第三方支付系统客户端的安全风险及防范机制被引量：2

Security risk and prevention mechanisms of client-side in third-party payment system

下载PDF

导出

摘要基于一个真实的资金诈骗案例,重点分析了第三方支付系统客户端存在的安全风险、攻击者所采用的攻击技术及其攻击原理。提出了技术防范机制来降低系统的安全风险,同时,建议通过用户方、第三方支付商、银行方及监管部门的共同努力,在最大程度上阻止类似的资金诈骗行为。 Based on a true money fraud case, the security risks of client side of third-party payment system, the attacking technique and principles are analyzed and studied. Some effective technical methods are proposed to prevent attacker from defrauding. The joint efforts of the users, third-party payment providers, banks and supervision authorities are suggested, so that internet frauds can be avoided effectively.

作者刘凯

机构地区北京信息科技大学信息管理学院

出处《北京信息科技大学学报（自然科学版）》 2011年第1期26-31,共6页 Journal of Beijing Information Science and Technology University

基金北京市高校学术创新团队建设计划项目(PHR201106133) 北京信息科技大学校基金项目(1025045)

关键词第三方支付安全风险安全机制客户端欺诈 third-party payment security risk security mechanism client side fraud

分类号 TP [自动化与计算机技术]

引文网络
相关文献

参考文献9

1艾瑞咨询集团.中国互联网市场年度总结报告2009[EB/OL].(2010-02-01)[2010-10-05].http://www.iresearch.com.cn. 被引量：1
2Rolf Oppliger,Ruedi Rytz,Thomas Holderegger.Internet banking:client-side attacks and protection mechanisms[J].IEEE Computer,2009,42(6):27 -33. 被引量：1
3Alain Hiltgen,Thorsten Kramp,Thomas Weigold.Secure Internet banking authentication[J].IEEE Security& Privacy,2006,4 (2):24-30. 被引量：1
4Spyware.Keylogger[EB/OL].(2007-2-13)[2010-10 -6].http://www.symantec.com/security_ response.writeup.jsp? docid = 2004 -033116-4256-99. 被引量：1
5Infostealer.Gampass[EB/OL].(2006-12-12)[2010-10-6].http://www.symantec.com/security_ response/writeup.jsp? docid = 2006 -111201-3853 -99. 被引量：1
6Microsoft.IObjectWithSite interface[EB/OL].[2010-10-5].http:// msdn2.microsoft.com/en-us/library/Aa768220.aspx. 被引量：1
7Microsoft.Hooks[EB/OL].[2010-10 -5].http://msdn.microsoft.com/en-us/library/ms632589 (VS.85).aspx. 被引量：1
8Ter Louw M,Soon Lim J,Venkatakrishnan.Extensible web browser security[C] // Fourth GI International Conferenceon Detection of Intrusions & Malware,and Vulnerability Assessment.Luzerne,Switzerland:[s.n],2007. 被引量：1
9Chen S,Chen H,Caballero M.Residue objects:a challenge to web browser security[C]//European Conference on Computer Systems Proceedings of the 5th European Conference on Computer Systems.France:[s.n],2010. 被引量：1