Title: 網路數位產品交易之付費與資料內容保護機制之設計
On Designing Online Payment and Content Privacy Schemes for Digital Merchandise Trading on the Internet
Authors: 黃育綸
Yu-Lun Ellen Huang
Shiuh-Pyng Shieh
Keywords: 線上付費系統;線上拆帳;身份認證;金鑰配送機制;數為視訊系統;Payment systems;authentication protocols;key distribution schemes;digital broadcasting systems;Pay-TV systems;conditional access systems
Issue Date: 2000
Abstract: 網路頻寬技術的成長帶動線上交易系統的蓬勃發展。在這篇論文中,我們提出一個涉及多重商家的整合性線上交易系統。本論文的研究主要著重於線上付費與拆帳、跨網域使用者之身分認證及數位商品傳遞所需的金鑰配送與更換機制。在線上付費與拆帳研究方面,我們提出一個可支援多重商家線上拆帳的付費模型、一套有效率的跨網域身分認證協定及三個金鑰配送機制,作為整合性交易系統的基本元件。利用我們所提出的付費模型,iSettle,多重商家可根據原定合約共享線上交易所得之利益。為了驗證本地客戶與漫遊客戶的身分,我們提出一個較現有身分認證機制所需更少驗證訊息的跨網域身分認證協定,iSAP。為了避免數位商品在傳輸過程中被未經授權的客戶非法存取,我們提出三個金鑰配送機制,iKDS,並依據不同的交易方式採用不同的金鑰配送機制。我們在本論文中更提出一個適用於數位視訊系統的整合性付費模型,此模型由前述三個元件所構成,可以解決數位視訊系統中的線上付費、拆帳、客戶身分認證及數位商品之保護等問題。最後,我們探討這些元件實作於採用NAT機制之實際網路時所將遇到的問題與解決方案。
In this dissertation, we propose an integrated system for online trading that involves multiple merchants. We study the issues regarding payment and settlement among multiple merchants, authentication for customers and key distribution schemes for digital contents delivery. In particular, we propose an online payment model with settlement supports, an inter-domain authentication protocol and three key distribution schemes as the building blocks of the integrated system. With the proposed payment model, iSettle, interests of online transactions can be shared among multiple merchants. To provide authentication for local and roaming customers, we propose an efficient inter-domain authentication protocol, iSAP, in which fewer authentication messages are required than the existing authentication protocols. To prevent a digital content from being illicit accessing by unauthorized customers, three key distribution schemes, iKDS, are proposed according to the different behaviors of trading models. With these building blocks, an integrated payment model for conditional access systems is proposed as an example. As a conclusion to this dissertation, we consider the impacts when deploying these building blocks to the real world with network address translators (NAT).
Appears in Collections:Thesis