{"title":"迈向无分支银行的端到端安全","authors":"S. Panjwani","doi":"10.1145/2184489.2184496","DOIUrl":null,"url":null,"abstract":"Mobile-based branchless banking has become one of the key mechanisms for extending financial services to low-income populations in the world's developing regions. One shortcoming of today's branchless banking systems is that they rely largely on network-layer services for securing transactions and do not implement any application-layer security. Recent results show that several of these systems are, in fact, not end-to-end secure.\n In this paper, we make the case for designing mobile-based branchless banking systems which build security into the application layer and guarantee end-to-end security to system users. We present a threat model which captures the goals of authenticated transactions in these systems and then provide recommendations for solution design based on our model's requirements.","PeriodicalId":88972,"journal":{"name":"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications","volume":"64 1","pages":"28-33"},"PeriodicalIF":0.0000,"publicationDate":"2011-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"23","resultStr":"{\"title\":\"Towards end-to-end security in branchless banking\",\"authors\":\"S. Panjwani\",\"doi\":\"10.1145/2184489.2184496\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile-based branchless banking has become one of the key mechanisms for extending financial services to low-income populations in the world's developing regions. One shortcoming of today's branchless banking systems is that they rely largely on network-layer services for securing transactions and do not implement any application-layer security. Recent results show that several of these systems are, in fact, not end-to-end secure.\\n In this paper, we make the case for designing mobile-based branchless banking systems which build security into the application layer and guarantee end-to-end security to system users. We present a threat model which captures the goals of authenticated transactions in these systems and then provide recommendations for solution design based on our model's requirements.\",\"PeriodicalId\":88972,\"journal\":{\"name\":\"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications\",\"volume\":\"64 1\",\"pages\":\"28-33\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"23\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2184489.2184496\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2184489.2184496","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mobile-based branchless banking has become one of the key mechanisms for extending financial services to low-income populations in the world's developing regions. One shortcoming of today's branchless banking systems is that they rely largely on network-layer services for securing transactions and do not implement any application-layer security. Recent results show that several of these systems are, in fact, not end-to-end secure.
In this paper, we make the case for designing mobile-based branchless banking systems which build security into the application layer and guarantee end-to-end security to system users. We present a threat model which captures the goals of authenticated transactions in these systems and then provide recommendations for solution design based on our model's requirements.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
