| Summary: | 碩士 === 國立暨南國際大學 === 資訊管理學系 === 94 === After the smart card was presented to the public, various kinds of remote authentication schemes based smart cards are proposed and revised constantly. The smart card does not have a display monitor and is unable to supply its power by itself. It needs the support of a card reader or a terminal device. If we use an unsafe card reader or an insecure terminal device, the cardholder's information will be leak out and insecure.
Based on the hypothesis that card readers are semi-trusted, we studied issues about the service and information transmission after the authentication between a smart card and a remote server is completed. We proposed a secure service and information transmission scheme to ensure the information security and correct transmission. After taking out a smart card from a card reader, we can still resist the illegal programs effectively, even if a card reader or a terminal device is planted by a hostile program. We used JAVA to make a prototype and confirmed the feasibility in the existing hardware environment. We also proposed a suitable business model to promote this application.
|
|---|
