跳到主要內容

臺灣博碩士論文加值系統

(18.97.9.172) 您好!臺灣時間:2025/02/18 04:36
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:程瀅綺
研究生(外文):CHENG, YING-CHI
論文名稱:開放銀行資通安全風險評鑑之研究–以TSP業者為例
論文名稱(外文):Study on the Cyber Security Risk Assessment of Open Banking:a Case Study on TSP
指導教授:魏銪志魏銪志引用關係
指導教授(外文):WEI, YU-CHIH
口試委員:林宜隆翁頌舜魏銪志
口試委員(外文):LIN, I-LUNGWENG, SUNG-SHUNWEI, YU-CHIH
口試日期:2022-06-30
學位類別:碩士
校院名稱:國立臺北科技大學
系所名稱:資訊與財金管理系
學門:商業及管理學門
學類:財務金融學類
論文種類:學術論文
論文出版年:2022
畢業學年度:110
語文別:中文
論文頁數:72
中文關鍵詞:開放銀行金融科技資訊安全管理
外文關鍵詞:Open BankingFintechInformation security management
相關次數:
  • 被引用被引用:1
  • 點閱點閱:406
  • 評分評分:
  • 下載下載:1
  • 收藏至我的研究室書目清單書目收藏:0
在各國積極推動開放銀行與金融科技等技術,加上2019年COVID-19伺虐全球,加速無接觸經濟當道,促進開放銀行變為各國主要首選考量,使一般客戶不用赴實體銀行進行金融服務交易,開放銀行提供了多項創新業務,創造多贏的經濟模式。臺灣金融服務近年來也有新的變化,從傳統實體銀行到網路銀行至現今的純網銀,與目前臺灣政府積極推動的開放銀行的服務,惟開放銀行推動面臨到許多不同的阻力,例如不同金融機構與異質平台的束縛、外來的資安攻擊、客戶個資與隱私保護的能力等,本研究基於上述提及的阻力,研究國外開放銀行推動經驗歷程,與相對應制度標準,提出符合臺灣TSP業者開放銀行自我評估方法論,藉由此方法論可得知TSP業者組織整體能量是否合宜進入臺灣開放銀行生態系,另可審視TSP業者組織缺乏之面向,可加以補足,本研究冀希藉由此方法論,可使更多臺灣TSP業者能與銀行多方合作,刺激臺灣金融市場發展,達到普惠金融之精神。
Since the 2019 Severe Acute Respiratory Infectious Pneumonia (COVID-19) happened worldwide, open banking service has become the main consideration of all countries including Taiwan, actively promote open banking and financial technology. Nowadays, no-touch economy, pure internet banking have been accelerated to a new level, financial services in Taiwan have also undergone new changes, from traditional to pure internet banking. This study examined the experience of overseas open banking promotion and the corresponding institutional standards based on the above-mentioned resistance, and proposed a self-assessment methodology that is in line with Taiwan's TSP industry's open banking self-assessment methodology today. This study hopes TSP operators in Taiwan will cooperate with banks through this methodology, to stimulate the development of Taiwan's financial market and achieve the spirit of financial inclusion.
摘要 i
ABSTRACT ii
誌謝 iii
目錄 iv
表目錄 vi
圖目錄 vii
第一章 緒論 1
1.1研究背景與動機 1
1.2研究目的 3
1.3研究架構 5
第二章 文獻回顧 7
2.1開放銀行 7
2.1.1 全球開放銀行 7
2.1.2 英國與歐盟開放銀行 9
2.1.3 臺灣開放銀行 14
2.2網路風險研究所 18
2.3網路安全成熟度模型認證 20
第三章 研究方法 24
3.1研究流程 24
3.2研究假設 25
3.3問卷設計 25
3.3.1 資通風險評鑑基準文件問卷設計 25
3.3.2 臺灣TSP業者開放銀行自評問卷設計 29
第四章 資料分析與研究成果 32
4.1 問卷結果與資料分析 32
4.1.1 資通風險評鑑基準文件問卷數據 32
4.1.2 臺灣TSP業者開放銀行自評問卷數據 35
4.2 整體評估結果分析 40
第五章 結論與未來展望 42
參考文獻 44
附錄一 47
附錄二 58
附錄三 63


1.金融監督管理委員會, 金融科技發展路徑圖. 2020.
2.Experian, Open banking demand triples during Covid-19 pandemic. 2021.
3.Laplante, P. and N. Kshetri, Open Banking: Definition and Description. IEEE COMPUTING’S ECONOMICS, 2021. 54: p. 122-128.
4.Kassab, M. and P.A. Laplante, Open Banking: What It Is, Where It’s at, and Where It’s Going. IEEE Computer, 2022. 55(1): p. 53-63.
5.Kassab, M. and P. Laplante, Trust Considerations in Open Banking, in IT Professional. 2022. p. 70-73.
6.Mansfield, S., Open banking: opportunity and danger. Computer Fraud & Security, 2016. 2016(10): p. 8-13.
7.EU, payment services 2. 2016.
8.EU, General Data Protection Regulation. 2016.
9.FSI, Diversity and inclusion – embracing the true colours in financial supervision. 2022.
10.FSI, FSI Insights on policy implementation No 23. 2020.
11.銀行局金融控股公司組, 金管會持續推動「開放銀行」邁向第二階段「消費者資訊查詢」新里程碑. 2020.
12.財金資訊股份有限公司, 金融機構與第三方服務提供者辦理開放應用程式介面(OPEN API)業務安全控管作業規範. 2019.
13.CRI, The Profile is the benchmark for cyber risk assessment. 2020.
14.ISO, ISO/IEC 27001:2013(en) Information technology — Security techniques — Information security management systems — Requirements. 2013.
15.ISA, ISA-62443-2-1-2009, Security for Industrial Automation and Control Systems Part 2-1: Establishing an Industrial Automation and Control Systems Security Program. 2009.
16.ISA, ANSI/ISA-62443-3-3 (99.03.03)-2013 Security for industrial automation and control systems Part 3-3: System security requirements and security levels. 2013.
17.ISACA, COBIT 5 Framework Publications 2019.
18.ACCC, Inquiry into Future Directions for the Consumer Data Right. 2020.
19.Deloitte, Open Banking around the world:Towards a cross-industry data sharing ecosystem. 2018.
20.ACCC, Consumer data right (CDR). 2018.
21.CDS, Consumer Data Standards. 2021.
22.TCH, DATA ACCESS AGREEMENT. 2019.
23.U.S. DEPARTMENT OF THE TREASURY, A Financial System That Creates Economic Opportunities: Nonbank Financials, FinTech, and Innovation, D.O.T. TREASURY, Editor. 2018.
24.BUREAU OF CONSUMER FINANCIAL PROTECTION, Consumer Access to Financial Records. 2020.
25.Adams, S. and J.B. Morris, Open Banking: Building Trust. 2021.
26.Deloitte, Decree Enacting the Financial Technology Institutions Law. 2018.
27.Monetary Authority of Singapore, API Exchange (APIX). 2018.
28.FSA, Bank of England, HM Treasury and FSA: Financial stability and depositor protection: special resolution regime 2008.
29.ODI, ODI Strategy 2018 to 2022. 2018.
30.ODI, Open Banking, Preparing for Lift Off. 2018.
31.OBWG, The Open Banking Standard. 2016.
32.Susan Pandy, Modernizing U.S. Financial Services with Open Banking and APIs. 2021: Federal Reserve Bank of Boston.
33.Alice Prahmann, et al., Open Banking APIs Worldwide. 2019.
34.Anshu Premchand and Anurag Choudhry, Open Banking & APIs for Transformation in Banking, in International Conference on Communication, Computing and Internet of Things (IC3IoT). 2018, IEEE.
35.Fatima Hussain, et al., Enterprise API Security and GDPR Compliance: Design and Implementation Perspective. 2020. p. 81-91.
36.EU, Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC 2015. p. 35-127.
37.EU, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 1110 2016 on the protection of natural persons with regard to the processing of personal data 1111 and on the free movement of such data, and repealing Directive 95/46/EC (General Data 1112 Protection Regulation). 2016. p. 1-88.
38.EDPS, Preliminary Opinion on privacy by design. 2018.
39.EDPB, Guidelines 4/2019 on Article 25 Data Protection by Design and by Default. 2020.
40.CMA, The Retail Banking Market Investigation Order. 2017.
41.The Big 4 Accounting Firms, The Big 4 Accounting Firms. 2022.
42.UKAS, UKAS Policy on Participation in Proficiency Testing. 2020.
43.中華民國銀行商業同業公會全國聯合會, 銀行公會108年9 月26日第13屆第1次會員代表大會第13屆第1次會員代表大會. 2019.
44.金管會, 金管會發布「金融科技發展路徑圖」,以3年提升數位金融服務效率、可及性、使用性及品質. 2020.
45.財金資訊股份有限公司, 金融機構與第三方服務提供者辦 理開放應用程式介面(OPEN API)業務安全控管作業規範. 2019.
46.財金資訊股份有限公司, 開放API業務分享. 2021.
47.財金資訊股份有限公司, 財金資訊股份有限公司TSP業者資訊接露專區. 2020.
48.財金資訊股份有限公司, 「開放API」業務進程分享. 2020.
49.財金資訊股份有限公司, 開放應用程式介面(Open API)技術標準規格文件. 2019.
50.勤業眾信聯合會計師事務所, 台灣金融科技趨勢展望. 2021.
51.臧正運, 開放銀行的關鍵挑戰第三方服務提供者之治理模式選擇, in 財金資訊季刊. 2020.
52.金管會, 金管會訂定「金融機構間資料共享指引」. 2021.
53.國家發展委員會, 個人資料保護法. 2015.
54.臺灣集中保管結算所股份有限公司, 與銀行合作提供第三方服務業務操作辦法總說明. 2020.
55.NIST, CYBERSECURITY FRAMEWORK. 2018.
56.SAMA, Cyber Security Framework, S.A.M. Authority, Editor. 2017.
57.CPMI-IOSCO, PFMI: Disclosure framework and Assessment methodology. 2012.
58.US Federal Reserve Financial Stability Report. 2021.
59.SEC, Pursuant to Section 3(d) of the 21st Century Integrated Digital Experience Act. . 2021.
60.NIST, Security and Privacy Controlsfor Information Systems and Organizations. 2020.
61.HKMA, Cyber Resilience Assesmsent. 2020.
62.SARB, SARB Questionnaire - OIT Project Management. 2020.
63.CRI, The Profile Workbook. 2021.
64.USDOD, Cybersecurity Maturity Model Certification. 2021.
65.House and Aleksey, THE PRICE OF A CYBERSECURITY CULTURE: HOW THE CMMC SHOULD SECURE THE DEPARTMENT OF DEFENSE'S SUPPLY CHAIN WITHOUT HARMING SMALL BUSINESSES AND COMPETITION. Public Contract Law Journal, 2021. 50(3): p. 449-470.
66.Barnett, J., The DOD wants better cybersecurity for its contractors. The first steps haven’t been easy. 2020.
67.Compliance Forge, CMMC Compliance Guide. 2020.
68.The U.S. National Archives and Records Administration, Controlled Unclassified Information (CUI). 2021.
69.NIST, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. 2020.


電子全文 電子全文(網際網路公開日期:20270713)
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊