A new architecture for secure two-party mobile payment transactions
| dc.contributor.author | Zhu, Yunpu | |
| dc.contributor.author | University of Lethbridge. Faculty of Arts and Science | |
| dc.contributor.supervisor | Rice, Jacqueline E. | |
| dc.date.accessioned | 2011-07-22T19:03:02Z | |
| dc.date.available | 2011-07-22T19:03:02Z | |
| dc.date.issued | 2010 | |
| dc.description | xi, 229 leaves : ill. ; 29 cm | en_US |
| dc.description.abstract | The evolution of wireless networks and mobile device technologies has increased concerns about performance and security of mobile systems. We propose a new secured applicationlevel architecture for a two-party mobile payment transaction that is carried out between a resource-limited mobile device and a resource-rich computer server over wireless networks. As an example of such transactions, the mobile banking transaction is focused on throughout this thesis. The proposed architecture, namely SA2pMP, employs a lightweight cryptography scheme (combining both a Public-key cryptography algorithm (ECDSA) and a Symmetric-key cryptography algorithm (AES)), a multi-factor authentication mechanism, and a transaction log strategy. The proposed architecture is designed to satisfy the four properties of confidentiality, authentication, integrity and non-repudiation that are required by any secure system. The architecture can be implemented on a Java ME enabled mobile device. The security API library can be reused in implementing other two-party mobile applications. The present study shows that SA2pMP is a unique lightweight security architecture providing comprehensive security for two-party mobile payment transactions. In addition, simulations demonstrate that SA2pMP can be installed in resource-limited mobile devices as a downloadable software application. The main contribution of the thesis is to suggest a design for a security architecture for two-party mobile payment transactions, for example, mobile banking. It suggests a four-layer model of mobile payment participants, based on Karnouskos (2004). This model clarifies how participants are involved in a mobile payment transaction. In addition, an improved model is suggested to guide security aspects of system design, which is based on an Onion Layer Framework (Wei, C.Liu, & Koong, 2006). | en_US |
| dc.identifier.uri | https://hdl.handle.net/10133/2488 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | Lethbridge, Alta. : University of Lethbridge, Dept. of Mathematics and Computer Science, c2010 | en_US |
| dc.publisher.department | Department of Mathematics and Computer Science | en_US |
| dc.publisher.faculty | Arts and Science | en_US |
| dc.relation.ispartofseries | Thesis (University of Lethbridge. Faculty of Arts and Science) | en_US |
| dc.subject | Mobile commerce | en_US |
| dc.subject | Banks and banking, Mobile | en_US |
| dc.subject | Wireless communication systems -- Security measures | en_US |
| dc.subject | Dissertations, Academic | en_US |
| dc.title | A new architecture for secure two-party mobile payment transactions | en_US |
| dc.type | Thesis | en_US |