTS and finds the faults in them.To solve these faults,a mobile security middleware architecture in high strength based on end-to-end security mechanism is proposed.This article introduces the middleware architecture and its security mechanism,including the design of authentication and key agreement,discusses the encryption algorithm and the scheme of integrity control.

Pengnian Zhang,Le Xu

DOI: https://doi.org/10.1007/s11276-023-03409-2

IF: 2.701

2023-06-14

Wireless Networks

Abstract:With the development of science and technology and the popularization of e-commerce, the application of wireless network technology in the business field has gradually become a hot spot of academic research, which also brings us new topics and challenges. The secure payment system based on the improved TOTP algorithm proposed in this paper involves the WAP wireless secure payment theory and the application of mobile e-commerce. This paper first studies the WAP wireless network theory of mobile payment system, and proposes the WAP algorithm flow based on identity encryption. Then, the secure wireless execution environment of the WAP encryption payment algorithm is analyzed in depth. This paper discusses the security requirements of the WAP wireless network payment system. Based on the identity encryption algorithm, several practical algorithms are proposed, and a wireless network mobile payment model combining NTRU and ECC is constructed to improve the WAP algorithm. This paper proposes a WAP wireless network security payment system based on the improved TOTP algorithm, constructs its overall structure, and designs a core algorithm with strong adaptability, including the improved TOTP algorithm and risk assessment algorithm. Finally, the performance of the WAP e-commerce secure payment system is tested and analyzed. The research found that when the 256-bit key was used to encrypt the login information, the number of tests was 23,588, the number of concurrent threads was 200, the number of requests per second was 518, the average response time was 0.219 s, the average traffic was 500 KB/s, and the error rate was 2%. It can be seen from the data that the WAP wireless secure payment system operates normally with low network delay and can respond to operation requests quickly under the condition of concurrent access by multiple users, with strong overall pressure resistance. The work of this paper has a good reference value for the construction of the WAP wireless network payment system and the design and application of mobile e-commerce, which is conducive to further research.

computer science, information systems,telecommunications,engineering, electrical & electronic

LI BEIJIN,ZHANG LI

DOI: https://doi.org/10.3969/j.issn.1008-0570.2008.06.003

2008-01-01

Abstract:The popularity of WAP-based Mobile Internethas brought new opportunities and challenges to e-commerce. The security of WAP-based electronic payment is a key problem to be solved. This paper introduces the technical characteristics of WAP,analyzes the security problems and solutions of Internet-based electronic payment,then concludes new security problems of WAP-based electronic payment,and provides corresponding solutions.

Xuebin Sun,Shuang Men,Chenglin Zhao,Zheng Zhou

DOI: https://doi.org/10.1002/sec.551

IF: 1.968

2012-05-10

Security and Communication Networks

Abstract:Machine‐to‐machine (M2M) techniques have significant application potential in the emerging internet of things, which may cover many fields from intelligence to ubiquitous environment. However, because of the data exposure when transmitted via cable, wireless mobile devices, and other technologies, its security vulnerability has become a great concern during its further extending development. This problem may even get worse if the user privacy and property are considered. Therefore, the authentication process of communicating entities has attracted wide investigation. Meanwhile, the data confidentiality also becomes an important issue in M2M, especially when the data are transmitted in a public and thereby insecure channel. In this paper, we propose a promising M2M application model that connects a mobile user with the home network using the existing popular Time Division‐Synchronous Code Division Multiple Access (TD‐SCDMA) network. Subsequently, a password‐based authentication and key establishment protocol is designed to identify the communicating parties and hence establish a secure channel for data transmissions. The final analysis shows the reliability of our proposed protocol. Copyright © 2012 John Wiley & Sons, Ltd. In this article, we propose a promising M2M application model that connects a mobile user with the home network by using the existing popular Time Division‐Synchronous Code Division Multiple Access (TD‐SCDMA) network. A reliability password‐based authentication and key establishment protocol is also designed to identify the communicating parties and hence, establish a secure channel for data transmissions.

computer science, information systems,telecommunications

Alisha D. Malloy,Upkar Varshney,Andrew P. Snow

DOI: https://doi.org/10.1023/a:1014578729875

2002-01-01

Mobile Networks and Applications

Abstract:Mobile commerce (m-commerce) is an emerging discipline involving applications, mobile devices, middleware, and wireless networks. While most of existing e-commerce applications can be modified to run in a wireless environment, m-commerce also involves many more new applications that become possible only due to the wireless infrastructure. These applications include mobile financial services, user and location specific mobile advertising, mobile inventory management, wireless business re-engineering, and mobile interactive games. In addition to device and wireless constraints, mobile commerce would also be impacted by the dependability of wireless infrastructure. Unlike e-commerce applications that usually run on fixed networking infrastructure of fairly high dependability (approaching to about 100%), m-commerce applications may not receive such high dependability from the existing and emerging wireless infrastructure. So far, most of the m-commerce research focuses on applications, devices, and security issues. We believe that some work is necessary in addressing the dependability challenges of the wireless infrastructure. In this paper, we present (a) the dependability issues of wireless infrastructure, (b) several architectures to improve the dependability of wireless networks, and (c) a simulation model and results on wireless dependability for m-commerce. The results show that a significant improvement is possible in wireless dependability for supporting m-commerce applications.

computer science, information systems,telecommunications, hardware & architecture

Mingjun Xin,Zhangwei Huang,Quan Qian

DOI: https://doi.org/10.1109/NSWCTC.2009.252

2009-01-01

Abstract:In this paper, it first analyzes the present security protocol for mobile communications. Furthermore, a security framework for the Mobile E-Service is proposed. In the mean time, using the inherent security and expansibility of J2ME, we design a security message flow model to support communication protocol for the Mobile E-Service Oriented Architecture (MSOA), which emphasizes the authentication and the security of information transmission to the cooperative mobile users. Finally, under the background application of county-level mobile E-Service platform, we validate the security and feasibility of the communication protocol, thus providing firm and satisfactory technical support for the county-level mobile E-Government system.

Indranil Bose,Chen Xi

DOI: https://doi.org/10.4018/978-1-59904-002-8.ch017

2011-01-01

Abstract:With the appearance of advanced and mature wireless and mobile technologies, more and more people are embracing mobile “things” as part of their everyday lives. New business opportunities are emerging with the birth of a new type of commerce known as mobile commerce or m-commerce. M-commerce is an extension to electronic commerce (e-commerce) with new capabilities. As a result, marketing activities in m-commerce are different from traditional commerce and e-commerce. This chapter will discuss marketing strategies for m-commerce. First we will give some background knowledge about m-commerce. Then we will discuss the pull, push, and viral models in m-marketing. The third part will be the discussion about the future developments in mobile marketing. The last part will provide a summary of this article.

KY Lam,SL Chung,M Gu,JG Sun

DOI: https://doi.org/10.1016/s0167-4048(03)00615-1

IF: 5.105

2003-01-01

Computers & Security

Abstract:This paper describes a security middleware for enhancing the interoperability of public key infrastructure (PKI). Security is a key concern in e-commerce and is especially critical in cross-enterprise transactions. Public key cryptography is widely accepted as an important mechanism for addressing the security needs of e-commerce transactions because of its ability to implement non-repudiation. The deployment of public key cryptography is facilitated by the provision of PKI which assures the integrity of cryptographic keys. Nevertheless, industry experiences have shown that the task of implementing PKI-based e-commerce applications is challenging. Prior studies have identified interoperability as a major issue that hinders the adoption of PKI in spite of its effectiveness in implementing strong security mechanisms and protocols. In this paper, we discuss the interoperability issue of PKI applications. This research is part of our effort in designing security infrastructure for e-commerce systems. A middleware architecture was designed to enhance interoperability of PKI applications. The security middleware aims to promote cross-enterprise cross-border e-commerce transactions. The proposed mechanism is proven to be practical in real deployment environment.

Peiyan Zhou,Zhaojun Xu,Yingbo Liu,Feng Wang,Li Zhang

DOI: https://doi.org/10.1504/IJMC.2015.070967

2015-01-01

International Journal of Mobile Communications

Abstract:This paper aims to provide a secure and reliable solution to the electronic identity authentication in mobile commerce system. The solution is to get high-strength elliptic curve cryptography ECC key by generating hash values from dynamic vector collection of fingerprints, which are converted from fingerprint images by randomising angular movement or rotation angle. With the introduction of ECC asymmetric encryption algorithms and SSL-VPN network integration, the proposed security identity authentication of mobile commerce and the processes of access management may well solve the problems of identity control and verification of authorisation management. The hybrid authentication and secure mode not only realises the dynamic binding of login users and the control of role management in mobile commerce but also dramatically reduces the risk of internal identity being tampered and brute forced in mobile commerce system, providing a more reliable security for current business transactions and gross settlement.

Jiachen Yang,Longsheng Xu,Qinggang Meng,Shudong He

DOI: https://doi.org/10.1155/2014/103136

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:In terms of the security and efficiency of mobile e-commerce, the authors summarized the advantages and disadvantages of several related schemes, especially the self-verified mobile payment scheme based on the elliptic curve cryptosystem (ECC) and then proposed a new type of dynamic symmetric key mobile commerce scheme based on self-verified mechanism. The authors analyzed the basic algorithm based on self-verified mechanisms and detailed the complete transaction process of the proposed scheme. The authors analyzed the payment scheme based on the security and high efficiency index. The analysis shows that the proposed scheme not only meets the high efficiency of mobile electronic payment premise, but also takes the security into account. The user confirmation mechanism at the end of the proposed scheme further strengthens the security of the proposed scheme. In brief, the proposed scheme is more efficient and practical than most of the existing schemes.