Acta academica karviniensia 2013, 13(4):146-152 | DOI: 10.25142/aak.2013.071

Využití QR kódu pro zajištění nepopíratelnosti a ověřování transakcí

Jakub Nantl
Silesian University in Opava, School of Business Administration in Karvina, Univerzitní nám. 1934/3, 733 40 Karviná, Email: jakub.nantl@forever.cz

The state-of-the-art methods for securing e-commerce transactions resistant even to compromised client workstation are based on using independent security devices or separate communication channels. These systems either do not support non-repudiation and/or are expensive and thus suitable only for special cases, where such additional costs are justified. In this article a new cheaper transaction verification method, which supports non-repudiation, is described. A cell phone or tablet communicating with the client workstation using qr-codes is used as an independent security device. There are no additional costs for service providers except for initial SW implementation. The proposed method brings better transaction verification to the areas where the usage of current methods is uneconomical.

Klíčová slova: bar-code, e-commerce, man in the browser, man in the middle, non-repudiation, qr-code, transaction verification
JEL classification: L86

Vloženo: 2. říjen 2012; Přijato: 11. září 2013; Zveřejněno: 30. prosinec 2013  Zobrazit citaci

ACS AIP APA ASA Harvard Chicago Chicago Notes IEEE ISO690 MLA NLM Turabian Vancouver
Nantl J. Využití QR kódu pro zajištění nepopíratelnosti a ověřování transakcí. Acta academica karviniensia. 2013;13(4):146-152. doi: 10.25142/aak.2013.071.
Sdílet...
Stáhnout citaci
  • BibTeX (.bib)
  • Bookends (.ris)
  • EasyBib (.ris)
  • EndNote (.enw)
  • EndNote 8 (.xml)
  • ISI WoS (.isi)
  • Medlars (.medlars)
  • Mendeley (.ris)
  • MODS (.xml)
  • Papers (.ris)
  • RefWorks (.txt)
  • RefManager (.ris)
  • RIS (.ris)
  • MS Word (.xml)
  • Zotero (.ris)
    • Zobrazit celý článek

    Reference

    1. STARNBERGER, G., L. FROIHOFER and K. M. GOESCHKA, 2009. QR-TAN: Secure mobile transaction authentication. International Conference on Availability, Reliability and Security. ARES '09, 578-583 Přejít k původnímu zdroji...
    2. ZETTER, K, 2010. Google hack attack was ultra sophisticated, new details show.[Online] Wired Magazine. [cit. 19th September 2012]. Accessible from: http://www.wired.com/threatlevel/2010/01/operation-aurora
    3. LANGNER, R, 2011. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy 9 (3), 49-51. Přejít k původnímu zdroji...
    4. FARWELL, J. P. and R. ROHOZINSKI, 2011. Stuxnet and the Future of Cyber War, Survival, 53(1), 23-40. Přejít k původnímu zdroji...
    5. PEREZ, D. and J. PICO, 2011. A practical attack against GPRS/EDGE/UMTS/HSPA mobile data communications. [Online] Black Hat DC. [cit. 19th September 2012] Accessible from: https://media.blackhat.com/bh-dc-11/Perez-Pico/BlackHat_DC_2011_Perez-Pico_Mobile_Attacks-wp.pdf
    6. FIELDING, R., J. GETTYS, J. MOGUL, H. FRYSTYK, L. MASINTER, P. LEACH and T. BERNERS-LEE, 1999. RFC 2616: Hypertext Transfer Protocol-HTTP/1.1. IETF. [Online] [cit. 19th September 2012] Accessible from: http://www.ietf.org/rfc/rfc2616.txt Přejít k původnímu zdroji...
    7. RESCORLA, E, 2000. RFC 2818: HTTP Over TLS. IETF. [Online] [cit. 19 September 2012] Accessible from: http://www.ietf.org/rfc/rfc2818.txt
    8. DIERKS, T. and E. RESCORLA, 1999. RFC 2246 The Transport Layer Security (TLS) Protocol Version 1. IETF. [Online] [cit. 19th September 2012] Accessible from: http://www.ietf.org/rfc/rfc2246.txt

    Zpět na obsah