開放式系統鑑別機制的隱私保護__臺灣人文及社會科學引文索引資料庫

:::

詳目顯示

第 1 筆 / 總合 1 筆

/1頁

論文基本資料
摘要
外文摘要
參考文獻

題名：	開放式系統鑑別機制的隱私保護
作者：	葉慈章
作者(外文)：	Tzu-Chang Yeh
校院名稱：	國立交通大學
系所名稱：	資訊管理所
指導教授：	黃景彰
學位類別：	博士
出版日期：	2003
主題關鍵詞：	電子商務；鑑別；隱私；通行碼；線上信用卡付款；Electronic commerce；Authentication；Privacy；Password；On-line credit card payment
原始連結：	連回原系統網址
相關次數：	被引用次數:期刊(0) 博士論文(0) 專書(0) 專書論文(0) 排除自我引用:0 共同引用:0 點閱:237

網際網路快速地普及，帶動了電子商務全球化的快速成長。在傳統的交易中，我們可以很方便地經由證件的比對、簽名或蓋章來確認對方的身分。然而在網際網路上，由於交易的雙方無法面對面地確認彼此的身分，再加上網際網路對資料的傳輸並未提供足夠的安全保護，因此更需要完善的鑑別機制來確保交易的安全性。
在這個開放式的網際網路傳遞過程中，鑑別資訊常常遭到身分盜用者的竊聽；儲存大量客戶鑑別資訊的商店或銀行伺服器更成為攻擊的目標；惡意的商店或其員工也可能盜用客戶鑑別資訊，以進行非法的交易，再加上這樣的非法資訊取得過程可以藉由電腦系統的幫忙而大幅簡化，使得身分盜用事件層出不窮。消費者也因為擔心機密資料遭盜用而對電子商務裹足不前。因此，如何在鑑別過程中保護使用者的隱私已經成為電子商務成長上的重要因素。
本研究以使用者的身分鑑別為主軸，在鑑別過程中保護被鑑別者的機密資訊。我們將身分鑑別技術應用於遠端登入與線上信用卡付款兩個領域。
針對第一個研究主題 - 遠端登入，作者針對不同鑑別因素的組合提出了三個安全的鑑別機制。在電子商務的交易中，消費者需要先確認商店的身分以避免身分資訊被騙取與盜用，商店也需要確認消費者的身分以避免非法的入侵與交易詐欺的風險，以保護交易與系統的安全性。通行碼因為簡單與方便，成為最廣泛被使用的鑑別方法，然而也因此很容易遭到各種的攻擊。作者希望讓被鑑別者仍能沿用其最熟悉的通行碼，藉由安全協定的設計與其他鑑別因素的加入來彌補被鑑別者自訂通行碼所產生的安全疑慮，並且在鑑別過程中建立通訊金鑰以確保當次連結的傳輸機密性，延長鑑別的時效。這些鑑別機制因為安全度的提高可以應用於對資訊安全需求較高的環境，如：網路銀行、網路券商…等。
針對第二個研究主題 - 線上信用卡付款，作者提出兩種方法在鑑別的過程中保護持卡人機密的信用卡資訊，使持卡人對銀行需有的信賴度可以降到最低。這兩種方法可以保護持卡人的信用卡資訊，在整個傳遞過程中只能由發卡行取出持卡人的信用卡資訊。根據need-to-know原則，每位參與者只能得知執行工作時所必需知道的資訊，以避免資訊的外洩與誤用。因此，持卡人只需選擇值得信賴的發卡行，不必再擔心每個收單行可能遇到的安全問題。
我們希望藉由提供安全的線上身分鑑別機制，保護使用者的機密隱私資訊，減少線上的詐欺，以提高使用者對線上交易的信心，促進電子商務的發展。

以文找文

The popularity of the Internet paves its way to the prevailing dominance rapidly and globally. In traditional transactions, we can confirm the other side’s identity easily by credential、signature or stamp. However, on the Internet, the transaction parties cannot authenticate each other face by face. The data traveling on the open network is not well protected, either. Therefore, secure authentication schemes are crucial to assure the security of electronic commerce transactions.
Authentication information is vulnerable to eavesdropping while transmitting over the open Internet. Servers are always the targets of attackers, because numerous customers’ secrets are stored in their databases. Unscrupulous merchants or employees can steal customers’ authentication information that contains the key elements needed for fraudulent transactions. Moreover, the effort of illegal actions can be simplified by the help of computer systems. Identity theft thus becomes a serious issue in the growing digital environment. Consumers are reluctant to do business on-line for worrying that personal information on the Internet could be stolen or used for malicious purpose. Therefore, the issue of privacy protection during authentication procedure is in great need for the development of electronic commerce.
This study focuses on user authentication which protects user’s secret information. We apply authentication technology in remote login and on-line credit card payment.
In the first subject - remote login, we propose three secure authentication protocols based on the combination of different factors. For electronic commerce transactions, the consumer has to verify the merchant’s identity before sending out his/her authentication information. The merchant also needs to authenticate the customer to avoid illegal login and fraudulent transaction. Thanks to its simplicity and convenience, the password scheme may be truly the most widely used approach, but it also bears the nature of being vulnerable to several kinds of attacks. We hope that consumers can keep using password scheme they are accustomed to. By well designing the protocol and adding different authentication factors, some weak passwords picked by the customers can be therefore protected. A session key is also established during authentication process to provide confidentiality for communication. Therefore, those schemes proposed hereinafter are able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.
For the second subject — on-line credit card payment, we propose two methods to conceal cardholders’ identities in the electronic marketplace in which cardholders’ trust for banks can be reduced to a minimum. The sensitive card information is well protected along the way and can be extracted only by the issuer. Based on the need-to-know principle, transaction information should be available only to parties that need it to avoid data aggregation and misuse. A cardholder needs only to select a trustworthy issuer, instead of worrying about the possible breakdowns of every involved acquirer.
By providing secure on-line authentication mechanisms and privacy protection, on-line frauds can be minimized, users’ confidence on electronic commerce can thus be enhanced.

以文找文

1. Ho, D., Identity theft is top consumer fraud complaint of 2001, Jan. 24, 2002. http://www.insidenaples.com/02/01/business/d741589a.htm. new window

2. 孫承武，北市警方偵破駭客入侵網路銀行盜領一百餘萬，2001年5月1日。 http://leadtime.com.tw/leadtime/news/security/北市警方偵破駭客入侵網路銀行盜領一百餘萬(Yahoo-2001.05.02).mht.
3. 張慧雯，「騙取語音密碼一連三起」，中國時報, 2001年4月19日。 http://ec.chinatimes.com.tw/scripts/chinatimes/iscstext.exe?DB=ChinaTimes&Function=ListDoc&From=5&Single=1. new window

4. Bennett, R. A., “I didn’t do it,” USBanker, Dec. 2001.
5. National Information Infrastructure Task Force, Privacy Working Group, Principles for providing and using personal information, Jun. 1995.
6. Behrens, L., Privacy and security: The hidden growth strategy, May 31, 2001. http://www.gartnerg2.com/site/searchresults.asp.
7. ITAA, ITAA poll finds almost three of four Americans concerned about cyber security, Dec. 11, 2001. http://www.itaa.org/isec/pubs/e200112-05.pdf.
8. 經濟部中小企業處，第六章政府支援電子商務策略之探討，中小企業白皮書。http://www.moeasmea.gov.tw/web/html/白皮書/電子商務/ch6.doc.
9. ISO/IEC 10181-2: Information technology -- Open Systems Interconnection -- Security frameworks for open systems: Authentication framework, 1996.
10. ISO/IEC 9798 part1-5: Information technology - Security techniques - Entity authentication.
11. 「假提款機盜錄密碼八銀行失金」，華視全球資訊網，2002年4月10日。 http://www.cts.com.tw/news/headlines/news20020410N3.htm.
12. ITU-T Rec. X.509 | ISO/IEC 9594-8, Information technology - Open Systems Interconnection - The Directory: Authentication framework, ISO/IEC, 1997.
[1]13. Paul, F., “Microsoft computer network hacked; FBI steps in,” CNET, Oct. 27, 2000. http://news.cnet.com/news/0-1003-200-3308084.html. new window

14. Lamport, L., “Password authentication with insecure communication,” Communications of the ACM, vol. 24, no. 11, pp. 770-772, Nov. 1981.
15. Ammenheuser, M., “The business case for biometrics,” Bank Systems & Technology, Feb. 2002.
16. Neuman, B. C. and Ts''o, T., “Kerberos: An Authentication Service for Computer Networks,” IEEE Communications, vol. 32, no. 9, pp. 33-38, Sep. 1994. http://www.isi.edu/gost/publications/kerberos-neuman-tso.html.
17. Kohl, J. and Neuman, C., The Kerberos Network Authentication Service (V5), RFC1510, Sep. 1993. http://www.ietf.org/rfc/rfc1510.txt.
18. Phoenix Technologies Ltd, Zero-Knowledge Password Proofs. http://www.integritysciences.com/password.html.
19. Bellare, M. and Rogaway, P., The AuthA protocol for password-based authenticated key exchange, Contribution To the IEEE P1363 study group for Future PKC Standards.
[4]20. Boyko, V., MacKenzie, P., and Patel, S., “Provably secure password authenticated key exchange using Diffie Hellman,” EUROCRYPT 2000, pp. 156-171, 2000.
[5]21. Bellovin, S. and Merritt, M., “Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise,” The 1st ACM Conference on Computer and Communications Security, pp. 244-250, Nov. 1993.
[6]22. Jablon, D., “Extended password key exchange protocols immune to dictionary attack,” WETICE Workshop on Enterprise Security, 1997.
[7]23. Kwon, T. and Song, J., “Secure agreement scheme for gxy via password authentication,” Electronics Letters, vol. 35, no. 11, pp. 892-893, May 27, 1999.
[8]24. MacKenzie, P. and Swaminathan, R., Secure network authentication with password information, Presented to IEEE P1363a, August 1999.
[9]25. Wu, T., “Secure remote password protocol,” Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, pp. 97-111, Mar. 1998.
26. T. Kwon, “Authentication and key agreement via memorable passwords,” NDSS 2001 Symposium Conference Proceedings, Feb. 2001.
27. Lennon, R.E., Matyas, S.M., and Meyer, C.H., "Cryptographic authentication of time-invariant quantities," IEEE Transactions on Communications COM-29, no. 6, pp. 773-777, Jun. 1981.
[10]28. Gong, L., Lomas, M., Needham, R., and Saltzer, J., “Protecting poorly chosen secrets from guessing attacks,” IEEE Journal on Selected Areas in Communications, vol. 11, no. 5, pp. 648-656, Jun. 1993.
[11]29. Halevi, S. and Krawczyk, H., “Public-key cryptography and password protocols,” Proceedings of The 5th ACM Conference on Computer and Communications Security, pp.122-131, 1998.
[12]30. Kwon, T. and Song, J., “Efficient and secure password-based authentication protocols against guessing attacks”, Computer Communications, pp. 853-861, Jul. 1998.
31. Chang, C. C. and Wu, L. H., “A new password authentication scheme,” Journal of Information Science and Engineering, vol. 6, pp. 139-147, 1990.
32. Harn, L., Huang, D., and Laih, C.S., “Password authentication based on public-key distribution cryptosystem,” Fifth International Conference on Data Engineering, pp. 332-338, Los Angeles, USA, 1989.
33. Hwang , T.Y., “Passwords authentication using public-key encryption,” Proceedings of the 1983 IEEE International Carnahan Conference on Security Technology, Zurich, Switzerland, pp. 35-38, Oct.1983.
34. Lin, C.H., Chang, C. C., Wu, T.C., and Lee, R.C.T., “Password authentication using newton''s interpolation polynomials,” Information Systems, vol. 16, no. 1, pp. 97-102, 1991. new window

35. Chang, C.C. and Hwang, S.J., "Using smart cards to authenticate remote passwords," Computers and Mathematics with Applications, vol. 26, no. 7, pp. 19-27, 1993.
36. Chang, C.C. and Wu, T.C., “A smart card oriented password authentication scheme based on Rabin’s public key cryptosystem,” International Journal of Information and Management Sciences, vol. 8, no. 3, 1997, pp. 63-73.
37. Chang, C.C. and Wu, T.C., “Remote password authentication with smart cards,” IEE Proceedings Computers and Digital Techniques, vol. 138, no. 3, pp. 165-168, 1991.
38. Chang, C.C. and Wu, T.C., “Remote password authentication with smart cards,” IEE Proceedings - part E, vol. 138, no. 3, pp. 165-168, May 1991.
39. Chang, C.C., Wu, T.C., and Laih, C.S., “Cryptanalysis of a password authentication scheme using quadratic residues,” Computer Communications, vol. 18, no. 1, pp. 45-47 Jan. 1995. new window

40. Fumy, W. and Pfau, A., “On the complexity of asymmetric smart card authentication,” Proceedings of the Second International Smart Card 2000 Conferenece, Amsterdam Netherlands, pp. 181-190, 1989.
41. Shamir, A., "Identity-based cryptosystems and signature schemes," Advances in Cryptology: CRYPTO ''84, Lecture Notes in Computer Science vol. 196, pp. 47-53, 1985.
42. Wu, T.C. and Chang, C.C., “A password authentication scheme based on discrete logarithms,” International Journal of Computer Mathematics, vol. 41, no. 3+4, pp. 31-38, 1991.
43. Wu, T.C. and Wu, T.S., “ID-based remote login authentication scheme based on cross product operations,” International Journal of Information Management & Engineering, vol. 1, no. 2, pp. 7-13, 1994. new window

44. RSA Laboratories, PKCS #5 v2.0: Password-based cryptography standard, 1999. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-5v2/pkcs5v2-0.doc.
45. Kaliski, B., PKCS #5: Password-based cryptography specification version 2.0, RFC2898, Sep. 2000. http://www.faqs.org/rfcs/rfc2898.html.
46. 政府憑證管理中心，採用標準與格式。http://www.pki.gov.tw/cps/5.htm.
47. Merkle, R., “Protocols for public key cryptosystems,” Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, Apr.1980.
48. Haller, N.M., The S/KEY one-time password system, RFC 1760, Feb. 1995. http://www.faqs.org/rfcs/rfc1760.html.
49. Rivest, R. and Shamir, A., “PayWord and MicroMint: Two simple micropayment schemes,” International Workshop on Security Protocols, 1996.
50. U.S. Naval Research Labs, OPIE software distribution. ftp://ftp.nrl.navy.mil/pub/security/opie/.
51. RSA SecurID. http://www.rsasecurity.com/products/securid/.
52. Microsoft .NET passport. http://www.microsoft.com/netservices/passport/.
53. ISO/IEC 7816 part1-10: Information technology - Identification cards - Integrated circuit(s) cards with contacts, ISO, New York.
54. EMV 4.0 specifications, 2000. http://www.emvco.com/.
55. European Telecommunications Standard Institute, GSM 11.11 version 6.2.0, 1997, http://www.ttfn.net/techno/smartcards/standards.html.
56. Love, M., “2002-a smart bet on smart cards,” Credit Card Management, Feb. 2002.
57. Simpson, B., “Chip cards break out of their shell,” Credit Card Management, Feb. 2002.
58. “Veridicom team to offer unrivaled smartcard security for e-business using fingerprint authentication,” Cylink. http://www.cylink.com/news/press/pressrels/112000.htm.
59. “Bank of America Offers Fingerprint Access to Online Banking,” Internetnews.com, Jan. 6, 1999. http://www.internetnews.com/ec-news/article.php/33221.
60. “Veridicom and Giesecke & Devrient form smart card partnership,” TWW, Apr. 25, 2000. http://www.m2.com/m2%5Cm2web.nsf/SampleStories/Telecomworldwire/?OpenDocument.
61. Adams, J., “Biometrics and smart card,” Biometric Technology Today, vol. 8, Iss. 7, pp. 8-11, Aug. 1, 2000. new window

62. Kleffner, R., “Parkison’s disease smart card project ready to roll out,” Biometric Technology Today, vol. 8, iss. 7, pp. 3, Aug. 1, 2000. new window

63. 黃景彰、薛夙珍、廖耕億、葉慈章等，國軍資訊可信賴的作業體制之研究計劃結案報告，中科院，2001。
64. AfB and ICSA, 1999 Glossary of Biometric Terms. http://www.afb.org.uk/downloads/glossuk2.pdf.
65. Bowman, E., Everything You Need to Know About Biometrics, IBIA. http://www.ibia.org/EverythingAboutBiometrics.PDF.
66. Woodward, J.D., Jr., Webb, K.W., Newton, E.M., Bradley, M., and Rubenson, D., Army Biometric Applications:Identifying and Addressing Sociocultural Concerns. http://www.rand.org/publications/MR/MR1237/MR1237.ch2.pdf.
67. Clarke, R., “Human identification in information systems: Management challenges and public policy issues,” Information Technology & People, vol. 7, no. 4, pp. 6-37, Dec. 1994.
68. “Innovation at InnoVentry using facial recognition,” Biometric Technology Today, pp. 7-8, Feb. 2001.
69. Rhodes, K.A., “national prepareness technologies to secure federal buildings”. http://www.gao.gov/new.items/d02687t.pdf.
70. Nash, A., Duane, W., Joseph, C., and Brink, D., PKI: Implementing and Managing e-Security, California: McGraw Hill, 2001.
71. Davida, G. I., Frankel, Y., and Matt, B. J., “On enabling secure applications through off-line biometric identification,” Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 148-157, 1998.
72. Podio, F. L., “Personal authentication through biometric technologies,” Proceedings of the IEEE 4th International Workshop on Networked Appliances, pp. 57—66, 2002.
73. OECD, “Background paper on electronic authentication technologies and issues,” Joint OECD-private sector workshop on electronic authentication, Jun. 1999. http://www1.oecd.org/dsti/sti/it/secur/act/wksp-auth.htm.
74. Matyas, S.M. and Stapleton, J., “A biometric standard for information management and security,” Computers & Security, vol. 19, no. 5, pp. 428-441, 2001.
75. Kim, H.J., “Biometrics, Is it a viable proposition for identity authentication and access control?,” Computers & Security, vol. 14, no. 3, pp. 205-214, 1995.
76. Schneier, B., Biometrics: Truths and Fictions, 1998. http://www.counterpane.com/cryptogram-9808.html-biometrics.
77. 經濟部商業司，電子簽章法。 http://www.moea.gov.tw/~meco/doc/ndoc/s5_p05.htm.
78. Mitchell, C.J. and Chen, L., “Comments on the S/KEY user authentication scheme,” ACM Operating Systems Review, vol. 30, no. 4 , pp. 12-16, Oct. 1996.
79. Kawase, T., Watanabe, A., and Sasase, I., “Proposal of secure remote access using encryption,” Proceedings of the IEEE Global Telecommunications Conference, vol. 2, pp. 868-873, 1998.
80. Yeh, T.C., Shen, H.Y., and Hwang, J.J., “A secure one-time password authentication scheme using smart card, ” IEICE Transactions on Communications, vol. E85-B, no. 11, pp. 2515-2518, 2002.
81. Peytavian, M. and Zunic, N., “Methods for protecting password transmission,” Computers & Security, vol.19, no.5, pp.466-469, 2000.
82. Hwang, J.J. and Yeh, T.C., “Improvement on Peyravian-Zunic’s password authentication schemes, ” IEICE Transactions on Communications, vol. E85-B, no. 4, pp. 823-825, 2002.
83. 黃景彰、葉慈章、徐鵬雲、余俊賢、劉義漢，三合一鑑別機制，工業技術研究院電腦通訊研究所委託學術機構研究計畫結案報告書，2001年。
84. Caldwell, K., “The public policy report,” CommerceNet Newsletter, vol. 3, no. 5, 2001. http://www.nii.org.tw/cnt/info/Report/20010504.htm.
85. Gpayments, Authentication, 2001. http://www.gpayments.com/pdfs/GPayments_Authentication_Whitepaper.pdf.
86. Visa, What is Verified by Visa. http://www.visaeu.com/press_media/factsheets/whatis_vbv.html.
87. Punch, L., “Authentication’s tentative gains,” Credit Card Management, May 2002.
88. Visa, The future takes Visa. http://www.visaeu.com/press_media/factsheets/future_takes_visa.html.
[7]89. Hwang, J.J. and Hsueh, S.C., “Greater protection for credit card holders: A revised SET protocol,” Computer Standards & Interfaces, vol. 19, pp. 1-8, 1998.
90. Bellare, M., Garay, J.A., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Tsudik, G., Herreweghen, E.V., and Waidner, M., “Design, implementation, and deployment of the iKP secure electronic payment system,” IEEE Journal on Selected Areas in Communications, vol. 18, no. 4, pp. 611 —627, Apr. 2000.
91. Australian Transaction Report and Analysis Centre, RGEC Report - Research and Technical Advice, vol. 3, Dec. 1999. http:// www.austrac.gov.au/text/publications/ rgec/3/pdf/ch1.pdf.
92. Network Working Group, AAA Authorization Application Examples, RFC 2905. http://www.faqs.org/rfcs/rfc2905.html.
93. Freier, A.O., Karlton, P., and Kocher, P.C., The SSL Protocol Version 3.0, Mar. 4, 1996. ftp://ftp.netscape.com/pub/review/, ssl-spec.tar.Z.
94. MasterCard and VISA, Secure Electronic Transaction (SET) Specification, Book 1: Business Description, version 1.0, 1997. new window

95. MasterCard and VISA, Secure Electronic Transaction (SET) Specification, Book 2: Programmer’s guide, version 1.0, 1997. new window

96. MasterCard and VISA, Secure Electronic Transaction (SET) Specification, Book 3: Formal Protocol Definition, version 1.0, 1997. new window

97. ISO/IEC 10181-4：Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems: Non-Repudiation Framework, 1997.
98. VISA EU, 3D SET. http://www.visa.be/pd/eu_shop/merchants/3d_set/main.html.
99. VISA, 3-D Secure System Overview, Version 1.0.3, Dec. 3, 2001. http://international.visa.com/fb/paytech/secure/pdfs/3DS_70015-01_System_Overview_external_v1.0.2.pdf. new window

100. VISA, 3-D Secure Protocol specification, Version 1.0.1, Nov. 1, 2001. http://international.visa.com/fb/paytech/secure/main.jsp. new window

101. Gpayments, Visa 3-D Secure vs. MasterCard SPA, 2002, http://www.gpayments.com/industry.htm#2.
102. MasterCard International, Secure Payment Application (SPA). http://www.mastercardintl.com/newtechnology/ecommercesecurity/spa/.
103. Mu, Y., and Varadharajan, V., “A new scheme of credit based payment for electronic commerce,” Proceedings of the 23rd Conference on Local Computer Networks, Boston, Massachusetts, USA, pp. 278-284, 1998.
104. Chaum, D. and Pedersen, T.P., "Wallet databases with observers", Proceedings of Advances in Cryptology-CRYPTO''92, Springer-Verlag, pp. 89-105, 1992.
105. Verheul, E.R. and Tilborg, H.C.A. van, "Binding elgamal: A fraud-detectable alternative to key-escrow proposals", Proceedings of the Advances in Cryptology - EUROCRYPTO'' 97, Springer-Verlag, pp. 119-133, 1997.
106. Schneider, M.A. and Felten, E.W., “Efficient commerce protocols based on one-time pads,” Proceedings of ACSAC’00, pp. 317-326, 2000.
107. 聯合信用卡處理中心，SET 以外之另項選擇 —“O-card”，2000年9月15日。 http://www.nccc.com.tw/plan/news/newsg3.htm#g3bg.
108. Yeh, T.C., Li, J.B., and Hwang, J.J., “Greater privacy protection for on-line credit card payment,” Proceedings of The First International Conference on Electronic Business, Hong Kong, pp. 136-138, 2001.
109. Hwang, J.J., Yeh, T.C., and Li, J.B., “Securing on-line credit card payments without disclosing privacy information,” Computer Standards & Interfaces, vol. 25, issue 2, pp. 119-129, 2003.
110. Behrens, L., Privacy and security: The hidden growth strategy, May 31, 2001. http://www4.gartner.com/5_about/press_releases/2001/pr20010807d.html.
111. Riem, A., “Cybercrimes of the 21st century: Crimes against the individual — part 1,” Computer Fraud & Security, vol.6, pp.13-17, Jun. 2001. new window

112. 吳江泉、林憲祥，「勾結內賊盜取百萬筆資料獲利35億」，中國時報，2002年9月18日。
113. 盧成德，網路銀行使用率一年增加近1倍安全問題深受重視。 http://news.sina.com.tw/sinaNews/ettoday/finance/2002/0731/10577144.html.
114. Rivest, R. and Shamir, A., “Payword and microMint：Two simple micropayment schemes,” Cryptobytes, vol. 2, no. 1, pp. 7-11, 1996. new window

115. Hallam, P.M., Micro payment transfer protocol (MPTP) version 0.1, W3C Working Draft, Nov. 22, 1995. http://www.w3.org/TR/WD-mptp-951122. new window

116. Hauser, R., Steiner, M., and Waidner, M., Micro-payments based on iKP, IBM Research Report, Feb. 12, 1996.
117. Hauser, R. and Tsudik, G., “On shopping incognito,” Proceedings of the 2nd USENIX Workshop on Electronic Commerce, Nov. 1996.
118. Account authority digital signature model, http://www.garlic.com/~lynn/aadsover.htm.
119. Wheeler, L., ”Account authority digital signature and X9.59 payment standard”, 3rd CACR information security workshop, 1999.

推文
推薦
引用網址
引用嵌入語法
轉寄

top

:::

相關期刊
相關論文
相關專書
相關著作
熱門點閱

1.	安全的線上身分鑑別協定

1.	電子商務付款系統之研究

無相關書籍

無相關著作

1.	臺灣刑事DNA資料庫現況調查研究--以個人資訊隱私保障為中心
2.	論《澳門民法典》中的隱私權及其對內地相關立法的啟示
3.	隱私權及病人隱私權之概念與法律規範
4.	基因隱私與科學研究之調和--基本原則與特殊利益考量
5.	隱私權保護與傳統文化發微
6.	具隱私保護之RFID雙向鑑別機制
7.	無線射頻辨識系統 (RFID) 之應用對隱私法制之影響
8.	加拿大國家DNA資料庫之隱私權探討
9.	我國憲法上隱私權相關問題之釐清
10.	探討生物資料庫之基因隱私
11.	應用生物辨識於網站購物之隱私權探討

QR Code

臺灣人文及社會科學引文索引資料庫系統

詳目顯示

臺灣人文及社會科學引文索引資料庫