【摘要】 安全电子交易SET(Secure Electronic Transaction)协议通过制定标准和采用各种加密算法和身份认证来解决阻碍电子商务发展的许多安全问题。首先对SET协议注册阶段和购买阶段过程进行抽象,给出其形式化模型及模型描述。发现由于SET本身的缺陷可能导致的入侵者的攻击,以及该攻击对购买阶段中商家和持卡人造成的安全威胁,对协议的改进提供了有益的参考。更多还原

【Abstract】 By establishing standards and adopting various technologies of encryption and authentication,SET(Secure Electronic Transaction)has resolved almost all security problems that once stranded the development of e-commerce.The process of the registration phase and the purchase phase of SET protocol is analyzed in this paper,and its formal model and description of model are given.An attack from intruder as a result of SET’s limitation is discovered,together with some safety threaten it may bring to the Merchant and the Cardholder.The analysis is beneficial to the improvement of SET protocol.更多还原