System and Method for Authenticating Network Transaction Trustworthiness
20170278107 ยท 2017-09-28
Assignee
Inventors
- Changjun JIANG (Shanghai, CN)
- HONGZHONG CHEN (SHANGHAI, CN)
- Chungang YAN (Shanghai, CN)
- Zhijun DING (Shanghai, CN)
- WANGYANG YU (SHANGHAI, CN)
- YONGLONG GE (SHANGHAI, CN)
Cpc classification
International classification
G06Q20/40
PHYSICS
Abstract
A system and method for authenticating network transaction trustworthiness, a bottom layer of the system supports two mainstream operating systems, i.e., Windows and Linux; basic management modules, i.e., respectively a communication management module, a certificate management module and a database management module are above the bottom layer support; a fourth-party authentication domain is above the foundation management modules; a user domain, an E-merchant domain, a third-party payment domain and the like are also provided. The method comprises the steps: 1) when a network transaction occurs, uploading, by a user, a digital certificate to perform digital authentication by logging into a security client, and simultaneously uploading, by an E-merchant and a third-party payment platform, digital certificates thereof to perform corresponding digital authentication; 2) after the digital authentication passes, downloading, by the user, a behavior certificate through a user behavior certificate downloading module, and formally entering, by the three parties, a transaction process; etc.
Claims
1. A network transaction trustworthiness authentication system, characterized in that, a bottom layer of the network transaction trustworthiness authentication system supports two mainstream operating systems, i.e., Windows and Linux, has a very good cross-platform ability and provides a good support for application development of an upper layer; three basic management modules, i.e., respectively a communication management module, a certificate management module and a database management module at a comparatively low layer are above the bottom layer support; the communication management module is mainly responsible for packaging a network communication function according to a specific demand of the system, providing communication services such as data exchange for the upper layer and providing the communication services to a fourth party in a network transaction for calling to perform data exchange; the certificate management module is responsible for performing uniform management to a software behavior certificate, a user behavior certificate and a digital certificate, including operations such as searching, updating and issuance of certificates; the database management module is mainly responsible for updating and maintaining a database and improving data access efficiency; a fourth-party authentication domain of the network transaction trustworthiness authentication system is above the basic management modules and mainly has functions of monitoring and authenticating a network transaction process, performing digital authentication to three transaction parties, verifying trustworthiness of user identity through the user behavior certificate and verifying trustworthiness of a network transaction behavior of the three transaction parties through the software behavior certificate; the fourth-party authentication domain is divided into three sub-parts, i.e., the digital certificate, the user behavior certificate and the software behavior certificate to perform triple authentication to the network transaction process; the network transaction trustworthiness authentication system further comprises other three domains, i.e., a user domain, an E-merchant domain and a third-party payment domain; the user domain is mainly responsible for uploading the user digital certificate, verifying the user identity through the user behavior certificate as well as acquiring and uploading a client software behavior in the transaction process; and the E-merchant domain and the third-party payment domain mainly have functions of uploading digital certificates thereof, as well as acquiring and uploading software behaviors.
2. A network transaction trustworthiness authentication method, comprising the following steps: 1) when a network transaction occurs, uploading, by a user, a digital certificate to perform digital authentication by logging into a security client, and simultaneously uploading, by an E-merchant and a third-party payment platform, digital certificates thereof to perform corresponding digital authentication; 2) after the digital authentication passes, downloading, by the user, a behavior certificate through a user behavior certificate downloading module, and formally entering, by the three parties, a transaction process; 3) in the transaction process, acquiring, by the security client, a user behavior in real time through a user behavior acquisition module, providing the user behavior to a user behavior authentication module, and authenticating trustworthiness of a current user access behavior according to the user behavior certificate downloaded from a fourth-party authentication center; if authentication passes, continuously acquiring a user access behavior and performing authentication; if the authentication fails, uploading a detailed authentication result to the authentication center, and performing, by the authentication center, examination and judgment; simultaneously, acquiring a client software behavior in real time through a software behavior acquisition module, and uploading, by a communication interaction module, the client software behavior to the authentication center; also acquiring, by the E-merchant and the third-party payment platform, software behaviors thereof in real time through software behavior monitoring modules, and uploading, by communication interaction modules, the software behaviors to the authentication center; if software behavior authentication passes, sending, by the authentication center, feedback information, continuously performing the transaction process, and continuously performing real-time acquisition and monitoring to software behaviors of the three parties; and if the authentication fails, giving, by the authentication center, a broadcast notice about that abnormality occurs in the transaction process to the three parties of the transaction, and terminating the transaction; 4) after the transaction is completed, uploading, by the security client, a new access log to the authentication center through a user access log uploading module, sending, by the authentication center, feedback information after receiving the new access log, and exiting, by the user, the security client; and 5) then calling, by the authentication center, a user behavior certificate mining module through a certificate management module to mine the new user access log, and updating the behavior certificate of the user.
3. The network transaction trustworthiness authentication method according to claim 2, characterized in that, when a new E-merchant or a new third-party payment platform is added, firstly auditing is performed thereto and a digital certificate is issued after the auditing passes; and then a corresponding software behavior certificate thereof is mined by analyzing a website source code thereof, is uploaded to the authentication center and is uniformly managed by a behavior certificate management module.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Examples
[0026]
[0027] As illustrated in
[0028] As illustrated in