CN102129650A - Network finance - Google Patents
Network finance Download PDFInfo
- Publication number
- CN102129650A CN102129650A CN2010106133653A CN201010613365A CN102129650A CN 102129650 A CN102129650 A CN 102129650A CN 2010106133653 A CN2010106133653 A CN 2010106133653A CN 201010613365 A CN201010613365 A CN 201010613365A CN 102129650 A CN102129650 A CN 102129650A
- Authority
- CN
- China
- Prior art keywords
- network
- bank
- machine
- client
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention aims to provide a finance network which is formed by all local networks or special networks of financial units through Internet by using a new network interconnection technique. Network finance is composed of the finance network, an electronic display and an electronic reader-writer, wherein the electronic display can be used for paying, depositing and withdrawing electronic coins through the network by using a finance browser; the electronic display also can be used for storing electronic coins for the other electronic displays; a superior computer or a host computer in electronic bank, electronic insurance and electronic stock respectively contains an 'expert brainpower software' which can be used for supplying various financial transaction services; various financial information value-added services are supplied; different financial risk early warning functions are supplied; and the bank mechanism is guided to develop along the universal, international, intensified and diverse directions. The network finance is the inevitable trend of the modernized development and plays an important role in pushing the economic development forward. The finance reform is necessarily succeeded with the help of finance network. The network finance is an immeasurable revolution to the whole society.
Description
Technical field the present invention relates to network technology (Network Technology), infotech (Information Technology, IT), computer technology (Computer Technology), database technology (Database Technology), internet (Internet), radio frequency identification (Radio Frequency Identification, RFID) technology, integrated circuit (Integrated Circuit, IC) technology, information display technology, bank technology, card Securities technology, insurance technology, digicash technology etc.Network finance is also referred to as automatic finance, intelligent finance, science and technology finance, modern finance.
Network finance will be widely used in bank, card Securities (comprising stock, futures), insurance financial fields such as (comprising life insurance, property); They are respectively the Internet bank, network card Securities, internet insurance etc.Network finance will be widely used in various modern financial payments and system for settling account; Various Financial Information value-added services are provided; Different financial risks warning functions are provided; Financial institutions such as bank, card Securities, insurance are developed to the direction of omnipotence, internationalization, intensification and diversification.Electronics read-write heads wherein can also be applied to fields such as retail industry, manufacturing enterprise, public institution, taking care of books, warehouse automation management.
The various integrated circuit of background technology (IC) cards or light card storage, message or the information that is comprised in the papery voucher with the financial sector of its representative does not show, and is not voucher truly.
The electronization of the miscellaneous service of financial sector (comprising electronic banking, e-bank, electronics card Securities, electronic insurance etc.) system mainly carries out based on the internal proprietary net of financial company.This various financial business of carrying out based on private are called the electronic banking business, are called for short electronic banking.For example E-Payment, eCheck, e-credit, electronic cash etc.
The various clearing forms of financial sector can not fully satisfy the growth requirement of networked cash flow.Cash, paper checks etc. not only are of limited application, and clearing speed is slow, and not too safe.Even some modern E-Payment clearing forms, as Credit Card Payments, EFT (Electronic Funds Transfer) (Electronic Funds Transfer) etc., also just be applied on the special-purpose banking network at present, not only use inconvenient, and separating owing to transaction system and payment system, increase a lot of uncertainties and business risk for the running of transaction, also influence efficient, increase cost.
The electronic payment schemes that each financial unit releases has nothing in common with each other, for example, credit card secure electronic transaction standard (the SecureElectronic Transaction that bank participates in directly, SET) mechanism, non-safety payment system of electronics and electronic security(ELSEC) payment system scheme, all there is bank using, repetition and waste not only, and credit card handled also disunity.
Each fiscard establishes one's own system at present, can only be used for the clearing of same financial private, can not be used for the clearing between the different financial private, makes troubles to the user.
Pure e-bank is " bank that has only a website "; Adopt the telecommunication mode; All financial business can only be carried out at a website.This pure e-bank is for other non-online branch officeses provide assistant service, inquires about, transfers as finance etc.
In computer systems technology that the IC-card read write line links to each other, be scattered in the robotization financial business website of certain unit of various places, by renting expensive special line or Virtual Private Network (Virtual Private Network, VPN) technology can be set up this internal institution dedicated computer system (wide area network).
The virtual private network technology, (Virtual Local Area Network VLAN) after the technology, in fact changes point-to-point communication into for application processor and VLAN.There are two kinds of network topology structures in it: center radiation layout and whole network layout.The center radiation layout is linked to each other with many remote sites by a central site.The Customer Edge router that is positioned at the central site position is very expensive, and its price is relevant with the number of the remote site that links to each other.Packet time delay when simultaneously, substantially exceeding direct communication between two websites its time delay.The quantity in the tunnel that the whole network layout need be supported (Tunnel) increases along with the number of website is geometric series.The units many a little for website are unpractical.
Security is another significant problem of VPN.Each is connected to the Customer Edge router of internet, all must take such as the such safety practice of fire wall, so that guarantee the safety of each website.But each fire wall must be open to supplier, so that the visit relevant devices, this itself will be a potential safety hazard.When network size was big, it is very difficult that managing firewall will become.
(Secure Socket Layer, SSL) VPN only is fit to the connection of website to network to security socket layer, can't realize the safe interoperability between a plurality of networks.
IC-card can't be carried out the financial business of " reliability " and " security " by common network (for example internet).
Existing Card read/write device and the computer systems technology that is attached thereto all more or less exist above problem or deficiency.
" cloud security (Cloud Security) " system need solve four big difficult points: need the antivirus techniques of client, needs specialty of magnanimity and experience, needs a large amount of fund and technology input, must be open system and a large amount of affiliates' of needs adding.
Wireless terminal, access station, wireless computer kind equipment, wireless exchange board or wireless router etc., all self-contained have a wireless transmitter.
Following indication " high credible " is contained " reliability " and " security " two aspects.
Following indication common network generally is that internet (Internet) is or/and the free wireless public network.
Summary of the invention task of the present invention is by adopting network and grid (grid) technology, each LAN (Local Area Network) (LocalArea Network with certain financial unit, LAN) or dedicated network, pass through common network, to realize " high credible " interoperability (Interoperability) between these heterogeneous networks or the homogeneous network, (Wide Area Network WAN), is the banking network of this unit to set up a proprietary wide area network of finance.The technology that adopts information display (Information Display) and integrated circuit (perhaps light card storage) to combine, the intelligent display of the financial sector of manufacturing (Smart Display) is called the Electronic Finance intelligent display, is called for short electronic console.The technology that adopts information display technology and integrated circuit (perhaps light card storage) to combine, the intelligent read of the financial sector of making (comprise digicash supplement with money) display machines is called Electronic Finance intelligent read machine, is called for short the electronics read-write heads.Banking network, electronic console and electronics read-write heads constitute network finance jointly.
Network finance takes can carry out by the internet between a kind of internal network of financial institution the technology of " high credible " financial interoperability.The automatic financial business that banking network, electronic console and electronics read-write heads carry out jointly is exactly a network finance.
Network finance is the inexorable trend of modernization development, plays important impetus for expanding economy.Financial reform must be by network finance; Just can achieve success.Network finance will be an immeasurable revolution for entire society.
The internet can be whenever and wherever possible, convenient easy-to-use, real-time interaction etc., these information flows, transaction flow, cash flow, logistics etc. for diverse network finance mutual with share, round-the-clockly trans-regionally provide good technical support with low-cost processes.
In the internal network of finance unit, have the external service function of this finance unit the most perfect or should finance unit according to the needs of externally service and the multi-purpose computer of appointment, be called the multi-purpose computer of this network advantage function, be called for short excellent machine.This network is called excellent machine network.
Excellent machine is server class computer (server-class computer); Also be to contain network address translation (NetworkAddress Translation, NAT) program module main frame (host computer) in the excellent machine network.
Excellent machine network can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network.Excellent machine network also can have only a multi-purpose computer, and then this computing machine is exactly excellent machine.This is the special case of excellent machine network.
Interconnected and control the multi-purpose computer of these two network interoperabilities with excellent machine (perhaps its network) and another common network (comprising the internet) respectively, be called the multi-purpose computer of distinguishing identity, be called for short the machine (Fig. 1) of distinguishing.
Distinguish another common network (not comprising the machine of distinguishing) that machine connects, be called and distinguish the machine network.
The machine of distinguishing is equipped with " program of scrutiny program ", " source end encipheror " and standard program modules such as " place end decrypted programs ".
Owing to distinguish that machine is equipped with " program of scrutiny program " module, can remove and defending computer " virus ", protect coupled excellent machine network; So the machine of distinguishing becomes excellent machine network " doctor ".The machine of distinguishing is called the doctor of excellent machine network, is called for short " doctor ".
The machine of distinguishing is client class computing machine (client-class computer) or reciprocity machine (Peer); After it has the information encryption (or deciphering) of computing machine machine in the excellent machine network of financial unit being sent to computing machine in (perhaps receiving) another excellent machine network of this finance unit, be transmitted to the program of internet (perhaps be transmitted to and receive excellent machine network) and the program of the client computer (perhaps browser) that this finance unit can be external etc.
The machine of distinguishing can also have the program of handling various information flows etc., can concurrent (concurrency) move a plurality of clients (client) and server (server).
The machine of distinguishing can also contain antivirus software or handle the program of various multi-form information flows etc.
The machine of distinguishing can also contain router feature.It just can directly be connected with internet lines.
The machine of distinguishing contains " high credible " fail-safe software.It has correctness, reliability, friendliness, maintainability, extendibility etc.
Set fire wall between the Intranet of existing financial institution and the common network (comprising hardware device, relevant software code and security strategy), adopted " anti-port " technology to capture by hacker (HACK) easily, intrude into the computing machine of the internal network of fire wall back, will cause serious threat internal network.
The business that units such as enterprises and institutions are undertaken by specific computer network is called e commerce transactions.For example electronics is demonstrate,proved Securities, electronics agricultural, e-factory, electronics school, electronics hospital etc.
The finance unit carries out financial business by specific computer network, is called electronic banking.For example e-bank, electronic insurance, electronics are demonstrate,proved Securities etc.
Units such as enterprises and institutions carry out the business of " high credible " by the common computer network, are called Network.For example network is demonstrate,proved Securities business, network agriculture business, network factory business, middle network school's business, network hospital business etc.
Can carry out the unit of Network, be called network unit.For example network finance mechanism, network factory, middle network school, network hospital, network business unit, the Internet bank, internet insurance, network are demonstrate,proved Securities etc.
An excellent machine in the excellent machine network of each of certain financial unit or other dedicated networks all passes through the input/output interface circuit separately, is connected with an output/input interface circuit of distinguishing machine respectively; Each distinguishes that machine passes through router, with Internet connection, sets up into the proprietary wide area network of this finance unit, is called the proprietary net of this finance unit, is called for short banking network (Fig. 1).On banking network, the financial business that utilizes electronic console and/or electronics read-write heads to be carried out is exactly a network finance.
The information that the excellent machine network of finance unit or certain computing machine of dedicated network send, after all being sent to the machine of the distinguishing encryption that is connected with the excellent machine of this net, transmit by common network (referring generally to the internet), decipher another the excellent machine network or the distinguishing on the machine of dedicated network of receiving end then, be reduced into original information and, be forwarded to the receiving computer of this network through after the virus inspection.The information that the internet sends for the computing machine in each excellent machine network distinguishes that by the take over party machine deciphering is reduced into original information and through after checking that virus is confirmed its safety, is transmitted to receiving computer, has guaranteed Information Security." security " ensures: each node (distinguishing machine) all contains the safety standard software in the machine of distinguishing on the network.
Banking network " reliability " ensures: each node (distinguishing machine) is all enjoyed equal importance with other all nodes on the network, all has the right to send, transmits and receives information; Each packet indicates and sends node address and terminal node address.
There is big difficulty in the online payment method of existing financial business in concrete operations, financial business information does not have secrecy provision; E-Payment formality complexity needs third-party authentication center; Can't take precautions against the uneasy congruence of payment.
The excellent machine network of each of certain financial company all writes down the situation of every financial business separately, and gather every day at last, and the result informs excellent machine network important in this financial company; Gather and preserve by it.
Existing virtual private network technology also can't avoid the hacker to get around authentication and authentication scheme, and the camouflage identity is carried out illegal visit to the internal resource of financial unit.
The system backup robotization of banking network is made up of the standby system in the excellent machine network.Its structure (Fig. 3) can be made up of backup client, backup server, media server, redundant memory cell and backup management software etc.
1, electronic console (Fig. 2) has microprocessor (Microprocessor Unit is called for short CPU), input button, miniscope etc.Its integrated circuit also has the circuit of data-carrier store (EEPROM), working storage (RAM) and program storage (EPROM).
The electronic console program comprises the standard program and the information completely scrutiny program of the machine of distinguishing, has solved the critical technical problems such as security, confidentiality, authenticity, anonymity and integrality of information.
Electronic console also can be as required, the hardware and software of increase authentication etc.; Guarantee the separability of its information transmission.
Each electronic console all has input interface circuit and/or the output interface circuit that matches each other.They lay respectively at the diverse location of electronic console; Generally be the both sides that lay respectively at electronic console; And output plug (perhaps slot) interface circuit, can insert the interface circuit of importing slot (perhaps plug) just.Can directly pass through information interaction between them, carry out financial business and exchange.
Electronic console had both needed the online information processing of carrying out, and did not need online authorisation process again.Therefore allow its off line to use.Electronic console memory space height is enough to the record with the each financial business of user, all is kept in its storer.Electronic console not only can replace various IC-cards such as credit card, debit card, composite card and cash card; And can directly carry out the exchange of financial business or digicash each other.Electronic console is except personal information and encrypted message with holder of record; Can also write possessor's the balance of deposits.
Existing papery coin not only needs to adopt the special paper of false proof process making, and can not stop the Brummagem button phenomenon.
Electronic console can also have:
1.1 electronic console can be by the network payment of financial browser, access digicash.It inputs or outputs digicash also can for other electronic consoles.The electronics read-write heads also can be given electronic console store electrons coin.
The coin that electronic console can be used as all functions with digicash or papery coin uses on market.
1.2 the CPU of electronic console can adopt new method to encryption, complete survey and the authentication of information.
1.3 electronic console is protected by pin mode, possessor's real money is to be stored on the finance account.It also can be used as debit card.If electronic console is lost or is damaged, possessor's money is not lost.
When 1.4 the user adopts the real name electronic display, as long as second generation I.D. was brushed I.D. brush groove on the browser of financial unit.In the data input electronic consoles such as number that browser can be demonstrate,proved user identity and the photograph of its people own.These data are as long as brush once.When repeating financial business with this electronic console more later on, just need not brush again again.
1.5 electronic console can carry out work with independent mode or on-line mode:
1.5.1 the electronic console that works alone does not contact with financial browser.Rely on the software independent operating in its storer between two electronic consoles and/or the electronics read-write heads.They can directly be connected with output interface by its different input interface.This electronic console has reads, translates its all logic function, can independence test the legitimacy of electronic console and possessor's identity separately.The output of electronic console (perhaps input) plug also can insert in input (perhaps output) slot of electronics read-write heads, directly carries out interactive information.
1.5.2 the electronic console of on-line working injects on the plug special on financial browser or the electronics read-write heads.Browser or electronics read-write heads directly link to each other with the excellent machine network of finance by special line, telephone line etc.Every financial business is real-time transmitted to financial excellent machine network by electronic console and handles, and file can real-time update.Electronic console can also adopt biometric techniques such as finger scan, sound affirmation and iris authentication to its possessor's identification.
1.6 electronic console can also adopt digital signature and access control policy supervisor; And by application layer, to the various information implement security hierarchical managements of transmission.It can carry out corresponding safety encipher according to its different safe class for some the part paragraph in the information.
1.7 the security control software of electronic console stored also can have the personal identity card identifier (personal identification number) of testing to the electronic console possessor, and determines the function of possessor's legitimacy.It can contain and show individual China second-generation identity card number and wherein individual photograph, carries out system of real name.
1.8 the memory capacity of electronic console, is enough to all records of storing the full detail of required software, I.D. and repeatedly depositing and withdrawing and charge up to 64~256KB.Its hardware has voltage and clock detector, the exposure encryption measures such as logic, anti-dissection that crash automatically; Software has encryption methods such as cryptoguard, secure cryptographic algorithm.
Existing IC-card voucher not only can not show the information of voucher, nor can stop to forge phenomenons such as IC-card.
Electronic console is made easily, low, the long service life of cost, can reuse.If it is lost and can reissue.
2, electronics read-write heads (Fig. 2) is made up of the storer that identification and Control Software are housed, controller, read-write equipment, display etc.Its controller can be raised the price to information, encryption, modulation and demodulation, deciphering, decoding etc.The electronics read-write heads can pass through network payment, access digicash.It also can supplement digicash with money to electronic console.
Electronics read-write heads program contains the standard program of the machine of distinguishing, has information encryption system and the software that prevents computer virus.
The electronics read-write heads has all logic functions of the sub-display of reading, encode, can also have the function of the legitimacy of independence test electronic console and possessor's identity.When legal electronic console passed through, the electronics read-write heads can send a kind of voice prompt, and shows with literal on LCD.If use the electronic console of system of real name, the electronics read-write heads can also show possessor's I.D. upper part of the body photograph.When electronic console forgery or that lost efficacy passed through, alarm sound can take place as prompting in the electronics read-write heads, and showed literal such as " forging or inefficacy " on its LCD.
The electronics read-write heads has solved security, authenticity, anonymity and four critical technical problems of separability of information.
The electronics read-write heads can be made different shape and different size; Be made generally in fixed dexterous shape or portable electronics read-write heads.
The electronics read-write heads can also have:
2.1 electronic console for some the part paragraph in the information, can also carry out corresponding safety encipher according to its different safe class.The security control software of electronics read-write heads stored also can have check personal identity card identifier (personal identificationnumber), and determines the function of possessor's legitimacy.It can contain and show individual China second-generation identity card number and wherein individual photograph, carries out system of real name.
2.2, can not power by wireless mode, produce the required DC voltage of integrated circuit (IC) chip work through the mu balanced circuit in the electronics read-write heads again by electronic console with the contactless electronic read-write heads of high-energy battery.
2.3 during the work of the contactless electronic read-write heads of interior dress high-energy battery, electronic console need not be equipped with battery, can be powered to it by wireless mode by the electronics read-write heads.
2.4 the micro controller system of electronics read-write heads is given full play to standard, convenience and high-efficiency information operation function.Electronic console can be discerned by the electronics read-write heads, can start the electronics read-write heads simultaneously.For example financial service system utilizes the electronics read-write heads, as unwatched automatic, self-service cashier's device; The user utilizes electronic console, can be directly on the electronics read-write heads, and with online or off-line mode, financial business is concluded the business to finish access digicash money voluntarily and transfer accounts etc.
2.5 the electronics read-write heads can be with independent mode or on-line mode work:
2.5.1 the electronics read-write heads that works independently does not link to each other with banking network (being generally excellent machine network).The electronics read-write heads relies on the software independent operating in its storer.Between it and the professional main frame by regularly exchanging floppy disk comes interactive information.This electronics read-write heads has all logic functions of reading, translating its electronic console, the legitimacy of energy independence test electronic console and possessor's identity.
2.5.2 the electronics read-write heads of on-line working directly links to each other with banking network by special line, telephone line etc.Every business is real-time transmitted to banking network by the electronics read-write heads and authenticates and handle, and file can real-time update.The electronics read-write heads can also adopt biotechnologys such as finger scan, sound affirmation and iris authentication to electronic console possessor's identification.
It is online no matter the electronics read-write heads adopts separately or adopt, and these two kinds of working methods can avoid the cheat to swindle.
2.6 the electronics read-write heads can also adopt digital signature and access control policy supervisor; And by application layer, to the various information implement security hierarchical managements of transmission.
2.7 adopt bar code (Bar Code) technology, the electronics read-write heads can also be applied to fields such as retail industry, manufacturing enterprise, public institution, taking care of books, warehouse automation management.
2.8 the electronics read-write heads can have various standard interface circuit, and some special interface circuits can also be arranged, as with the interface circuit of magnetic card and IC-card reader, bar-code reader and electronic scales etc.
The electronics read-write heads of existing financial sector builds on the financial business specific computer network of sealing, can't be at open interconnected online operation.
3, have the browser (Browser) of banking function, be called bank's browser.Several bank's browsers of certain bank, cash dispenser (CashDispenser, CD), ATM (Automatic Teller Machine) (Automated Teller Machine, ATM), automatic cash-out machine (AutomaticCash Dispenser), automatic cash dispenser (Automatic Depositor, AD), account inquiries service terminal (Account Inquiry Terminal), public affair paying service machine (Public Utility Terminal), telephone bank system (Telephone Banking System), multimedia inquiry (Multi-Media Service Inquiry) system, the electronics read-write heads, server, excellent machine and database server etc., adopt the network topology structure technology, the excellent machine network that is connected and is formed by medium (can be wired or wireless), the e commerce transactions network that is called the column split of this bank is called for short e-bank.
Excellent machine in the e-bank or certain main frame contain banking system " expert think tank software "; Various banking services can be provided.It can also provide various bank information value-added services; Different bank Risk-warning function etc. can also be provided.E-bank can develop to the direction of omnipotence, internationalization, intensification and diversification.
Bank's browser can the direct access digicash in e-bank.
E-bank adopts wireless network, can effectively support the facility that the business of e-bank is carried out and served.
E-bank can also provide three kinds of new bankings except the traditional bank business can be provided: public information service, advisory service in investment and comprehensive management service.
Bank's browser provides to what people used and browser software is housed and the workstation of the storer of the software of depositing and withdrawing and LCD (for example touch LCD screen) etc.The computer program (comprise a plurality of application programs, and utilize the determined program of object name to solve this object) of access and display message wherein is housed.
Automatic teller machine can carry out the saving service of papery coin by internet payment.
E-bank can also have:
3.1 e-bank can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network.It can be a cable network; It also can be wireless network.
3.2 automatic cash dispenser (AD) is a terminating machine of only making deposit usefulness.It can with browser, be merged into and have deposit and bank's browser of payment function.It also can and take out digicash to the electronic console storage.
3.3 each e-bank can independently bear the miscellaneous service of bank of corresponding branch.
3.4 people can be by the browser or the automatic cash dispenser of e-bank, direct handling bank business.
3.5 industry markets such as e-bank, electronics card Securities, e-bank can be merged in e-bank, reduce the work repetition of all kinds of financial companies to same client, widen banking company's innovative space, provide the more bank service of volume type clothing formula to the client.
3.6 cash dispenser and deposit machine are respectively the terminating machines of only withdrawing the money, depositing usefulness.They can with bank's browser be merged into have get, bank's browser of savings function.Be that they also can merge into automatic teller machine (being access papery coin).
3.7 bank's browser can also pass through internet, access digicash from other e-banks.
3.8 bank's browser can also be given electronic console store electrons coin.
The modes of payments of the e-banking system of system of existing commercial bank builds on the banking specific computer network of sealing, can't be at open interconnected online operation.
4, have the professional browser of insurance and safeguards system function, be called the insurance browser.Several insurance browsers, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read-write heads and the database server etc. of certain insurance institution, adopt the network topology structure technology, the excellent machine network that is connected and is formed by medium (can be wired or wireless), the e commerce transactions network that is called the branch offices of this insurance institution is called for short electronic insurance.
Excellent machine in the electronic insurance or certain main frame contain insurance system " expert think tank software ", and various insurance business services can be provided.
Electronic insurance also provides various insurance information value-added services; Different insurance risk warning functions also are provided; Electronic insurance can develop to the direction of omnipotence, internationalization, intensification and diversification.
The insurance browser provides to what people used and browser software is housed and the workstation of the storer of the software of depositing and withdrawing, LCD (for example touch LCD screen) etc.The computer program (comprise a plurality of application programs, and utilize the determined program of object name to solve this object) of access and display message wherein is housed.
Electronic insurance adopts wireless network, can effectively support the facility that the business of electronic insurance is carried out and served.
Automatic teller machine utilizes ATM (Automatic Teller Machine) by network payment, can carry out the access of the premium of insurance of papery coin.
Electronic insurance " expert think tank software " can be carried out insurance plan for thousands of enterprise and millions of personnel.This means that any variation takes place each personnel's salary or personal considerations, and electronic insurance all must upgrade its data.The flow process of this intelligent insurance business:
Insurant or its clientage are by e-file, Email or electronic fax, with the data notification electronic insurance of needs change.Electronic insurance is received and after these data these data is input to database.Such program has formed firm flow process between electronic insurance and client.Because necessary information all has preservation in the system of insurant or its clientage and electronic insurance, so can pass through electronic insurance, replace original data and form new data again.
Electronic insurance can also have:
4.1 electronic insurance can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network.It can be a cable network; It also can be wireless network.
4.2 the terminating machine that automatic teller machine can be deposited, be withdrawn the money.It can with browser, be merged into and have the deposit and the insurance browser of payment function.It also can give electronic console store electrons coin.
4.3 each electronic insurance can independently be born the business of insurance institution of branch.
4.4 people can directly pay insurance premium by insurance browser or automatic teller machine.
4.5 electronic insurance can merge industry markets such as e-bank, electronics card Securities, electronic insurance, reduces the work repetition of all kinds of financial companies to same client, widens insurance company's innovative space, provides the more insurance service of volume type clothing formula to the client.
4.6 cash dispenser and automatic teller machine can be the terminating machines of only withdrawing the money, depositing usefulness.They can with the insurance browser be merged into have get, the insurance browser of savings function.Be that they also can merge into insurance automatic teller machine (being access papery coin).
4.7 the insurance browser can also pass through internet, access digicash from other electronic insurances.
4.8 the insurance browser can also be given electronic console store electrons coin.
System of the existing insurance institution modes of payments builds on the insurance business specific computer network of sealing, can't be at open interconnected online operation.
5, the professional browser that has card Securities systemic-function is called card Securities browser.Several cards Securities browser, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read-write heads and the database server etc. of certain card Securities company, adopt the network topology structure technology, the excellent machine network that is connected and is formed by medium (can be wired or wireless), the branch office's e commerce transactions network that is called the said firm is called for short electronics card Securities.
Excellent machine or certain main frame among the electronics card Securities contain card Securities system " expert think tank software ", and various card Securities business service can be provided.It can also provide the service of various card Securities information increment; Different syndrome Securities Risk-warning function is provided; Card Securities company is developed to the direction of omnipotence, internationalization, intensification and diversification.
Card Securities browser provides the workstation of the storer that browser software and automatic teller machine software are housed that uses to people, LCD (for example touch LCD screen) etc.The computer program (comprise a plurality of application programs, and utilize the determined program of object name to solve this object) of access and display message wherein is housed.Card Securities browser can pass through the internet, utilizes ATM (Automatic Teller Machine) (ATM) software, carries out the access of papery coin payment card Securities expense.
Electronics card Securities adopts wireless network, the facility that the business that can effectively support electronics to demonstrate,prove Securities is carried out and served.
Card Securities browser can pass through network payment, utilizes ATM (Automatic Teller Machine), carries out the access of the card Securities expense of papery coin.
" expert think tank software " among the electronics card Securities can be carried out card Securities plan for thousands of enterprise and millions of personnel.This means that any variation takes place each personnel's card Securities investment situation, and electronics card Securities can upgrade its data.
The flow process of intelligence card Securities business:
Card Securities investor or its clientage by e-file, Email or electronic fax, demonstrate,prove Securities with the data notification electronics that needs change.Electronics card Securities receives and after these data these data is input to database.Such program has formed firm flow process between electronics card Securities and client.Because necessary information all has preservation in the system of card Securities investor or its clientage and electronics card Securities, so can demonstrate,prove Securities by electronics, replace original data and form new data again.
Electronics card Securities adopts wireless network, can effectively support the facility of carrying out and serving of electronics card Securities business.
Electronics card Securities can also have:
5.1 electronics card Securities can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network.It can be a cable network; It also can be wireless network.
5.2 the terminating machine that automatic teller machine can be deposited, be withdrawn the money.It can with browser, be merged into and have the deposit and the card Securities browser of payment function.It also can give electronic console store electrons coin.
5.3 each electronics card Securities can independently bear the business of card Securities company of branch.
5.4 people can be by card Securities browser or automatic teller machine, direct payment card Securities expense.
5.5 electronics card Securities can merge industry markets such as e-bank, electronics card Securities, electronics card Securities, reduces the work repetition of all kinds of financial companies to same client, widens the innovative space of card Securities company, provides more volume type clothing formula card Securities service to the client.
5.6 card Securities browser can be demonstrate,proved direct access digicash the Securities from electronics.
5.7 card Securities browser can be demonstrate,proved access digicash the Securities from other electronics by the internet.
5.8 cash dispenser and automatic teller machine are the terminating machines of only withdrawing the money, depositing usefulness.They can with card Securities browser be merged into have get, the card Securities browser of savings function.Be that they also can merge into card Securities automatic teller machine (being access papery coin).
System of the existing card Securities company modes of payments builds on the card Securities service-specific computer network of sealing, can't be at open interconnected online operation.
6, each e-bank of certain bank (perhaps its excellent machine) is connected with the machine of distinguishing, the machine of distinguishing passes through medium (can be wired or wireless) and is connected with router on the common network, be built into the proprietary wide area network of banking of " high credible " of this bank, be called bank network (Fig. 1).The banking of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly the Internet bank.
Each e-bank is all by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each e-bank again by the common network interoperability.All e-banks can both guarantee the security of banking and authenticity, reliability and the confidentiality of information; Fundamentally stop some people by swindles such as network implementation bankings.
6.1 in the rural area that does not have network, computing machine can utilize telephone wire to carry out financial business and handle.No matter PC, workstation, minicomputer, main frame etc. all can be used as the financial business computing machine.Owing to use phone (perhaps mobile phone) to carry out financial business, need pass through telephone communication network.Therefore modulator-demodular unit (Moden) is indispensable hardware device.The function of Moden and transmission speed should decide selection according to the financial business demand of reality.General communication line commonly used is a telephone line.
6.2 the Internet bank can adopt following mode (B2C type network payment mode) to carry out business etc.:
6.2.1 the client carries out business transaction flow process (Fig. 4) on the browser of the business station of certain unit:
1. the client is with the plug (also being the power switch of browser) of the electronic console of the Internet bank, be inserted on the electronic console dedicated slot of professional browser of e-bank, and the webpage on the click-to-call service browser, enter the webpage at professional station, according to page prompts, after the information of businesses was carried out in input, selecting oneself needed for information about.
2. the client deposits on the spot assets machine of the Internet bank, forward to the 5. the item content of carrying out electronic console write; Perhaps select the means of account settlement of E-Payment, as electronic console, stored value card, electronic cash, eCheck or e-bank's number of the account etc., and obtain licensing of bank, on the page of professional browser, prompting according to webpage, import Bank Account Number and password, and bank paying information is encrypted.
3. excellent machine is checked, is confirmed client's business information in the e-bank, and be transmitted to payment gateway through client's payment information of encrypting etc. relevant, bank's backstage service server up to bank's dedicated network is confirmed, in the hope of from electronic money issuers such as banks, verify the mandate that the client obtains disbursing funds.
4. behind bank's demonstration validation,, send affirmation business and payment and settlement successful information for the browser of e-bank and excellent machine by the encrypted tunnel communication of setting up via payment gateway.
5. the excellent machine of e-bank carries out the business affirmation; The client after deposit machine is handed over the clearing successful information that money or bank send, the electronic console incoming traffic information of giving the client, and send the client for professional browser and pay the bill; Perhaps network successful payment and the business information that finishes; Notify the client to pull out electronic console.
So far, once typical business transaction process finishes.
6.2.2 client and businessman carry out the method for network trading and payment, adopt businessman, client and the bank of deposit thereof, and pair of secret keys (PKI and private key) and PKI and all covert new method of private key are all arranged separately.This method must possess the client in bank of deposit's (calling customer bank in the following text) number of the account, and certain deposit is arranged.There is number of the account in businessman in bank of deposit's (calling bank of businessman in the following text), and knows the PKI of this bank.The PKI of customer bank and PKI and businessman's password of businessman are known by bank of businessman.Customer bank is known the PKI of bank of businessman and client's PKI and client password.There is the clearing number of the account in bank of businessman at customer bank.
Client and businessman carry out Network (Fig. 5), business transaction and E-Payment basic procedure:
1. the client connects the Internet with client computer (perhaps browser), enters the webpage of businessman with Web browser, according to page prompts, selects oneself needs for information about, for example trade name and price or service price etc.And then the means of account settlement of selection E-Payment, as electronic console, credit card, stored value card, eCheck or digicash etc.The client is with these information and oneself inhabitation address or address; Pass to businessman by the Internet.
2. the machine of distinguishing of businessman is to client's business information, check, confirm, and be given to server (excellent machine), excellent machine uses the private key of businessman account number and the password encryption of businessman in bank of businessman, ciphertext is as businessman's digital signature, with pricing information and businessman's Bank Name of business, pass to the client by the Internet.
3. after client's confirmation, to its account number and password encryption at customer bank, ciphertext is as client's digital signature, with client's digital signature and businessman's digital signature, Payment Amount and businessman's Bank Name etc. with private key, with the public key encryption of customer bank, and these ciphertexts are passed to customer bank.
4. customer bank with decrypt ciphertext, obtains plaintext, businessman's digital signature and client's digital signature that the client sends with the private key of oneself; With client's PKI client's digital signature is decrypted then.The data that customer accounting code after customer bank will be deciphered, password and client retain is checked, and just is confirmed to be the information that the client sends after errorless.
5. customer bank is with clearing number of the account and the password of bank of businessman at customer bank, with the encrypted private key of oneself, as the customer bank digital signature; With the digital signature of collection amount, customer bank digital signature and businessman bank of businessman public key encryption, send to bank of businessman then.
6. after the ciphertext of customer bank is received by bank of businessman, with decrypt ciphertext, obtain cleartext information and digital signature thereof that customer bank sends with oneself private key, with the customer bank PKI customer bank digital signature is decrypted then, if success is confirmed to be then that customer bank sends.Bank of businessman is decrypted businessman's digital signature with the PKI of businessman again, if success is confirmed to be then that businessman sends.
7. bank of businessman to Merchant ID, password and businessman's amount receivable, sends businessman after encrypting together with businessman's PKI.After information is received by businessman, with the private key deciphering of oneself.If it is correct that businessman confirms own amount receivable and Merchant ID, password; Then, send to commodity or service to the client by quick postal delivery system or home-delivery center according to client live address or address.
8. the client receives commodity or service, with its private key will confirm the payment information and password encryption as its digital signature, send to customer bank.Customer bank uses client's PKI with decrypt ciphertext, obtains the client and sends the information of accept money really.Customer bank deducts shopping money or service money with the client in the account of this bank, bank of businessman is increased this money in the settlement accounts of customer bank, and inform that bank of businessman increases this money on its merchant account.
Bank of businessman and customer bank were settled accounts in the designated time.
So far, once typical business transaction and network payment process finish.
6.2.3 it is the same with the required condition of Network that the client utilizes telephone wire to carry out professional.Be the client (or businessman) and the bank of deposit thereof, each have pair of secret keys (PKI and private key); The client has certain deposit and password in bank of deposit's (calling customer bank in the following text) number of the account; And know the PKI of this bank etc.It utilizes telephone wire to carry out professional general flow:
The client utilizes modulator-demodular unit, and computing machine is connected with telephone wire, by telephone wire, the browser page of network businessman is transferred on the computer screen of oneself; According to oneself business or demand for commodity, operate according to this page prompts then, decision oneself need for information about to be selected.The client selects the means of account settlement paid by mails again, as electronic console, stored value card, electronic cash, eCheck or the Internet bank etc.The client also imports inhabitation address or the address of oneself; Check own inhabitation address or address information.All the other steps are the same with above Network.
The network payment mode that 6.3 network trading is an enterprise with the individual to be adopted when carrying out network trading.It is B2C type network payment mode.Revise the network payment modes such as B2B type, C2C type, B2G type, G2G type, C2G type that just go for a little.
6.4 some based on the E-Payment clearing form of special-purpose financial communication networks platform, can be summed up as B2B type network payment mode as electronics draft system, SWIFT, CHIPS, CNAPS and financial EDI etc.
Existing pure net goes to bank can't the receipt and payment cash; It changes the mode of preserving transaction record, needs law and client constantly to confirm; Also need to cultivate the degree of belief of bank client and loyalty etc.
7, each electronic insurance of certain insurance company (perhaps its excellent machine) is connected with the machine of distinguishing, the machine of distinguishing passes through medium (can be wired or wireless) and is connected with router on the common network, be built into the proprietary wide area network of insurance business of " high credible " of the said firm, be called insurance network (Fig. 1).The insurance business of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly an internet insurance.
Each electronic insurance is all by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each electronic insurance again by the common network interoperability.All electronic insurances can both be guaranteed the security of insurance business and authenticity, reliability and the confidentiality of information; Fundamentally stop some people by swindles such as network implementation insurance businesses.
The user carries out the general flow of electronic insurance business at the business station of certain unit, (Fig. 4) is identical in the enterprising affair transaction flow of doing business of the business station of certain unit browser with the client; Be not both at the electronic insurance of insurance company and pay premium of insurance.
The user carries out the flow process that internet insurance is professional and network payment is paid premium of insurance by common network, and to carry out Network (Fig. 5) basic identical with client and businessman; Be not both in the internet insurance of insurance company and pay premium of insurance.
The existing dedicated network that each excellent machine network interconnection of certain insurance company is at a distance formed, necessary dedicated line or the Virtual Private Network that adopts costliness of being distributed in.
8, each electronics card Securities (perhaps its excellent machine) of certain card Securities company is connected with the machine of distinguishing, the machine of distinguishing passes through medium (can be wired or wireless) and is connected with router on the common network, be built into the professional proprietary wide area network of card Securities of " high credible " of the said firm, be called card Securities network (Fig. 1).The card Securities business of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly network card Securities.
Each electronics card Securities is by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each electronics card Securities again by the common network interoperability.All electronics card Securities can both guarantee to demonstrate,prove authenticity, reliability and the confidentiality of Securities service security and information; Fundamentally stop some people by swindles such as network implementation card Securities business.
The general flow that the user carries out electronics card Securities transaction at the business station of card Securities company, (Fig. 4) is basic identical in the enterprising affair transaction flow of doing business of the business station of certain unit browser with the client; The electronics card Securities payment card Securities expense that is not both in card Securities company.
The user carries out the flow process that network card Securities transaction and network payment are demonstrate,proved the Securities business by common network, and to carry out Network (Fig. 5) basic identical with client and businessman; Be not both payment card Securities expense or transaction fee in the network card Securities of card Securities company.
Existing fire wall or the Virtual Private Network of demonstrate,proving Securities company is not suitable for carrying out virus and detects; Can't take precautions against data driven type attacks; Can't defend various new attack behaviors fully; It all is its major defect.
9, the remote client of financial unit (contain and distinguish the machine standard program) with after router on the common network is connected, can be logined the excellent machine network of financial unit by medium (can be wired or wireless), realizes the information interoperability of " high credible ".The common system that forms of these remote clients, excellent machine network and common network is called financial unit remote access network (access internet) system, is called for short visit net (Fig. 1).It is by the remote client of the machine of the distinguishing standard program that financial unit is housed, be connected to after the common network, can with the excellent machine network of this finance unit, carry out the system of the information interoperability of " high credible ".
The information flow that the visit net transmits on common network is the information through encryption.The visit net can be used to provide the message reference of the excellent machine network of long-distance user to financial unit " high credible ".
The informational needs of the excellent machine network in the visit net enters remote client and through after its deciphering and the computer virus inspection, just can enter among the application region of remote client by common network through after distinguishing that machine is encrypted; Confidentiality, integrality and the authenticity of information have been guaranteed; And has an ability of opposing hacker and virus attack remote client.
The excellent machine network of visit net can pass through common network, for remote client is handled remit money, exchange table, queried the balance, demonstrate,proves Securities and invest and provide business such as financial market information; Can also same commercial undertaking, public utilities mechanism, electronic console issuer carry out various clearing; 24 hours various financial services are provided; Realize personalized good service etc.
The visit net can also adopt following different mode to carry out information processing etc.:
9.1 the method for the granted access that the remote client authentication will realize; Just be meant the visit information on the common network, pass through of authentication and the mandate of the machine of distinguishing of visit net client computer.Promptly the machine of distinguishing of visit net must be equipped with control tabulation or the Control Software to the authentication and the mandate of remote client.
9.2 distinguish the method for the granted access that the identity checking will realize; Just be meant the visit information on the common network, be through authentication and the mandate of client computer to the machine of distinguishing of visit net.Be that remote client must be equipped with control tabulation or the Control Software of the visit net being distinguished the authentication and the mandate of machine.
9.3 the informational needs of remote client just can enter excellent machine network through distinguishing after the information completely inspection or authentication of machine; Confidentiality, integrality or the authenticity of information have been guaranteed; And has an ability of opposing hacker and virus attack network.
9.4 the informational needs of distinguishing machine just can enter remote client through after the information completely inspection or authentication of remote client; Confidentiality, integrality or the authenticity of information have been guaranteed; And has an ability of opposing hacker and virus attack client computer.
9.5 the visit net also provides more high-level service, comprises third party's services such as shopping at network, purchase travelling passenger ticket, tourism admission ticket; The service of network bill payment; The Financial Information service; The content service of the various investment tools relevant etc. with debt Securities and card Securities etc.
9.6 user or enterprise can also be with multimedia equipments (containing the machine program of distinguishing) such as mobile phone, landline telephone, TV, computing machines, by medium with after the router of common network is connected, can login the excellent machine network of financial unit, realize the information interoperability of " high credible ".
9.7 the common system that forms of the excellent machine network of remote multi-media equipment, financial unit and common network is also referred to as remote access network system of financial unit, also is called for short the visit net.It is the multimedia equipment by the machine of the distinguishing standard program that financial unit is housed, be connected to common network after, can with the excellent machine network of this finance unit, carry out the system of the information interoperability of " high credible ".
Existing remote access vpn technology, for many address spoofings that carry out illegal internal resource visit by camouflage remote access address, powerless; Can't avoid the hacker to get around authentication and authentication scheme, destroy existing the connection.
10,, lay respectively at the diverse location (generally being the both sides that lay respectively at electronic console) of electronic console with the input interface circuit that matches each other and the output interface circuit of electronic console; And output plug (perhaps slot) interface circuit, can insert the interface circuit of importing slot (perhaps plug) just.Then can directly pass through information interaction between them, carry out business exchange.
10.1 electronic console can contain intelligent coin software.This moment, electronic console can be used as digicash or the use of papery coin.It is also referred to as the digicash device.The digicash device not only contains digicash, and can carry out money exchange.The digicash device can be used as coin, carries out payment for goods payment and uses in market and circulation etc.The digicash device comes true " transaction is with no paper " and " minimizing cash flow ".It has all functions of papery coin.
10.2 card Securities browser can pass through network payment, utilizes ATM (Automatic Teller Machine), carries out the access of the card Securities expense of papery coin.
10.3 the digicash device can replace papery coin and fiscard.After digicash in the digicash device uses up, can in the digicash device, fill by financial browser or electronics read-write heads and add the electronics coin.
10.4 the digicash in the digicash device reaches after the some, can pass through financial browser or electronics read-write heads, is stored among legal possessor's the account of the bank of deposit of this coin device.
10.5 between the digicash device, can directly accept the digicash payment, need not the mandate of financial unit by conversational mode.Digicash device (electronic console) can carry out work with independent mode or on-line mode:
10.5.1 the digicash device that works alone does not contact with financial browser or electronics read-write heads.Rely on the software independent operating in its storer between two digicash devices.The input interface of certain digicash device directly is connected with the output interface of another digicash device.The output of one of them digicash device (perhaps input) plug inserts in input (perhaps output) slot of another digicash device, can directly carry out mutual digicash.Each digicash device all has the function of reading, translating all logics of the other side, the legitimacy of energy independence test the other side digicash device and possessor's identity.
10.5.2 the digicash device of on-line working can inject on the plug special (perhaps slot) on financial browser or the electronics read-write heads; The electronics read-write heads can pass through special line, radio, telephone line etc., directly links to each other with the excellent machine network of financial unit.Every financial business is real-time transmitted to banking network by the digicash device and handles, and file can real-time update.The digicash device can also adopt biometric techniques such as finger scan, sound affirmation and iris authentication to its possessor's identification.
The digicash device can replace all functions (comprising circulating function) of papery coin fully, is a kind of with no paper coin.
Description of drawings
The professional proprietary wide area network structural drawing of Fig. 1 finance unit (bank, insurance, card Securities).Finance general headquarters and its are distributed in the excellent machine in each internal network (being excellent machine network) of several trans-regional financial branch officeses of diverse geographic location etc., by distinguishing that machine and common network couple together, make up the financial business proprietary network of the information interoperability of " high credible " respectively.
Fig. 2 electronic console (or electronics read-write heads) principle schematic.It is by being equipped with the identification and storer, the microprocessor of Control Software, and compositions such as reading and writing equipment and LCD are housed.Electronic console can also have intelligent coin software.
The Database Systems backup robotization synoptic diagram of Fig. 3 finance general headquarters or important financial branch offices.Its structure can be made up of backup client, backup server, media server, redundant memory cell and backup management software etc.
Fig. 4 user carries out professional process flow diagram at the e commerce transactions station of certain unit (the excellent machine network of this unit).
Fig. 5 user carries out professional basic flow sheet by banking network (comprising bank network, insurance network, card Securities network).
The plurality of excellent machine network of certain financial unit of embodiment (perhaps its excellent machine) respectively by distinguishing machine, couples together with the router of internet, and the internet of structure is exactly banking network (Fig. 1).Its Network (as network trading and payment) is a kind of financial business operation mode.The resource of existing electronic banking can either be inherited by this finance unit, guarantees the utilization of existing resource and the normal operation of existing internal proprietary network; Can formulate simultaneously the unified standard of network finance again, guarantee the standardization of software, hardware, communication, and be that the expansion in the future of financial unit is allowed some leeway.
In the different financial excellent machine network of finance unit (comprise financial main office with important financial branch office etc.), the communication (Fig. 1) of " height is credible " by common network (comprising the internet) between two main frames is as follows:
The information that source machine from the excellent machine network of finance sends; Through the excellent machine of source end, the source end that " source end encipheror " is housed that arrives the source end is distinguished machine; After encrypting; Pass through the internet; Distinguish machine to the Su Duan that " place end decrypted program " and " program of scrutiny program " etc. are housed; After deciphering and checking virus; Forward the excellent machine of place end to; Arrive place end purpose computing machine at last.
In the excellent machine network system of finance, the machine of distinguishing of each financial excellent machine network is equipped with identical " program of scrutiny program ", " source end encipheror " and " place end decrypted program " standard program.Like this, distinguish all for every and can monitor the information that passes in and out financial excellent machine network, and the illegal visit to each financial excellent machine network of refusal.
Banking network satisfies interactive application and stability requirement for the system that has the excellent machine network of numerous finance; Has interoperability; Can distinguish the different security requirements of each several part of a concrete file; The foundation structure that can use public-key authenticates and encryption key distribution.
In banking network system, each distinguishes that machine also can be equipped with identical " to authentication encryption of financial unit and authoring program " program, and each distinguish machine all contain other each distinguish the Access Control List (ACL) of each computer name (perhaps address) in the IP address table of machine and the coupled excellent machine network.Like this, distinguish that machine all can monitor all information that pass in and out financial excellent machine network for every, and refusal is illegally to the visit of the excellent machine network of finance.
" program of scrutiny program " function: the source end is checked information after distinguishing that machine receives cleartext information, find after the program wherein they to be arranged in together, and circulation is stored in the external storage successively, is presented on the computer screen simultaneously.If these programs are the legal procedures that allow its visit; Then the user selects " allowing later on " final election item when prompting occurring for the first time, distinguishes and can not inquire once more when machine is met these programs later on, and allow its visit.When the user does not answer within a certain period of time or selects " not allowing " final election item, the machine of distinguishing just abandons this program.After " program " filled in the external storage, the earliest " program " abandoned automatically.Su Duan distinguishes this program of machine isolated operation.
The machine of distinguishing is installed " program of scrutiny program " afterwards, just can prevent that virus attack from distinguishing the excellent machine network that organizational security protects.
" source end encipheror " function: the source end is distinguished machine sends desire by common network cleartext information back, adds the secret key of symmetric cryptography; With this data splitting input one-way hash function (Message Digest), draw hash (Hash) value (source end hashed value); Then source end hashed value is added in cleartext information (not comprising key) back, encrypt, become ciphertext with key; The Su Duan that at last this ciphertext seen off distinguishes machine.
" place end decrypted program " function: Su Duan distinguishes that machine becomes the decrypt ciphertext that receives expressly with the cipher key shared of as offered, obtains cleartext information and source end hashed value; Key is added in cleartext information (not comprising hashed value) back; With this data splitting, input is the one-way hash function of agreement in advance, obtains hashed value (place end hashed value); This place end hashed value is compared with the source end hashed value that receives; If these two hashed values are identical; Confirm that then this information distinguishes that from legal source end machine sends, accept this information; Send on the receiving computer in the excellent machine network of this place end, otherwise abandon this information.
The simple approach of authentication (Authentication) is that each is distinguished and sets up a username and password storehouse in the machine.
The machine of distinguishing of finance unit passes through Access Control List (ACL), and (Access Control List ACL) carries out authentication.This tabulation is discerned dissimilar source end internal network (is representative to distinguish machine IP address) identity simply.
The inside proprietary network who can visit financial unit is being controlled in authentication.Authorize (Authorization) to stipulate then what the user after obtaining this network qualification of visit, can do.
Authentication and mandate new method are to set up a user or financial unit name, IP address, password and authorization privilege storehouse.
The utilization of finance unit distinguishes that Access Control List (ACL) is carried out user's (referring to other financial business units, affiliate's service unit or long-distance user) authentication in the machine.This tabulation distinguishes that to dissimilar source ends (user name) machine IP address and user's password carries out identification.When having only user name, IP address and user's password identical, could guarantee to come into force based on the authentication of address with this Access Control List (ACL).
The standby system of network finance (Fig. 3) software provides complete data protection.For example Veritas NetBackup software adopts the level Four hierarchical structure, and centralized management adapts to multiple application structure.Its technical characterstic is that flexible setting, disaster recovery, parallel processing, data are reliable, easy to use, monitoring capacity and system data recovery etc.
In the main excellent machine network of network finance, ongoing business datum is placed in online storage (OnStore) equipment, guarantees to read at any time these business datums.For taking precautions against contingent data disaster, use offline storage (OffStore) equipment that these business datums are carried out back-up storage.
Virtual store (Storage Virtualization) the backup management software that network finance uses provides a transparent storage system.It arrives the inactive data archival back-up under the archival back-up catalogue in nearline storage (NearStore) equipment automatically according to the instruction of main excellent machine network, and the historical data automatic archiving is backuped to offline storage equipment.
1, electronic console contains microcontroller, input button and small-sized LCD (Fig. 2) etc., its essence is slice microcomputer (abbreviation single-chip microcomputer).It can also have radio-frequency receiving-transmitting and interlock circuit thereof.Single-chip microcomputer has multi-purpose computer functions such as read-write and process information.The size of small-sized LCD is generally 4 inches to 8 inches.
The online financial service system hardware of the common composition of banking network and electronic console.The software of finance browser and electronic console, all have raise the price, softwares such as encryption, modulation and demodulation, deciphering, decoding.The finance browser also has the identification software to the secure cryptographic algorithm of electronic console.Electronic console adopts personal identification code (PIN) to discern possessor's identity.Significant data in the electronic console also increases message identification code MAC after encrypting.Online financial service system check identification code can be recognized whether electronic console is distorted, and show on the display of browser.
Contain the basic element of character of main microcomputer such as microprocessor, random memory, ROM (read-only memory), interrupt system, timer/counter and I/O and circuit etc. in the integrated circuit of electronic console.Link together by address bus, data bus and control bus between the circuit of all parts, get in touch with by the circuit of input/output interface circuit and extraneous computing machine again.Microcontroller on electronics shows has the vital role of control liquid crystal display displays character and image, not only is responsible for coordination and control to electronic console integral body, and the numeral of burden electronic console and the control of reading in and storing of parameter.
Electronic console is pressed read-write mode, and is different with the extraneous data cross surface of browser; Can be divided into contact and contactless two big classifications.
On the surface of contact-type electronic display, some gold-plated contacts are arranged.Electronic console will carry out the identification of the information interchange and the true and false by these contacts and financial browser.
The integrated circuit (IC) chip of the little system device in the contact-type electronic display (perhaps financial browser read head) is connected on the Metal Contact chip that contains circuit board.It by eight on the chip (or six) contact points, is gone up read head with the browser that power supply is provided (electronic console of power supply perhaps is provided) and contacts in use.After the finance browser read in data on the electronic console, whether its microprocessor judges electronic console was effective.Through corresponding routine processes, microprocessor sends electronic console reads (writing) instruction; After electronic console was received instruction, the central processing unit computing through self judged whether to be illegal financial unit.If not illegal financial unit, financial browser is then read (writing) to electronic console.Otherwise electronic console is refused read (the writing) of financial browser and is instructed, and the sound that gives the alarm, and occurs literal such as " illegal financial units " on its LCD.The plug of contact-type electronic display is inserted on the slot of financial browser.
The memory capacity of the electronic console of banking network is up to 64~256KB, is enough to store the full detail of required software, a financial business and all records of financial business repeatedly.Its hardware has voltage and clock detector, the exposure encryption measures such as logic, anti-dissection that crash automatically; Software has encryption methods such as cryptoguard, secure cryptographic algorithm.It can show the information needed of banking network financial business.
The transition minimized differential signaling of browser and electronic console (Transition Minimized Differential Signaling, TMDS) not only adapt to digital signal interface circuit (the Digital Visual Interface of LCD mainboard, and also need a transmitter and a receiver when carrying out digital transmission DVI).
Electronic console needs and extraneous computing machine intercommunication.It need provide its identification signal, gives extraneous COMPUTER DETECTION identification.In the input/output interface circuit of its LCD, display data passage (Display Data Chnnel, DDC) memory circuitry are set.This storer is that a slice can be wiped and formula ROM (read-only memory) able to programme (EEPROM), stored the display recognition data, be the electronic record data information of display, for example can receive row/field frequency scope, production firm, date, product ID, model, standard indicator pattern and parameter, device data and required data in service etc.
The DDC storer of network finance electronic console carries out information mutual communication by DDC serial data pin, DDC serial clock pin and extraneous computing machine, finishes the identification of LCD.Have only extraneous computer Recognition LCD, both could be synchronously, coordinate, stably work.
The digital input interface circuit of the LCD in the electronic console of network finance receives the TMDS digital signal that the TMDS transmitter is exported in the extraneous computing machine; Deliver to the TMDS receiver in the mainboard; The clock signal of its output is delivered to clock generator.The image zoom processor (SCALER) that digital signal is sent to governor circuit through decoding is handled.Governor circuit carries out form to received image signal to be judged, image is carried out operations such as convergent-divergent processing, framing.
Treated line synchronizing signal in the LCD governor circuit of electronic console is sent to phase-locked ring type clock generator circuit, makes the time clock and the locking of line of input synchronizing signal of its generation; Another road be sent to screen show circuit (On Screen Display, OSD).Screen shows row/field sync signal (HS, VS) that circuit needs, and is not row/field sync signal of directly taking from outside input, but takes from the row/field sync signal of governor circuit output.Even LCD is not when having the signal input, its governor circuit is sent to row/field sync signal that screen shows circuit, the timing data good according to programming in advance, row/the field sync signal that in image zoom processor (SCALER), produces, can guarantee LCD when not having the signal input, also can have normal screen to show and the menu demonstration.
The digital signal of the electronic console of network finance is handled through the image zoom processor (SCALER) of the governor circuit of LCD, enable to be fit to the digital signal of liquid crystal board physical resolution, together with numeral row/field sync signal, be sent to the liquid crystal board interface circuit, digital video signal be converted to the digital video signal that meets the requirement of liquid crystal board interface circuit.
Digital video signal after the liquid crystal board interface circuit of electronic console will be changed, is sent to the timing circuit and the Drive and Control Circuit of liquid crystal board at separately (if itself comprises display line/field sync signal) or together with display line/field sync signal; The liquid crystal screen that drives LCD is gone up character display, image.
The row that the digital input interface circuit of electronic console receives/field synchronization letter also has one the tunnel to be sent to microcontroller, and LCD is carried out administration of energy conservation, and the control LCD enters operate as normal, standby, hang-up, closed condition etc.
LCD in the electronic console is used the DisplayPort interface circuit, can realize cheaply directly drive-type LCD, only needs a connecting line just can all be input to all signals in the video processor of mainboard simultaneously.
The contactless electronic display mainly is made up of radio-frequency antenna, radio receiving transmitting module, input button and LCD of containing single-chip microcomputer etc.
, can not power by wireless mode, produce the required DC voltage (2~3 volts) of chip operation through the mu balanced circuit in the electronic console again by the electronics read-write heads with the contactless electronic display of high-energy battery; And receive the wireless signal of (or being sent to) electronics read-write heads by radio-frequency interface circuit.
The contactless electronic display of interior dress high-energy battery, the electronics read-write heads can be equipped with battery, can be powered by wireless mode by electronic console.
Circuit in the radio frequency chip is made up of interface circuit, access control and three modules of storer.
Electronic console is only real reusable with no paper voucher; It can substitute various papery vouchers and various integrated circuit card, for example cash, check, electronic cash, e-credit, eCheck etc.
2, the electronics read-write heads program in the network finance is the same with electronic console software, all have raise the price, same software such as encryption, modulation and demodulation, deciphering, decoding.The electronics read-write heads also has the encryption and decryption software to the secure cryptographic algorithm of electronic console.It adopts personal identification code (PIN) to discern possessor's identity.Significant data in the electronic console also increases message identification code MAC after encrypting.Electronics read-write heads check identification code can be recognized whether electronic console is distorted, and show on the display of electronics read-write heads.
The electronics read-write heads can be made fixed or portable shape and different size; Be made generally in fixed dexterous shape or portable electronics read-write heads; Portable electronics read-write heads stock size is 8 inches to 14 inches; The photograph that can show several users simultaneously.
The microcontroller of electronics read-write heads contains the main microcomputer basic element of character such as microprocessor, random memory, ROM (read-only memory), interrupt system, timer/counter and I/O and circuit etc.Link together by address bus, data bus and control bus between their circuit, get in touch with by the circuit of input/output interface circuit and extraneous computing machine again.Its essence also is single-chip microcomputer.It has the liquid crystal display displays character on the control electronics read-write heads and the vital role of image, not only is responsible for coordination and control to complete machine, and the read-write and the storage of burden numeral and parameter.
Transition minimized differential signaling (the Transition MinimizedDifferential Signaling that the LCD (Fig. 2) of the electronics read-write heads of network finance adopts, TMDS), digital signal interface circuit (the Digital VisualInterface that not only adapts to mainboard on the LCD, and also need a transmitter and a receiver when carrying out digital transmission DVI).
Because the LCD of electronics read-write heads needs and extraneous computing machine intercommunication,, give extraneous COMPUTER DETECTION identification so its identification signal need be provided.In the input/output interface circuit of LCD, display data passage (Display Data Chnnel, DDC) memory circuitry are set.This storer is that a slice can be wiped and formula ROM (read-only memory) able to programme (EEPROM), storage expanded scope recognition data, be the electronic record data information of display, for example can receive row/field frequency scope, production firm, date, product ID, model, standard indicator pattern and parameter, device data and required data in service etc.
The DDC storer of the electronics read-write heads of network finance carries out information mutual communication by DDC serial data pin, DDC serial clock pin and extraneous computing machine, finishes the identification of LCD.Have only extraneous computer Recognition LCD, both could be synchronously, coordinate, stably work.
The digital input interface circuit of the LCD in the electronics read-write heads of network finance receives the TMDS digital signal that the TMDS transmitter is exported in the extraneous computing machine; Deliver to the TMDS receiver in the LCD mainboard; The clock signal of its output is delivered to clock generator.The image zoom processor (SCALER) that digital signal is sent to governor circuit through decoding is handled.Governor circuit carries out form to received image signal to be judged, image is carried out operations such as convergent-divergent processing, framing.
Treated line synchronizing signal in the LCD governor circuit of electronics read-write heads is sent to phase-locked ring type clock generator circuit, makes the time clock and the locking of line of input synchronizing signal of its generation; Another road be sent to screen show circuit (On Screen Display, OSD).Screen shows row/field sync signal (HS, VS) that circuit needs, and is not row/field sync signal of directly taking from outside input, but takes from the row/field sync signal of governor circuit output.Even LCD is not when having the signal input, its governor circuit is sent to row/field sync signal that screen shows circuit, the timing data good according to programming in advance, row/the field sync signal that in image zoom processor (SCALER), produces, can guarantee LCD when not having the signal input, also can have normal screen to show and the menu demonstration.
Digital signal is handled through the image zoom processor (SCALER) of the governor circuit of LCD, enable to be fit to the digital signal of liquid crystal board physical resolution, together with numeral row/field sync signal, be sent to the liquid crystal board interface circuit, digital video signal be converted to the digital video signal that meets the requirement of liquid crystal board interface circuit.
Digital video signal after the liquid crystal board interface circuit of electronics read-write heads will be changed, is sent to the timing circuit and the Drive and Control Circuit of liquid crystal board at separately (if itself comprising digital display line/field sync signal) or together with display line/field sync signal; Drive LCD; Character display, image on the liquid crystal screen.
Row/field sync signal that the digital input interface circuit of LCD receives also has one the tunnel to be sent to microcontroller, and LCD is carried out administration of energy conservation, and the control LCD enters operate as normal, standby, hang-up, closed condition etc.
The LCD of electronics read-write heads is used the DisplayPort interface circuit, can realize cheaply directly drive-type LCD, only needs a connecting line just can all be input to all signals in the video processor of mainboard simultaneously.
The contact-type electronic read-write heads mainly is made up of input button and the LCD etc. that contains single-chip microcomputer.
Integrated circuit (IC) chip in the contact-type electronic read-write heads is connected on the Metal Contact sheet that contains circuit board.It by eight on the chip (or six) contact points, contacts with read head on the electronic console that power supply is provided in use.After the electronics read-write heads reads in data on the electronic console, whether effective by its microprocessor judges electronic console.It is through corresponding routine processes, and its microprocessor sends electronic console reads (writing) instruction; After electronic console is received instruction,, judge whether to be illegal electronics read-write heads through the central processing unit computing of self.If not illegal electronics read-write heads, the electronics read-write heads is then read (writing); Otherwise the electronic console refusal is read (writing) instruction, and the sound that gives the alarm, and occurs literal such as " illegal financial units " on LCD.
The contactless electronic read-write heads increases the wireless radio frequency discrimination RFID technology.Electronics read-write heads and electronic console carry out information interaction by radio to be handled.
The contactless electronic read-write heads mainly is made up of radio-frequency antenna, radio receiving transmitting module, input button and LCD of containing single-chip microcomputer etc.
, can not power by wireless mode, produce the required DC voltage (2~3 volts) of chip operation through the latent volt circuit in the electronics read-write heads again by electronic console with the contactless electronic read-write heads of high-energy battery; And receive the wireless signal of (or being sent to) electronic console by radio-frequency interface circuit.
The contactless electronic read-write heads of interior dress high-energy battery, electronic console can be equipped with battery, can be powered by wireless mode by the electronics read-write heads.
Circuit in the radio frequency chip is made up of interface circuit, access control and three modules of storer.
The RFID technology is by the electronics read-write heads and at a distance of the radio communication between ten centimetres to tens meters electronic console; The robotization information of carrying out reads, and whole process need not manual intervention; Can be operated in the various rugged surroundings; And general dirt covers on the electronic console, does not also influence the wherein recognition of canned data.
The electronics read-write heads can be discerned high-speed moving object, can discern a plurality of electronic consoles simultaneously; Swift and convenient to operate, strong security.
When the electronic console off line was independently carried out financial business, the signal that the electronics read-write heads will send was modulated on the carrier information of a certain frequency after encrypting, and outwards sends by antenna.The electronic console that enters this electronics read-write heads perform region receives this pulse signal.Relevant circuit in the electronic console is modulated, is deciphered and decode this signal, and is judged as read command.Electronic console reads from storer for information about, and is encoded, encrypt, after the modulation, send to the electronics read-write heads again by antenna.The electronics read-write heads is delivered to its microcomputer and is handled after the information that receives is carried out demodulation, deciphering, decoding.Through corresponding routine processes, microprocessor sends electronic console and reads (writing) instruction in the electronics read-write heads; After electronic console is received instruction,, judge whether to be illegal electronics read-write heads through the central processing unit computing of self.If not illegal electronics read-write heads, the electronics read-write heads is then read (writing); Otherwise read (the writing) of its refusal electronics read-write heads instructs, and the sound that gives the alarm, and occurs literal such as " illegal electronics read-write headses " on LCD.If the electronics read-write heads is not inconsistent through judging corresponding electronic console password and information authority, then return various error messages; And on the electronics read-write heads, give the alarm, show alert content.
3, several bank's browsers of certain bank, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic cash dispenser, account inquiries service terminal, the mechanical, electrical words banking system of public affair paying service, multimedia inquiry system, electronics read-write heads, server, excellent machine and database server etc., adopt the network topology structure technology, by the excellent machine network that medium (can be wired or wireless) is connected and is formed, be an e-bank of this bank.In fact existing each local LAN (Local Area Network) or Intranet of this bank all is an e-bank.
E-banking system " expert think tank software " is the miscellaneous service software of banking system, manage money matters software, bank risk early warning software etc.
The Investment ﹠ Financing function: digicash is the representative of commodity value form.The circulation of digicash has very big dirigibility in network finance.The applying electronic coin is as the means of payment of commodity, can make idle fund in people's hand constantly to the field or the link circulation of high yield, thereby brings more wealth for people.Wherein comprehensive financial operation comprises card Securities, insurance, fund business.Network finance makes electronic console (being digicash) become truly " coin logical " in a word.
The function of the market: network finance has been accelerated the velocity of liquid assets of incorporate process in financial market and digicash; The investment field that financial institution faces is wider, investment opportunity is also more; Subtle change on the market all may form the variation of the investment structure that strengthens step by step; Helping head office of bank regulates the digicash total amount and the assets price of throwing in.
The rate of discount function: rate of discount is re-lending cost and the quantity based on general headquarters of bank, by the price and the variation in number of re-lending, adjusts the flowability of commercial bank and brings into play its effect.Commercial bank's distribution digicash, can make the distribution net proceeds that digicash produced is zero equilibrium.
Information increment: providing on the basis of Financial Information consulting, be means, for client's use of funds arrangement provides thoughtful specialized financing suggestion and consultant's scheme with fund trustship, account trustship.Establish and improve enterprises and individuals's credit rating system, realize sharing of social resources, the information increment service is provided.
Public information service: financial market information such as interest rate, the exchange rate, stock index, insurance quality are provided for all clients, and financial, economic dispatch news; Provide the specialized information that is customized for its client simultaneously.
Advisory service in investment: with the bank client is object, utilizes the mode of e-bank to act on behalf of the client in real time and pays clearance, and investment consultation, the financing of planning specialty etc. are provided.Wherein comprehensive consultancy comprises the consulting of card Securities, insurance, fund business; Agency shop internal finance management service is acted on behalf of personal balance planning, and network finance supermarket etc. is provided.
The comprehensive management service: operating service had both comprised direct or indirect Control Network shop, and commodity transactional services (comprise the distribution digicash, stored value card is provided) etc. is provided.
Can also take to take precautions against the measure that payment risk takes place in the e-banking system: prevent the regulation risk conscientiously, the liquidity risk of strengthening management, evade credit risk conscientiously, strictness prevents risk of fraud, takes precautions against operational risk etc. takes place.
E-bank can carry out the service of intellectuality, personalization at different clients' demand; For example allow group of enterprises can inquire about the account and the transaction record of each subsidiary company by the Internet bank, and signing the funds transfer that realizes group internal on the basis of multilateral agreement and transferring, improve the use of funds benefit of group's integral body, for the client improves the internal operation management, financial management provides strong support.
The opening of finance business on network and marketplace platform, round-the-clock and borderless restriction can make network economy be tending towards globalization.
Open technique and software that the Internet bank adopts can reduce the expense of the system development and the maintenance of banking software hardware.The client of the Internet bank is made up of the PC and the browser software of standard, mainly takes the browser/server application model, is convenient to safeguard.The maintenance upgrade of system of the Internet bank simultaneously also becomes simply, as in the upgrade application system or when new product is installed, only needs renewal simply or upgrade server application program to get final product, and need not client is carried out any change.
The Internet bank collects client's information easily, also is convenient to interaction between bank and the client, and both sides are understood more.The Internet bank can add up, analyze, excavate various information automatically; Its result helps to strengthen the Financial Management of bank.
E-bank can introduce the business of industries such as electronics card Securities, electronic insurance, widens the new business of bank, provides more incorporate financial service to the client.
4, the insurance browser of several insurances of certain insurance institution and safeguards system, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read-write heads and database server etc., adopt the network topology structure technology, by the excellent machine network that medium (can be wired or wireless) is connected and is formed, be an electronic insurance of this insurance institution.Existing each local LAN (Local Area Network) or Intranet of this insurance institution all are electronic insurances.
Insurance system " expert think tank software " is various insurance business softwares, information increment service software, different insurance risk early warning software.Existing every the main frame of insurance company all is " the expert think tank software " of an electronic insurance.
Electronic insurance can provide premium account inquiries, electronic transaction (present deal), the detail etc. of paying the fees for the client.
Electronic insurance can provide total (mother) company of conglomerate handle insurance professional needed interrelated data, insurance business go through the formalities information and consultation informations such as (programs).
Electronic insurance can be introduced the business of industries such as e-bank, electronics card Securities, widens the new business of insurance company, provides more incorporate financial service to the client.
5, several cards Securities browser, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read-write heads and the database server etc. of certain card Securities company, adopt the network topology structure technology, by medium (can be wired or wireless) be connected organize or excellent machine network, be an electronics card Securities of this card Securities company.Existing each local LAN (Local Area Network) or Intranet of this card Securities company all are electronics card Securities.
Card Securities system " expert think tank software " is the various card Securities business softwares of card Securities system, various card Securities information increment software, different syndrome Securities Risk-warning software etc.
Card Securities bookkeeping function: can realize the transaction of buying in and selling of all kinds of government bonds quickly and easily, provide effective means for the central bank realizes its monetary target.It can just can realize the transfer of account fund when carrying out security exchange and completing a business transaction, guarantee security, reliability and real-time.
Securities can realize functions such as subscribing, applying to purchase of fund and essential information inquiry by the electronics card.
Electronics card Securities can provide bond account inquiry, electronic transaction (present deal) for the client, detail strikes a bargain; Inquiry bond price and debt market information etc.
Electronics card Securities can provide total (mother) company of conglomerate to handle information and consultation informations such as the professional needed interrelated data of card Securities, card Securities business handling program.
Electronics card Securities can introduce the business of industries such as e-bank, electronic insurance, widens the new business of card Securities company, provides more incorporate financial service to the client.
6, each e-bank of certain banking institution (perhaps its excellent machine) is connected with router on the internet by distinguishing machine, is built into the proprietary wide area network of banking of " high credible " of this bank, is exactly bank network (Fig. 1).The banking of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly the Internet bank.
The client concludes the business at the business station of service unit, the general flow (Fig. 4) of business: the client hits professional browser in business site, enters the webpage at professional station, and after the information of incoming traffic, selecting oneself needs for information about.The means of account settlement that the client submits money or selects to pay by mails at the spot assets machine at this business station; When the client after this deposit machine is submitted money or bank and is sent the information of electronic accounting success, the electronic console incoming traffic information of giving the client, and send client for this business browser and pay the bill; Or electronic cash success or business successfully wait information; Notify the client to pull out electronic console.
The client carries out the flow process (Fig. 5) of business transaction and E-Payment by common network: the client is connected common network with browser and enters business station webpage in certain Network; The excellent machine in wherein professional station stands in account No. and password encryption in its Internet bank to this business with private key, and ciphertext is as the business digital signature of standing; To its account No. and password encryption in customer bank, ciphertext is as client's digital signature with private key for the client; Customer bank is stood bank at the clearing number of the account and the password of customer bank with business, with the encrypted private key of oneself, as the customer bank digital signature; Professional station bank with professional station PKI to business stand number of the account, password and the amount receivable encryption of professional station; The client receives commodity or service, with its private key will confirm the payment information and password encryption as its digital signature; By settling accounts between the bank.
7, each electronic insurance of certain insurance company (perhaps its excellent machine) is connected with router on the internet by distinguishing machine, is built into the insurance network (Fig. 1) of the said firm.The insurance business of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly an internet insurance.
The client carries out the flow process (Fig. 4) of insurance business at the business station of service unit, the flow process of carrying out business with the client at the business station of service unit is basic identical; Be not both in the bank of deposit of insurance company and pay premium of insurance.
The client carries out the flow process (Fig. 5) of insurance business and network payment by the internet, and is basic identical with the flow process that the client carries out Network transaction and network payment by common network; Be not both in the bank of deposit of insurance company and pay premium of insurance.
8, each electronics card Securities (perhaps its excellent machine) of certain card Securities company is connected with router on the internet by distinguishing machine, is built into and demonstrate,proves Securities network (Fig. 1).The card Securities business of utilizing electronic console and/or electronics read-write heads to be carried out on this network is exactly network card Securities.
The client demonstrate,proves the flow process (Fig. 4) of Securities business at the business station of service unit, the flow process of carrying out business with the client at the business station of service unit is basic identical; Be not both the payment card Securities of bank of deposit expense in card Securities company.
The client demonstrate,proves the flow process (Fig. 5) of the professional and network payment of Securities by the internet, and is basic identical with the flow process that the client carries out Network transaction and network payment by common network; Be not both the payment card Securities of bank of deposit expense or transaction fee in card Securities company.
9, the remote client of financial unit with after router on the common network is connected, can be logined the excellent machine network of financial unit by medium (can be wired or wireless), visits net (Fig. 1) exactly.It is by the remote client of the machine of the distinguishing standard program that financial unit is housed, be connected to after the common network, can with the excellent machine network of this finance unit, carry out the system of the information interoperability of " high credible ".
Client or enterprise also can be with multimedia equipments (containing the machine program of distinguishing) such as mobile phone, landline telephone, TV, computing machines, with after the router of common network is connected, can login the excellent machine network of financial unit by medium, also are the visit nets.
Between the proprietary net of remote client and unit, carry out safety and accurate information interoperability by the internet, also can adopt high data encryption of Cipher Strength and identity identifying method.General public key algorithm (the Public-Key Crypto-graphic Algorithms) technology that adopts is carried out authentication and key change; Adopt the symmetric cryptography decryption technology to carry out the encryption and decryption of information.
Remote client is equipped with " to unit authentication encryption and authoring program " function; The machine of distinguishing of the excellent machine network of unit is equipped with after " to user's authentication encryption and authoring program " function, and each of remote client and unit distinguished the Access Control List (ACL) of each Hostname (perhaps address) in IP address table that these remote clients is all arranged in the machine and distinguish machine and the excellent machine network that is allowed to visit.User's remote client and unit Intranet are distinguished the function of machine, the user are sent or the information that receives is transmitted by ciphertext on the internet, and guarantee information transmission safety reliability prevents that significant data is stolen on the internet.
Distinguish machine in the remote client of visit net and the excellent machine network, by safety and accurate communicate by letter following (Fig. 4) of internet:
Be equipped with " to user's authentication encryption and the authoring program " that be connected with unit excellent machine network distinguishes machine, " to the authentication encryption and the authoring program of unit " remote client perhaps is housed, can encrypt various information, and the information of excellent machine network of the source end that only allows this unit and remote client, after encrypting, enter into the internet.
The machine of distinguishing that is connected with unit excellent machine network, " to user's authentication encryption and authoring program " function etc. is housed, can discerns the various information of coming in, and only allow the information of remote client from the internet, after deciphering, enter into the receiving computer of the excellent machine network of this place end.
Remote client is equipped with " to the authentication encryption and the authoring program of unit " function etc., can discern the various information of coming in from the internet.It only allows the information of the computing machine in the excellent machine network of source end of this unit, after deciphering, enters into remote client.
Being used to provide the secure access of long-range mobile subscriber to the unit Intranet, is the private of non-permanent haulage line; For multi-form access technique,, just can realize this technology as long as upgrade the access strategy of dedicated network.
10,, lay respectively at the diverse location of electronic console (perhaps digicash device) with the input interface circuit that matches each other and the output interface circuit of electronic console (perhaps digicash device); The interface circuit of output plug (perhaps slot) can insert the interface circuit of importing slot (perhaps plug) just.Then can directly pass through information interaction between the electronic console (perhaps digicash device), carry out the interchange of digicash, replace the use of existing papery coin.
The structure of electronic console (perhaps digicash device) and the software that " program of scrutiny program ", " source end encipheror " and " place end decrypted program " wait the machine of distinguishing is housed is the basis of the electronic console safety of each difference in functionality of realization.Electronic console (perhaps digicash device) is installed the function program of some standards.It can also increase some other functional programs are installed according to the needs of difference in functionality simultaneously.
The software of electronic console (perhaps digicash device), all have raise the price, the software and the software of depositing and withdrawing such as encryption, modulation and demodulation, deciphering, decoding.It also has the identification software to the secure cryptographic algorithm of digicash device.The digicash device adopts personal identification code (PIN) to discern possessor's identity.Significant data in the digicash device also increases message identification code MAC after encrypting.It can check identification code, can recognize that whether the other side's digicash device is distorted, and show on LCD.The microcontroller of digicash device contains the main microcomputer basic element of character such as microprocessor, random memory, ROM (read-only memory), interrupt system, timer/counter and I/O and circuit etc.Link together by address bus, data bus and control bus between their circuit, again by input/output interface, with the circuit contact of extraneous computing machine or microcontroller.Microcontroller has the liquid crystal display displays character on the control digicash device and the vital role of image, not only is responsible for coordination and control to digicash device integral body, and the numeral of burden digicash device and the control of reading in and storing of parameter.
The memory capacity of electronic console (perhaps digicash device) is enough to all records of storing the full detail of required software, I.D. and repeatedly depositing and withdrawing and charge up to 64~256KB.Its hardware has voltage and clock detector, the exposure encryption measures such as logic, anti-dissection that crash automatically; Software has encryption methods such as cryptoguard, secure cryptographic algorithm.
Claims (10)
1. electronic console has microprocessor, input button, miniscope etc.; Its integrated circuit has the circuit of data-carrier store, working storage and program storage;
The electronic console program comprises the standard program and the information completely scrutiny program of the machine of distinguishing;
Electronic console can also be as required, the hardware and software of increase authentication etc.;
Each electronic console all has input interface circuit and/or the output interface circuit that matches each other; They lay respectively at the diverse location of electronic console; Output plug (perhaps slot) interface circuit can insert the interface circuit of importing slot (perhaps plug) just; Can directly pass through information interaction between them, carry out financial business and exchange;
Electronic console had both needed the online information processing of carrying out, and did not need online authorisation process again; Therefore allow its off line to use;
Electronic console can also have:
1.1 electronic console can be by the network payment of financial browser, access digicash; It inputs or outputs digicash also can for other electronic consoles; The electronics read-write heads also can be given electronic console store electrons coin;
The coin that electronic console can be used as all functions with digicash or papery coin uses on market;
1.2 the CPU of electronic console can adopt new method to encryption, complete survey and the authentication of information;
1.3 electronic console is protected by pin mode, possessor's real money is to be stored on the finance account; It also can be used as debit card; If electronic console is lost or is damaged, possessor's money is not lost;
When 1.4 the user adopts the real name electronic display, as long as second generation I.D. was brushed I.D. brush groove on the browser of financial unit; In the data input electronic consoles such as number that browser can be demonstrate,proved user identity and the photograph of its people own; These data are as long as brush once; When repeating financial business with this electronic console more later on, just need not brush again again;
1.5 electronic console can carry out work with independent mode or on-line mode:
1.5.1 the electronic console that works alone does not contact with financial browser; Rely on the software independent operating in its storer between two electronic consoles and/or the electronics read-write heads; They can directly be connected with output interface by its different input interface; This electronic console has reads, translates its all logic function, can independence test the legitimacy of electronic console and possessor's identity separately; The output of electronic console (perhaps input) plug also can insert in input (perhaps output) slot of electronics read-write heads, directly carries out interactive information;
1.5.2 the electronic console of on-line working injects on the plug special on financial browser or the electronics read-write heads; Browser or electronics read-write heads directly link to each other with the excellent machine network of finance by special line, telephone line etc.; Every financial business is real-time transmitted to financial excellent machine network by electronic console and handles, and file can real-time update; Electronic console can also adopt biometric techniques such as finger scan, sound affirmation and iris authentication to its possessor's identification;
1.6 electronic console can also adopt digital signature and access control policy supervisor; And by application layer, to the various information implement security hierarchical managements of transmission; It can carry out corresponding safety encipher according to its different safe class for some the part paragraph in the information;
1.7 the security control software of electronic console stored also can have the personal identity card identifier of testing to the electronic console possessor, and determines the function of possessor's legitimacy; It can contain and show individual China second-generation identity card number and wherein individual photograph, carries out system of real name;
1.8 the memory capacity of electronic console, is enough to all records of storing the full detail of required software, I.D. and repeatedly depositing and withdrawing and charge up to 64~256KB; Its hardware has voltage and clock detector, the exposure encryption measures such as logic, anti-dissection that crash automatically; Software has encryption methods such as cryptoguard, secure cryptographic algorithm.
2. the electronics read write line is equipped with identification and the storer of Control Software, read-write equipment, display etc.; Its controller can be raised the price to information, encryption, modulation and demodulation, deciphering, decoding etc.;
Electronics read write line program contains the standard program of the machine of distinguishing, has information encryption system and the software that prevents computer virus; The electronics read-write heads can also have:
2.1 electronic console for some the part paragraph in the information, can also carry out corresponding safety encipher according to its different safe class; The security control software of electronics read-write heads stored also can have check personal identity card identifier, and determines the function of possessor's legitimacy; It can contain and show individual China second-generation identity card number and wherein individual photograph, carries out system of real name;
2.2, can not power by wireless mode, produce the required DC voltage of integrated circuit (IC) chip work through the mu balanced circuit in the electronics read-write heads again by electronic console with the contactless electronic read-write heads of high-energy battery;
2.3 during the work of the contactless electronic read-write heads of interior dress high-energy battery, electronic console need not be equipped with battery, can be powered to it by wireless mode by the electronics read-write heads;
2.4 the micro controller system of electronics read-write heads is given full play to standard, convenience and high-efficiency information operation function; Electronic console can be discerned by the electronics read-write heads, can start the electronics read-write heads simultaneously;
The user utilizes electronic console, can be directly on the electronics read-write heads, and with online or off-line mode, financial business is concluded the business to finish access digicash money voluntarily and transfer accounts etc.;
2.5 the electronics read-write heads can be with independent mode or on-line mode work:
2.5.1 the electronics read-write heads that works independently does not link to each other with banking network (being generally excellent machine network);
The electronics read-write heads relies on the software independent operating in its storer; Between it and the professional main frame by regularly exchanging floppy disk comes interactive information;
This electronics read-write heads has all logic functions of reading, translating its electronic console, the legitimacy of energy independence test electronic console and possessor's identity;
2.5.2 the electronics read-write heads of on-line working directly links to each other with banking network by special line, telephone line etc.;
Every business is real-time transmitted to banking network by the electronics read-write heads and authenticates and handle, and file can real-time update;
The electronics read-write heads can also adopt biotechnologys such as finger scan, sound affirmation and iris authentication to electronic console possessor's identification;
2.6 the electronics read-write heads can also adopt digital signature and access control policy supervisor; And by application layer, to the various information implement security hierarchical managements of transmission;
2.7 employing barcode technology, electronics read-write heads can also be applied to fields such as retail industry, manufacturing enterprise, public institution, taking care of books, warehouse automation management;
2.8 the electronics read-write heads can have various standard interface circuit, and some special interface circuits can also be arranged, as with the interface circuit of magnetic card and IC-card reader, bar-code reader and electronic scales etc.
3. several bank's browsers of certain bank, cash dispenser, ATM (Automatic Teller Machine), cash-out machine, automatic cash dispenser, account inquiries service terminal, the mechanical, electrical words banking system of public affair paying service, multimedia inquiry system, electronics read write line, server, excellent machine and database server etc. automatically, adopt the network topology structure technology, be connected by medium (can be wired or wireless) and form e-bank;
Excellent machine in the e-bank or certain main frame contain banking system " expert think tank software ", and various banking services can be provided; Various bank information value-added services can also be provided; Different bank Risk-warning function can also be provided;
E-bank can also provide three kinds of new bankings except the traditional bank business can be provided: public information service, advisory service in investment and comprehensive management service;
E-bank adopts wireless network, can effectively support the facility that the business of e-bank is carried out and served;
E-bank can also have:
3.1 e-bank can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network; It can be a cable network; It also can be wireless network;
3.2 automatic cash dispenser (AD) is a terminating machine of only making deposit usefulness; It can with browser, be merged into and have deposit and bank's browser of payment function; It also can and take out digicash to the electronic console storage;
3.3 each e-bank can independently bear the miscellaneous service of bank of corresponding branch;
3.4 people can be by the browser or the automatic cash dispenser of e-bank, direct handling bank business;
3.5 industry markets such as e-bank, electronics card Securities, e-bank can be merged in e-bank, reduce the work repetition of all kinds of financial companies to same client, widen banking company's innovative space, provide the more bank service of volume type clothing formula to the client;
3.6 cash dispenser and deposit machine are respectively the terminating machines of only withdrawing the money, depositing usefulness; They can with bank's browser be merged into have get, bank's browser of savings function; Be that they also can merge into automatic teller machine (being access papery coin);
3.7 bank's browser can also pass through internet, access digicash from other e-banks;
3.8 bank's browser can also be given electronic console store electrons coin.
4. several of certain insurance institution insure browsers, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read write line and database server etc., adopt the network topology structure technology, the composition electronic insurance is connected by medium (can be wired or wireless);
Excellent machine in the electronic insurance or certain main frame contain insurance system " expert think tank software ", and various insurance business services can be provided; It can also provide various insurance information value-added services; Different insurance risk warning functions are provided;
The insurance browser provides the workstation that browser software and automatic teller machine software are housed that uses to people;
Automatic teller machine utilizes ATM (Automatic Teller Machine) by network payment, can carry out the access of the premium of insurance of papery coin;
Electronic insurance can be carried out insurance plan for thousands of enterprise and millions of personnel; This means that any variation takes place each personnel's salary or personal considerations, and electronic insurance all must upgrade its data; The flow process of this intelligent insurance business:
Insurant or its clientage are by e-file, Email or electronic fax, with the data notification electronic insurance of needs change; Electronic insurance is received and after these data these data is input to database; Such program has formed firm flow process between electronic insurance and client; Because necessary information all has preservation in the system of insurant or its clientage and electronic insurance, so can pass through electronic insurance, replace original data and form new data again;
Electronic insurance adopts wireless network, can effectively support the facility that the business of electronic insurance is carried out and served;
Electronic insurance can also have:
4.1 electronic insurance can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network; It can be a cable network; It also can be wireless network;
4.2 the terminating machine that automatic teller machine can be deposited, be withdrawn the money; It can with browser, be merged into and have the deposit and the insurance browser of payment function; It also can give electronic console store electrons coin;
4.3 each electronic insurance can independently be born the business of insurance institution of branch;
4.4 people can directly pay insurance premium by insurance browser or automatic teller machine;
4.5 electronic insurance can merge industry markets such as e-bank, electronics card Securities, electronic insurance;
4.6 cash dispenser and automatic teller machine can be the terminating machines of only withdrawing the money, depositing usefulness; They can with the insurance browser be merged into have get, the insurance browser of savings function; Be that they also can merge into automatic teller machine (being access papery coin);
4.7 the insurance browser can also pass through internet, access digicash from other electronic insurances;
4.8 the insurance browser can also be given electronic console store electrons coin.
5. certain demonstrate,proves several cards Securities of Securities company browser, cash dispenser, ATM (Automatic Teller Machine), automatic cash-out machine, automatic teller machine, excellent mechanical, electrical sub-read write line and database server etc., adopt the network topology structure technology, be connected by medium (can be wired or wireless) and form electronics card Securities;
Excellent machine or certain main frame among the electronics card Securities contain card Securities system " expert think tank software ", and various card Securities business service can be provided; The service of various card Securities information increment is provided; Different syndrome Securities Risk-warning function is provided; Card Securities company is developed to the direction of omnipotence, internationalization, intensification and diversification;
Card Securities browser provides the workstation that browser software and automatic teller machine software are housed that uses to people;
Card Securities browser can pass through network payment, utilizes ATM (Automatic Teller Machine), carries out the access of the card Securities expense of papery coin;
Electronics card Securities can carry out card Securities plan for thousands of enterprise and millions of personnel; This means that any variation takes place each personnel's card Securities investment situation, and electronics card Securities must upgrade its data; The flow process of this intelligence card Securities business:
Card Securities investor or its clientage by e-file, Email or electronic fax, demonstrate,prove Securities with the data notification electronics that needs change; Electronics card Securities receives and after these data these data is input to database; Such program has formed firm flow process between electronics card Securities and client; Because necessary information all has preservation in the system of card Securities investor or its clientage and electronics card Securities, so can demonstrate,prove Securities by electronics, replace original data and form new data again;
Electronics card Securities adopts wireless network, the facility that the business that can effectively support electronics to demonstrate,prove Securities is carried out and served;
Electronics card Securities can also have:
5.1 electronics card Securities can be LAN (Local Area Network), Metropolitan Area Network (MAN) or wide area network; It can be a cable network; It also can be wireless network;
5.2 the terminating machine that automatic teller machine can be deposited, be withdrawn the money; It can with browser, be merged into and have the deposit and the card Securities browser of payment function; It also can give electronic console store electrons coin;
5.3 each electronics card Securities can independently bear the business of card Securities company of branch;
5.4 people can be by card Securities browser or automatic teller machine, direct payment card Securities expense;
5.5 electronics card Securities can merge industry markets such as e-bank, electronics card Securities, electronics card Securities, reduces the work repetition of all kinds of financial companies to same client, widens the innovative space of card Securities company, provides more volume type clothing formula card Securities service to the client;
5.6 card Securities browser can be demonstrate,proved direct access digicash the Securities from electronics;
5.7 card Securities browser can be demonstrate,proved access digicash the Securities from other electronics by the internet;
5.8 cash dispenser and automatic teller machine are the terminating machines of only withdrawing the money, depositing usefulness; They can with card Securities browser be merged into have get, the card Securities browser of savings function; Be that they also can merge into card Securities automatic teller machine (being access papery coin).
6. each e-bank of certain bank (perhaps its excellent machine) is connected with the machine of distinguishing, the machine of distinguishing pass through medium (can be wired or wireless) with the internet or/and the router of free wireless public network is connected, be built into bank network; The banking of utilizing electronic console and/or electronics read write line to be carried out on this network is exactly the Internet bank;
Each e-bank is all by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each e-bank again by the common network intercommunication; All e-banks can both guarantee the security of banking and authenticity, reliability and the confidentiality of information; Fundamentally stop some people by swindles such as network implementation bankings;
6.1 in the rural area that does not have network, computing machine can utilize telephone wire to carry out financial business and handle; No matter PC, workstation, minicomputer, main frame etc. all can be used as the financial business computing machine; Owing to use phone (perhaps mobile phone) to carry out financial business, need pass through telephone communication network; Therefore modulator-demodular unit is indispensable hardware device; The function of modulator-demodular unit and transmission speed should decide selection according to the financial business demand of reality; General communication line commonly used is a telephone line;
6.2 the Internet bank can adopt following mode (B2C type network payment mode) to carry out business etc.:
6.2.1 the client on the browser of business station, carries out the business transaction flow process by the internet:
1. the client is with the plug (also being the power switch of browser) of the electronic console of the Internet bank, be inserted on the electronic console dedicated slot of professional browser of e-bank, and the webpage on the click-to-call service browser, enter the webpage at professional station, according to page prompts, after the information of businesses was carried out in input, selecting oneself needed for information about;
2. the client deposits on the spot assets machine of the Internet bank, forward to the 5. the item content of carrying out electronic console write; Perhaps select the means of account settlement of E-Payment, and obtain licensing of bank, on the page of professional browser, according to the prompting of webpage, import Bank Account Number and password, and bank paying information is encrypted;
3. excellent machine is checked, is confirmed client's business information in the e-bank, and be transmitted to payment gateway through client's payment information of encrypting etc. relevant, bank's backstage service server up to bank's dedicated network is confirmed, in the hope of from electronic money issuers such as banks, verify the mandate that the client obtains disbursing funds;
4. behind bank's demonstration validation,, send affirmation business and payment and settlement successful information for the browser of e-bank and excellent machine by the encrypted tunnel communication of setting up via payment gateway;
5. the excellent machine of e-bank carries out the business affirmation; The client after deposit machine is handed over the clearing successful information that money or bank send, the electronic console incoming traffic information of giving the client, and send the client for professional browser and pay the bill; Perhaps network successful payment and the business information that finishes; Notify the client to pull out electronic console;
6.2.2 client and businessman carry out the method for network trading and payment, adopt businessman, client and the bank of deposit thereof, and pair of secret keys (PKI and private key) and PKI and all covert new method of private key are all arranged separately; This method must possess the client in bank of deposit's (calling customer bank in the following text) number of the account, and certain deposit is arranged; There is number of the account in businessman in bank of deposit's (calling bank of businessman in the following text), and knows the PKI of this bank; The PKI of customer bank and PKI and businessman's password of businessman are known by bank of businessman; Customer bank is known the PKI of bank of businessman and client's PKI and client password; There is the clearing number of the account in bank of businessman at customer bank;
Client and businessman carry out Network, business transaction and E-Payment basic procedure:
1. the client connects the Internet with client computer (perhaps browser), enters the webpage of businessman with Web browser, according to page prompts, selects oneself needs for information about, for example trade name and price or service price etc.; And then the means of account settlement of selection online payment; The client is with these information and oneself inhabitation address or address; Pass to businessman by the Internet;
2. the machine of distinguishing of businessman is to client's business information, check, confirm, and be given to server (excellent machine), excellent machine uses the private key of businessman account number and the password encryption of businessman in bank of businessman, ciphertext is as businessman's digital signature, with pricing information and businessman's Bank Name of business, pass to the client by the Internet;
3. after client's confirmation, to its account number and password encryption at customer bank, ciphertext is as client's digital signature, with client's digital signature and businessman's digital signature, Payment Amount and businessman's Bank Name etc. with private key, with the public key encryption of customer bank, and these ciphertexts are passed to customer bank;
4. customer bank with decrypt ciphertext, obtains plaintext, businessman's digital signature and client's digital signature that the client sends with the private key of oneself; With client's PKI client's digital signature is decrypted then; The data that customer accounting code after customer bank will be deciphered, password and client retain is checked, and just is confirmed to be the information that the client sends after errorless;
5. customer bank is with clearing number of the account and the password of bank of businessman at customer bank, with the encrypted private key of oneself, as the customer bank digital signature; With the digital signature of collection amount, customer bank digital signature and businessman bank of businessman public key encryption, send to bank of businessman then;
6. after the ciphertext of customer bank is received by bank of businessman, with decrypt ciphertext, obtain cleartext information and digital signature thereof that customer bank sends with oneself private key, with the customer bank PKI customer bank digital signature is decrypted then, if success is confirmed to be then that customer bank sends; Bank of businessman is decrypted businessman's digital signature with the PKI of businessman again, if success is confirmed to be then that businessman sends;
7. bank of businessman to Merchant ID, password and businessman's amount receivable, sends businessman after encrypting together with businessman's PKI; After information is received by businessman, with the private key deciphering of oneself; If it is correct that businessman confirms own amount receivable and Merchant ID, password; Then, send to commodity or service to the client by quick postal delivery system or home-delivery center according to client live address or address;
8. the client receives commodity or service, with its private key will confirm the payment information and password encryption as its digital signature, send to customer bank; Customer bank uses client's PKI with decrypt ciphertext, obtains the client and sends the information of accept money really; Customer bank deducts shopping money or service money with the client in the account of this bank, bank of businessman is increased this money in the balance account of customer bank, and inform that bank of businessman increases this money on its merchant account;
Bank of businessman and customer bank were settled accounts in the designated time;
6.2.3 it is the same with the required condition of Network that the client utilizes telephone wire to carry out professional; Be the client (or businessman) and the bank of deposit thereof, each have pair of secret keys (PKI and private key); The client has certain deposit and password in bank of deposit's (calling customer bank in the following text) number of the account; And know the PKI of this bank etc.; It utilizes telephone wire to carry out professional general flow:
The client utilizes modulator-demodular unit, and computing machine is connected with telephone wire, by telephone wire, the browser page of network businessman is transferred on the computer screen of oneself; According to oneself business or demand for commodity, operate according to this page prompts then, decision oneself need for information about to be selected; The client selects the means of account settlement of online payment again, as electronic console, stored value card, electronic cash, eCheck or the Internet bank etc.; The client also imports inhabitation address or the address of oneself; Check own inhabitation address or address information; All the other steps are the same with above Network;
The network payment mode that 6.3 network trading is an enterprise with the individual to be adopted when carrying out network trading; It is B2C type network payment mode; Revise the network payment modes such as B2B type, C2C type, B2G type, G2G type, C2G type that just go for a little;
6.4 some based on the E-Payment clearing form of special-purpose financial communication networks platform, can be summed up as B2B type network payment mode as electronics draft system, SWIFT, CHIPS, CNAPS and financial EDI etc.
7. each electronic insurance of certain insurance company (perhaps its excellent machine) is connected with the machine of distinguishing, the machine of distinguishing pass through medium (can be wired or wireless) with the internet or/and the router of free wireless public network is connected, be built into the insurance network; The insurance business of utilizing electronic console and/or electronics read write line to be carried out on this network is exactly an internet insurance;
Each electronic insurance is all by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each electronic insurance again by the common network interoperability; All electronic insurances can both be guaranteed the security of insurance business and authenticity, reliability and the confidentiality of information; Fundamentally stop some people by swindles such as network implementation insurance businesses;
8. each electronics card Securities (perhaps its excellent machine) of certain card Securities company is connected with the machine of distinguishing, the machine of distinguishing pass through medium (can be wired or wireless) with the internet or/and the router of free wireless public network is connected, be built into and demonstrate,prove the Securities network; The card Securities business of utilizing electronic console and/or electronics read write line to be carried out on this network is exactly network card Securities;
Each electronics card Securities is by distinguishing the interface circuit of machine, with the common network logic isolation; By distinguishing the control function of machine, make between each electronics card Securities again by the common network interoperability; All electronics card Securities can both guarantee to demonstrate,prove authenticity, reliability and the confidentiality of Securities service security and information; Fundamentally stop some people by swindles such as network implementation card Securities business;
The general flow that the user carries out electronics card Securities transaction at the business station of card Securities company, basic identical with the client in the enterprising affair transaction flow of doing business of the business station of certain unit browser; The electronics card Securities payment card Securities expense that is not both in card Securities company;
The user carries out the flow process that network card Securities transaction and network payment are demonstrate,proved the Securities business by common network, and to carry out Network basic identical with client and businessman; Be not both payment card Securities expense or transaction fee in the network card Securities of card Securities company.
9. the remote client of financial unit (containing the machine program of distinguishing), by medium (can be wired or wireless) with the internet or/and after the router of free wireless public network is connected, can login the excellent machine network of financial unit, realize the information interoperability of " high credible "; The common system that forms of these remote clients, excellent machine network and common network visits net exactly;
The excellent machine network of visit net can pass through common network, for remote client is handled remit money, exchange table, queried the balance, demonstrate,proves Securities and invest and provide business such as financial market information; Can also same commercial undertaking, public utilities mechanism, electronic console issuer carry out various clearing; 24 hours various financial services are provided; Realize personalized good service etc.;
The visit net can also adopt following different mode to carry out information processing etc.:
9.1 the method for the granted access that the remote client authentication will realize; Just be meant the visit information on the common network, pass through of authentication and the mandate of the machine of distinguishing of visit net client computer; Promptly the machine of distinguishing of visit net must be equipped with control tabulation or the Control Software to the authentication and the mandate of remote client;
9.2 distinguish the method for the granted access that the identity checking will realize; Just be meant the visit information on the common network, be through authentication and the mandate of client computer to the machine of distinguishing of visit net; Be that remote client must be equipped with control tabulation or the Control Software of the visit net being distinguished the authentication and the mandate of machine;
9.3 the informational needs of remote client just can enter excellent machine network through distinguishing after the information completely inspection or authentication of machine; Confidentiality, integrality or the authenticity of information have been guaranteed; And has an ability of opposing hacker and virus attack network;
9.4 the informational needs of distinguishing machine just can enter remote client through after the information completely inspection or authentication of remote client; Confidentiality, integrality or the authenticity of information have been guaranteed; And has an ability of opposing hacker and virus attack client computer;
9.5 the visit net also provides more high-level service, comprises third party's services such as shopping at network, purchase travelling passenger ticket, tourism admission ticket; The service of network bill payment; The Financial Information service; The content service of the various investment tools relevant etc. with bond and card Securities etc.;
9.6 user or enterprise can also be with multimedia equipments (containing the machine program of distinguishing) such as mobile phone, landline telephone, TV, computing machines, by medium with after the router of common network is connected, can login the excellent machine network of financial unit, realize the information interoperability of " high credible ";
9.7 the common system that forms of the excellent machine network of remote multi-media equipment, financial unit and common network is also referred to as remote access network system of financial unit, also is called for short the visit net; It is the multimedia equipment by the machine of the distinguishing standard program that financial unit is housed, be connected to common network after, can with the excellent machine network of this finance unit, carry out the system of the information interoperability of " high credible ".
10. the input interface circuit that matches each other and the output interface circuit of electronic console lay respectively at the diverse location of electronic console; Generally be the both sides that lay respectively at electronic console; And output plug (perhaps slot) interface circuit, can insert the interface circuit of importing slot (perhaps plug) just; Can directly pass through information interaction, business exchange between them;
10.1 electronic console can contain intelligent coin software; This moment, electronic console can be used as digicash or the use of papery coin; It is also referred to as the digicash device; The digicash device not only contains digicash, and can carry out money exchange; The digicash device can be used as coin, carries out payment for goods payment and uses in market and circulation etc.; The digicash device comes true " transaction is with no paper " and " minimizing cash flow "; It has all functions of papery coin;
10.2 card Securities browser can pass through network payment, utilizes ATM (Automatic Teller Machine), carries out the access of the card Securities expense of papery coin;
10.3 the digicash device can replace papery coin and fiscard; After digicash in the digicash device uses up, can in the digicash device, fill by financial browser or electronics read-write heads and add the electronics coin;
10.4 the digicash in the digicash device reaches after the some, can pass through financial browser or electronics read-write heads, is stored among legal possessor's the account of the bank of deposit of this coin device;
10.5 between the digicash device, can directly accept the digicash payment, need not the mandate of financial unit by conversational mode; Digicash device (electronic console) can carry out work with independent mode or on-line mode:
10.5.1 the digicash device that works alone does not contact with financial browser or electronics read-write heads; Rely on the software independent operating in its storer between two digicash devices; The input interface of certain digicash device directly is connected with the output interface of another digicash device; Each digicash device all has the function of reading, translating all logics of the other side, the legitimacy of energy independence test the other side digicash device and possessor's identity;
10.5.2 the digicash device of on-line working can inject on the plug special (perhaps slot) on financial browser or the electronics read-write heads; The electronics read-write heads can pass through special line, radio, telephone line etc., directly links to each other with the excellent machine network of financial unit; Every financial business is real-time transmitted to banking network by the digicash device and handles, and file can real-time update; The digicash device can also adopt biometric techniques such as finger scan and iris authentication to its possessor's identification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106133653A CN102129650A (en) | 2010-12-29 | 2010-12-29 | Network finance |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106133653A CN102129650A (en) | 2010-12-29 | 2010-12-29 | Network finance |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102129650A true CN102129650A (en) | 2011-07-20 |
Family
ID=44267725
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010106133653A Pending CN102129650A (en) | 2010-12-29 | 2010-12-29 | Network finance |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102129650A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102802080A (en) * | 2012-07-02 | 2012-11-28 | 四川长虹电器股份有限公司 | Method for improving television safety |
CN102968860A (en) * | 2012-12-20 | 2013-03-13 | 广东御和电子科技有限公司 | Cloud ATM system |
US20130097248A1 (en) * | 2011-10-12 | 2013-04-18 | International Business Machines Corporation | Communications security by enforcing offline consumption and auto-termination of electronic messages |
CN103856557A (en) * | 2014-01-15 | 2014-06-11 | 北京奇虎科技有限公司 | Business object processing method and system based on third-party platform |
CN103873558A (en) * | 2014-01-15 | 2014-06-18 | 北京奇虎科技有限公司 | Processing method and system for business object based on third-party platforms |
CN103973660A (en) * | 2013-02-05 | 2014-08-06 | 中国银联股份有限公司 | Safety information interaction equipment and safety information interaction method |
CN104036585A (en) * | 2014-05-28 | 2014-09-10 | 昆山古鳌电子机械有限公司 | Paper processing device and method |
CN105894376A (en) * | 2016-03-07 | 2016-08-24 | 浙江爱贷金融服务外包股份有限公司 | Financial account capital management system and method |
CN108920933A (en) * | 2013-02-14 | 2018-11-30 | 环汇系统有限公司 | System and method for secure display controller |
CN109410543A (en) * | 2018-10-17 | 2019-03-01 | 深圳壹账通智能科技有限公司 | Early warning test control method, device, computer equipment and storage medium |
CN112465503A (en) * | 2020-11-17 | 2021-03-09 | 葛云霞 | Information security protection method based on internet finance and biological recognition and cloud platform |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1289979A (en) * | 1999-09-29 | 2001-04-04 | 城市集团发展中心有限公司 | System and method for providing financial service |
CN1367913A (en) * | 1999-03-30 | 2002-09-04 | 马克·拉塞尔·阿蒂 | Method of conducting financial transactions |
CN1437144A (en) * | 1999-10-04 | 2003-08-20 | 币给特有限公社 | Method and system of electronic business |
US20040010462A1 (en) * | 2002-07-15 | 2004-01-15 | Susan Moon | Method and system for a multi-purpose transactional platform |
CN1534528A (en) * | 2003-03-31 | 2004-10-06 | 郭景坤 | Commercial affairs finance comprehensive system |
CN101615318A (en) * | 2009-05-11 | 2009-12-30 | 刘文祥 | E-payment system and device thereof |
-
2010
- 2010-12-29 CN CN2010106133653A patent/CN102129650A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1367913A (en) * | 1999-03-30 | 2002-09-04 | 马克·拉塞尔·阿蒂 | Method of conducting financial transactions |
CN1289979A (en) * | 1999-09-29 | 2001-04-04 | 城市集团发展中心有限公司 | System and method for providing financial service |
CN1437144A (en) * | 1999-10-04 | 2003-08-20 | 币给特有限公社 | Method and system of electronic business |
US20040010462A1 (en) * | 2002-07-15 | 2004-01-15 | Susan Moon | Method and system for a multi-purpose transactional platform |
CN1534528A (en) * | 2003-03-31 | 2004-10-06 | 郭景坤 | Commercial affairs finance comprehensive system |
CN101615318A (en) * | 2009-05-11 | 2009-12-30 | 刘文祥 | E-payment system and device thereof |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130097248A1 (en) * | 2011-10-12 | 2013-04-18 | International Business Machines Corporation | Communications security by enforcing offline consumption and auto-termination of electronic messages |
US8650256B2 (en) * | 2011-10-12 | 2014-02-11 | International Business Machines Corporation | Communications security by enforcing offline consumption and auto-termination of electronic messages |
CN102802080A (en) * | 2012-07-02 | 2012-11-28 | 四川长虹电器股份有限公司 | Method for improving television safety |
CN102968860A (en) * | 2012-12-20 | 2013-03-13 | 广东御和电子科技有限公司 | Cloud ATM system |
CN102968860B (en) * | 2012-12-20 | 2014-11-19 | 广东御和电子科技有限公司 | Cloud ATM system |
CN103973660B (en) * | 2013-02-05 | 2018-03-23 | 中国银联股份有限公司 | Security information exchange device and method |
CN103973660A (en) * | 2013-02-05 | 2014-08-06 | 中国银联股份有限公司 | Safety information interaction equipment and safety information interaction method |
USRE49614E1 (en) | 2013-02-14 | 2023-08-15 | Stripe, Inc. | System and method for a secure display module |
USRE48707E1 (en) | 2013-02-14 | 2021-08-24 | BBPOS Limited | System and method for a secure display module |
CN108920933B (en) * | 2013-02-14 | 2020-10-16 | 环汇系统有限公司 | System and method for secure display module |
CN108920933A (en) * | 2013-02-14 | 2018-11-30 | 环汇系统有限公司 | System and method for secure display controller |
CN103873558A (en) * | 2014-01-15 | 2014-06-18 | 北京奇虎科技有限公司 | Processing method and system for business object based on third-party platforms |
CN103873558B (en) * | 2014-01-15 | 2016-10-12 | 北京奇虎科技有限公司 | The processing method of a kind of business object based on third-party platform and system |
CN103856557B (en) * | 2014-01-15 | 2016-10-12 | 北京奇虎科技有限公司 | The processing method of a kind of business object based on third-party platform and system |
CN103856557A (en) * | 2014-01-15 | 2014-06-11 | 北京奇虎科技有限公司 | Business object processing method and system based on third-party platform |
CN104036585A (en) * | 2014-05-28 | 2014-09-10 | 昆山古鳌电子机械有限公司 | Paper processing device and method |
CN105894376A (en) * | 2016-03-07 | 2016-08-24 | 浙江爱贷金融服务外包股份有限公司 | Financial account capital management system and method |
CN109410543A (en) * | 2018-10-17 | 2019-03-01 | 深圳壹账通智能科技有限公司 | Early warning test control method, device, computer equipment and storage medium |
CN109410543B (en) * | 2018-10-17 | 2022-09-09 | 深圳壹账通智能科技有限公司 | Early warning test control method and device, computer equipment and storage medium |
CN112465503A (en) * | 2020-11-17 | 2021-03-09 | 葛云霞 | Information security protection method based on internet finance and biological recognition and cloud platform |
CN112465503B (en) * | 2020-11-17 | 2021-10-29 | 深圳市快付通金融网络科技服务有限公司 | Information security protection method based on internet finance and biological recognition and cloud platform |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102129650A (en) | Network finance | |
Masihuddin et al. | A survey on e-payment systems: elements, adoption, architecture, challenges and security concepts | |
KR102103931B1 (en) | Method and system for managing payment and document computing using identifiable tags and artificial intelligence | |
AU2010295188B2 (en) | Asset storage and transfer system for electronic purses | |
US5884274A (en) | System and method for generating and executing insurance policies for foreign exchange losses | |
US11580595B2 (en) | System and method for virtual currency remittance | |
US20160217437A1 (en) | Method for generating intangible bit money managed as data and system for providing services relevant to same | |
CN107067251A (en) | It is traded using the electronic equipment with geographically limited non-local authority | |
CN106464492A (en) | Network token system | |
CN103081411A (en) | Network service | |
CN101388095A (en) | Method and apparatus for performing delegated transactions | |
JP2010522933A (en) | Payment system and payment method using IC identification card | |
CN105989466A (en) | Method of payment with mobile phone | |
CN109716373A (en) | Cipher authentication and tokenized transaction | |
CN103077454A (en) | Synchronous payment system | |
CN107240010B (en) | Method and system for transferring digital currency to digital currency chip card | |
CN101615318A (en) | E-payment system and device thereof | |
CN101577656B (en) | The control replacing integrated circuit card shows device and network system | |
KR20200037490A (en) | Operation method and operation system using digital money | |
CN107230076B (en) | Method and system for online payment of digital currency | |
CN102129653A (en) | Electronic commerce auditing method based on auditing logic unit | |
AU2007201826A1 (en) | Integrating the internet system of mediation of financial loans, purchase of goods and providing services | |
CN106203973A (en) | Based on across the payment system of fund server and method of payment, device and server | |
CN106204005A (en) | Based on across the payment system of fund server and method of payment, device and server | |
CN107230074B (en) | Method and system for depositing digital currency into digital currency chip card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110720 |