【摘要】：自從互聯(lián)網大發(fā)展以來,網上銀行提供的功能越來越豐富,2010年的網上銀行交易額接近554萬億元人民幣,相當于2010年國內生產總值的39萬億的14倍。由于互聯(lián)網是一個開放的網絡,網上銀行已經成為不法分子惡意攻擊的目標,據統(tǒng)計當前針對網上銀行的犯罪案件數量快速上升。網上銀行一旦出現(xiàn)局部安全事件,就會快速傳播,產生全局性的影響,并且?guī)硪幌盗袊乐氐暮蠊?不僅會給銀行帶來難以估量的聲譽及經濟損失,而且會影響到社會穩(wěn)定。網上銀行的安全性已經引起社會各個層面的關注。 浦發(fā)銀行作為國內股份制商業(yè)銀行之一,在我國銀行領域占據舉足輕重的地位。網上銀行是浦發(fā)銀行重要的業(yè)務窗口,其安全性始終是銀行業(yè)務的重要關注點。本文通過對浦發(fā)銀行網上銀行安全體系的整體分析,提供了一個更安全的網上銀行架構,確保網上銀行業(yè)務的持續(xù)快速發(fā)展。 本文的創(chuàng)新之處在于以下四點： 1.構建完整的安全體系：網上銀行的安全體系通常涉及面較廣,以往的論文僅局限于安全體系的一個局部,而本文主要從技術方面,設計一個完整的安全體系,構建一個客戶放心的安全的網上銀行,主要包括基礎設施安全、客戶端安全、動態(tài)密碼和災難備份。 2.增加網上銀行客戶端安全的設計：長久以來,網上銀行的服務端安全一直比較受到重視,不管是防火墻、IDS/IPS等安全產品也多針對銀行端安全,但是最近頻繁出現(xiàn)的“網銀大盜”等安全威脅通過原本不太受重視的客戶端來實施犯罪。所以,本文將網上銀行客戶端的安全作為安全體系中的重要的組成部分。 3.采用動態(tài)密碼：銀行卡密碼一般為一個6位的數字密碼,在傳統(tǒng)的使用場景下,安全性能夠得到保證；在互聯(lián)網時代,固定的密碼較容易被破解及獲取,所以有些網上銀行引入了證書等安全手段來進行客戶認證,但其使用的復雜性較高、推廣較為困難。本文采用了動態(tài)密碼的方式,由于其易用性可以在網上銀行安全領域推廣使用。 4.設計網上銀行異地災備架構：為了提升客戶服務體驗,保證網上銀行能夠7x24小時運行,不會由于電力、通訊等環(huán)境因素導致服務異常,構建網上銀行的異地災難備份也成為保障業(yè)務連續(xù)運行的必須。同時,考慮到災備環(huán)境的利用率,將網上銀行災備設計成雙活的體系架構。
[Abstract]:Since the development of the Internet, online banking has provided more and more functions, with online banking transactions reaching nearly 554 trillion yuan in 2010, 14 times the 2010 gross domestic product (GDP) of 39 trillion. As the Internet is an open network, Internet banking has become the target of malicious attacks by lawless elements. According to statistics, the number of criminal cases against Internet banking is increasing rapidly. Once there is a local security event, the online bank will spread quickly and have a global impact, and bring a series of serious consequences, which will not only bring incalculable reputation and economic losses to the bank, but also affect social stability. The security of online banking has attracted the attention of all levels of society. As one of the domestic joint-stock commercial banks, Pudong Development Bank occupies a pivotal position in the banking field of our country. Internet banking is an important business window of Pudong Development Bank, and its security is always an important concern of bank business. Through the overall analysis of the security system of Pudong Development Bank online banking, this paper provides a more secure network banking architecture to ensure the continuous and rapid development of online banking business. The innovation of this paper lies in the following four points: 1. Building a complete security system: the security system of Internet banking is usually involved in a wide range of areas, the previous papers are limited to only one part of the security system, but this paper mainly from the technical aspect, design a complete security system, Build a secure online bank, including infrastructure security, client security, dynamic password and disaster backup. 2. Increasing the design of client security of Internet banking: for a long time, the security of service side of Internet banking has been paid more attention to, no matter it is firewall, IDS/IPS and other security products are also aimed at bank security, However, security threats such as cyber theft, which have been frequently seen recently, commit crimes through less valued clients. Therefore, this paper regards the security of Internet banking client as an important part of the security system. 3. Adopt dynamic password: bank card password is a 6-bit digital password, in the traditional use scenario, the security can be guaranteed; In the Internet era, the fixed password is easy to be cracked and obtained, so some online banks have introduced the certificate and other security means to authenticate their customers, but the complexity of their use is higher, so it is difficult to promote. This paper uses dynamic password, because of its ease of use can be used in the field of online banking security. 4. To improve customer service experience and ensure that Internet banking can run in 7x24 hours, it will not cause abnormal service due to environmental factors such as power, communication, etc. The construction of online banking disaster backup is also necessary to ensure the continuous operation of business. At the same time, considering the utilization of disaster preparedness environment, the disaster preparedness of online banking is designed as a dual-live architecture.
【學位授予單位】：復旦大學
【學位級別】：碩士
【學位授予年份】：2012
【分類號】：TP309;F830.49

【引證文獻】

相關期刊論文 前1條

1 劉國斌;姜南;;高校財務網上銀行業(yè)務的安全性分析[J];中國集體經濟;2015年28期

相關碩士學位論文 前1條

1 王紹龍;網上銀行操作風險及其防范研究[D];天津大學;2013年

，

本文編號：2336165