通过分析现有网络银行在线支付特点及安全保护机制,发现其支付过程仍存在身份冒充、权限泄露和支付不灵活等问题。针对这些问题,提出使用控制模型UCON的网络银行在线支付模型,制定动态的授权规则和灵活的支付策略,并对提出的策略进行详细描述。通过使用模型检测工具NuSMV进行安全性分析,证明该策略符合网络银行访问控制的安全性和方便性需求,且能够弥补现有系统在身份认证机制和支付行为使用控制方面的不足。%By the analysis about current e-bank online-payment features and its security mechanisms, the problems of identity imitation, privileges disclosure and transaction unfriendly are still be found in the payment process. To solve these problems, access control model is proposed based on usage control(UCON), dynamic authorization rules and flexible payment strategies are also developed and described in detail. The safety analysis by using of NuSMV model checking tool proved that the given strategies achieve the access control requirements of e-banking in security and convenience, and fill the lack of existing system in authentication mechanism and usage control of payment behavior.
展开▼
