淡江大學機構典藏:Item 987654321/87934
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62805/95882 (66%)
Visitors : 3985085      Online Users : 311
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/87934


    Title: 電子金融系統安全性研究
    Other Titles: Study on the security of e-finance system
    Authors: 林大為;Lin, Ta-Wei
    Contributors: 淡江大學資訊工程學系碩士在職專班
    徐郁輝
    Keywords: 網路銀行;電子銀行;資訊安全;網路攻擊;Internet Banking;E-banking;Information security;Network Attack
    Date: 2012
    Issue Date: 2013-04-13 11:53:00 (UTC+8)
    Abstract: 隨著網際網路的普及,民眾在家使用網路銀行進行各種線上轉帳、匯款交易的情況已經很普及。網路銀行為了確保交易安全性均具備了各種安全驗證機制,如:使用者鑑別、SSL加密、Smart Card Identify、OTP(one time password)等方法,但面對日新月異的攻擊手法仍舊難以全面防範。舉例來說目前市面上各家網路銀行大多以微軟的IE為Base進行開發,因使用了Active X元件與IE特有的JScript支援方法而造成Client端的Browser限定只能使用IE進行交易。然而微軟提供了非常強大的功能給IE的Plug-in開發者,藉由微軟提供的BHO技術,我們可對IE進行使用者行為模式追蹤,甚至在使用者不知情的情況下竄改網路交易訊息內容。
    本研究係針對網路銀行線上轉帳交易之安全性問題進行研究,並將系統設計、交易流程、安全機制進行研究與分析。對於使用IE進行交易時,因BHO技術所衍生的風險問題進行相關說明與探討,同時提出改良與加強防範的方法。
    With the popularization of internet, it is very common using internet bank to perform on-line accounts transferring at home. In order to guarantee the transaction security, the internet bank has possessed various kinds of safety and security mechanisms. For instance, the internet bank provides users’ authentication, SSL, Smart Card identification, one-time password and other methods. Despite this efforts, it is still difficult to lockout all kind of attacks. For example, most internet banks use Microsoft IE as the base platform, in which Active X and JScript are used. It turns out that the browser of client can only use IE to do the deal. Since Microsoft equips very strong function for plug-in developer in IE, it makes that tracing the transaction activities very easy. Furthermore, one can use BHO to overwrite transaction
    information without being discovered.
    This research investigates the security and safety issues of transactions of internet bank. Specially, we focus on the risk due to the adoption of BHO technology.
    The method of security improvement and prevention will be proposed.
    Appears in Collections:[Graduate Institute & Department of Computer Science and Information Engineering] Thesis

    Files in This Item:

    File SizeFormat
    index.html0KbHTML252View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback