開放式系統鑑別機制的隱私保護

Abstract

網際網路快速地普及，帶動了電子商務全球化的快速成長。在傳統的交易中，我們可以很方便地經由證件的比對、簽名或蓋章來確認對方的身分。然而在網際網路上，由於交易的雙方無法面對面地確認彼此的身分，再加上網際網路對資料的傳輸並未提供足夠的安全保護，因此更需要完善的鑑別機制來確保交易的安全性。 在這個開放式的網際網路傳遞過程中，鑑別資訊常常遭到身分盜用者的竊聽；儲存大量客戶鑑別資訊的商店或銀行伺服器更成為攻擊的目標；惡意的商店或其員工也可能盜用客戶鑑別資訊，以進行非法的交易，再加上這樣的非法資訊取得過程可以藉由電腦系統的幫忙而大幅簡化，使得身分盜用事件層出不窮。消費者也因為擔心機密資料遭盜用而對電子商務裹足不前。因此，如何在鑑別過程中保護使用者的隱私已經成為電子商務成長上的重要因素。 本研究以使用者的身分鑑別為主軸，在鑑別過程中保護被鑑別者的機密資訊。我們將身分鑑別技術應用於遠端登入與線上信用卡付款兩個領域。 針對第一個研究主題 - 遠端登入，作者針對不同鑑別因素的組合提出了三個安全的鑑別機制。在電子商務的交易中，消費者需要先確認商店的身分以避免身分資訊被騙取與盜用，商店也需要確認消費者的身分以避免非法的入侵與交易詐欺的風險，以保護交易與系統的安全性。通行碼因為簡單與方便，成為最廣泛被使用的鑑別方法，然而也因此很容易遭到各種的攻擊。作者希望讓被鑑別者仍能沿用其最熟悉的通行碼，藉由安全協定的設計與其他鑑別因素的加入來彌補被鑑別者自訂通行碼所產生的安全疑慮，並且在鑑別過程中建立通訊金鑰以確保當次連結的傳輸機密性，延長鑑別的時效。這些鑑別機制因為安全度的提高可以應用於對資訊安全需求較高的環境，如：網路銀行、網路券商…等。 針對第二個研究主題 - 線上信用卡付款，作者提出兩種方法在鑑別的過程中保護持卡人機密的信用卡資訊，使持卡人對銀行需有的信賴度可以降到最低。這兩種方法可以保護持卡人的信用卡資訊，在整個傳遞過程中只能由發卡行取出持卡人的信用卡資訊。根據need-to-know原則，每位參與者只能得知執行工作時所必需知道的資訊，以避免資訊的外洩與誤用。因此，持卡人只需選擇值得信賴的發卡行，不必再擔心每個收單行可能遇到的安全問題。 我們希望藉由提供安全的線上身分鑑別機制，保護使用者的機密隱私資訊，減少線上的詐欺，以提高使用者對線上交易的信心，促進電子商務的發展。

The popularity of the Internet paves its way to the prevailing dominance rapidly and globally. In traditional transactions, we can confirm the other side’s identity easily by credential、signature or stamp. However, on the Internet, the transaction parties cannot authenticate each other face by face. The data traveling on the open network is not well protected, either. Therefore, secure authentication schemes are crucial to assure the security of electronic commerce transactions. Authentication information is vulnerable to eavesdropping while transmitting over the open Internet. Servers are always the targets of attackers, because numerous customers’ secrets are stored in their databases. Unscrupulous merchants or employees can steal customers’ authentication information that contains the key elements needed for fraudulent transactions. Moreover, the effort of illegal actions can be simplified by the help of computer systems. Identity theft thus becomes a serious issue in the growing digital environment. Consumers are reluctant to do business on-line for worrying that personal information on the Internet could be stolen or used for malicious purpose. Therefore, the issue of privacy protection during authentication procedure is in great need for the development of electronic commerce. This study focuses on user authentication which protects user’s secret information. We apply authentication technology in remote login and on-line credit card payment. In the first subject - remote login, we propose three secure authentication protocols based on the combination of different factors. For electronic commerce transactions, the consumer has to verify the merchant’s identity before sending out his/her authentication information. The merchant also needs to authenticate the customer to avoid illegal login and fraudulent transaction. Thanks to its simplicity and convenience, the password scheme may be truly the most widely used approach, but it also bears the nature of being vulnerable to several kinds of attacks. We hope that consumers can keep using password scheme they are accustomed to. By well designing the protocol and adding different authentication factors, some weak passwords picked by the customers can be therefore protected. A session key is also established during authentication process to provide confidentiality for communication. Therefore, those schemes proposed hereinafter are able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities. For the second subject – on-line credit card payment, we propose two methods to conceal cardholders’ identities in the electronic marketplace in which cardholders’ trust for banks can be reduced to a minimum. The sensitive card information is well protected along the way and can be extracted only by the issuer. Based on the need-to-know principle, transaction information should be available only to parties that need it to avoid data aggregation and misuse. A cardholder needs only to select a trustworthy issuer, instead of worrying about the possible breakdowns of every involved acquirer. By providing secure on-line authentication mechanisms and privacy protection, on-line frauds can be minimized, users’ confidence on electronic commerce can thus be enhanced.