第1页 / 共360页
第2页 / 共360页
第3页 / 共360页
第4页 / 共360页
第5页 / 共360页
第6页 / 共360页
第7页 / 共360页
第8页 / 共360页
Electronic Payment Systems for E-Commerce.pdf
sample.pdf
sterling.com
Welcome to Sterling Software
TEAMFLY Team-Fly®
Electronic Payment Systems
for E-Commerce
Second Edition
For quite a long time, computer security was a rather narrow field of study that was
populated mainly by theoretical computer scientists, electrical engineers, and applied
mathematicians. With the proliferation of open systems in general, and of the Inter-
net and the World Wide Web (WWW) in particular, this situation has changed fun-
damentally. Today, computer and network practitioners are equally interested in
computer security, since they require technologies and solutions that can be used to
secure applications related to electronic commerce. Against this background, the field
of computer security has become very broad and includes many topics of interest.
The aim of this series is to publish state-of-the-art, high-standard technical books on
topics related to computer security. Further information about the series can be
found on the WWW at the following URL:
http://www.esecurity.ch/serieseditor.html
Also, if youd like to contribute to the series and write a book about a topic
related to computer security, feel free to contact either the Commissioning Editor or
the Series Editor at Artech House.
Recent Titles in the Artech House
Computer Security Series
Rolf Oppliger, Series Editor
Demystifying the IPsec Puzzle, Sheila Frankel
Electronic Payment Systems for E-Commerce, Second Edition,
Donal OMahony, Michael Peirce, and Hitesh Tewari
Information Hiding Techniques for Steganography and Digital Watermarking,
Stefan Katzenbeisser and Fabien A. P. Petitcolas, editors
Non-repudiation in Electronic Commerce, Jianying Zhou
Secure Messaging with PGP and S/MIME, Rolf Oppliger
Security Fundamentals for E-Commerce, Vesna Hassler
Security Technologies for the World Wide Web, Rolf Oppliger
For a listing of recent titles in the Artech House
Computing Library , turn to the back of this book.
Electronic Payment Systems
for E-Commerce
Second Edition
Donal OMahony
Michael Peirce
Hitesh Tewari
Artech House
Boston London
www.artechhouse.com
Library of Congress Cataloging-in-Publication Data
OMahony, Donal, 1961.
Electronic payment systems for e-commerce / Donal OMahony, Michael Peirce,
Hitesh Tewari.2nd ed.
p.
cm. (Artech House computer security series)
Rev. ed. of: Electronic payment systems, c1997.
Includes bibliographical references and index.
ISBN 1-58053-268-3 (alk. paper)
1. Electronic funds transfers.
3. Internet.
I. Peirce, M. E. (Michael E.)
Donal, 1961Electronic payment systems.
II. Tewari, Hitesh.
IV. Title.
V. Series.
2. Data encryption (Computer science)
III. OMahony,
HG1710 .O45 2001
332.0285dc21
2001022856
British Library Cataloguing in Publication Data
OMahony, Donal, 1961
Electronic payment systems for e-commerce.2nd. ed.
(Artech House computer security series )
1. Electronic funds tranfers
I. Title
332.10285
II. Peirce, Michael, 1972
III. Tewari, H.
ISBN1-58053-463-5
Cover design by Igor Valdman
' 2001 ARTECH HOUSE, INC.
685 Canton Street
Norwood, MA 02062
All rights reserved. Printed and bound in the United States of America. No part of this
book may be reproduced or utilized in any form or by any means, electronic or mechani-
cal, including photocopying, recording, or by any information storage and retrieval system,
without permission in writing from the publisher.
All terms mentioned in this book that are known to be trademarks or service marks
have been appropriately capitalized. Artech House cannot attest to the accuracy of this
information. Use of a term in this book should not be regarded as affecting the validity of
any trademark or service mark.
International Standard Book Number: 1-58053-268-3
Library of Congress Catalog Card Number: 2001022856
10 9 8 7 6 5 4 3 2 1
Contents
Preface
1 Motivation for electronic payment
References
Cash payments
Payment through banks
Payment by check
Payment by giro or credit transfer
2 Characteristics of current payment systems
2.1
2.2
2.2.1
2.2.2
2.2.3 Automated clearing house (ACH) payments
2.2.4 Wire transfer services
2.3
2.4
2.5
Using payment cards
Consumer preferences in payment systems
Regulatory framework
References
Encryption and decryption
Symmetric encryption
Triple DES
IDEA
3 Cryptographic techniques
3.1
3.2
3.2.1 Data Encryption Standard (DES)
3.2.2
3.2.3
3.2.4 Advanced Encryption Standard (AES)
3.2.5
3.3
RC2, RC4, and RC5
Message digesting or hashing
xiii
1
4
5
6
7
7
9
9
11
12
14
15
17
19
20
21
22
26
26
28
30
33
v
vi
Electronic Payment Systems for E-Commerce
The Secure Hash Algorithm (SHA)
Kerberos
Service request
Asymmetric or public-key encryption
Properties of a public-key cryptosystem
Trapdoor one-way functions
Transport of security information
Digital signatures and enveloping
RSA
Elliptic curve cryptography
Public-key infrastructure (PKI)
Certificates
Certification authorities
3.3.1 MD5
3.3.2
3.4
3.4.1 Overview of the Kerberos model
3.4.2 Obtaining a ticket
3.4.3
3.5
3.5.1
3.5.2
3.5.3 Using public-key cryptosystems for authentication
3.6
3.7
3.8
3.9
3.9.1
3.9.2
3.9.3 Attribute certificates
3.10
3.10.1 Abstract syntax notation (ASN.1)
3.10.2 The X.509 directory authentication framework
3.10.3 PKCS cryptographic message syntax
3.11 Dual signatures
3.12 Nonces
3.13
3.14
3.14.1 Card types
3.14.2 Memory types and capacity
3.14.3 Physical specifications
3.14.4 Security
3.14.5 Public-key processing capabilities
3.14.6 Multiapplication cards
3.14.7 Java Card
3.14.8 MULTOS
3.14.9 Observers
Blind signatures
Chip cards/smart cards
References
4 Credit cardbased systems
4.1
Mail order/telephone order (MOTO) transactions
34
34
35
35
37
38
38
39
40
40
40
42
44
45
45
46
47
48
49
51
53
54
56
57
59
60
61
63
63
64
65
65
67
68
69
73
76
Contents
Unsecured network payments
First Virtual
Once-off credit card numbers
The secure socket layer (SSL)
i-Key protocol (iKP)
Framework of iKP protocols
1KP
2KP
3KP
Secure Electronic Transactions (SET)
The SET trust model
SET message structure
Payment initialization (PInitReq/PInitRes)
Purchase order (PReq/PRes)
4.2
4.3
4.4
4.5
4.6
4.6.1
4.6.2
4.6.3
4.6.4
4.7
4.7.1
4.7.2
4.7.3
4.7.4
4.7.5 Authorization (AuthReq/AuthRes)
4.7.6
4.7.7
4.7.8
4.7.9
4.7.10 Server-side wallets
4.7.11 Using SET with smart cards
4.8
Capture of payment (CapReq/CapRes)
Cardholder inquiry (InqReq/InqRes)
SET software components
SET market acceptance
Summary
References
5 Electronic checks and account transfers
Payment transfer between centralized accounts
5.1
5.1.1
Funding the account
5.1.2 Authenticated account transfer
5.1.3 Withdrawing funds from the system
5.1.4
5.2
5.2.1
5.2.2
5.2.3
5.2.4
5.2.5
5.2.6
Business models
FSTC payment initiatives
Electronic check concept
Financial Services Markup Language (FSML)
Electronic check functional flows
Check-handling infrastructure
Bank Internet Payment System (BIPS)
Financial Agent Secure Transaction (FAST)
vii
76
77
80
82
89
90
91
96
98
100
102
105
106
107
112
114
115
120
120
122
123
123
125
127
128
130
134
137
137
138
139
141
144
146
148
151
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
