[雙語翻譯]外文翻譯--移動電子商務(wù)的安全問題（英文）

1、Security issues in Mobile eCommerceDo Van ThanhProduct Line Mobile e-commerce, Ericsson Norway, P.B. 34, N-1375 Billingstad, Norway van.thanh.do@eto.ericsson.seAbstract. With Mobile e-commerce the mobile user can buy and

2、 pay for things, pay his bill or make a bet via his mobile phone when on the move, anywhere and at any time. Mobile e-commerce will bring convenience and contribute to improve life quality of the users. However, in order

3、 to be suc- cessful, security measures must be strong enough to protect the user from ille- gal abuses and to get confidence from him. Unfortunately, current security measures for mobile phones are not yet sufficient. Th

4、is paper describes the R&D activities in mobile e-commerce at Ericsson, which aim at making mo- bile e-commerce applications secure and enabling a full-scale development and deployment of them. The paper starts with

5、a definition of mobile e- commerce. Next are a summary of the Wireless Application Protocol (WAP) and its achievements. The problems related to security in mobile e-commerce are then described. Thereafter, the solution t

6、o the problems is presented. The paper concludes with a look on the future and discussions on what can be done.1 IntroductionThe convergence of mobile communications network and Internet has paved the way for a range of

7、brand-new applications called wireless Internet applications. Which one of them will be the killer application is still unclear. However, there is one type of wireless Internet applications that are getting more and more

8、 popular and may even surpass their counterpart in the fixed Internet. They are called mobile electronic commerce applications. They enable the user to buy small things such as soft drinks, cinema tickets, train tickets,

9、 etc. or to pay his bills via mobile devices, i.e. mobile phones, PDAs (Personal Data Assistant), palmtops, etc. In a time when people are much on the move and focus is on life quality improvement, mobile e-commerce appl

10、ications will bring both convenience and save a lot of time for the mobile user. However, in order to be successful, security measures must be strong enough to pro- tect the user from illegal abuses and to get confidence

11、 from him. Unfortunately, current security measures for mobile phones are not sufficient. This paper describes the R&D activities in mobile e-commerce at Ericsson, which aim at making mobile e-commerce applications s

12、ecure and enabling a full-scale development and deploy- ment of them. The paper starts with a presentation of mobile e-commerce. Next are aK. Bauknecht, S. Kumar Madria, and G. Pernul (Eds.): EC-Web 2000, LNCS 1875, pp.

13、467?476, 2000. ? Springer-Verlag Berlin Heidelberg 2000battery life, size and weight, WAP is optimised for the wireless environment. The architecture of WAP is shown in Figure 1.ClientWTAIWMLScriptWML WML EncoderWML Scri

14、pt CompilerProtocol AdapterWAP Gateway Web serverContentCGI ScriptWSP/ WTP HTTPFigure 1 The WAP architectureOf course, WAP will contribute to the success of mobile e-commerce but it is worth noting that mobile e-commerce

15、 exists also without WAP. For example, the first mo- bile e-commerce application in Norway, “The cinema ticket“ that was jointly devel- oped by Ericsson and Telenor Mobile is not based on WAP. It is based on SIM appli- c

16、ation toolkit where the commerce application is implemented on the SIM (Sub- scriber Identity Module) of the mobile phone. In the future, mobile e-commerce can be extended further through the adoption of newer technology

17、 such as Bluetooth, which allows local communications between devices without the need of an on-line connection with the network.4 Security requirements in e-commerceIn e-commerce where the consumer and the merchant comm

18、unicate indirectly via software entities and the Internet, trust must be somehow established between the two parties. In order to achieve trust the following security functions must be per- formed: - Authentication: Each

19、 party needs to be able to authenticate its counterpart, i.e. to make sure that the counterpart is the one he claimed to be. - Integrity: Each party needs to make sure that the received messages are not al- tered or fabr

20、icated by other than their counterpart. - Confidentiality: Each party wants to keep the content of their communication secret. - Message authentication: Each party wants to make sure that the received mes- sages do reall