臺灣博碩士論文加值系統

現今生活中，手機的普及使我們有利用手機來進行身份認證的方式。但由於欠缺多樣的應用方式，以致於目前大多數的手機只運用語音交談的功能。此外，現今用於小額付款的機制也只有現金最為廣為流傳。目前仍沒有一個方便而安全的小額付款機制來進行日常頻繁的小額交易活動。本論文提出並實作了基於行動電話的數種方便、通用且安全的付款系統。使用者能在短短的幾個按鍵動作中完成交易，而且使用者的手機不需要有其他額外的功能，像是Java或是STK。因此，使用者不需額外的硬體花費來使用本系統。此外，我們也提供了可運用在網際網路購物的安全付款模式。人們可利用本系統來進行安全而方便的小額付款，不論是在實體商店或是虛擬商店中。

The wide spread of mobile phones in modern life brings us new identification by our phones. Mobile phones are used mainly for voice due to the lack of applications. On the other hand, cash is the most widely used payment method for micropayment. There is no other convenient payment choice in our frequent daily micropayment. This thesis proposes and implements several convenient, flexible and secure payment methods based on mobile phones. Users can make secure payment in a few key strokes. User devices have not to acquire extra capability like Java or STK. Thus people can join our system without any additional cost. We also provide schemes to make secure payment on the internet. In this system, people may have secure and convenient micropayment choice for both physical and virtual stores.

Table of Content
Abstracts 0
Table of Content 3
List of Tables 5
List of Figures 6
Chapter 1 Introduction 7
Chapter 2 Related Researches 9
Chapter 3 System Environments 11
3.1 Assumptions 11
3.2 Goals 12
Chapter 4 Proposed Schemes 14
4.1 Data Items 14
4.2 IDuser vs. PhoneNo 14
4.3 Classification of the Three Schemes 14
4.4 Scheme 1 Dial out 14
4.5 Scheme 2 Dial in 14
4.6 Scheme 3 IrDA 14
Chapter 5 Implementation 14
5.1 Environmental Requirement 14
5.2 Program Functions 14
5.2.1 Telecom Company’s Server 14
5.2.2 Merchant POS 14
5.2.3 Merchant Mobile POS 14
5.2.4 Internet store 14
Chapter 6 System Analysis 14
6.1 System evaluation 14
6.2 Compare to Related Researches 14
6.3 Future Work 14
Chapter 7 Conclusion 14
Reference 14
Appendix 14

[1] D. Abrazhevich, “Classification and Characteristics of Electronic Payment Systems,” EC-Web 2001, Lecture Notes in Computer Science 2115, pp. 81-90, 2001.
[2] R. Atkinson, “Security Architecture for the Internet Protocol,” RFC 1825, NavalResearch Laboratory, 1995.
[3] M. Bellare, J. A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G.Tsudik, and M. Waidner, “iKP — A Family of Secure Electronic Payment Protocols,” Extended Abstract, USENIX Workshop on Electronic Commerce. July11-12, 1995.
[4] N. Borenstein, “Vulnerability of Software Based Credit Card Encryption,” At http://fv.com/ccdanger/index.html; see also San Jose Mercury News, 29 January 1996, “Program shows ease of stealing credit information” by Simpson L.Garfinkel.
[5] R. Braden, D. Clark, S. Crocker and C. Huitema, “Security in the Internet Architecture,” RFC 1636, 1994.
[6] S. Brands, “Untraceable Off-Line Cash in Wallets with Observers,” Lecture Notes in Computer Science 773, Advances in Cryptology: Proc. Crypto ''93, Springer, pp. 302 —318, 1994.
[7] Brokat. X-Pay, available at http://www.brokat.com.
[8] D. Chaum, A. Fiat, and N. Naor, “Untraceable electronic cash,” LNCS 403, Proceedings Crypto ''88, pp. 319-327, 1988.
[9] B. Cox. “Maintaining Privacy in Electronic Transactions,” Information Networking Institute Technical Report TR 1994─8, Fall 1994.
[10] B. Cox, J. D. Tygar, and Marvin Sirbu, “NetBill Security and Transaction Protocol,” Proceedings of the First USENIX Workshop in Electronic Commerce, pp. 77~88, 1995.
[11] D. W. Davies and W. L. Price, Security for Computer Networks: an Introduction to Data Security in Teleporcessing and Electronic Funds Transfer, 2nd Edition. Wiley, 1989.
[12] S. Fischmeister, G. Hagleitner, W. Pree. “Hermes--A Lean M-commerce Software Platform Utilizing Electronic Signatures,” Proceedings of 35th Annual Hawaii International Conference on System Sciences (HICSS''02)-Volume 9 January 07-10, 2002
[13] H. Gobioff, S. Smith, J. D. Tygar and B. Yee, “Smartcards in Hostile Commerce, Environments,” Proceedings of the Second lJSENlX Workshop on Electronic November 1996.
[14] E. B. Hickman and T. Elgamal, “The SSL Protocol,” Internet Draft. June 1995.
[15] R. Housley, W. Ford, W. Polk and D. Solo, “Internet Public Key Infrastructure, X.509 Certificate and CRL Profile,” RFC [tbd], 1997.
[16] G. Jennifer, B. Steiner, C. Neuman and J. I. Schiller, “Kerberos: An Authentication Service for Open Network Systems,” USENIX Winter Conference, pp. 191-202, February 1988.
[17] P. Loshin, “Electronic Commerce — On-Line Ordering and Digital Money,” Charles River Media, Inc. 1995.
[18] D. C. Lynch and L. Lundquist, “Digital Money — The New Era of Internet Commerce,” John Wiley & Sons, Inc, p. 96, 1996.
[19] K. Maddox, M. Wagner, and C. Wilder, “Making Money on the Web,” Information Week, pp. 31-40, 1995.
[20] General Magic. Telescript Technology, “The Foundation for the Electronic.Marketplace,” Technical report, General Magic, 1996. http://www.Genmagic.Com/Telescript/Whitepapers/wpl/whitepaper-1.html
[21] Mastercard International and Visa International, Secure Electronic Transaction (SET) Specification, June 1996, http://www.visa.com or http://www.mastercard.com.
[22] Mastercard International and Visa International, “Business Description.Draft for Public comment,” Secure Electronic Transaction (SET) Specification, Book1, February 23, 1996.
[23] P. Neumann, “Risks in Digital Commerce,” Communications of the ACM. January 1996.
[24] P. Panurach, “Money in Electronic Commerce: Digital Cash, Electronic Fund Transfer, and Ecash,” Communications of the ACM, pp. 45-50, 1996.
[25] Paybox. Die paybox-Gruppe strukturiert um, available at http://www.paybox.de.
[26] R. Rivest, A. Shamir, and I. Adleman, “A Method for Obtaining Digital No. 2, pp 42. Signatures and Public-Key Cryptosystems,” Communications of the ACM, Vol. 21, 120-126, 1978.
[27] M. Sirbu and J. D. Tygar. “NetBill: an Internet Commerce System Optimized for Network Delivered Services,” IEEE Personal Communications, pp. 34-39, August 1995.
[28] The WAP Forum, “Wireless Application Protocol Architecture Specification,” available at http://www1.wapforum.org/tech/documents/ WAP-210-WAPArch-20010712-a.pdf
[29] The WAP Forum, “Wireless Transport Layer Security Specification,” available at http://www1.wapforum.org/tech/terms.asp?doc= WAP-261-WTLS-20010406-a.pdf
[30] J. D. Tygar. “Atomicity in Electronic Commerce,” the 21st ACM Principles of Distributed Computation, 1996.
[31] SANS Institute, “The GSM Standard (An overview of its security),” available at http://www.sans.org/rr/papers/58/317.pdf
[32] B. Yee and J. D. Tygar, “Secure Coprocessors in Electronic Commerce Applications,” Proceedings of the First USENIX Workshop on Electronic Commerce, pp. 155-170, July 1995.