Browse > Article

A Credit Card based Payment Protocol Assuring End-to-End Security in Wireless Internet  

임수철 (고려대학교 컴퓨터학과)
강상승 (한국전자통신연구원 전자거래연구부)
이병래 (삼성전자 CTO전략실 소프트웨어센터)
김태윤 (고려대학교 컴퓨터학과)
Publication Information
Journal of KIISE:Information Networking / v.29, no.6, 2002 , pp. 645-653 More about this Journal
Abstract
The WPP payment protocol uses the WAP protocol to enable credit card payment on the wireless internet. Since the security of the WAP protocol is based on the WTLS security protocol, there exists an end-to-end security weakness for the WPP payment protocol. This paper is suggesting a payment protocol, which is making use of the Public-Key Cryptosystem and the Mobile Gateway, so assuring end-to-end security independently of specific protocols. As the on-line certification authority is participating on the authentication process of the payment protocol, the suggested payment protocol enables wireless devices to get services from service providers on other domains.
Keywords
Payment Protocol; Wireless Internet; End-to-End Security; Public-Key Cryptosystem; Credit Card;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Lyytinen, K., 'M-commerce - mobile commerce: a new frontier for E-business,' System Sciences, Proceedings of the 34th Annual Hawaii International Conference on, pp.3509-3509, 2001   DOI
2 VISA & Mastercard, 'SET Electronic Transaction Specification,' 1997
3 J. Hall, S. Kilbank, M. Barbeau, and E. Kranakis, 'WPP: A Secure Payment Protocol for Supporting Credit- and Debit-card Transactions Over Wireless Networks,' IEEE International Conference on Telecommunications (ICT), Bucharest, June, 2001
4 Eun-Kyeong Kwon: Yong-Gu Cho; Ki-Joon Chae, 'Integrated transport layer security: end-to-end security model between WTLS and TLS,' Information Networking, 2001. Proceedings. 15th International Conference on , pp.65-71, 2001   DOI
5 Gunter Horn, Bart Preneel, 'Authentication and Payment in Future Mobile Systems,' ESORICS, LNCS 1485, pp.277-293, 1998   DOI   ScienceOn
6 W. Diffie, M. Hellman, 'New directions in cryptography,' IEEE Transactions on Information Theory, Vol. IT-22, No.6, pp.472-492, Nov. 1976
7 ACTS AC095, 'ASPeCT Deliverable D20, Project final report and results of trials,' Dec. 1998
8 WAP Forum, 'WAP White Paper,' 2000
9 WAP Fourm, 'Wireless Application Protocol Wireless Transport Layer Security Spectification version 18-FEB-2000,' 2000
10 K. M. Martin, B. Preneel, C. J. Mitchell, H. J. Hitz, G. Horn, A. Polickova, P. Howard, 'Secure Billing for Mobile Information Services in UMTS,' LNCS 1430, Springer-Verlag, IS&N May. 1998   DOI   ScienceOn
11 T. Dierks, C. Allen, 'The TLS Protocol version 1.0,' IETF RFC 2246, Jan. 1996
12 W. Rankl, W. Effing, 'Smart Card Handbook,' JOHN WILEY & SONS, LTD, 2000
13 M. Aydos, B. Sunar, and C. K. Koc., 'An elliptic curve cryptography based authentication and key agreement protocol for wireless communication,' 2nd International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, Dallas, Texas, October 30, 1998
14 A. Menezes, P. van Oorschot, S. Vanstone, 'Handbook of Applied Cryptography,' CRC Press, Boca Raton, 1997
15 A. Freier, P. Karlton, P. Kocher, 'The SSL Protocol version 3.0,' Internet Draft, Nov. 1996