Secure Service-Oriented Smartcard systems
Secure Service-Oriented Smartcard systems
Abstract
The paper describes secure service-oriented architecture for mobile transactions. The architecture comprises components, protocols, applications and interfaces and it provides various security services to various mobile applications:
Registration, Certification, Authentication, and Authorization of users, secure messaging at an application–level (end–to–end security), protection of data in databases, and security services for protection of its own components. The architecture is modular, integrated, extendible and scalable. The paper describes design of the architecture, the status of its current implementation, and future research and development plans.
Existing System:
In Existing system there are several systems in some countries supporting mobile financial transactions. But, all current systems are just “point-solutions”. They are based on proprietary products and therefore not compliant to any standard. As such, current mobile transaction systems are not mutually compatible, they cannot scale, and they are not easily extendable with additional functions or services. All current implementations provide very limited scope of functions and generally have no security features. Security of these systems relies on features provided by the GSM network, which are not adequate, especially for financial environments or on use of simple PIN schemes.
There are also many security issues related to SMS services, such as SMS spam, flooding, SMS fraud, and impersonation of users.
Proposed System:
In Proposed system we going to use 6-Tier Architecture describes the concept, components and services of a large–scale, comprehensive architecture for secure mobile applications and transactions. The concept is
o Comprehensive, i.e. many security services are provided by the architecture.
o Scalable, it provides the possibility for interlinking of mutually independent.
o Deployments, if based on the described architecture.
o Modular, i.e. new services, functions and components can be easily added to the architecture.
o Expandable, i.e. mobile applications can easily be linked to the architecture and can utilize its services and
o Open, meaning that integration of new components is based on utilization of standard based Web services and interfaces.
Modules:
1. SOA with (6-tier) Services.
2. Communication components and services.
3. Security components and services.
3.1 Registration and identity management services.
3.2 Smart cards management services.
3.3 Certificates Management.
3.4 Authorization Service.
ADVANTAGES:
SMS based transactional payments
Mobile web payments (WAP)
Security – Two-factor authentication and a risk management engine prevents fraud.
Convenience – No pre-registration and no new mobile software is required.
Easy – It’s just another option during the checkout process.
Fast – Most transactions are completed in less than 10 seconds.
Proven
DISADVANTAGE
Poor reliability – transactional payments can easily fail as messages get lost.
Slow speed – sending messages can be slow and it can take hours for a merchant to get receipt of payment. Consumers do not want to be kept waiting more than a few seconds.
High cost – There are many high costs associated with this method of payment. The cost of setting up short codes and paying for the delivery of media via a Multimedia Messaging Service and the resulting customer support costs to account for the number of messages that get lost or are delayed.
System Requirements:
Hardware Requirements:
• System : Pentium IV 2.4 GHz.
• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 512 Mb.
Software Requirements:
• Operating system : Windows XP.
• Coding Language : ASP.Net with C#
• Data Base : SQL Server 2005
Comments are closed.