Do An Tot Nghiep Nghien Cuu Van de Bao Mat Trong Ung Dung Online Payment 179

B CNG THNG
TRNG I HC CNG NGHIP TP.HCM

KHOA CNG NGH THNG TIN
N TT NGHIP
NGHIN CU VN BO MT
TRONG XY DNG NG DNG
ECOMMERCE (ONLINE PAYMENT)
Ging Vin Hng Dn

Sinh vin thc hin
Lp
Khoa
: V TH THANH VN
: NGUYN CNH CHN
: DHTH3LT
: CNG NGH THNG TIN
TP. H Ch Minh, thng 04 nm 2009
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
LI M U
Cng vi s ln mnh ca Internet, vic mua bn hng ha v dch v thng qua
Internet xut hin, chnh l Thng mi in t.
Tuy mi xut hin v ch chim mt t trng nh trong thng mi song thng
mi in t mang li nhng li ch to ln cho doanh nghip, chnh ph, ngi tiu
dng v x hi. Thng mi in t vt ra khi lnh vc thng mi, ngy cng
tc ng n cc lnh vc khc v ha hn mang li nhng thay i to ln v su sc
mi mt i sng x hi loi ngi. Thng mi in t ngy cng c s quan tm
ca chnh ph, doanh nghip v ngi tiu dng v ang tr thnh mt cng c hu
hiu trong qu trnh ton cu ho v trong xy dng nn kinh t s. Tht kh m hnh
dung ra x hi tng lai nu khng c thng mi in t.
Bn cnh , thng mi in t cng t ra nhiu vn cn phi gii quyt
khai thc cc li ch ca thng mi in t nh vn an ton, an ninh cho cc giao
dch trn mng, cc vn v bo v b mt, tnh ring t, c s h tng, cc vn v
nhn lc, chuyn i m hnh kinh doanh, cc vn v qun l, thay i tp qun,
thi quen trong kinh doanh Trong vn an ton, an ninh cho cc giao dch trn
mng v cc vn v bo v tnh ring t, gi chung l cc vn bo mt trong
thng mi in t c ngha sng cn i vi vic pht trin ca thng mi in
t.
n Nghin cu cc vn bo mt trong xy dng ng dng thng mi in
t v thanh ton trc tuyn s gip tm hiu r thm cc vn bo mt v cch
xy dng mt ng dng thng mi in t an ton, m bo li ch ca doanh nghip
v khch hng.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
LI CM N
Sau hn bn thng tm hiu v thc hin n tt nghip Nghin cu cc vn
bo mt trong xy dng ng dng ecommerce(online payment) , n nay n c
bn c hon thnh. Ngoi s c gng ca bn thn, em nhn c s gip ,
ng vin khuyn khch t gia nh, thy c v bn b.
Em xin chn thnh cm n n thy c khoa cng ngh thng tin trng i hc
cng nghip TP.HCM tn tnh ging dy, truyn t nhng kin thc qu bu cho
chng em trong sut thi gian qua. c bit em xin gi li cm n su sc n gio
vin hng dn ca em tn tnh gip em hon thnh n ny.
n hon thnh vi nhng kt qu nht nh, tuy nhin khng trnh khi
nhng thiu st. Knh mong s cm thng v ng gp t cc thy c.
TP. HCM, 4/2009

Nguyn Cnh Chn
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
NHN XT
(Ca ging vin hng dn)
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
NHN XT
(Ca ging vin phn bin)
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
........................................................................................................................................................................
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
MC LC
LI M U......................................................................................................3
LI CM N......................................................................................................4
NHN XT........................................................................................................5
.......................................................................................................................5
NHN XT........................................................................................................6
MC LC..........................................................................................................7
DANH MC CC BNG S HNH..................................................................10
DANH MC CC CM T VIT TT....................................................................12
CHNG 1. GII THIU ...................................................................................14
1.1. Thng mi in t v thanh ton in t .....................................................14

1.1.1. Thng mi in t.....................................................................................14
1.1.2. Thanh ton trong thng mi in t..........................................................19
1.2. Mc tiu..............................................................................................................23
1.3. Phm vi thc hin..............................................................................................23
CHNG 2. C S L THUYT...........................................................................25
2.1. Cc thut ton v k thut m ha s dng trong thanh ton in t v

thng mi in...........................................................................................................25
2.1.1. Secure Socket Layer (SSL)...........................................................................25
2.1.2. Hm bm (Cryptographic hash function)....................................................29
2.1.3. M ha i xng (Symmetric Encryption)...................................................33
2.1.4. M ha kha cng khai...............................................................................37
2.1.5. Ch k s (Digital Signature)......................................................................39
2.1.6. RSA..............................................................................................................42
2.1.7. H tng kha cng khai (Public key Infrastructure)....................................44
2.1.8. SET (Secure Electronic Transaction)..........................................................51
2.2. Bo mt Web......................................................................................................55
2.2.1. Hypertext Transfer Protocol........................................................................55
2.2.2. Bo mt Web Server....................................................................................60
2.2.3. Bo mt ng dng Web................................................................................69
2.2.4. Bo mt Web Client.....................................................................................73
2.3. Cng thanh ton in t....................................................................................77
2.3.1. Cng thanh ton in t (Payment Gateways) ...........................................77
2.3.2. Hot ng ca cng thanh ton in t ......................................................78
2.3.3. Bo mt trong h thng cng thanh ton in t.........................................80
2.4. Authorize.net......................................................................................................82
2.4.1. Gii thiu ....................................................................................................82
2.4.2. Hai phng thc tch hp thanh ton in t qua Authorize.net.................82
CHNG 3.
3.1.
PHN TCH H THNG....................................................................84
Yu cu h .........................................................................................................84
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
3.2. Ngn ng v cc k thut..................................................................................84

3.2.1. Ngn ng lp trnh v cng c pht trin....................................................84
3.2.2. H qun tr c s d liu.............................................................................84
3.2.3. Cc k thut v cng ngh...........................................................................84
3.3. Cc cng vic cn gii quyt.............................................................................85
3.4. Cc m hnh.......................................................................................................86
3.4.1. ERD.............................................................................................................86
3.4.2. M hnh Use Case.......................................................................................87
3.4.3. M hnh hot ng (Activity).......................................................................89
3.4.4. M hnh lp ( Class)....................................................................................93
CHNG 4.
HIN THC....................................................................................95
4.1. Bo mt thng tin..............................................................................................95

4.1.1. Bo mt thng tin trn URL.........................................................................95
4.1.2. Bo mt thng tin thit lp trong web.config...............................................95
4.1.3. Bo mt thng tin th tn dng.....................................................................95
4.1.4. Bo mt cc thit lp quan trng.................................................................96
4.1.5. S dng SSL.................................................................................................96
4.2. S trang Web ...............................................................................................97
4.2.1. Phn cho khch hng..................................................................................97
4.2.2. Phn cho ngi qun tr............................................................................100
4.3. Mt s mn hnh..............................................................................................103
4.3.1. Trang ch..................................................................................................103
4.3.2. Trang ng k............................................................................................103
4.3.3. Trang nhm sn phm...............................................................................104
4.3.4. Trang cp nht gi hng............................................................................104
4.3.5. Trang nhp thng tin chuyn hng............................................................105
4.3.6. Trang nhp thng tin ha n...................................................................105
4.3.7. Trang nhp thng tin th tn dng.............................................................106
4.3.8. Xc nhn mua hng...................................................................................106
4.3.9. Trang qun l sn phm............................................................................107
4.3.10. Trang qun l nhm sn phm................................................................107
4.3.11. Trang qun l ha n.............................................................................108
4.3.12. Trang qun l nhn vin..........................................................................108
4.3.13. Trang qun l nhm v quyn nhn vin.................................................108
4.3.14. Trang qun l thit lp h thng..............................................................109
CHNG 5.
5.1.
5.2.
NHN XT NH GI V HNG PHT TRIN................................110
Nhn xt nh gi............................................................................................110
Hng pht trin.............................................................................................111
PH LC.......................................................................................................112
1.1. Thit lp chng ch SSL ca Verisign............................................................112

1.1.1. Cc bc thc hin....................................................................................112
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
1.1.2. Chun b....................................................................................................112

1.1.3. Thc hin...................................................................................................112
1.2. Hm bm v m ha i ................................................................................137
DANH MC TI LIU THAM KHO...................................................................138
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
DANH MC CC BNG S HNH
HNH 2.1 THIT LP MT PHIN SSL..................................................................26

HNH 2.2 V D HM BM..................................................................................29
HNH 2.3 QU TRNH M HA I XNG............................................................34
HNH 2.4 SINH KHA CNG KHAI.......................................................................37
HNH 2.5 M HA V GII M BNG M HA KHA CNG KHAI...........................38
HNH 2.6 TO V XC THC CH K S.............................................................39
HNH 2.7 TO CH K S..................................................................................40
HNH 2.8 THM NH CH K S.......................................................................40
HNH 2.9 TO CHNG CH S.............................................................................46
HNH 2.10 CU TRC CHNG CH S X.509.........................................................48
HNH 2.11 CC THNH PHN CA PKI................................................................49
HNH 2.12 M HNH CA NHIU CP....................................................................50
HNH 2.13 CHNG THC CHO...........................................................................51
HNH 2.14 CC THNH PHN THAM GIA SET.......................................................53
HNH 2.15 CH K SONG SONG..........................................................................54
HNH 2.16 V D HTTP HEADER CA VIETNAMNET.VN.........................................56
HNH 2.17 THNG TIN MY CH TRONG HTTP HEADER........................................56
HNH 2.18 V D REFERER TRONG HTTP HEADER................................................57
HNH 2.19 PROXY CACHE...................................................................................58
HNH 2.20 THIT LP TNG LA BO V MY CH WEB....................................69
HNH 2.21 QU TRNH X L YU CU CA CGI...................................................70
HNH 2.22 THIT LP TNG LA BO V MY CH C S D LIU.....................73
HNH 2.23 GI MO WEB...................................................................................74
HNH 2.24 S DNG MY CH PROXY TIN CY LT WEB N DANH................76
HNH 2.25 HOT NG CA CNG THANH TON IN T....................................78
HNH 3.26 M HNH ERD...................................................................................86
11
HNH 3.27 M HNH USE CASE PHN KHCH HNG.............................................87
HNH 3.28 M HNH USE CASE PHN QUN TR...................................................88
HNH 3.29 M HNH HOT NG QU TRNH NG K THNH VIN MI..............89
HNH 3.30 M HNH HOT NG QU TRNH NG NHP...................................90
HNH 3.31 M HNH HOT NG QU TRNH THM SN PHM VO GI HNG.....91
HNH 3.32 M HNH HOT NG QU TRNH MUA HNG.....................................92
HNH 3.33 M HNH LP TNG NGHIP V.........................................................93
HNH 3.34 M HNH LP X L THANH TON.....................................................94
HNH 4.35 BO MT THNG TIN TRN URL.........................................................95
HNH 4.36 THNG TIN KT NI VO CSDL TRONG WEB.CONFIG CHA C M
HA ................................................................................................................95
HNH 4.37 THNG TIN KT NI VO CSDL TRONG WEB.CONFIG C M HA95
HNH 4.38 M HA CC THIT LP QUAN TRNG TRONG C S D LIU..............96
HNH 4.39 MN HNH TRANG CH....................................................................103
HNH 4.40 MN HNH TRANG NG K KHCH HNG........................................103
HNH 4.41 MN HNH TRANG NHM SN PHM................................................104
HNH 4.42 MN HNH TRANG CP NHT GI HNG............................................104
HNH 4.43 MN HNH TRANG THNG TIN CHUYN HNG...................................105
HNH 4.44 MN HNH TRANG THNG TIN HA N...........................................105
HNH 4.45 MN HNH TRANG THNG TIN TH TN DNG....................................106
HNH 4.46 MN HNH XC NHN MUA HNG.....................................................106
HNH 4.47 MN HNH TRANG QUN L SN PHM.............................................107
HNH 4.48 MN HNH TRANG QUN L NHM SN PHM..................................107
HNH 4.49 MN HNH TRANG QUN L HA N..............................................108
HNH 4.50 MN HNH TRANG QUN L NHN VIN............................................108
HNH 4.51 MN HNH TRANG QUN L NHM NHN VIN..................................108
HNH 4.52 MN HNH TRANG CU HNH H THNG...........................................109
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
12
DANH MC CC CM T VIT TT
UNCITRAL : United Nations Commission On International Trade Law

WTO
: World Trade Organization
B2B
: Business To Business
B2C
: Business to Customers
B2G
: Business to Government
C2C
:Customers to Customers
G2C
: Customers to Government
SSL
: Secure Sockets Layer
ID
: Identification
PIN
: Personal Identificate Number
BIN
: Bank Identificate Number
IETF
: Internet Engineering Task Force
TLS
: Transport Layer Security
HTTP
: Hyper Text Transport Protocol
IMAP
: Internet Messaging Access Protocol
FTP
: File Transport Protocol
MIT
: Massachusetts Institute of Technology
DES
: Data Encryption Standard
DSA
: Digital Signature Algorithm
KEA
: Key Exchange Algorithm
MD5
: Message Digest algorithm 5
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
13
SHA-1
: Secure Hash Algorithm
NIST
: National Institute of Standards and Technology
PGP
: Pretty Good Privacy
GPG
: GNU Privacy Guard
FIPS
: Federal Information Processing Standard
NSA
: National Security Agency
AES
: Advanced Encryption Standard
PKI
: Public key infrastructure
CA
: Certificate Authority
URL
: Uniform Resource Locator
IP
: Internet Protocol
ITU
:International Telecommunication Union
SET
: Secure Electronic Transaction
LAN
: Local Area Network
CGI
: Common Gateway Interface
CSC
: Card Security Code
CVV
: Card Verification Value
CVC
: Card Verification Code
AVS
: Address Verification System
CSDL
: C s d liu
TMT
: Thng mi in t
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
14
CHNG 1.GII THIU
1.1. Thng mi in t v thanh ton in t
1.1.1.
Thng mi in t
1.1.1.1. Khi nim

Hin nay c nhiu quan im khc nhau v thng mi in t nhng tu trung
li c hai quan im ln trn th gii xin c nu ra di y. Thng mi in t
theo ngha rng c nh ngha trong Lut mu v Thng mi in t ca y ban
Lin Hp quc v Lut Thng mi Quc t (UNCITRAL): Thut ng thng mi
cn c din gii theo ngha rng bao qut cc vn pht sinh t mi quan h
mang tnh cht thng mi d c hay khng c hp ng. Cc quan h mang tnh
thng mi bao gm cc giao dch sau y: Bt c giao dch no v thng mi no v
cung cp hoc trao i hng ha hoc dch v; tha thun phn phi; i din hoc i
l thng mi, y thc hoa hng; cho thu di hn; xy dng cc cng trnh; t vn; k
thut cng trnh; u t; cp vn; ngn hng; bo him; tha thun khai thc hoc t
nhng; lin doanh cc hnh thc khc v hp tc cng nghip hoc kinh doanh;
chuyn ch hng ha hay hnh khch bng ng bin, ng khng, ng st hoc
ng b. Nh vy, c th thy rng phm vi ca Thng mi in t rt rng, bao
qut hu ht cc lnh vc hot ng kinh t, vic mua bn hng ha v dch v ch l
mt trong hng ngn lnh vc p dng ca thng mi in t.
y ban Chu u a ra nh ngha v thng mi in t nh sau: Thng mi
in t c hiu l vic thc hin hot ng kinh doanh qua cc phng tin in t.
N da trn vic x l v truyn d liu in t di dng text, m thanh v hnh nh.
Thng mi in t gm nhiu hnh vi trong hot ng mua bn hng ha v dch
v qua phng tin in t, giao nhn cc ni dung k thut s trn mng, chuyn tin
in t, mua bn c phiu in t, vn n in t, u gi thng mi, hp tc thit
k, ti nguyn mng, mua sm cng cng, tip th trc tip ti ngi tiu dng v cc
dch v sau bn hng. Thng mi in t c thc hin i vi c thng mi hng
ha (v d nh hng tiu dng, cc thit b y t chuyn dng) v thng mi dch v (v
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
15
d nh dch v cung cp thng tin, dch v php l, ti chnh); cc hot ng truyn
thng (nh chm sc sc khe, gio dc ) v cc hot ng mi (v d nh siu th o).
Tm li, theo ngha rng th thng mi in t c th c hiu l cc giao dch
ti chnh v thng mi bng phng tin in t nh: trao i d liu in t; chuyn
tin in t v cc hot ng gi rt tin bng th tn dng.
Thng mi in t theo ngha hp bao gm cc hot ng thng mi c thc
hin thng qua mng Internet. Cc t chc nh: T chc Thng mi th gii (WTO),
T chc Hp tc pht trin kinh t a ra cc khi nim v thng mi in t theo
hng ny. Thng mi in t c ni n y l hnh thc mua bn hng ha
c by ti cc trang Web trn Internet vi phng thc thanh ton bng th tn dng.
C th ni rng thng mi in t ang tr thnh mt cuc cch mng lm thay i
cch thc mua sm ca con ngi.
Theo T chc Thng mi Th gii: Thng mi in t bao gm vic sn xut,
qung co, bn hng v phn phi sn phm c mua bn v thanh ton trn mng
Internet, nhng c giao nhn mt cch hu hnh c cc sn phm c giao nhn
cng nh nhng thng tin s ha thng qua mng Internet.
Khi nim v Thng mi in t do T chc hp tc pht trin kinh t ca Lin
Hp quc a ra l: Thng mi in t c nh ngha s b l cc giao dch thng
mi da trn truyn d liu qua cc mng truyn thng nh Internet.
Theo cc khi nim trn, chng ta c th hiu c rng theo ngha hp thng mi
in t ch bao gm nhng hot ng thng mi c thc hin thng qua mng
Internet m khng tnh n cc phng tin in t khc nh in thoi, fax, telex...
Qua nghin cu cc khi nim v thng mi in t nh trn, hiu theo ngha rng
th hot ng thng mi c thc hin thng qua cc phng tin thng tin lin lc
tn ti hng chc nm nay v t ti doanh s hng t la M mi ngy. Theo
ngha hp th thng mi in t ch mi tn ti c vi nm nay nhng t c
nhng kt qu rt ng quan tm, thng mi in t ch gm cc hot ng thng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
16
mi c tin hng trn mng my tnh m nh Internet. Trn thc t, chnh cc hot
ng thng mi thng qua mng Internet lm pht sinh thut ng thng mi in
t.
1.1.1.2. Cc c trng ca thng mi in t
xy dng khung php lut thng nht cho thng mi in t, chng ta cn
nghin cu v tm ra cc c trng ca thng mi in t. So vi cc hot ng
thng mi truyn thng, thng mi in t c mt s im khc bit c bn sau:
1.
Cc bn tin hnh giao dch trong thng mi in

t khng tip xc trc tip vi nhau v khng i hi phi bit nhau t trc.
2.
Cc giao dch thng mi truyn thng c thc

hin vi s tn ti ca khi nim bin gii quc gia, cn thng mi in t
c thc hin trong mt th trng khng c bin gii (th trng thng nht
ton cu). Thng mi in t trc tip tc ng ti mi trng cnh tranh ton
cu.
3.
Trong hot ng giao dch thng mi in t u

c s tham ra ca t nht ba ch th, trong c mt bn khng th thiu c
l ngi cung cp dch v mng, cc c quan chng thc.
4.
i vi thng mi truyn thng th mng li

thng tin ch l phng tin trao i d liu, cn i vi thng mi in t
th mng li thng tin chnh l th trng
1.1.1.3. Nhng li ch ca thng mi in t

5.
Thng mi in t gip cho cc doanh nghip nm

c thng tin phong ph v th trng v i tc
6.
Thng mi in t gip gim chi ph sn xut
7.
Thng mi in t gip gim chi ph bn hng v

tip th.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
17
8.
Thng mi in t qua Internet gip ngi tiu

dng v cc doanh nghip gim ng k thi gian v ch ph giao dch.
9.
Thng mi in t to iu kin cho vic thit lp

v cng c mi quan h gia cc thnh phn tham gia vo qu trnh thng mi.
10.
To iu kin sm tip cn nn kinh t s ho.
1.1.1.4. Mt s loi hnh ng dng trong thng mi in t

11.
B2B (Business To Business): Thng mi in t
B2B c nh ngha n gin l thng mi in t gia cc cng ty. y l

loi hnh thng mi in t gn vi mi quan h gia cc cng ty vi nhau
12.
B2C (Business to Customers): Thng mi in t
B2C l vic mt doanh nghip da trn mng internet trao i cc hang ha

dch v do mnh to ra hoc do mnh phn phi.
13.
B2G (Business to Government): Thng mi in
t gia doanh nghip vi chnh ph (B2G) c nh ngha chung l thng

mi gia cng ty v khi hnh chnh cng. N bao hm vic s dng Internet
cho mua bn cng, th tc cp php v cc hot ng khc lin quan ti chnh
ph. Hnh thi ny ca thng mi in t c hai c tnh: th nht, khu vc
hnh chnh cng c vai tr dn u trong vic.
14.
C2C (Customers to Customers): Thng mi in
t khch hng ti khch hng C2C n gin l thng mi gia cc c nhn v

ngi tiu dng.
15.
G2C (Customers to Government): Thng mi in
t c quan nh nc vi c nhn ch yu l nhng giao dch mang tnh hnh

chnh, nhng c th mang nhng yu t ca thng mi in t.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
18
1.1.1.5. Cc bc c bn ca mt giao dch mua bn trn mng
16.
Khch hng, t mt my tnh ti mt ni no ,
in nhng thng tin thanh ton v i ch lin h vo n t hng (Order

Form) ca website bn hng (cn gi l website thng mi in t). Doanh
nghip nhn c yu cu mua hng ho hay dch v ca khch hng v phn
hi xc nhn tm tt li nhng thng tin cn thit nh mt hng chn, a ch
giao nhn v s phiu t hng...
17.
Khch hng kim tra li cc thng tin v kch
(click) vo nt (button) "t hng", t bn phm hay chut (mouse) ca my

tnh, gi thng tin tr v cho doanh nghip.
18.
Doanh nghip nhn v lu tr thng tin t hng
ng thi chuyn tip thng tin thanh ton (s th tn dng, ngy o hn, ch
th ...) c m ho n my ch (Server, thit b x l d liu) ca Trung
tm cung cp dch v x l th trn mng Internet. Vi qu trnh m ha cc
thng tin thanh ton ca khch hng c bo mt an ton nhm chng gian ln
trong cc giao dch (chng hn doanh nghip s khng bit c thng tin v th
tn dng ca khch hng).
19.
Khi Trung tm X l th tn dng nhn c thng
tin thanh ton, s gii m thng tin v x l giao dch ng sau bc tng la
(FireWall) v tch ri mng Internet (off the Internet), nhm mc ch bo mt
tuyt i cho cc giao dch thng mi, nh dng li giao dch v chuyn tip
thng tin thanh ton n ngn hng ca doanh nghip (Acquirer) theo mt
ng dy thu bao ring (mt ng truyn s liu ring bit).
20.
Ngn hng ca doanh nghip gi thng ip in t
yu cu thanh ton (authorization request) n ngn hng hoc cng ty cung cp

th tn dng ca khch hng (Issuer). V t chc ti chnh ny s phn hi l
ng hoc t chi thanh ton n trung tm x l th tn dng trn mng
Internet.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
19
21.
Trung tm x l th tn dng trn Internet s tip
tc chuyn tip nhng thng tin phn hi trn n doanh nghip, v ty theo
doanh nghip thng bo cho khch hng c r l n t hng s c thc
hin hay khng.
22.
Ton b thi gian thc hin mt giao dch qua
mng t bc 1 -> bc 6 c x l trong khong 15 - 20 giy.

1.1.2.
Thanh ton trong thng mi in t
1.1.2.1. Th tn dng
Th tn dng c x l in t hng thp k nay. Chng c s dng u tin
trong cc nh hng v khch sn sau l cc ca hng bch ho v cch s dng n
c gii thiu trn cc chng trnh qung co trn truyn hnh t 20 nm nay. C
mt ngnh cng nghip ln ang tn ti trong lnh vc x l cc giao dch th tn dng
trc tuyn vi cc cng ty nh First Data Corp., Total System Corp., v National Data
Corp., chi tit ho cc giao dch pha sau mi quan h gia nh bng, ngi bn hng
v ngi s dng th tn dng. Hng triu cc ca hng bch ho trn ton nc M
c trang b cc trm u cui (Hewlett-Package Verifone l nh sn xut hng u
ca thit b ny) thng qua th tn dng c kim tra, nhp s th v bin lai c
in ra. Ngi s dng k vo bin lai ny xc thc vic mua hng.
Trc khi nhn s th tn dng ca ngi mua qua Internet bn cn c mt chng
nhn ngi bn. Nu bn hot ng kinh doanh th n gin l yu cu nh bng ca
bn cung cp chng nhn ny. Nu bn cha c bt c ci g th bn c th thc hin
vic ny nhanh chng ti mt nh bng no hoc truy nhp vo mt WEB site c
cc mu ng k trc tuyn.
S dng th tn dng trc tuyn ngy hm nay, tuy nhin, ging nh vic s dng
chng vi mt "operating standing by". S th v chi tit ca giao dch c lu li v
x l, nhng khng c s xut hin ca ngi mua v khi c mt v thanh ton b l
th n vn c lu li trn h thng. Bi l do ny cc chi ph x l th tn dng trc
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
20
tuyn nhiu ngang bng vi chi ph x l mt giao dch ch khng ngang bng vi
mt mc ph nh in thoi v thng thng l vo khong 50 xen. (Cc giao dch
c x l thng qua cc trm u cui c hp ng ch mt khong t 3 n 5
xen).
Ngoi cc khon trn, ph c gim nh vic s dng cc dch v ca Visa v
MasterCard, l cc t hp ca cc nh bng, hoc American Express Co. v Discover
l cc cng ty ring r x l v qun l cc giao dch th tn dng. iu c ngha l
bn s phi tr t 2 n 3 xen cho mt la khi s dng Visa hay MasterCard, v t
hn mt cht vi Discover, i vi American Express ph ny vo khong 5 xen cho
mt la. Cc tho c gia cc cng ty cung cp th v cc ch doanh nghip gip
cho khch hng khng phi tr cc chi ph ny. Vic chit khu cng khc gia ngi
s dng ti trm u cui ni m th tn dng tn ti mt cch vt l, v mi trng
WEB ni m th khng hin din. Trong qu trnh chuyn i chit khu ngi bn
c m bo thanh ton. Ngi mua c m bo v vic s nhn c hng ho v
mt s m bo c gii hn khc chng li vic b la hoc mt th. (Bo him th
c bn bi cc nh bng pht hnh th v cc ri ro s c thanh ton).
Ca hng trn web ca bn cn phn mm no c th x l th tn dng? mc
n gin nht, bn phi c sn mt s biu mu c kh nng m ho bo mt, thng
thng l Sercure Socket Layer (SSL), mt tiu chun i vi c cc trnh duyt ca
Microsoft v Netscape, v iu cng c ngha l my ch ca bn phi c mt kho
m ho. Tip theo bn phi c mt chng trnh ng vai tr l mt gi mua hng, cho
php ngi s dng thu thp cc mt hng cn mua, tnh gi v thu sau a ra mt
ho n cui cng ph chun. Cui cng nu nh bn khng mun x l cc tp
giao dch bng tay hoc x l mt gi cc tp th bn phi cn mt c ch giao dch
in t.
1.1.2.2. nh danh hay ID s ho (Digital identificator)
Cc kho m bo mt trn my ch, c bit n nh l cc ID s ho, c cung
cp bi mt s cc c quan chng nhn thm quyn, l ni cp php v bo dng cc
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
21
bn ghi din bin trn cc ID s ho ny. T chc chng thc thm quyn ln nht
c iu hnh bi VeriSign Inc., mt cng ty c thnh lp vo nm 1995 chuyn v
lnh vc qun l cc chng nhn s ho. Cng ty x l cc yu cu ID s ho cho cc
cng ty nh American Online, Microsoft, Netscape, tuy nhin bn cng c th trc tip
c cc ID s ho trn web site ca cng ty. Vo ma h nm 1998, VeriSign thu ph
349 USD cho my ch ID u tin m mt cng ty mua v 249 USD cho thm mi
my ch ID tip theo. Mt My ch ID ton cc - Global Server ID, 128 bit c mc
chi ph 695 USD.
Cng ngh nn tng cho cc ID s ho ca VeriSign l SSL c xy dng u tin
bi RSA Technologies inc., nay l mt n v ca Sercurity Dynamics. Mi thng
ip, c m ho bng hai m hoc kho l mt chui cc bit lm thay i gi tr
c s ho cc ca d liu c a vo hay ly ra khi chng trnh. Mt kho cng
cng c dng m ho cc thng ip, trong khi kho ring th hai c dng
gii m n. Tnh thng nht v xc thc ca cc kho ring c m bo bi mt c
quan chng nhn thm quyn nh VeriSign. Mt my ch ID s ho cho php bn k
vo cc vn bn in t v chng thc ch k ca mnh vi mt c quan chng nhn
thm quyn.
1.1.2.3. Mt s thut ng
23.
C s chp nhn th (Merchant): L cc thnh phn
kinh doanh hng ho v dch v c k kt vi Ngn hng thanh ton v vic

chp nhn thanh ton th nh: nh hng, khch sn, ca hng... Cc n v ny
phi trang b my mc k thut tip nhn th thanh ton tin mua hng ho,
dch v, tr n thay cho tin mt.
24.
Ngn hng i l hay Ngn hng thanh ton
(Acquirer): L Ngn hng trc tip k hp ng vi c s tip nhn v thanh

ton cc chng t giao dch do c s chp nhn th xut trnh. Mt Ngn hng
c th va ng vai tr thanh ton th va ng vai tr pht hnh.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
22
25.
Ngn hng pht hnh th (Issuer): L thnh vin
chnh thc ca cc T chc th quc t, l Ngn hng cung cp th cho khch

hng. Ngn hng pht hnh chu trch nhim tip nhn h s xin cp th, x l
v pht hnh th, m v qun l ti khon th, ng thi thc hin vic thanh
ton cui cng vi ch th.
26.
Ch th (Cardholder): L ngi c tn ghi trn th
c dng th chi tr thanh ton tin mua hng ho, dch v. Ch c ch th

mi c th s dng th ca mnh m thi. Mi khi thanh ton cho cc c s chp
nhn th v hng ho dch v hoc tr n, ch th phi xut trnh th ni y
kim tra theo qui trnh v lp bin lai thanh ton.
27.
Danh sch Bulletin: Cn gi l danh sch bo ng
khn cp, l mt danh sch lit k nhng s th khng c php thanh ton hay
khng c php mua hng ha, dch v. l nhng th tiu dng qu hn
mc, th gi mo ang lu hnh, th b l mt m c nhn (PIN), th b mt cp,
tht lc, th b loi b... Danh sch c cp nht lin tc v gi n cho tt c
cc Ngn hng thanh ton thng bo kp thi cho c s chp nhn.
28.
Hn mc tn dng (Credit limit): c hiu l tng
s tn dng ti a m Ngn hng pht hnh th cp cho ch th s dng i vi

tng loi th.
29.
S PIN (Personal Identificate Number): L m s c
nhn ring ca ch th thc hin giao dch rt tin ti cc my rt tin t

ng. M s ny do Ngn hng pht hnh th cung cp cho ch th khi pht
hnh. i vi m s PIN, ngi ch th phi gi b mt, ch mt mnh mnh
bit.
30.
BIN (Bank Identificate Number): L m s ch
Ngn hng pht hnh th. Trong hip hi th c nhiu ngn hng thnh vin,
mi ngn hng thnh vin c mt m s ring gip thun li trong thanh ton v
truy xut.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
23
31.
Ngy hiu lc: Ngy sao k (Statement date): l
ngy ngn hng pht hnh th lp cc sao k v khon chi tiu m ch th phi
thanh ton trong thng.
32.
Ngy o hn (Due date): l ngy m ngn hng
pht hnh qui nh cho ch th thanh ton ton b hay mt phn trong gi tr sao
k trn
33.
Merchant account: Merchant account l mt ti
khon ngn hng c bit, cho php bn khi kinh doanh c th chp nhn thanh
ton bng th tn dng. Vic thanh ton bng th tn dng ch c th tin hnh
thng qua dng ti khon ny.
34.
Cng thanh ton in t (payment gateway): l mt
chung trnh phn mm. Phn mm ny s chuyn d liu ca cc giao dch t

website ca ngi bn sang trung tm thanh ton th tn dng hp thc ho
qu trnh thanh ton th tn dng.
1.2. Mc tiu
35.
Tm hiu v thng mi in t.
36.
Tm hiu thanh ton in t trc tuyn.
37.
Tm hiu v cc phng thc bo mt trong thng
mi in t v thanh ton in t trc tuyn.

38.
Xy dng c mt website thng mi in t vi
m hnh B2C.
39.
Tch hp c h thng thanh ton trc tuyn vo
trong trang web.

1.3. Phm vi thc hin
40.
Nghin cu cc thut ton, k thut v phng php
bo mt trn web c dng trong thng mi in t v thanh ton trc tuyn.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
24
41.
Xy dng mt website bn my tnh xch tay trc
tuyn hin thc mt phn nhng g nghin cu c.

42.
Thit lp cc c ch bo mt thng tin trn website.
43.
Tch hp thanh ton bng th tn dng qua mt cng
thanh ton in t.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
25
Chng 2.
C S L THUYT
2.1. Cc thut ton v k thut m ha s dng trong thanh ton in t v

thng mi in
2.1.1.
Secure Socket Layer (SSL)
2.1.1.1. Gii thiu SSL

SSL (Secure Socket Layer) l giao thc a mc ch c thit k to ra cc
giao tip gia hai chng trnh ng dng trn mt cng nh trc (socket 443) nhm
m ho ton b thng tin i/n, c s dng trong giao dch in t nh truyn s
liu th tn dng, mt khu, s b mt c nhn (PIN) trn Internet.
c pht trin bi Netscape, ngy nay giao thc Secure Socket Layer (SSL)
c s dng rng ri trn World Wide Web trong vic xc thc v m ho thng tin
gia client v server. T chc IETF (Internet Engineering Task Force) chun ho
SSL v t li tn l TLS (Transport Layer Security). Mc d l c s thay i v tn
nhng TSL ch l mt phin bn mi ca SSL. Phin bn TSL 1.0 tng ng vi
phin bn SSL 3.1. Tuy nhin SSL l thut ng c s dng rng ri hn.
SSL c thit k nh l mt giao thc ring cho vn bo mt c th h tr cho
rt nhiu ng dng. Giao thc SSL hot ng bn trn TCP/IP v bn di cc giao
thc ng dng tng cao hn nh l HTTP (Hyper Text Transport Protocol), IMAP
( Internet Messaging Access Protocol) v FTP (File Transport Protocol). Trong khi
SSL c th s dng h tr cc giao dch an ton cho rt nhiu ng dng khc nhau
trn Internet, th hin nay SSL c s dng chnh cho cc giao dch trn Web.
2.1.1.2. C ch m ha ca SSL
Giao thc SSL da trn hai nhm con giao thc l giao thc "bt tay" (handshake
protocol) v giao thc "bn ghi" (record protocol). Giao thc bt tay xc nh cc tham
s giao dch gia hai i tng c nhu cu trao i thng tin hoc d liu, cn giao
thc bn ghi xc nh khun dng cho tin hnh m ho v truyn tin hai chiu gia hai
i tng . Khi hai ng dng my tnh, th d gia mt trnh duyt web v my ch
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
26
web, lm vic vi nhau, my ch v my khch s trao i "li cho" (hello) di dng
cc thng ip cho nhau vi xut pht u tin ch ng t my ch, ng thi xc
nh cc chun v thut ton m ho v nn s liu c th c p dng gia hai ng
dng. Ngoi ra, cc ng dng cn trao i "s nhn dng/kho theo phin" (session ID,
session key) duy nht cho ln lm vic . Sau ng dng khch (trnh duyt) yu
cu c chng ch in t (digital certificate) xc thc ca ng dng ch (web server).
Hnh 2.1 Thit lp mt phin SSL
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
27
Chng ch in t thng c xc nhn rng ri bi mt c quan trung gian
(Thm quyn xc nhn CA - Certificate Authority) nh RSA Data Sercurity hay
VeriSign Inc., mt dng t chc c lp, trung lp v c uy tn. Cc t chc ny cung
cp dch v "xc nhn" s nhn dng ca mt cng ty v pht hnh chng ch duy nht
cho cng ty nh l bng chng nhn dng (identity) cho cc giao dch trn mng,
y l cc my ch webserver.
Sau khi kim tra chng ch in t ca my ch (s dng thut ton mt m cng
khai, nh RSA ti trnh my trm), ng dng my trm s dng cc thng tin trong
chng ch in t m ho thng ip gi li my ch m ch c my ch c th
gii m. Trn c s , hai ng dng trao i kho chnh (master key) - kho b mt
hay kho i xng - lm c s cho vic m ho lung thng tin/d liu qua li gia
hai ng dng ch khch. Ton b cp bo mt v an ton ca thng tin/d liu ph
thuc vo mt s tham s:
44.
S nhn dng theo phin lm vic ngu nhin;
45.
Cp bo mt ca cc thut ton bo mt p dng
cho SSL;
46.
di ca kho chnh (key length) s dng cho
lc m ho thng tin.
C th tm tt c ch ca SSL nh sau:
47.
Client pht sinh 1 Session Key ngu nhin khi truy
cp n Server
48.
Client yu cu Server gi Certificate (gm Public
Key ca Server)
49.
Client kim tra tnh hp l ca Certificate
50.
Nu Certificate ca Server hp l, Client m ha
Session Key bng Public Key ca Server
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
28
51.
Client gi Session Key m ha cho Server
52.
Server gii m Session Key c m ha bng
Private Key
53.
Cc thng tin trao i gia server v client s c
m ha v gii m bng Session Key

Hin nay, khi public mt web site ln internet, p dng c ch m ha SSL
chng ta phi thu SSL Certificate cho Web Server t cc t chc cung cp Digital
Certificate nh: Verisign, CyberTrust, EnTrust
2.1.1.3. Cc thut ton m ha trong SSL
Cc thut ton m ho v xc thc ca SSL c s dng bao gm (phin bn 3.0):
54.
DES - chun m ho d liu (ra i nm 1977),
pht minh v s dng ca chnh ph M;

55.
DSA - thut ton ch k in t, chun xc thc
in t, pht minh v s dng ca chnh ph M;

56.
KEA - thut ton trao i kho, pht minh v s
dng ca chnh ph M;
57.
MD5 - thut ton to gi tr "bm" (message digest),
pht minh bi Rivest;

58.
RC2, RC4 - m ho Rivest, pht trin bi cng ty
RSA Data Security;

59.
RSA - thut ton kho cng khai, cho m ho v
xc thc, pht trin bi Rivest, Shamir v Adleman;

60.
RSA key exchange - thut ton trao i kho cho
SSL da trn thut ton RSA;
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
29
61.
SHA-1 - thut ton hm bm an ton, pht trin v
s dng bi chnh ph M;
62.
SKIPJACK - thut ton kho i xng phn loi
c thc hin trong phn cng Fortezza, s dng bi chnh ph M;

63.
2.1.2.
Triple-DES - m ho DES ba ln.

Hm bm (Cryptographic hash function)
2.1.2.1. Gii thiu hm bm

Trong ngnh mt m hc, mt hm bm mt m hc (ting Anh: Cryptographic
hash function) l mt hm bm vi mt s tnh cht bo mt nht nh ph hp vic
s dng trong nhiu ng dng bo mt thng tin a dng, chng hn nh chng thc
(authentication) v kim tra tnh nguyn vn ca thng ip (message integrity). Mt
hm bm nhn u vo l mt xu k t di (hay thng ip) c di ty v to ra
kt qu l mt xu k t c di c nh, i khi c gi l tm tt thng ip
(message digest) hoc ch k s (digital fingerprint).
Hnh 2.2 V d hm bm
Ni rng, mt hm bm phi hot ng cng ging vi mt hm ngu nhin cng
tt, trong khi vn c tnh cht n nh v tnh ton c hiu qu.
Mt hm bm mt m hc c coi l khng an ton nu mt trong cc vic sau l
kh thi v mt tnh ton:
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
30
64.
Cho mt tm tt (digest), tm mt thng ip (cha
bit) khp vi tm tt
65.
Tm cc "xung t bm" (hash collision), trong
hai thng ip khc nhau c tm tt trng nhau.

Nu c th thc hin mt trong hai vic trn, mt ngi c th tn cng bng cch
dng cc cch trn thay mt thng ip khng c xc nhn (unauthorized
message) vo ch ca mt thng ip c xc nhn.
2.1.2.2. ng dng ca hm bm
Mt ng dng in hnh ca mt hm bm mt m hc nh sau: Alice a cho Bob
mt cu kh v tuyn b rng c y gii c ri. Bob mun t gii, nhng cng
mun chc chn l Alice ng l gii c. Do , Alice vit p n, gn thm mt
nonce ngu nhin, tnh gi tr bm ca n, v a kt qu bm cho Bob (trong khi vn
gi b mt p n v nonce). Bng cch ny, khi Bob t gii xong, Alice c th chng
minh rng c c p n t trc bng cch a nonce cho Bob.
Trong thc tin, Alice v Bob thng l cc chng trnh my tnh, v b mt
thng l ci g khng d la bng mt li gii cho cu . ng dng trn c gi
l mt h thng tin cy (commitment scheme).
Mt ng dng quan trng khc ca cc hm bm bo mt l s kim tra tnh ton
vn ca thng ip. V d, vic xc nh xem mt file hay mt thng ip c b sa i
hay khng c th thc hin bng cch so snh tm tt c tnh trc v sau khi gi
(hoc mt s kin bt k no ). Cn c th dng tm tt thng ip lm mt phng
tin ng tin cy cho vic nhn dng file. Mt ng dng c lin quan l kim tra mt
khu. Mt khu thng khng c lu di dng vn bn r (clear text), m dng
tm tt. xc thc mt ngi dng, mt khu do ngi nhp vo c bm v so
snh vi kt qu bm c lu tr.
Do cc l do c v bo mt v hiu nng chng trnh, a s cc thut ton ch k
s ni rng ch c tm lc ca thng ip, ch khng phi ton vn thng ip, c
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
31
"k". Cc hm bm cn c th c dng to cc bit gi ngu nhin
(pseudorandom).
SHA-1, MD5, v RIPEMD-160 nm trong s cc thut ton tm tt thng ip
c dng rng ri nht ca nm 2005. Thng 8 nm 2004, cc nh nghin cu tm
c cc im yu ca mt lot hm bm, trong c MD5, SHA-0 v RIPEMD.
Thng 2 nm 2005, ngi ta ghi nhn mt tn cng i vi SHA-1. Thng 8 nm 2005,
ngi ta li ghi nhn mt tn cng khc i vi SHA-1.
Cc hm bm c dng nhn dng cc file trong cc mng chia s tp ng
ng. V d, trong mt ed2k link, mt bin th ca MD4 c kt hp vi kch thc
file cung cp thng tin cho vic xc nh ngun file, ti xung v kim tra ni dung.
2.1.2.3. MD5 (Message-Digest algorithm 5)
MD5 (Message-Digest algorithm 5) l mt hm bm m ha vi gi tr bm l
128bit. Tng c xem l mt chun trn Internet, MD5 c s dng rng ri
trong cc chng trnh an ninh mng, v cng thng c dng kim tra tnh
nguyn vn ca tp tin.
MD5 c thit k bi Ronald Rivest vo nm 1991 thay th cho hm bm trc
, MD4 (cng do ng thit k, trc na l MD2).
MD5 c 2 ng dng quan trng:
66.
MD5 c s dng rng ri trong th gii phn
mm m bo rng tp tin ti v khng b hng. Ngi s dng c th so

snh gia thng s kim tra phn mm bng MD5 c cng b vi thng s
kim tra phn mm ti v bng MD5. H iu hnh Unix s dng MD5 kim
tra cc gi m n phn phi, trong khi h iu hnh Windows s dng phn
mm ca hng th ba.
67.
MD5 c dng m ha mt khu. Mc ch ca
vic m ha ny l bin i mt chui mt khu thnh mt on m khc, sao

cho t on m khng th no ln tr li mt khu. C ngha l vic gii m
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
32
l khng th hoc phi mt mt khong thi gian v tn ( lm nn lng cc
hacker)
Mt vi bng bm MD5
68.
Bng bm MD5 128 bit (16 byte) (cn c gi l
message digests) c biu din bng chui 32 s thp lc phn.

MD5("hello")
69.
= 5d41402abc4b2a76b9719d911017c592
Thm ch mt s thay i nh trong mu tin cng
dn n thay i hon ton bng bm, do hiu ng thc. V d, thay e thnh

a:
MD5("hallo")
70.
= 598d4c200461b81522a3328565c25f7c
Bng bm ca mt chui rng l:
MD5("") = d41d8cd98f00b204e9800998ecf8427e
2.1.2.4. SHA (Secure Hash Algorithm)
SHA (Secure Hash Algorithm hay thut gii bm an ton) l nm thut gii c
chp nhn bi FIPS dng chuyn mt on d liu nht nh thnh mt on d liu
c chiu di khng i vi xc sut khc bit cao.
Nm thut gii SHA l:
71.
SHA-1 : tr li kt qu di 160 bit
72.
SHA-224 : tr li kt qu di 224 bit
73.
SHA-256: tr li kt qu di 256 bit
74.
SHA-384: tr li kt qu di 384 bit
75.
SHA-512: tr li kt qu di 512 bit.
Thut gii SHA l thut gii bm mt c pht trin bi cc an ninh quc gia M
(National Security Agency hay NSA) v c xut bn thnh chun ca chnh ph M
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
33
bi vin cng ngh v chun quc gia M (National Institute of Standards and
Technology hay NIST). Bn thut gii sau thng c gi chung l SHA-2.
SHA-1 c s dng rng ri trong nhiu ng dng v giao thc an ninh khc
nhau, bao gm TLS v SSL, PGP, SSH, S/MIME, v IPSec. SHA-1 c coi l thut
gii thay th MD5, mt thut gii bm 128 bit ph bin khc.
Hin nay, SHA-1 khng cn c coi l an ton bi u nm 2005, ba nh mt m
hc ngi Trung Quc pht trin thnh cng mt thut gii dng tm c hai
on d liu nht nh c cng kt qu bm to ra bi SHA-1[1]. Mc d cha c ai
lm c iu tng t vi SHA-2, nhng v v thut gii, SHA-2 khng khc bit
my so vi SHA-1 nn nhiu nh khoa hc bt u pht trin mt thut gii khc tt
hn SHA. NIST cng khi u mt cuc thi pht trin thut gii bm mi an ton
hn SHA, ging nh quy trnh pht trin chun m ha tin tin (Advanced Encryption
Standard hay AES).
Mt vi bng bm SHA-1
76.
on d liu gc s dng bng m ASCII c
biu din bng chui 40 s thp lc phn

SHA-1 ("hello") = aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
77.
Thay e thnh a:
SHA-1 ("hallo") = fd4cef7a4e607f1fcc920ad6329a6df2df99a4e8

78.
Bng bm ca mt chui rng l:
SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709

2.1.3.
M ha i xng (Symmetric Encryption)
2.1.3.1. Gii thiu m ha i xng

Trong mt m hc, cc thut ton kha i xng (ting Anh: symmetric-key
algorithms) l mt lp cc thut ton mt m ha trong cc kha dng cho vic mt
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
34
m ha v gii m c quan h r rng vi nhau (c th d dng tm c mt kha nu
bit kha kia).
Hnh 2.3 Qu trnh m ha i xng

Kha dng m ha c lin h mt cch r rng vi kha dng gii m c
ngha chng c th hon ton ging nhau, hoc ch khc nhau nh mt bin i n
gin gia hai kha. Trn thc t, cc kha ny i din cho mt b mt c phn
hng bi hai bn hoc nhiu hn v c s dng gi gn s b mt trong knh
truyn thng tin.
Nhiu thut ng khc dnh cho vic m ha dng cha kha i xng bao gm cc
phng php m ha n kha (single-key), phng php m ha mt kha (one-key)
v phng php m ha kha c nhn (private-key). Cch s dng thut ng sau cng
i khi gy xung t vi thut ng kha c nhn (private-key) dng trong mt m ha
kha cng khai (public key cryptography).
Cc thut ton i xng ni chung i hi cng sut tnh ton t hn cc thut ton
kha bt i xng (asymmetric key algorithms). Trn thc t, mt thut ton kha bt
i xng c khi lng tnh ton nhiu hn gp hng trm, hng ngn ln mt thut
ton kha i xng (symmetric key algorithm) c cht lng tng ng.
Thut ton i xng c th c chia ra lm hai th loi, mt m lung (stream
ciphers) v mt m khi (block ciphers). Mt m lung m ha tng bit ca thng ip
trong khi mt m khi gp mt s bit li v mt m ha chng nh mt n v. C khi
c dng thng l cc khi 64 bit. Thut ton tiu chun m ha tn tin (Advanced
Encryption Standard), c NIST cng nhn thng 12 nm 2001, s dng cc khi
gm 128 bit.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
35
Cc thut ton i xng thng khng c s dng c lp. Trong thit k ca cc
h thng mt m hin i, c hai thut ton bt i xng (asymmetric) (dng cha kha
cng khai) v thut ton i xng c s dng phi hp tn dng cc u im ca
c hai. Nhng h thng s dng c hai thut ton bao gm nhng ci nh SSL (Secure
Sockets Layer), PGP (Pretty Good Privacy) v GPG (GNU Privacy Guard) v.v. Cc
thut ton cha kha bt i xng c s dng phn phi cha kha mt cho thut
ton i xng c tc cao hn.
Mt s v d cc thut ton i xng ni ting v kh c tn trng bao gm
Twofish, Serpent, AES (cn c gi l Rijndael), Blowfish, CAST5, RC4, Tam phn
DES (Triple DES), v IDEA (International Data Encryption Algorithm - Thut ton
mt m ha d liu quc t).
2.1.3.2. DES (Data Encryption Standard )
DES (vit tt ca Data Encryption Standardl mt phng php mt m ha c
FIPS (Tiu chun X l Thng tin Lin bang Hoa K) chn lm chun chnh thc vo
nm 1976. Sau chun ny c s dng rng ri trn phm vi th gii. Ngay t u,
thut ton ca n gy ra rt nhiu tranh ci, do n bao gm cc thnh phn thit k
mt, di kha tng i ngn, v cc nghi ng v ca sau C quan An ninh quc
gia Hoa K (NSA) c th b kha. Do , DES c gii nghin cu xem xt rt k
lng, vic ny thc y hiu bit hin i v mt m khi (block cipher) v cc
phng php thm m tng ng.
Hin nay DES c xem l khng an ton cho nhiu ng dng. Nguyn nhn
ch yu l di 56 bit ca kha l qu nh. Kha DES tng b ph trong vng
cha y 24 gi. c rt nhiu kt qu phn tch cho thy nhng im yu v mt l
thuyt ca m ha c th dn n ph kha, tuy chng khng kh thi trong thc tin.
Thut ton c tin tng l an ton trong thc tin c dng Triple DES (thc hin
DES ba ln), mc d trn l thuyt phng php ny vn c th b ph. Gn y DES
c thay th bng AES (Advanced Encryption Standard, hay Tiu chun M ha
Tin tin).
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
36
DES l thut ton m ha khi: n x l tng khi thng tin ca bn r c di
xc nh v bin i theo nhng qu trnh phc tp tr thnh khi thng tin ca bn
m c di khng thay i. Trong trng hp ca DES, di mi khi l 64 bit.
DES cng s dng kha c bit ha qu trnh chuyn i. Nh vy, ch khi bit kha
mi c th gii m c vn bn m. Kha dng trong DES c di ton b l 64 bit.
Tuy nhin ch c 56 bit thc s c s dng; 8 bit cn li ch dng cho vic kim tra.
V th, di thc t ca kha ch l 56 bit.
2.1.3.3. AES (Advanced Encryption Standard)
Trong mt m hc, AES (vit tt ca t ting Anh: Advanced Encryption Standard,
hay Tiu chun m ha tin tin) l mt thut ton m ha khi c chnh ph Hoa k
p dng lm tiu chun m ha. Ging nh tiu chun tin nhim DES, AES c k
vng p dng trn phm vi th gii v c nghin cu rt k lng. AES c
chp thun lm tiu chun lin bang bi Vin tiu chun v cng ngh quc gia Hoa k
(NIST) sau mt qu trnh tiu chun ha ko di 5 nm.
Thut ton c thit k bi hai nh mt m hc ngi B: Joan Daemen v
Vincent Rijmen (ly tn chung l "Rijndael" khi tham gia cuc thi thit k AES).
Rijndael c pht m l "Rhine dahl" theo phin m quc t (IPA: [aindal]).
Mc d 2 tn AES v Rijndael vn thng c gi thay th cho nhau nhng trn
thc t th 2 thut ton khng hon ton ging nhau. AES ch lm vic vi khi d liu
128 bt v kha c di 128, 192 hoc 256 bt trong khi Rijndael c th lm vic vi
d liu v kha c di bt k l bi s ca 32 bt nm trong khong t 128 ti 256
bt.
Cc kha con s dng trong cc chu trnh c to ra bi qu trnh to kha con
Rijndael.
Hu ht cc php ton trong thut ton AES u thc hin trong mt trng hu
hn.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
37
2.1.4.
M ha kha cng khai
2.1.4.1. Gii thiu m ha kha cng khai

M ha kha cng khai l mt dng m ha cho php ngi s dng trao i cc
thng tin mt m khng cn phi trao i cc kha chung b mt trc . iu ny
c thc hin bng cch s dng mt cp kha c quan h ton hc vi nhau l kha
cng khai v kha c nhn (hay kha b mt).
Thut ng mt m ha kha bt i xng thng c dng ng ngha vi mt m
ha kha cng khai mc d hai khi nim khng hon ton tng ng. C nhng
thut ton mt m kha bt i xng khng c tnh cht kha cng khai v b mt nh
cp trn m c hai kha (cho m ha v gii m) u cn phi gi b mt.
Trong mt m ha kha cng khai, kha c nhn phi c gi b mt trong khi
kha cng khai c ph bin cng khai. Trong 2 kha, mt dng m ha v kha
cn li dng gii m. iu quan trng i vi h thng l khng th tm ra kha b
mt nu ch bit kha cng khai.
Hnh 2.4 Sinh kha cng khai

Thng thng, cc k thut mt m ha kha cng khai i hi khi lng tnh
ton nhiu hn cc k thut m ha kha i xng nhng nhng li im m chng
mang li khin cho chng c p dng trong nhiu ng dng.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
38
t c an ton tng ng, thut ton mt m ha kha bt i xng i
hi khi lng tnh ton nhiu hn ng k so vi thut ton mt m ha kha i
xng. V th trong thc t hai dng thut ton ny thng c dng b sung cho nhau
t hiu qu cao. Trong m hnh ny, mt bn tham gia trao i thng tin to ra mt
kha i xng dng cho phin giao dch. Kha ny s c trao i an ton thng qua
h thng m ha kha bt i xng. Sau 2 bn trao i thng tin b mt bng h
thng m ha i xng trong sut phin giao dch.
2.1.4.2. Cc ng dng
H thng mt m ha kha cng khai c th s dng vi cc mc ch:
79.
M ha: gi b mt thng tin v ch c ngi c
kha b mt mi gii m c.
80.
Hnh 2.5 M ha v gii m bng m ha kha cng khai

To ch k s (xc thc thng tin): cho php kim
tra mt vn bn c phi c to vi mt kha b mt no hay khng.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
39
Hnh 2.6 To v xc thc ch k s

Tha thun kha: cho php thit lp kha dng
81.
trao i thng tin mt gia 2 bn.

2.1.5.
Ch k s (Digital Signature)
2.1.5.1. Gii thiu ch k s

Ch k s l mt dng ch k in t c da trn cng ngh kha cng khai
(PKI).
Mi ngi cn 1 cp kha gm kha cng khai & kha b mt.
82.
Kha b mt dng to ch k s
83.
kha cng khai dng thm nh ch k s -> xc
thc
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
40
2.1.5.2. To ch k s
Hnh 2.7 To ch k s
2.1.5.3. Thm nh ch k s
Hnh 2.8 Thm nh ch k s

Mc ch ca vic thm nh ch k s:
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
41
84.
Xc thc c ngi gi: Cc h thng mt m ha
kha cng khai cho php mt m ha vn bn vi kha b mt m ch c ngi

ch ca kha bit. s dng ch k s th vn bn khng cn phi c m
ha m ch cn m ha hm bm ca vn bn (thng c di c nh v
ngn hn vn bn). Khi cn kim tra, bn nhn gii m (vi kha cng khai)
ly li hm bm v kim tra vi hm bm ca vn bn nhn c. Nu 2 gi tr
ny khp nhau th bn nhn c th tin tng rng vn bn xut pht t ngi s
hu kha b mt. Tt nhin l chng ta khng th m bo 100% l vn bn
khng b gi mo v h thng vn c th b ph v. Vn nhn thc c bit
quan trng i vi cc giao dch ti chnh. Chng hn mt chi nhnh ngn hng
gi mt gi tin v trung tm di dng (a,b), trong a l s ti khon v b l s
tin chuyn vo ti khon . Mt k la o c th gi mt s tin no
ly ni dung gi tin v truyn li gi tin thu c nhiu ln thu li (tn cng
truyn li gi tin).
85.
Chng chi b: Trong giao dch, mt bn c th t
chi nhn mt vn bn no l do mnh gi. ngn nga kh nng ny, bn

nhn c th yu cu bn gi phi gi km ch k s vi vn bn. Khi c tranh
chp, bn nhn s dng ch k ny nh mt chng c bn th ba gii quyt.
Tuy nhin, kha b mt vn c th b l v tnh khng th ph nhn cng khng
th t c hon ton.
86.
Xc thc s ton vn ca thng tin: C hai bn tham
gia vo qu trnh thng tin u c th tin tng l vn bn khng b sa i

trong khi truyn v nu vn bn b thay i th hm bm cng s thay i v lp
tc b pht hin. Qu trnh m ha s n ni dung ca gi tin i vi bn th 3
nhng khng ngn cn c vic thay i ni dung ca n. Mt v d cho
trng hp ny l tn cng ng hnh (homomorphism attack): tip tc v d
nh trn, mt k la o gi 1.000.000 ng vo ti khon ca a, chn gi tin
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
42
(a,b) m chi nhnh gi v trung tm ri gi gi tin (a,b3) thay th lp tc tr
thnh triu ph!
2.1.6.
RSA
2.1.6.1. Gii thiu

Trong mt m hc, RSA l mt thut ton mt m ha kha cng khai. y l thut
ton u tin ph hp vi vic to ra ch k in t ng thi vi vic m ha. N
nh du mt s tin b vt bc ca lnh vc mt m hc trong vic s dng kha
cng cng. RSA ang c s dng ph bin trong thng mi in t v c cho l
m bo an ton vi iu kin di kha ln.
Thut ton c Ron Rivest, Adi Shamir v Len Adleman m t ln u tin vo
nm 1977 ti Hc vin Cng ngh Massachusetts (MIT). Tn ca thut ton ly t 3
ch ci u ca tn 3 tc gi.
RSA l thut ton m khi c kch thc khi thay i c.
Thut ton RSA c hai kha: kha cng khai (hay kha cng cng) v kha b mt
(hay kha c nhn). Mi kha l nhng s c nh s dng trong qu trnh m ha v
gii m. Kha cng khai c cng b rng ri cho mi ngi v c dng m
ha. Nhng thng tin c m ha bng kha cng khai ch c th c gii m bng
kha b mt tng ng. Ni cch khc, mi ngi u c th m ha nhng ch c
ngi bit kha c nhn (b mt) mi c th gii m c.
Ta c th m phng trc quan mt h mt m kho cng khai nh sau : Bob mun
gi cho Alice mt thng tin mt m Bob mun duy nht Alice c th c c. lm
c iu ny, Alice gi cho Bob mt chic hp c kha m sn v gi li cha
kha. Bob nhn chic hp, cho vo mt t giy vit th bnh thng v kha li
(nh loi kho thng thng ch cn sp cht li, sau khi sp cht kha ngay c Bob
cng khng th m li c-khng c li hay sa thng tin trong th c na). Sau
Bob gi chic hp li cho Alice. Alice m hp vi cha kha ca mnh v c thng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
43
tin trong th. Trong v d ny, chic hp vi kha m ng vai tr kha cng khai,
chic cha kha chnh l kha b mt.
2.1.6.2. Thut ton
Gi s Alice v Bob cn trao i thng tin b mt thng qua mt knh khng an
ton (v d nh Internet). Vi thut ton RSA, Alice u tin cn to ra cho mnh cp
kha gm kha cng khai v kha b mt theo cc bc sau:
1.
Chn 2 s nguyn t ln v vi
, la chn
ngu nhin v c lp.

2.
Tnh:
3.
Tnh: gi tr hm s le
4.
Chn mt s t nhin e sao cho
l s nguyn t cng nhau vi

5.
.
Tnh: d sao cho
Mt s lu :
87.
Cc s nguyn t thng c chn bng phng
php th xc sut.
88.
Cc bc 4 v 5 c th c thc hin bng gii
thut Euclid m rng (xem thm: s hc mun).

89.
Bc 5 c th vit cch khc: Tm s t nhin sao
cho
cng l s t nhin. Khi s dng gi tr

.
90.
bc
thay cho
GVHD: V Th Thanh Vn
3,
PKCS#1
v2.1
dng
).
SVTH: Nguyn Cnh Chn
44
Kha cng khai bao gm:
91.
n, mun, v
92.
e, s m cng khai (cng gi l s m m ha).
Kha b mt bao gm:

93.
n, mun, xut hin c trong kha cng khai v
kha b mt, v
94.
d, s m b mt (cng gi l s m gii m).
Mt dng khc ca kha b mt bao gm:

95.
p and q, hai s nguyn t chn ban u,
96.
d mod (p-1) v d mod (q-1) (thng c gi l
dmp1 v dmq1),
97.
(1/q) mod p (thng c gi l iqmp)
Dng ny cho php thc hin gii m v k nhanh hn vi vic s dng nh l s

d Trung Quc (ting Anh: Chinese Remainder Theorem - CRT). dng ny, tt c
thnh phn ca kha b mt phi c gi b mt.
Alice gi kha cng khai cho Bob, v gi b mt kha c nhn ca mnh. y, p
v q gi vai tr rt quan trng. Chng l cc phn t ca n v cho php tnh d khi bit
e. Nu khng s dng dng sau ca kha b mt (dng CRT) th p v q s c xa
ngay sau khi thc hin xong qu trnh to kha.
2.1.7.
H tng kha cng khai (Public key Infrastructure)
2.1.7.1. Gii thiu h tng kha cng khai

Trong mt m hc, h tng kha cng khai public key infrastructure, vit tt PKI
l mt c ch cho mt bn th 3 (thng l nh cung cp chng thc s) cung cp
v xc thc nh danh cc bn tham gia vo qu trnh trao i thng tin. C ch ny
cng cho php gn cho mi ngi s dng trong h thng mt cp kha cng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
45
khai/kha b mt. Cc qu trnh ny thng c thc hin bi mt phn mm t ti
trung tm v cc phn mm phi hp khc ti cc a im ca ngi dng. Kha cng
khai thng c phn phi trong chng thc kha cng khai.
Khi nim h tng kha cng khai (PKI) thng c dng ch ton b h thng
bao gm nh cung cp chng thc s (CA) cng cc c ch lin quan ng thi vi
ton b vic s dng cc thut ton mt m ha kha cng khai trong trao i thng
tin. Tuy nhin phn sau c bao gm khng hon ton chnh xc bi v cc c ch
trong PKI khng nht thit s dng cc thut ton m ha kha cng khai.
PKI cho php nhng ngi tham gia xc thc ln nhau v s dng thng tin t cc
chng thc kha cng khai mt m ha v gii m thng tin trong qu trnh trao i.
Thng thng, PKI bao gm phn mm my khch (client), phn mm my ch
(server), phn cng (nh th thng minh) v cc quy trnh hot ng lin quan. Ngi
s dng cng c th k cc vn bn in t vi kha b mt ca mnh v mi ngi u
c th kim tra vi kha cng khai ca ngi . PKI cho php cc giao dch in t
c din ra m bo tnh b mt, ton vn v xc thc ln nhau m khng cn phi
trao i cc thng tin mt t trc.
2.1.7.2. Chng ch s
Chng ch s l mt tp tin in t c s dng nhn din mt c nhn, mt
my ch, mt cng ty, hoc mt vi i tng khc v gn ch danh ca i tng
vi mt kho cng khai (public key). Ging nh bng li xe, h chiu, chng minh th
hay nhng giy t nhn din c nhn thng thng khc, chng ch s cung cp bng
chng cho s nhn din ca mt i tng. H m kho cng khai s dng chng ch
s gii quyt vn mo danh.
ly c bng li xe, bn cn phi ng k vi Phng cnh st giao thng. H s
cp cho bn bng li xe sau khi xc nh cc thng tin v bn nh: c kh nng li
xe, h v tn, a ch, v nhng thng tin cn thit khc. ly c chng ch s bn
cng cn phi thc hin cc cng vic ng k tng t nh vy. Ni c th chng
nhn nhng thng tin ca bn l chnh xc c gi l nh cp chng ch s
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
46
(Certificate Authority vit tt l CA), mt t chc c thm quyn xc nhn ch danh v
cp cc chng ch s. H c th l mt thnh phn th ba ng c lp hoc cc t
chc t vn hnh phn mm cp chng ch s ca mnh. Cc phng php xc nh
ch danh ph thuc vo cc chnh sch m CA t ra. Chnh sch lp ra phi m bo
vic cp chng ch s phi ng n, ai c cp v mc ch dng vo vic g. Thng
thng, trc khi cp mt chng ch s, CA s cng b cc th tc cn phi thc hin
cho cc loi chng ch s.
Trong chng ch s cha mt kho cng khai c gn vi mt tn duy nht ca
mt i tng (nh tn ca mt nhn vin hoc server). Chng ch s gip ngn chn
vic s dng kho cng khai cho vic gi mo. Ch c kho cng khai c chng thc
bi chng ch s mi lm vic vi kho ring (private key) tng ng c s hu bi
i tng m c ch danh c chng thc nm trong chng ch s.
Hnh 2.9 To chng ch s

Ngoi kho cng khai, mt chng ch s cn cha thm tn ca i tng m n
nhn din, hn dng, tn ca CA cp chng ch s , m s th t, v nhng thng tin
khc. iu quan trng nht l mt chng ch s lun lun cha ch k s ca CA
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
47
cp chng ch s . N cho php chng ch s nh c ng du cho ngi s
dng bit v tin cy vo CA.
Chng ch s l mt tp tin in t c s dng nhn din mt c nhn, mt
my ch, mt cng ty, hoc mt vi i tng khc v gn ch danh ca i tng
vi mt kho cng khai (public key).
Cc thng tin trong chng ch s bao gm:
98.
Nhn dng ca thc th thng tin (tn user, a ch
IP, a ch email, URL, ca website,)

99.
Kha cng khai ca thc th thng tin
100.
Ch k s ca ngi xc nhn
101.
Mt s thng tin ph tr khc
2.1.7.3. Cu trc chng ch theo X.509

X.509 l mt ngh ca ITU (International Telecommunication Union) nh ngha
mt framework v chng thc (certificate). X.509 da trn X.500, m bn thn X.500
cn cha c nh ngha hon ho. Kt qu l chun X.509 ang c din gii theo
mt s cch, ty theo cng ty cung cp quyt nh s dng nh th no.
X.509 ln u tin c cng b vo nm 1988, v cc phin bn tip theo c
a ra gii quyt cc vn an ton, y cng l s c xy ra bt ng ngay ln cng
b u tin. X.509 h tr c hai m b mt (m n) v m cng khai. X.509 nh
ngha cc ni dung v mt chng thc, bao gm s phin bn, s serial, ID ch k, tn
cng b, thi im c hiu lc, nh ngha ch , phn m rng v ch k trn cc
trng trn.
Chng ch s theo cu trc ca X.509
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
48
Hnh 2.10 Cu trc chng ch s X.509

V c bn, mt ngi c trch nhim chng nhn s t kha cng khai ca mt
ngi no c nhu cu chng thc vo th tc chng thc v sau xc thc li
bng kha ring.
2.1.7.4. C s h tng kha cng khai
H thng bao gm cc thnh phn cn thit thc hin cc chc nng:
102.
To ra cc chng ch kha cng khai
103.
Phn phi chng ch
104.
Thu hi chng ch
105.
Qun l cc chng ch
PKI l thnh phn nn tng trin khai cc ng dng bo mt da trn kha cng
khai.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
49
2.1.7.5. Cc thnh phn ca PKI
106.
Hnh 2.11 Cc thnh phn ca PKI

End Entity: ngi s dng, mt phn mm hoc
thit b tham gia vo qu trnh trao i thng tin.

107.
Certification Authority (CA): thc th tin cy trong
cng ng, c chc nng to ra chng ch.

108.
Registration Authority (RA): thc hin cc chc
nng x l h tr cho CA.

109.
Repository: kho lu tr cc chng ch, cng cp
chng ch cho user khi c yu cu.

110.
CRL Issuer (Certificate Revocation List): thc th
qun l vic thu hi chng ch ht hn hoc vi phm cc vn v bo mt.

2.1.7.6. Chng thc cho
111.
CA chng thc cho End Entity.
112.
CA cng c th chng thc cho CA khc trong m
hnh phn cp to thnh ng dn chng thc (Certification Path).

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
50
113.
Tnh tin cy (trust) ca cc CA cng c thit lp
thng qua m hnh phn cp.

M hnh CA nhiu cp:
Hnh 2.12 M hnh CA nhiu cp

V d v chng thc cho:
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
51
Hnh 2.13 Chng thc cho

K hiu: A<<X>>: A chng nhn cho X
2.1.8.
SET (Secure Electronic Transaction)
2.1.8.1. Gii thiu SET

SET (Secure Electronic Transaction) l mt giao thc tiu chun dng bo mt
thng tin trong cc ng dng bo mt dng th tn dng. SET khng phi l mt h
thng thanh ton m l mt giao thc bo v cho cc giao dch.
c xut u tin bi MasterCard v Visa ln u tin vo nm 1996 vi s
tham gia ca GTE, IBM, Microsoft, Netscape, RSA and VeriSign.
Cc tnh nng ca SET:
114.
Bo v cc kt ni gia cc thnh phn tham gia
giao dch
115.
Thit lp quan h tinh cy dng chng ch s
116.
m bo tnh ring t ca thng tin
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
52
2.1.8.2. Hot ng
Cc c trng c bn ca SET:
117.
Bo mt thng tin: dng m ha i xng DES
118.
Ton vn thng tin: dng RSA, SHA-1, HMAC,
ch k s.
119.
Xc thc ngi dng: dng chng ch s X.509
version 3.
120.
Xc thc nh cung cp: dng chng ch s X.509
version 3.
Cc thnh phn tham gia SET:
121.
Ch th (Cardholder): ngi mua hng c th tn
dng do ngn hng pht hnh.

122.
Ngi bn hng (Merchant): c quan h vi t
chc ti chnh.
123.
Ngn hng pht hnh th (Issuer).
124.
T chc trung gian thc hin thanh ton v xc thc
th (Acquirer).
125.
Cng thanh ton (Payment getway): t chc x l
vic thanh ton (c th trng vi Acquirer).

126.
C quan chng thc (Certification Authority): c
kh nng to ra ch k s.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
53
Hnh 2.14 Cc thnh phn tham gia SET

Cc thao tc trong SET:
127.
Ngi dng mti khan ti ngn hng v tr thnh
ch th.
128.
Ngi dng duc cp chng ch X.509 v3 (lin kt
vi th thanh tan)
129.
Ngi bn hng duc cp chng ch (chng ch k
v chng ch trao di kha), ngoi ra cn c bn sao chng ch ca cng thanh

ton in t.
130.
Ngui s dng t hng (thng qua website, email,
)
131.
Xc thc ngui bn hng bng chng ch s.
132.
Ngi s dng gi thng tin t hng v thng tin
thanh ton cho ngi bn (cng vi chng ch ca ngi s dng)

133.
Ngi bn hng yu cu xc thc thng tin thanh
tan.
134.
GVHD: V Th Thanh Vn
Ngi bn hng xc nhn n t hng.
SVTH: Nguyn Cnh Chn
54
135.
Giao hng
136.
Yu cu thanh ton
2.1.8.3. Ch k song song
Hnh 2.15 Ch k song song

Cng dng ca ch k song song:
137.
K ng thi ln 2 bn tin gi cho hai thc th khc
nhau (ngui bn v ngn hng).

138.
Khng th tch ri 2 thng tin.
139.
Thc th ny khng xem duc thng tin ca thc
th kia v ngc li
140.
Gn lin nhn dng ca user vi n hng v phiu
thanh tan
141.
Khng th tch ri n hng vi phiu thanh tan
142.
Ngui bn hng khng c uc phiu thanh tan
143.
Ngn hng khng c uc n dt hng
Thc hin thanh ton trong SET:

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
55
144.
Yu cu mua hng (Purchase Request).
145.
Xc thc thanh ton (Payment Authorization).
146.
Thc hin thanh ton (Payment Capture).
2.2. Bo mt Web
2.2.1.
Hypertext Transfer Protocol
2.2.1.1. Hypertext Transfer Protocol (HTTP)

Hypertext Transfer Protocol (giao thc truyn ti siu vn bn) l mt trong nm
giao thc chun c s dng trong mng Internet, c dng lin h thng tin gia
my cung cp dch v (web server) v my s dng dch v (client) dng cho World
Wide Web-WWW, HTTP l mt giao thc ng dng ca b giao thc TCP/IP (cc
giao thc nn tng cho Internet).
HTTP l mt giao thc kiu my khch/my ch nh ni trn, my khch a
ra cc request, v my ch nhn request t my khch, x l v s gi tr li cc
request ny ngc li my khch.
2.2.1.2. Thng ip HTTP (HTTP Message)
HTTP message gm c yu cu c gi t my khch ln my ch v thng tin tr
v t my ch cho my khch. Tng qut, HTTP message gm c: start line, khng c
hoc c header, v ty chn message body. Mt header lun cha: tn trng, du hai
chm v gi tr ca trng v d:
From:
somebody@something.com
Mt vi trng trong HTTP Message ch c th c s dng gi yu cu t

my khch n my ch(Form) hoc ch c th c s dng trong vic gi thng
tin tr v t my ch ti my khch (Server). Mt vi trng khc dng miu t
ni dung ca message (Content-Encoding). Thc th Content-Type cho bit ni dung
ca message c gi n my khch (text/html, hoc image/gif, hoc
application/pdf) . V d v http headers ca vietnamnet.vn:
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
56
Hnh 2.16 V d HTTP header ca vietnamnet.vn

Dng u tin ca mt message gi thng tin yu cu n my ch l request-line,
ch ra phng thc(method), mt URI, v phin bn HTTP m my khch ang s
dng.
Dng u tin tr v ca mt message t my ch l status line, cha thng tin v
phin bn HTTP m my ch s dng, status code (m trng thi) v reason phrase.
Status code l mt dy s gm 3 ch s ch ra kt qu m my ch p ng yu cu
c gi ln t my khch. Reason phrase l mt dng thng bo ngn ca status code.
V d mt my my khch yu cu mt ti liu m khng c trn my ch th my ch
s tr v 404 Not Found.. Nu ti liu c trn my ch, nhng my khch phi
c chng thc mi xem c th my ch s tr v 401 Unauthorized..
2.2.1.3. Trao i thng tin nhy cm
HTTP header mang rt nhiu thng tin v client hoc my ch, iu ny cha ng
nhng nguy him tim tn. V d nh thng tin header nh thng tin tr v t my ch
cha phin bn ca my ch nh hnh di y:
Hnh 2.17 Thng tin my ch trong HTTP Header

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
57
iu ny c th rt nguy him nu nh phn mm ca my ch ny ang tn ti
mt l hng bo mt, iu c th to c hi cho hacker khai thc l hng bo mt
ny v tn cng vo my ch.
Acccept trong header yu cu ca my khch gi ln my ch cng tit l thm
nhiu iu v ngi dng nh: Accept-Language, Accept-Encoding
Ging nh thng tin header ca my ch c th cha thng tin v my ch, trng
Form ca client header cng c th cha thng tin v a ch email ca ngi dng. R
rng, nu ngi dng lt web nc danh, thng tin ny khng nn c gi i.
Trng Referer trong header yu cu gi ln my ch c my khch s dng
ch ra a ch (URI) ca ti liu (hoc nhng thnh phn trong ti liu) m t yu
cu URI thu c. iu ny cho php my ch to ra danh sch nhng lin kt c
tr v phc v cho mc ch ghi li thng tin (log), x l cc lin kt b li... Referer
header c th b lm dng, thng tin c th c s dng m s ngi yu cu ti
nguyn trn my ch, t c th s dng thng tin ny cho nhiu mc ch khc
nhau nh phn tch hnh vi ca ngi dng phc v cho vic qung co v iu
vi phm quyn ring t ca ngi dng.
Hnh 2.18 V d Referer trong HTTP Header
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
58
2.2.1.4. Vn bo mt trong Proxy v Cache
Hnh 2.19 Proxy cache

Proxy l mt my tnh trung gian gia my khch v my ch. Truy cp thng qua
proxy c th gp rt nhiu vn nghim trng v bo mt cng nh tnh ring t
(privacy). Proxy c th truy cp vo rt nhiu nhng phn thng tin quan trng, nhng
thng tin c nhn hoc t chc, quyn s hu... Nhng proxy khng quan tm n cc
vn bo mt c th l nhng mi nguy hi tim tn v proxy c th l mc tiu cho
cc cuc tn cng bo mt.
Ngi qun tr proxy nn thit lp h thng bo v h thng m proxy ang
chy, cng nh bo v bt c h thng no cha ng hoc chuyn qua li cc thng
tin nhy cm. Hn na, thng tin trong bn ghi (log) m proxy thu thp c th cha rt
nhiu nhng thng tin nhy cm v ring t, chnh v th cc thng tin ny cn c
bo mt cn thn.
HTTP cache l cc thng tin, tp tin lu tm trn my khch, proxy hoc gateway
dng cha cc d liu c tr v t pha my ch gip gim bt ng truyn
s dng v tng thi gian hin th trang web.
Trng Cache-Control trong header tr v t my ch quy nh xem my khch c
th c lu li cache hay khng, mt s thng s khc khc quy nh cache c th
c s dng nh th no.
Mc nh, d liu tr v t phng thc POST khng c lu li (no cacheable).
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
59
2.2.1.5. Bo mt giao dch Web
Trong qu trnh s dng HyperText Transport Protocol cho cc dch v c nhn hay
thng mi th nhng thng tin c nhn hay nhy cm i hi phi c pht trin trn
mt phin bn an ton bao gm tnh ring t v xc thc. Bo mt cc giao dch trn
web (hay bo mt HTTP message) cn phi tun th theo cc yu cu bo mt:
147.
m bo tnh bo mt (confidentiality) trong qu
trnh gi v nhn yu cu. Trong qu trnh gi yu cu v nhn cc yu cu, cc

thng tin cn phi c bo mt, c bit l cc thng tin nhy cm, ng thi
a ch (URI) c yu cu cng phi c bo mt v trnh trng hp cc
thng tin trong form hoc cc thng tin ngi dng nhp hin th trn URI.
148.
Xc thc d liu gc (authentication) trong qu
trnh gi v nhn yu cu.

149.
m bo tnh ton vn (integrity) ca d liu.
150.
m bo tnh nonrepudiation ca d liu.
151.
m bo tnh cp nht (freshness) ca d liu.
Ngoi ra, c ch bo mt trn HTTP phi d dng tch hp vi cc tnh nng khc
ca HTTP.
m bo c cc yu cu bo mt trn y c th s dng cc phng thc bo
mt sau:
152.
S dng cc giao thc bo mt bn di tng HTTP
to ra mt knh truyn d liu an ton nh l SSL hoc TSL.

153.
S dng giao thc bo mt PGP (Pretty Good
Privacy), S/MIME (Secure / Multipurpose Internet Mail Extensions) bo mt

HTTP message.
154.
S dng cc bn m rng cho HTTP nh S-HTTP,
PEP (Protocol Extension Protocol).
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
60
Hin ti phng s dng SSL ang c s dng rng ri trn cc giao dch trn
nn web v tnh bo mt cao v tin dng.
2.2.2.
Bo mt Web Server
2.2.2.1. Cc vn bo mt trn my ch
S pht trin ca Internet v thng mi in t c bc tng trng rt nhanh
chng trong thi gian gn y, km theo l s pht trin ca tin tc v cc nguy c
bo mt gia tng. Rt nhiu nhng t chc vn hnh my ch nhng khng c bo
v sn sng chng li cc nguy c tn cng t bn ngoi.
Cc my ch web lun l mc tiu tn cng trn mng ca cc tin tc. Bi vy, vic
thit lp v bo v cc thng tin trn my ch lun l mt vn cp bch, t bit l
cc h thng my ch thng mi in t.
C rt nhiu nhng k thut gip k tn cng c th chy cc on m lnh nguy
him trn my ca nn nhn, cc k thut ny bao gm:
155.
Khai thc t xa: c rt nhiu l hng bo mt tn ti
trong rt nhiu h thng my tnh, lm cho k tn cng c kh nng lm hy,

xm nhp hay tt h thng m khng cn phn ng nhp vo h thng my
tnh.
156.
Cc chng trnh c hi (Malicious programs): mt
cch tn cng khc l bng cch no k tn cng ci c vo h thng mt

chng trnh c hi. Chng trnh ny c th chy mt vi dch v n k tn
cng c th iu khin c h thng t xa, cc chng trnh ny c gi l
ca sau (back door) v gip cho k tn cng c th d dng xm nhp vo h
thng v trnh c cc phng php bo mt.
Trojan Horse dng gi nhng chng trnh c v nh l cung cp mt vi
chc nng no , nhng tht s n l cc phn mm c hi, ging nh nhng
con nga g m ngi Hy Lp s dng tn cng thnh Toy.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
61
Virus v su my tnh (worm) l nhng chng trnh c th t ng nhn bn,
v ly lan qua cc my tnh thng qua cc tp nh km trong th in t hay ly
lan c lp qua mng. Virus sa i cc chng trnh trn my tnh b ly
nhim, v cng c th to ra ca sau gip k tn cng kim sot my tnh.
157.
Trm thng tin ng nhp v k thut tn cng x
hi (social engineering): trong rt nhiu h thng my tnh, c th tn ti cc l

hng hay li gip k tn cng c th s dng cc ti khon bnh thng ging
nh ti khon ca ngi qun tr h thng (administrator). Hoc k tn cng s
s dng ti khon c c ci cc phn mm theo di h thng t ly
c thng tin ng nhp ca ngi qun tr h thng thc hin cc mu
xu.
K tn cng c th s dng rt nhiu nhng k thut n trm thng tin ng
nhp ca ngi dng. K tn cng c th ci cc chng trnh trn my nn
nhn theo di vic nhp thng tin thng qua bn phm hay s dng cc k
thut la o ly thng tin ng nhp. Ngoi ra k tn cng cng c th tm
kim thng tin ca nn nhn trn internet hay cc ngun khc, t phn tch
cc thng tin ny on ra thng tin ng nhp ca nn nhn.
158.
La o (phishing): la o l mt trong nhng k
thut tn cng x hi (social engineering). K tn cng s dng th in t hay

cc trang web ging cc trang web ni ting (li dng cc li chnh t khi nhp
a ch trang web) la khch hng cung cp cc thng tin ng nhp v
thng tin c nhn lin quan. V d nh k tn cng gi th in t cho nn nhn
v thng bo l th tn dng ca nn nhn ht hn s dng v nn nhn cn
click vo mt a ch m th in t cung cp lm mt ci mi, tt nhin a
ch m th in t cung cp s dn n trang web gi mo ca k tn cng.
2.2.2.2. Bo mt my ch
T nhng vn bo mt trn cn phi c nhng phng php gip bo v h
thng my ch v hn ch ti a cc thit hi nu c s c xy ra.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
62
Cc phng php gip bo v my ch web:
159.
Ci t phn mm v cc ming v
Trc khi ci t h iu hnh hay mt phn mm mi trn my ch, cn phi

kim tra rng l bn mi nht v chc rng c y cc bn v li.
Nu c th c nn ngt kt ni internet v bt u ci t phn mm, v ch
nn kt ni li internet khi qu trnh ci t phn mm v cc ming, cc bn
cp nht hon thnh.
Trc khi ci t bt c phn mm no trn my ch, hay ci t h iu hnh
mi, phi lun to mt bn sao lu li h thng v ct n vo mt ni an ton.
iu ny s gip khi phc li h thng mt cch nhanh nht v t thit hi nht
trong trng hp qu trnh ci t xy ra s c hay h thng b tn cng. Tt
nht l nn lu tr bn sao lu vo a CD, DVD, bng t hay vi cng ca
mt my tnh khc, v em ct vo mt ni an ton.
160.
Lu li thng tin trng thi v cc hot ng
(logging)
Rt nhiu dch v chy trn my ch web cho php ghi li nhng hot ng ca
n (log). Nhng my ch web chy h iu hnh UNIX hay Windows cho php
cu hnh ghi li cc hot ng ca h thng xung mt tp hay nhiu tp tin,
hoc c th gi n mt my tnh khc trong mng, gi n my in hay cc thit
b khc.
Nhng thng tin log s tr nn v gi khi phc hi li h thng t nhng s c
bo mt. Thng chng s ni cho chng ta bit cc m k tn cng tn cng
h thng, thm ch c th chng cung cp mang mi tm ra k tn cng.
Tp tin log c th c trnh nh l bng chng ln to n kt ti k tn
cng nu chng c lu li iu n trong h thng.
Nn thit lp lu li log ca tt c cc my ch, v chc rng cc thng tin
ny c kim tra mt cch iu n. Ngi qun tr c th vit ra mt chng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
63
trnh nh qut qua cc tp tin log mi ngy v lc ra nhng thng tin, s kin
m ngi qun tr mun bit hay cc thng tin li, hoc cng c th dng cc
chng trnh phn tch tp tin log. Mt khi c nhng thng tin ny ri, ngi
qun tr c th d dng hnh dung cc s kin xy ra t tm cch x l
cho ph hp.
Tp tin log cng s rt hu dng cho vic o sc chi ng ca h thng. V d,
c th thit lp lu li nhng thng tin nh: s s dng kt ni ra bn ngoi v
bn trong, hot ng ca CPU, RAM, dung lng a cng. Nhng thng tin
ny s rt hu ch gip xc nh khi no th nn nng cp h thng.
Bo v tp tin log l rt quan trng. Nu nh mt mt ngi no xm nhp
vo h thng, iu u tin h lm l s tm cch sa li tip tin log xa du
vt xm nhp ca h. Cch tt nht bo v cc tp tin log l xy dng mt
my ch log an ton s thu thp thng tin log t cc my khc trong mng. Cng
cn c c ch chng thc bo v tp tin log ch cho php nhng ngi c
quyn mi c xem.
161.
Sao lu h thng n gin ch l cch lu tr li
ton b hay mt phn cc tp tin xung bng t hay cc thit b lu tr khc.

y l cch hiu nht gip khi phc li h thng nu nh c s c xy ra.
Sao lu h thng c vai tr rt quan trng trong bo mt my ch:
162.
Gip bo v h thng trc cc li phn cng hay
cc s c xa nhm tp tin.
163.
Gip bo v trc nhng cuc tn cng bi v
nhng tp b xa hay b sa i bi k tn cng c th c khi phc li

t bn sao lu.
164.
Gip pht hin mc ph hoi ca k tn cng
bng cch so snh nhng tp ang c trong h thng vi nhng tp c

lu tr trong bn sao lu.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
64
Sao lu l mt vic lm khng kh, tuy nhin cn phi tun th mt vi iu
sau:
165.
Lun kim tra li bn sao lu m bo rng n
khng b hng v c th khi phc li h thng ng nh lc c sao

lu.
166.
Lun m ha bn sao lu bng mt mt khu an
ton, trong trng hp bn sao lu b nh cp th d liu c lu tr

cng khng b nguy him. V bn sao lu cng phi c lu tr nhng
ni c bo v.
167.
Cn thn khi thc hin vic sao lu trong mt mng
ni b. Thng trong mng c mt my ch phc v cho vic sao lu h

thng ca cc my tnh khc trong mng, v vy nu my tnh ny b tn
cng th nhng nhng h thng m n thc hin sao lu cng s gp nguy
him.
168.
S dng cc cng c bo mt.
Cc cng c bo mt l cc chng trnh t bit, gip ngi qun tr h thng

c th c lng hay tng kh nng bo mt h thng. Nhiu cng c bo mt
ngy nay c pht trin bi cc trng i hc hoc nhng chuyn gia c lp
v c cung cp rng ri trn mng internet. Cng c vi cng c tt c
thng mi ha.
C 5 loi cng c nn c xem xt s dng trn h thng my ch:
169.
Cng c qut nhng im yu ca h thng v bo
co cho ngi qun tr (Snapshot tools). V d nh trn h thng UNIX

mt cng c s gm xc tp /etc/passwd m bo khng cho php ai
ngoi tr ngi qun tr c th sa i. Cc chng trnh ny c th qut
h thng nhiu ln trong mt khong thi gian ngn, ty theo thit lp.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
65
Nn cn thn khi qun l cc bo co c xut ra t cng c ny, tt
nht l nn lu tr mt ni an ton v ch nhng ngi c quyn mi
c xem, v t nhng thng tin ny nu lt vo tay k tn cng chng c
th gip tm ra cc l hng trong h thng mt cc d dng.
170.
Cng c gip gim st h thng v pht hin nhng
thay i khng c php trong h thng. Cng c ny rt quan trng bi

v iu u tin m k tn cng lm khi xm nhp c vo h thng l
chnh sa li h thng gip chng c th d ang xm nhp vo nhng
ln sau hay xa i cc chng c xm nhp.
Gim st cc s thay i khng th ngn chn s tn cng, tuy nhin n
gip cnh bo h thng b lm hi. Hu ht cc cuc tn cng khng b
pht hin trong mt khong thi gian, cng c pht hin thay i l cch
duy nht gip bn pht hin s hin din ca k xm nhp trong h thng
c nhng hnh ng thch hp.
Nu nh h thng c nhiu hn mt ngi qun tr, bo co thay i s
gip gim xc cc hot ng ca tng ngi.
171.
Cng c gim st mng, gip pht hin nhng im
yu bo mt trong mng. Nn s dng mt cng c gip t ng qut h

thng mng. Cng c ny gip pht hin nhng li trong nhng chng
trnh mng nh gi mail hay dch v FPTD (File Transfer Protocol
DAEMON).
172.
Cng c gim st h thng v mng pht hin
nhng cuc tn cng ang c thc hin.

H thng d tm xm nhp (Intrusion detection system) vit tt l IDS l
phn mm hay phn cng gip pht hin nhng s c gng khng mong
mun xm nhp, thao tc hay c gng v hiu ha h thng my tnh
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
66
thng qua mng, m ch yu l qua mng internet dng nhng cuc tn
cng nh s dng cc phn mm c hi
S dng cc phn mm qut virus pht hin virus v cc phn mm
c hi nhm trnh hot ng ca chng trn h thng c th to cc l
hng cho k tn cng xm nhp vo h thng.
173.
Cng c gip lu li hot ng ca mng phc
v cho s phn tch sau ny.

H thng d tm xm nhp (IDS) ging nh mt h thng bo ng tinh
vi: IDS c nhng cm bin v bo ng, nu nh c mt s xm nhp i
qua mt trong chng, IDS s ghi nhn li s vic. Nhng vn vi h
thng IDS l chng ch c th ghi nhn li nhng g m chng c
thit lp ghi nhn.
Cng c ghi li nht k mng li tip cn theo mt cch khc. H thng s
lu li tt c nhng thng tin c truyn qua mng, v cho php phn
tch ngc li. Trong trng hp my ch b tn cng hay cc s c khc,
nhng thng tin s c phn tch tm ra nguyn nhn. H thng
ny thng chy trn my tnh c dung lng cng ln.
2.2.2.3. Hn ch cc nguy c bo mt bng cch hn ch cc dch v
Mt trong nhng cch quan trng hn ch him ha i vi my ch l ti thiu
cc dch v khng cn thit trn my ch, bi v mi dch v mng tn ti trong n
nhng ri ro ring. Bng cch loi b cc dch v khng cn thit, bn loi b c
nhng nguy him v l hng tim nng gip k tn cng c th xm nhp vo my ch.
Nhng dch v sau y c khuyn khch loi b hay v hiu ha nu nh khng
c nhu cu s dng:
Tn dch v
Domain Name
Service (DNS)
Nguyn nhn
Li trong DNS c th b khai thc lm hi my ch.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
67
Mail (SMTP,
POP, IMAP,...)
Nhng li trong vic gi mail v gi tp nh km c th c s

dng tn cng my ch. Tt nht l nn chy dch v mail trn
mt my ch ring.
netstat, systat
netstat v systat c th tit l thng tin thit lp v trnh trng h

thng. Tt nht l khng nn cung cp dch v ny.
chargen, echo
Dch v ny c th c s dng khi chy cc chng trnh

iu khin tn cng ghi d liu hoc tn cng t chi dch v. Nn
v hiu ha dch v ny.
FTP
Khng nn chy FPT nu nh bn c th. FPT tiu chun gi thng

tin tn ng nhp v mt khu khng c m ha. Mc d c th
s dng FTP vi c ch sao chp an ton (Secure Copy) vit tt
l SCP (s dng phng thc SSH (Secure Shell)) thit lp mt
kt ni an ton.
Nu bn bt buc phi s dng FTP th ch nn s dng n cho vic
cp nht my ch.
Trong trng hp phi s dng my ch FTP nc danh, tt nht l
nn chy trn mt my tnh ring l, v t ra l vi h thng tp tin
ring bit khc vi my ch web.
Telnet
Khng nn cho php nhng s ng nhp tng tc vo my ch

web cho bt c ai ngoi tr ngi qun l h thng (administrator).
Nu c th, ch nn cho php truy cp t xa c bo mt nh
SSH hay Kerberized.
Nu nh phi s dng telnet khng c bo mt, th nn s dng
h thng mt m dng mt ln nh S/Key hay SecureID.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
68
Berkeley, nhng Nhng lnh ny s dng a ch IP chng thc, v vy rt khng
lnh "r" (rlogin, an ton v IP c th b gi mo. Nn s dng SSH hay SCP.
rsh, rdist, ...)
Bng 2.1 Nhng dch v nn hn ch trn my ch web
2.2.2.4. Tng la (Firewall)
Tng la l ro chn c lp ra nhm ngn chn ngi dng mng Internet truy
cp cc thng tin khng mong mun hay ngn chn ngi dng t bn ngoi truy nhp
cc thng tin bo mt nm trong mng ni b.
Tng la l mt thit b phn cng hay mt phn mm hoc c hai, hot ng
trong mt mi trng my tnh ni mng ngn chn mt s lin lc b cm bi chnh
sch an ninh ca c nhn hay t chc, vic ny tng t vi hot ng ca cc bc
tng ngn la trong cc ta nh.
Tng la c s dng bo v mng cc b (LAN) khi cc nguy c t
internet.
Tng la cng c th c s dng bo v my ch web. Ging nh mng cc
b, li ch ln nht ca tng la trong vic bo v my ch web l c th iu khin
c nhng giao thc c my ch s dng. V d nu nh my ch ch a ra duy
duy nht dch v HTTP, ngi qun tr c th cu hnh tng la ch cho php cc
gi d liu qua li trn cng 80. Nu my ch web cn h tr HTTP trn SSL th ngi
qun tr c th m cng 443.
Trong trng hp tn ti nhng l hng trn my ch web, tng la s gip ngn
chn k tn cng s dng my ch web lm c s tn cng cc my tnh khc trn
mng internet. t c s bo v ti a, tng la cng nn c lp tng la ca
mng ni b (xem hnh bn di). iu ny gip ngn chn k tn cng trong trng
hp kim sot c my ch web s s dng n tn cng vo mng ni b.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
69
Hnh 2.20 Thit lp tng la bo v my ch web

Mt trong nhng li ch quan trng na trong vic s dng tng la bo v
my ch web l c th s dng tng la ca mng ring o (VPN) cp nht an ton
ni dung ca my ch web.
2.2.3.
Bo mt ng dng Web
2.2.3.1. Common Gateway Interface (CGI)

CGI l giao thc tiu chun cho vic giao tip gia my ch web v phn mm bn
ngoi vit bng bt c ngn ng no. Khi my khch yu cu mt truy xut vo mt
tp tin CGI trn my ch web, my ch web s khng tr v ni dng ca tip ny, m
s gi yu cu ny qua mt chng trnh khc, chng trnh ny s x l yu cu kt
hp vi m lnh trong tp tin CGI v tr v thng tin cho my ch web my ch
web tr v cho my khch. C th hiu CGI l mt trnh thng dch cc m lnh vit
cha trong cc tp tin t trn my ch.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
70
Hnh 2.21 Qu trnh x l yu cu ca CGI

CGI cng cho php dch v web ca bn tng tc vi cc chng trnh khc nh
c s d liu hay dch v ng dng trn cng hoc khng cng my ch. Chnh v iu
ny, nu b tn cng, c th gy ra s mt mt to ln. V th, y l mt vi bin php
an ton nn tin hnh.
174.
Khng cho php chng trnh CGI ti ln my ch
t Internet v k tn cng c th s dng c quyn gn km chng trnh

ph hy trong mt th mc, ch cn mt trnh duyt kch hot n. Mt
chng trnh CGI kiu ny c th gn nhng tp tin hoc th mc trn my ch
ca bn, lm thay i hoc xa nhng tp tin c sn, sao chp v gi th in t
cho k tn cng ton b ng dn ca nhng thng tin bo mt. Bt c chng
trnh CGI no cng nn gii hn vi t c quyn nht khi mt chng trnh
khng hp l no c s dng, c th hn ch c nhng tn hi n gy
ra.
175.
Tng t, CGI cng khng nn c php ti v t
my ch v v k xu c th ly cp v phn tch n, t hn c th tm ra
nhng l hng an ninh nghim trng.
176.
Nu bn s dng chng trnh CGI kt hp, m
bo rng m ngun gc khng cn nm trn my ch na. Nu dng CGI

nguyn bn (n gin hn v thng d vit hn nhng cn nhiu ti nguyn h
thng), trnh thng dch nn khc ngun vi code. Nh vy s hn ch c
quyn hn dnh cho hai i tng khc nhau.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
71
2.2.3.2. Bo mt cc trng d liu, trng d liu n
Mt trong nhng l do khin kh pht trin mt ng dng web an ton l cu
trc ca ng dng web. Khi pht trin mt ng dng web, ngi pht trin vit m lnh
chy trn my ch web, v mt phn s c ti v v chy trn trnh duyt ca
ngi dng. Ngi pht trin s mt kh nhiu thi gian m bo rng hai phn ny
s hot ng mt cch trn tru vi nhau. V d nh mt iu quan trng l phi m
bo tn cc trng d liu c ti xung trnh duyt ca ngi dng s chnh xc
hon ton vi cc tn trng d liu trong kch bn trn my ch. V ngi pht trin
s phi ginh rt nhiu thi gian m bo rng cc m HTML, javascript v cc m
khc c ti xung trnh duyt ca ngi dng s hot ng tt.
C ch hin ti ca cu trc ng dng web l cc phn code c vit s chy trn
my ch web v to ra m HTML tr v cho trnh duyt ca ngi dng. trnh
duyt, ngi dng c th xem c ni dung m HTML v cc m javascript c tr
v t my ch. iu ny pht sinh ra mt nguy c bo mt l nu nh cc thng tin
trong cc trng d liu v cc trng n khng c bo mt, v kim tra th k tn
cng c th phn tch v chnh sa thng tin ny v gi nhng thng tin gi mo ln
trn my ch web.
s dng cc trng d liu mt cch an ton cn phi thc hin cc bc kim
tra sau:
177.
Lc thng tin ca tt c cc trng nhp d liu
c nhp vo. V d nu trng d liu l s th tn dng th ch cho php nhp

s t 0 n 9.
178.
Kim tra di ca cc trng d liu nhp vo.
179.
Nu s dng danh sch la chn (selection list)
cng cn phi kim tra cc gi tr cung cp bi ngi dng.

180.
Trong trng hp s dng javascript kim tra
cc trng d liu ngi dng nhp vo, th cn phi thc hin kim tra li mt
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
72
ln na trn my ch v k tn cng c th tt javascript v vt qua qu trnh
kim tra d liu trnh duyt mt cch d dng.
Cc trng d liu n thng c dng gi li cc thng tin ln my ch web
gip lu li cc thng tin trong phin lm vic gia ngi dng thng qua trnh duyt
vi my ch web. V d nh lu tr thng tin tn ng nhp v mt khu xc thc
ngi dng:
<INPUT TYPE="hidden" NAME="username" VALUE="simsong">
<INPUT TYPE="hidden" NAME="password" VALUE="myauth11">
Ngoi cch s dng trng d liu n, cc trng d liu cng c th c trn
URL:
http://.../password_tester?username=simsong&password=myauth11
m bo tnh bo mt v ton vn ca d liu trong cc trng d liu n cng
nh cc d liu trn URL, nn s dng cc c ch m ha m ha d liu cha
trong cc trng d liu n v cc trng d liu trn URL. V d:
http://.../password_tester?
p6e6J6FwQOk0tqLFTFYq5EXR03GQ1wYWG0ZsVnk09yv7ItIHG17ymls4UM
%2F1bwHygRhp7ECawzUm%0AKl3Q%2BKRYhlmGILFtbde8%0A:
2.2.3.3. Bo mt c s d liu
S rt nguy him nu nh k tn cng c c thng tin kt ni vo c s d liu
ca ng dng web, nhng thng tin v sn phm cng nh cc thng tin c nhn ca
khch hng, thng tin gi hng cng nh cc thng tin v ha n s b l mt khi k
tn cng xm nhp c vo c s d liu. Bi vy vic bo mt thng tin kt ni vo
c s d liu l iu cc k quan trng.
bo mt thng tin kt ni vo c s d liu th cc thng tin ny phi c m
ha v c lu tr trong mt tp tin ring trn my ch web, iu ny gip tng
cng kh nng bo mt cng nh bo tr web. Cc kch bn trn my ch web s m
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
73
tp tin ny ra v ly thng tin v tn ng nhp, mt khu cng nh cc thng tin cn
thit khc kt ni vo c s d liu.
Nhng iu quan trng bo v c s d liu khi cc nguy c tn cng:
181.
Cu hnh tng la bo v c s d liu khi s
xm nhp t bn ngoi.
182.
Hnh 2.22 Thit lp tng la bo v my ch c s d liu

m bo rng ti khon c s dng trong ng
dng web ng nhp vo my ch c s d liu c gii hn quyn.

183.
m bo rng my ch c s d liu c sao
lu, bo tr v bo v ging nh cch bo v cc my ch khc trong mng.

2.2.3.4. Ghi li thng tin cc hot ng quan trng (logging)
Ging nh vic ghi li cc hot ng trn my ch web (logging), vic ghi li cc
hot ng quan trng cng nh cc li v cc ngoi l (exception) trong ng dng web
l cc k cn thit. Nhng thng tin ny s rt hu dng trong trng hp ng dng
xy ra li hay b tn cng, nhng thng tin ny s c tng hp v phn tch gip
tm ra nguyn nhn ca vn , t a ra cch gii quyt trnh cc vn lp
li.
Cc thng tin ny cng cn c lu tr nhng ni an ton v ch cho php
nhng ngi c thm quyn mi c truy cp vo.
2.2.4.
Bo mt Web Client
Mc d c th to ra mt knh kt ni thng tin an ton gia client v my ch

thng qua vic s dng SSL bo mt v chng thc thng tin, nhng khng phi tt
c cc vn bo mt c gii quyt ht, c bit l cc vn v tnh ring t
(privacy and anonymity).
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
74
2.2.4.1. Gi mo web (Web Spoofing)
Web spoofing l mt dng la o (phishing). K tn cng to ra mt bn sao ca
mt trang web no nhm kim sot thng tin gia web client v web browser ca
nn nhn nhm ly thng tin c nhn hoc cc thng tin nhy cm khc.
Hnh 2.23 Gi mo web

K tn cng c th la nn nhn vo trang web gi mo bng cc cch sau:
184.
t mt lin kt n trang web gi mo trn mt
trang web ni ting.

185.
Gi email n nn nhn v dn nn nhn n trang
web gi mo.
186.
Dng cc cng c tm kim a nn nhn n
trang web gi mo.

187.
Li dng cc li khi g a ch vo trnh duyt ca
ngi dng, v d: MICR0SOFT.COM, gooogle.com.. dn nn nhn n

trang web gi mo.
Giao din ca trang web gi mo rt ging vi trang gc v vy rt kh ngi
dng c th nhn bit l mt trang web gi mo. Cch n gin nht l xem ngun
ca trang web tr v.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
75
Vi trang web gi mo cn s dng SSL thit lp kt ni n trang web gi mo
ca mnh, ngi dng c th b mc by nu khng kim tra thng tin v chng nhn
SSL v d dng tin rng mt kt ni an ton c thit lp gia trnh duyt ca
ngi dng v my ch tht. Chng thc gi c th rt ging vi chng thc ca trang
web thc, tn c th cha mt vi li chnh t rt kh phn bit.
2.2.4.2. S vi phm tnh ring t
Thng tin ring ca ngi dng c th b l trong qu trnh truy cp thng qua:
188.
Referer header: nh c cp phn trn,
trng referer trong HTTP header c th tit l thng tin ring t ca ngi
dng.
189.
Cookies l mt phn m rng ca HTTP, dng lu
tr thng tin trng thi trn my ngi dng khi ving thm mt trang web. S
dng cookies gip web my ch c th lu li cc thng tin lin quan n ngi
dng nh cc thng tin cc sn phm trong gi hng ang mua my ch
web c th s dng li trong nhng ln vin thm sau.
Mt vi website s dng cookies lu li thng tin ng nhp v mt vi
thng tin khc v ngi dng gip my ch web nhn ra c ngi dng
trong nhng ln ving thm tip theo. iu ny s rt nguy him nu nh k tn
cng xm nhp vo h thng v ly cc thng tin c nhn t trong cookies.
Mt mi nguy c khc t cookies l cc trang website xu c th s dng
cookies m s lt truy cp ca ngi dng vo website v c th s
dng thng tin ny phc v cho nhiu mc ch khc nhau nh qung co
Nu thng tin trong cookies khng c bo mt, ngi dng c th thay i
cc gi tr trong cookies.
c th bo mt nhng thng tin c nhn v thng tin nhy cm trong cookies,
cc my ch web c th s dng k thut ch k in t hoc m ha thng tin
trong cookies xc thc v bo mt thng tin trong cookies.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
76
190.
Log file: mi khi trnh duyt ngi dng ti v mt
trang web t my ch web, mt bn ghi thng thng tin s c lu li trong tp

tin nht k (log file) trn my ch web. Bn ghi ny bao gm thng tin v a
ch IP, thi gian, URI v mt vi thng tin khc. Nhng thng tin ny c th b
lm dng cho cc mc ch khc nhau vi phm quyn ring t ca ngi dng.
2.2.4.3. Lt web n danh (Anonymous Browsing)
Lt web n danh l k thut gip ngi dng c th n cc thng tin v a ch IP
cng nh cc thng tin c nhn, ring t khc ca mnh trong qu trnh duyt web.
lm c iu ny ngi dng c th s dng mt trong cc cch sau:
191.
S dng mt proxy server tin cy: ngi dng c
th lt web thng qua mt proxy server n i a ch IP ca mnh vi my

ch web.
192.
Hnh 2.24 S dng my ch proxy tin cy lt web n danh

S dng cc dch v lt web n danh: s dng cc
dch v lt web n danh trn mng cng tng t nh s dng thng qua mt
proxy server ngoi tr vic s khng c mt thng tin no c lu li trn h
thng ca dch v.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
77
2.3. Cng thanh ton in t
2.3.1.
Cng thanh ton in t (Payment Gateways)
Cng thanh ton in t l dch v cho php thanh ton trc tuyn cc website
thng mi in t. N tng t nh mt POS khi thanh ton online. Cng thanh ton
in t cho php m ha cc thng tin nhy cm nh s th tn dng, m bo thng
tin c th bo mt v giao dch thun tin gia ngi bn v ngi mua.
n gin hn, cng thanh ton in t l cng c ni lin website thng mi in
t ca bn vi ti khon ca ngi bn hng. Cng thanh ton in t n gin ch c
chc nng thanh ton, tuy nhin rt nhiu nh cung cp dch v gateway cung cp
thm cc tin ch km theo nh gi mua hng (shopping carts)
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
78
2.3.2.
Hot ng ca cng thanh ton in t
Hnh 2.25 Hot ng ca cng thanh ton in t

Khi mt ngi mua t lnh mua mt i tng sn phm ti cng thanh ton in
t trn website, cng thanh ton in t s x l mt lat cc tin trnh thanh ton
ngm bn trong nh sau:
193.
Khch hng t lnh bng cch nhp thng tin trn
th tn dng v bm vo nt v d nh "Xc nhn mua" trn website.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
79
194.
Thng tin s c m ha v chuyn t Trnh duyt
ca khch hng n my ch web ca ngi bn, thc hin c tin trnh

ny, bt buc my ch phi c h tr bi tnh nng m ha SSL (Secure
Socket Layer).
195.
Ngi bn s chuyn cc thng tin giao dch cho
cng thanh ton in t (thng l t ng). li l mt tin trnh thc hin

m ha SSL khc ca my ch cng thanh ton in t.
196.
Cng thanh ton in t s nhn thng tin chi tit v
giao dch v chuyn n cho trung tm x l ti ngn hng ca ngi bn.

197.
Trung tm x l ny s chuyn thng tin giao dch
ti trung tm thanh ton ca CreditCard (Visa/Master)

198.
Trong trng hp l th American Express hay
Discover Card, th Amex v Dis kim lun vai tr ca acquiring bank v trc
tip x l lnh t cng thanh ton in t (gp 2 bc vo 1).
199.
Trung tm thanh ton th s chuyn thng tin giao
dch ti ngn hng pht hnh th.

200.
Ngn hng pht hnh th s kim tra tnh s hu v
gi thng tin phn hi ti cng thanh ton in t theo tin trnh ngc li mt
m phn hi. M phn hi cung cp thng tin nh chp nhn hay khng chp
nhn, l do trong trng hp khng chp nhn (nh khng tin, hay ko lin
kt c vi ti khon ngn hng .v.v.)
201.
Cng thanh ton in t nhn m phn hi ny v
chuyn n ti website v th hin bng mt thng bo d hiu i vi ngi

mua v bn.
202.
Tt c cc cng vic ch din ra trong vng 2-3
giy.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
80
203.
Ngi bn sau phi chuyn hng hoc p ng
lnh bn trc khi c quyn yu cu mt lnh hon thnh giao dch.

204.
Sau ngi bn nhp cc thng tin cn thit v
vic p ng lnh bn v lu vo mt "batch" gi ti acquiring bank hon

thnh giao dch.
205.
Acquiring bank sau s np tin vo mt ti
khon ngi bn ch nh.

206.
Tin trnh t vic yu cu lnh n khi hon thnh
giao dch tin v ti khon cui cng mt chng 3 ngy (trung bnh).
Cc cng thanh ton in t thng cung cp sn cc form, cc cng c t ng
tnh thu v t ng hon thnh h s gi ti trung tm x l. c bit l cc cng c
chng gi mo nh geolocation, velocity pattern analysis, delivery address verification,
computer finger printing technology, idenity morphing detection, AVS checks.
2.3.3.
Bo mt trong h thng cng thanh ton in t
2.3.3.1. M s bo mt th (Card Security Code)

M s bo mt th (Card Security Code) vit tt l CSC i khi c gi l gi tr
xc minh th (Card Verification Value) vit tt l CVV hay m s xc minh th (Card
Verification Code) vit tt l CVC l mt tnh nng bo mt cho th ghi n hoc th tn
dng nhm chng li th tn dng gian ln. M s ny ch c ngi ch th v ngn
hng pht hnh th bit, bi vy n gn ging nh m PIN.
Tht ra c n vi loi m s bo mt th:
207.
Loi m s u tin c gi l CVV1 hay CVC1
c m ha trn sc t tnh ca th dng cho cc giao dch trc tip bng th.
208.
Loi m s th hai c gi l CVV2 hay CVC2
thng c yu cu khi thc hin cc giao dch gin tip (card not present) nh
cc giao dch trn Internet, th in t, in thoi hay fax.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
81
CVV2 l mt dy s gm 3 hay 4 ch s c in chm trn th mt trc hoc
ngay pha sau dy t cha ch k.
209.
i vi th tn dng hay th ghi n ca MasterCard,
Visa, Diners Club, Discover, v JCB, dy s ny c in ngay pha sau bng

ch k v c gi l "CVC2" (card validation code), "CVV2" (card
verification value), "CVV", hay "CID" (card identification number).
210.
i vi th American Express, dy s ny c in
chm mt trc , bn trn s th.

Dy s CVC c to ra khi th c cp pht bng cch dng hm bm c m
(keyed hash) bm s th v ngy ht hn ca th vi kha ca ngn hng pht hnh.
Cung cp thng tin ny trong qu trnh giao dch nhm kim tra rng khch hng
tng nhn thy th.
Yu cu khch hng cung cp CVV2 s gip to thm mt mc bo v ri ro cho
cc ngn hng v ch th. Thng tin CVV2 c ch th cung cp trong qu trnh thc
hin giao dch ch nhm mc ch kim tra v xc thc thng tin, v ngi bn hng s
khng c lu li thng tin ny vo c s d liu ca mnh. Mc ch ca vic ny l
nhm bo v trong trng hp c s d liu ca ngi bn hng b r r thng tin, bi
v khng c CVC nn m s th b nh cp s khng th s dng c.
CVV2 cng cn mt vi hn ch:
211.
CVV2 khng th gip chng li cc m mu la
o (phishing) qua mng. Nu bng mt cch no k la o bit c s ti

khon th ca ngi dng (nh bng cch tn cng c s d liu ca ngi
bn), a thng tin ny cho nn nhn bng cch gi email cho nn nhn v hi
nn nhn v CVV2, nu nn nhn mc by v cung cp CVV2 th k la o
c thng tin s dng th ca nn nhn.
212.
Bi v CVV2 khng c php lu li trong c s
d liu ca ngi bn hng nn v mt l do no m ngi bn hng cn
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
82
chnh sa li ha n chng hn s khng th cung cp li CVV2 cho ngn hng
thc hin vic xc minh cho qu trnh thanh ton li.
2.3.3.2. H thng xc minh a ch (Address Verification System)
H thng xc minh a ch (Address Verification System) vit tt l AVS l h
thng dng xc minh, kim chng ch s hu th tn dng. H thng s kim tra a
ch ca ho n ca th tn dng cung cp bi ngi dng vi a ch c lu tr
trong c s d liu ca nh cung cp th.
AVS s kim tra phn s ca a ch. V d nu a ch ca ca khch hng l 101
Main Street, Highland, CA 92346, AVS s kim tra 101 v 92346.
Hin ti ch c mt vi nc c h tr AVS trn Visa v MasterCard, ng ch
nht l M, Canada v Anh. American Express h tr nhiu quc gia hn.
Ngoi s kim chng t ng, mt vi ngn hng cn cung cp cho ngi bn
nhng s kim tra th cng. Thng iu ny c thc hin cho ti khon th tn
dng nc ngoi nh AVS ch lm vic trong cng quc gia. Phng tin ny tr gip
ngi bn ngn chn gian ln pht sinh t quc gia khc. Ngn hng ca ngi bn gi
ngn hng khch hng (hoc gi fax cho ngn hng yu cu h).
2.4. Authorize.net
2.4.1.
Gii thiu
Authorize.net c thnh lp nm 1996 l mt cng thanh ton in t cho php

nhng ngi bn hng c th s dng phng thc thanh ton bng th tn dng trn
website ca mnh. Authorize.net hin c hn 212.000 thnh vin, v l cng thanh ton
in t ln nht trn th gii.
Thng 11 nm 2007 Cybersource mua li Authorize vi gi 565 triu .
2.4.2.
Hai phng thc tch hp thanh ton in t qua Authorize.net
Authorize.net cung cp hai phng thc tch hp thanh ton in t vo trong

website ca ngi bn hng:
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
83
213.
Phng thc th nht c gi l Simple
Integration Method (SIM), vi phng thc ny, khi yu cu thanh ton, khch
hng s c chuyn sang trang web ca authorize.net tin hnh cung cp
cc thng tin cn thit cho vic thanh ton. Sau khi hon tt qu trnh thanh ton
ngi dng s c chuyn li trang web bn hng. Phng thc ny ph hp
cho nhng trang web bn hng nh.
214.
Phng thc th hai c gi l Advanced
Integration Method (AIM), phng thc ny phc tp hn phng thc trn,

nhng b li ngi dng s khng b chuyn sang trang web ca authorize.net
m c th x l vic thanh ton trn trang web bn hng. Sau khi thu thp
thng tin cho vic thanh ton, trang web bn hng s gi mt yu cu xc thc
hay chuyn khon ln trn trang web ca authorize.net, authorize.net s nhn v
x l yu cu, sau gi tr li mt kt qu. Trang web bn hng s nhn kt
qu, v ty theo kt qu nhn v s tin hnh x l tng ng. Phng thc ny
ph hp vi nhng website bn hng ln.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
84
Chng 3.
PHN TCH H THNG
3.1. Yu cu h
215.
Qun l c thng tin my tnh xch tay v cc
linh kin lin quan.

216.
Qun l c cc ha n mua hng.
217.
Qun l c thng tin chuyn hng ca khch
hng.
218.
Thit lp c ch bo mt SSL trn my ch.
219.
Khch hng c th xem hng.
220.
Khch hng c th ng k mua hng v ng k
chuyn hng.
221.
Thanh ton c bng Credit Card.
3.2. Ngn ng v cc k thut

3.2.1.
Ngn ng lp trnh v cng c pht trin
222.
Ngn ng: ASP.NET 2.0 C#
223.
Microsoft Net Framework 3.5
224.
Cng c pht trin: Microsoft Visual Studio 2008
Professional
3.2.2.
H qun tr c s d liu
Microsoft SQL Server 2005 Express Edition.

3.2.3.
Cc k thut v cng ngh
225.
Cng ngh Ajax: Microsoft ASP.NET 2.0 AJAX
Extensions 1.0 v Microsoft Ajax Control Toolkit 1.0.20229.0
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
85
3.3. Cc cng vic cn gii quyt
226.
Kho st yu cu
227.
Phn tch thit k cu trc h thng
228.
V m hnh ER v hin thc thnh c s d liu
229.
V cc m hnh h thng
230.
Thit k giao din
231.
Vit chng trnh
232.
Kim tra chng trnh
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
86
3.4. Cc m hnh
3.4.1.
ERD
DEVICE_CATEGORY_TYPE
MANUFACTURE
mfg_id
<pi> Number
<M>
name
Variable characters (50)
description
device_category_type_id <pi> Integer

<M>
name
description
Identifier_1 <pi>
Identifier_1 <pi>
Relationship_11
Relationship_12
SYS_LOG
log_id <pi> Integer
<M>
time
Date & Time <M>
content
Text
DEVICE_CAT EGORY
CATEGORY
Identifier_1 <pi>
cate_id
<pi> Integer
<M>
name
description
device_category_id <pi> Integer

<M>
name
description
Identifier_1 <pi>
Identifier_1 <pi>
Relationship_10
Relationship_13
Relationship_8
DEVICE
SYS_USER
sys_username <pi> Variable characters (20) <M>
sys_email
password
name
telephone
NOTEBOOK
Relationship_19
Identifier_1 <pi>
Relationship_15
SYS_GROUP
sys_group_id
<pi> Integer
<M>
name
description
manage_product
Boolean
manage_user
Boolean
manage_system
Boolean
manage_order
Boolean
product_id
<pi> Integer
<M>
name
bluetooth
Boolean
vga_out
Boolean
pcmcia_slots
Short integer
usb_ports
Short integer
ieee_1384_ports
Short integer
weight
Fl oat
warranty
Fl oat
price
Integer
viewed
Integer
create_on
Date & Time
last_edit_on
Date & Time
product_description
T ext
0,n
NOT EBOOK_DEVICE
0,n
Identifier_1 <pi>
0,n
device_id
<pi> Integer
<M>
cpu_speed
Float
cpu_cores
Short integer
cpu_bus_speed
Short integer
cpu_l2_cache_size
Short integer
cpu_mfg_tech
Short integer
mb_bus_speed
Short integer
mb_max_ram
Integer
batery_max_hour
Short float
batery_cells
Short integer
graphic_memory_size
Short integer
graphic_memory_shared
Boolean
ram_size
Short integer
ram_speed
Integer
hdd_size
Short integer
hdd_speed
Integer
display_size
Short integer
display_resolution_width
Short integer
display_resolution_height
Short integer
display_widescreen
Boolean
wc_resolution
Short float
Identifier_1 <pi>
SHOPPING_CART_DETAIL
quantity Short integer
price
Integer
add_date Time
Identifier_1 <pi>
Relationship_9
0,n
CUSTOMER
username <pi> Variable characters (20) <M>
password
first_name
last_name
telephone
email
birthday
Date
street
address
postcode
DEVICE_TYPE
SHOPPING_CART
Relationship_16
COUNTRY
shop_cart_id
<pi> Integer
<M>
check_out_date
Date & Time
checked_out
Bool ean
Identifier_1 <pi>
country_id
country_name
two_iso_code
thre_iso_code
Integer
Characters (2)
Relationship_18
device_type_id <pi> Integer

<M>
name
description
Identifier_1 <pi>
Relationship_17
IDENTIFIER_1 <pi>
Relationship_14
STATE
state_id
<pi> Integer
<M>
state_name
Identifier_1 <pi>
SET TING
setting_id
<pi> Integer
<M>
setting_name
setting_value
T ext
encrypted
Boolean
description
Identifier_1 <pi>
ORDER
order_id
<pi> Integer
<M>
order_total_quantities
Integer
order_total_weight
Float
other_subtotal
Money
other_tax
Money
other_total
Money
processed
Boolean
credit_card_info
Text
authorizati on_result
authorizati on_transaction_id
authorizati on_approval_code
authorizati on_response_code
authorizati on_on
Date & Time
transaction_state
Short integer
capture_transaction_id
captured_on
Date & Time
ship_first_name
ship_last_name
ship_telephone
ship_cellphone
ship_email
ship_street
ship_address
ship_city
ship_state
ship_postcode
bill_first_name
bill_last_name
bill_telephone
bill_street
bill_address
bill_city
bill_state
bill_postcode
create_on
Date & Time
Identifier_1 <pi>
Hnh 3.26 M hnh ERD

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
87
3.4.2.
M hnh Use Case
3.4.2.1. Khch hng
Dang Ky
Quan ly thong tin khach hang
Xem Hang
Khach Hang
Them San Pham Vao Gio Hang
Cap Nhat Gio Hang
DangNhap
<<include>>
Kiem tra thong tin the tin dung
<<include>>
Mua hang
<<extend>>
Yeu cau chuyen Khoan
Hnh 3.27 M hnh Use Case phn khch hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
88
3.4.2.2. Qun tr vin v nhn vin
phn ny ngi dng phi ng nhp vo h thng trc khi thc hin vic qun
l v cp nht thng tin.
Cau hinh he thong [admin]
<<include>>
<<include>>
Quan Ly Nhan vien [admin]
<<include>>
<<include>>
Quan tri vien
Kiem tra quyen
Quan Ly san pham
Quan Ly hoa don

Nhan vien
Hnh 3.28 M hnh Use Case phn qun tr
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
89
3.4.3.
M hnh hot ng (Activity)
3.4.3.1. ng k thnh vin mi

Bat Dau
Khach hang nhap thong tin dang ky va yeu

cau thuc hien viec dang ky
Kiem tra tinh day du va

hop le cua thong tin
[Khong hop le]
Yeu cau nhap

lai thong tin
[Hop le]
Kiem tra ten dang
nhap da ton tai chua
[ Ten dang nhap da duoc dang ky ]
Yeu cau sua

ten dang nhap
[ Hop le ]
Kiem tra email
da ton tai chua
[ Email da duoc dang ky ]
Yeu cau sua

dia chi email
[ Hop le ]
Luu thong tin thanh
vien xuong CSDL
[ Loi cap nhat thong tin xuong CSDL ]
Thong bao qua trinh

dang ky thanh cong
Thong bao loi

cho nguoi dung
Ket thuc
Hnh 3.29 M hnh hot ng qu trnh ng k thnh vin mi
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
90
3.4.3.2. ng nhp
Khach hang nhap

thong tin dang nhap
Kiem tra ten

dang nhap
[ Hop le ]
Kiem tra mat
khau
Yeu cau nhap lai

thong tin dang nhap
[ Hop le ]
Luu thong tin khach
hang vao Session
Kiem tra thong tin gio

hang trong session
[ Chua co ]
Tao gio hang

moi
[ Da co ]
Kiem tra gio hang cua
khach hang trong CSDL
[ Co mot gio hang chua tinh tien ]

[ Khong co gio hang nao chua tinh tien ]
Dong bo gio
hang
Cap nhat thong tin gio

hang xuong CSDL
Quay lai trang truoc
Hnh 3.30 M hnh hot ng qu trnh ng nhp

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
91
3.4.3.3. Thm vo gi hng
Khach hang yeu cau them

san pham vao gio hang
Kiem tra gio hang

trong session
[ Chua co gio hang ]
Tao moi gio

hang
[Da co gio hang]

Them san pham
vao gio hang
Kiem tra dang nhap
[Chua dang nhap]
[Da dang nhap]

Cap nhat thong tin gio
hang xuong CSDL
Hnh 3.31 m hnh hot ng qu trnh thm sn phm vo gi hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
92
3.4.3.4. Mua hng
Yeu cau thanh
toan
Kiem tra dang

nhap
Dang nhap
Yeu cau nhap thong tin

chuyen hang
Kiem tra tinh hop le va day du

cua thong tin chuyen hang
[ Thong tin khong hop le ]
Yeu cau sua

thong tin
[ Hop le ]
Yeu cau nhap thong
tin hoa don
Kiem tra tinh hop le va day

du cua thong tin hoa don
[ Thong tin khong hop le ]
Yeu cau sua

thong tin
[Hop le]
Yeu cau nhap thong tin
the tin dung
Gui yeu cau xac thuc thong

tin len authorize.net
Phan tich ket qua tra ve
[ Loi thong tin the tin dung ]
Yeu cau nhap lai

thong tin the tin dung
[The hop le]

Yeu cau xac nhan hoan
thanh viec mua hang
[ Khong dong y mua hang ]

[ Dong y mua hang ]
Tao hoa don moi va
cap nhat xuong CSDL
Gui yeu cau chuyen khoan

len Authorize.net
Cap nhat thong tin chuyen

khoan xuong CSDL
Cap nhat thong tin gio hang da

duoc thanh toan xuong CSDL
Xoa thong tin gio hang va cac thong

tin ve phien giao dich trong session
Tao gio hang

moi
Thong bao giao

dich thanh cong
Hnh 3.32 M hnh hot ng qu trnh mua hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
93
3.4.4.
M hnh lp ( Class)
3.4.4.1. Tng nghip v
Hnh 3.33 M hnh lp tng nghip v

3.4.4.2. Thanh ton
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
94
Hnh 3.34 M hnh lp x l thanh ton
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
95
Chng 4.
HIN THC
4.1. Bo mt thng tin

4.1.1.
Bo mt thng tin trn URL
Cc thng tin trn thanh a ch khi chuyn sang cc trang iu c m ha bng

thut ton i xng nh cc thng tin: m sn phm, m nhm sn phm
4.1.2.
Hnh 4.35 Bo mt thng tin trn URL

Bo mt thng tin thit lp trong web.config
S dng thut ton RSA Protected Configuration v cng c Aspnet_regiis.exe

m ha thng tin kt ni vo CSDL v cc kha m ha d liu.
Thng tin cha m ha:
Hnh 4.36 Thng tin kt ni vo CSDL trong web.config cha c m ha

Sau khi c m ha:
Hnh 4.37 Thng tin kt ni vo CSDL trong web.config c m ha

4.1.3.
Bo mt thng tin th tn dng
Thng tin th tn dng ca khch hng c lu tr trong mt class
(CreditCardInfomation) v c bo mt bng cc thng tin c serialize (s ha)
thnh mt chui k t, sau m ha bng thut ton m ha i xng trc khi c
lu tr xung c s d liu.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
96
Thng tin th tn dng
Serialize (S ha)
M ha
Lu tr xung CSDL
ly li thng tin th tn dng th thc hin ngc li qu trnh.

4.1.4.
Bo mt cc thit lp quan trng
Cc thit lp ca trang web c lu tr trong bng SETTING, i vi nhng thit

lp quan trng, thng tin s c m ha trc khi c lu tr xung c s d liu.
Khi c cc thng tin thit lp ny ln s cng c vo trng ENCRYPTED xc
nh xem gi tr c c m ha hay khng, nu gi tr c m ha th s gii m.
4.1.5.
Hnh 4.38 M ha cc thit lp quan trng trong c s d liu

S dng SSL
Trong qu trnh thanh ton, khi ngi dng nhp thng tin th tn dng, h thng s
kim tra xem trang web c cu hnh SSL cha, nu c cu hnh th h thng
s t ng chuyn sang giao thc https bo mt thng tin.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
97
4.2. S trang Web
4.2.1.
Phn cho khch hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
98
S 4.1 S trang web phn khch hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
99
Trang ch
ng nhp
Qun l thng
tin khch hng
ng k
Website
Sn phm mi
Chi tit
sn phm
Tt c sn phm
Nhm SP theo
nh sn xut
Nhm SP
theo gi
Gi hng
Thanh ton
Thng tin
chuyn hng
Thng tin
ha n
Thng tin
Th tn dng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
100
4.2.2.
Phn cho ngi qun tr
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
101
S 4.2 S trang web phn qun tr
ng nhp
Ci t
h thng
GVHD: V Th Thanh Vn
Phn
qun tr
Nhn vin
Qun l
Nhn vin
SVTH: Nguyn Cnh Chn

Nhm
102
ng nhp
Ci t
h thng
Nhn vin
Phn
qun tr
Qun l
Nhn vin
Qun l
Ha n
Qun l
Sn phm
Nhm
Nhn vin
Qun l
My tnh
Qun l
Nhm thit b
Nhm SP theo
nh sn xut
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
103
4.3. Mt s mn hnh
4.3.1.
4.3.2.
Trang ch
Trang ng k
Hnh 4.39 Mn hnh trang ch
Hnh 4.40 Mn hnh trang ng k khch hng

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
104
4.3.3.
Trang nhm sn phm
4.3.4.
Hnh 4.41 Mn hnh trang nhm sn phm

Trang cp nht gi hng
Hnh 4.42 Mn hnh trang cp nht gi hng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
105
4.3.5.
Trang nhp thng tin chuyn hng
4.3.6.
Hnh 4.43 Mn hnh trang thng tin chuyn hng

Trang nhp thng tin ha n
Hnh 4.44 Mn hnh trang thng tin ha n

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
106
4.3.7.
Trang nhp thng tin th tn dng
4.3.8.
Hnh 4.45 Mn hnh trang thng tin th tn dng

Xc nhn mua hng
Hnh 4.46 Mn hnh xc nhn mua hng

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
107
4.3.9.
Trang qun l sn phm
4.3.10.
Hnh 4.47 Mn hnh trang qun l sn phm

Trang qun l nhm sn phm
Hnh 4.48 Mn hnh trang qun l nhm sn phm
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
108
4.3.11.
Trang qun l ha n
4.3.12.
Hnh 4.49 Mn hnh trang qun l ha n

Trang qun l nhn vin
4.3.13.
Hnh 4.50 Mn hnh trang qun l nhn vin

Trang qun l nhm v quyn nhn vin
Hnh 4.51 Mn hnh trang qun l nhm nhn vin

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
109
4.3.14.
Trang qun l thit lp h thng
Hnh 4.52 Mn hnh trang cu hnh h thng
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
110
Chng 5.
NHN XT NH GI V HNG PHT TRIN
5.1. Nhn xt nh gi
Sau qu trnh hn 2 thng tm hiu v vit n, em hc hi c rt nhiu iu
qua n ny:
233.
Hc c thm cc thut ton m ha v bo mt.
234.
Hc c cc k thut mi trong lp trnh.
235.
Hc c cc k nng vit ti liu v bo co.
Cc vn lm c trong n:
236.
Nu c ra cc thut ton c s dng trong vic
bo mt web v bo mt thng tin trong thng mi v thanh ton in t.

237.
a ra c cc vn bo mt trong xy dng v
qun l ng dng thng mi in t v gii php cho cc vn .

238.
Xy dng c mt ng dng web thng mi in
t tng i hon chnh.

239.
Tch hp c thanh ton qua cng thanh ton in
t trong ng dng.
240.
Thc hin c cc vn bo mt c bn trong
ng dng.
Cc vn cha lm c:
241.
Cha i su vo tm hiu cc thut ton.
242.
ng dng ch mi dng li nhng chc nng c
bn.
243.
Cha a dng c cc dch v thanh ton, nh
thanh ton qua PayPal
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
111
5.2. Hng pht trin
T nhng vn lm c v cha lm c nh trn, trong thi gian tip theo
s pht trin n ln:
244.
i vo tm hiu su cc thut ton quan trng.
245.
M rng ng dng tng tnh tin dng cho ngi
dng.
246.
GVHD: V Th Thanh Vn
Tch hp thm cc dch v thanh ton khc.
SVTH: Nguyn Cnh Chn
112
PH LC
1.1. Thit lp chng ch SSL ca Verisign
1.1.1. Cc bc thc hin
1. To file Request Certificate

2. Xin SSL Certificate t VeriSign.com
3. Cu hnh Trusted Root Certification Authority
4. Import SSL Certificate cho My ch web
5. Kim tra kt qu
1.1.2. Chun b
247.
My tnh ci h iu hnh Windows XP hoc
Windows Server 2003

248.
My ci Internet Information Services (IIS)
1.1.3. Thc hin

1.1.3.1.
To Request Certificate
249.
Logon Administrator, m Internet Information
Services (IIS) Manager, bung Web Site, chut phi Default Web Site, chn
Properties
250.
Hp thoi Default Web Site Properties, qua tab
Directory Security, chn Server Certificate
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
113
251.
Hp thoi Welcome to the Web Server Certificate
Wizard, chn Next
252.
Hp thoi Server Certificate, chn Create anew
certificate, chn Next

GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
114
253.
Trong hp thoi Delayed or Immediate Request,
chn Prepare the request now, but send it later, chn Next
254.
GVHD: V Th Thanh Vn
Hp thoi Name and Security Settings, chn Next
SVTH: Nguyn Cnh Chn
115
255.
Trong hp thoi Organization Information, nhp
thng tin nh hnh bn di, chn Next
256.
Trong hp thoi Your Sites Common Name, nhp
www.msopenlab.com vo Common name, chn Next
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
116
257.
Hp thoi Geographical Information, nhp thng tin
nh hnh bn di, chn Next
258.
Hp thoi Certificate Request File Name, mc
nh ng dn C:\certreg.txt, chn Next
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
117
259.
Hp thoi Request File Summary, chn Next, chn
Finish
260.
Trong hp thoi Default Web Site Properties, chn
OK, tt tt c ca s.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
118
1.1.3.2.
Xin SSL Certificate t VeriSign.com
261.
M Windows Explorer, copy ni dng ca file
C:\certreq.txt.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
119
262.
Internet
Explorer,
truy
cp
ch
http://www.verisign.com, chn Free SSL Trial
263.
Trong ca s Free SSL Trial Certificate, nhp y
thng tin (*: thng tin bt buc), chn Continue
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
120
264.
GVHD: V Th Thanh Vn
Ca s Welcome, chn Continue
SVTH: Nguyn Cnh Chn
121
265.
Ca s tip theo, nhp y thng tin vo phn
Technical Contact, chn Continue
Trong Select Server Platform, chn Microsoft. Trong Select Version, chn
IIS 6.0. Dn ni dung file certreq.txt vo Paste Certificate Signing Request
(CSR), optained from your server
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
122
266.
Trong What do you plan to use this SSL
Certificate for?, chn Web Server, chn Continue
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
123
267.
Trong
ca
CRS
Information,
nhp
MSOPENLAB vo Challenge Phrase v Re-enter Challenge Phrase. Nhp cu

hi bt k vo Reminder Question, chn Continue
268.
Trong ca s Order summary & acceptance, chn
Accept
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
124
269.
GVHD: V Th Thanh Vn
Kim tra: xin SSL Certificate thnh cng
SVTH: Nguyn Cnh Chn
125
1.1.3.3.
Cu hnh Trusted Root Certification Authority
270.
ng nhp vo hp mail, kim tra nhn c e-mail
t Support@verisign.com, chn vo link nh trong hnh bn di.
271.
Trong trang web ca verisign, chn VeriSign CA
Certificates
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
126
272.
Secure
Ca s tip theo, ko thanh trt xung di, chn

Site
GVHD: V Th Thanh Vn
Trial
Root
CA
Certificate
SVTH: Nguyn Cnh Chn
127
273.
Trong ca s Root CA Certificate, chn Select All,
copy tt c ni dung
274.
GVHD: V Th Thanh Vn
Dn ni dung vo Notepad v save li vi tn ca.cer
SVTH: Nguyn Cnh Chn
128
275.
M Internet Explorer, vo Tools, chn Internet
Options, qua tab Content, chn Certificates
276.
GVHD: V Th Thanh Vn
Trong hp thoi Certificates, chn Import
SVTH: Nguyn Cnh Chn
129
277.
Hp thoi Welcome to the Certificate Import
Wizard, chn Next
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
130
278.
Hp thoi File to Import, chn Browse, tr ng
dn n C:\ca.cer, chn Next
279.
Hp thoi Certificate Store, chn Automatically
select the certificate store based on the type of certificate, chn Next, chn
Finish
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
131
280.
1.1.3.4.
Hp thoi Security Warning, chn Yes
Import SSL Certificate cho Web Server
281.
ng nhp vo hp mail, m e-mail ca
support@verisign.com, copy phn BEGIN CERTIFICATE nh trong hnh

bn di
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
132
282.
GVHD: V Th Thanh Vn
Dn ni dung vo Notepad, save li vi tn cert.txt
SVTH: Nguyn Cnh Chn
133
283.
M Internet Information Services (IIS) Manager,
chut phi Default Web Site chn Properties

284.
Trong ca s Default Web Site Properties, qua tab
Directory Security, chn Server Certificate
285.
Hp thoi Welcome, chn Next
286.
Hp thoi Pending Certificate Request, chn
Process the pending request and install the certificate, chn Next
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
134
287.
Hp thoi Process a Pending Request, chn Browse,
tr ng dn n C:\cert.txt
288.
Hp thoi SSL Port, gi mc nh port 443, chn
Next 2 ln, chn Finish
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
135
289.
Trong hp thoi Default Web Site Properties, chn
View Certificate
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
136
290.
1.1.3.5.
Kim tra Certificate c cp bi Verisign
Kim tra kt qu
291.
Internet
Explorer,
truy
https://www.MSOpenLab.com, kim tra truy cp thnh cng.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
cp
137
1.2. Hm bm v m ha i
Xin xem m ngun km theo
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn
138
DANH MC TI LIU THAM KHO
1.
Electronic Payment Systems for E-Commerce Second Edition, Donal

OMahony, Michael Peirce, Hitesh Tewari, Artech House, 2001.
2.
Security fundamentals for E-commerce, Vesna Hassler, Artech House,

2001.
3.
Web Security, Privacy & Commerce 2nd Edition, Simson Garfinkel, Gene
Spafford , O'Reilly, 2001.
4.
Programming .NET Security, Adam Freeman, Allen Jones, O'Reilly, 2003.
5.
http://www.google.com
6.
http://www.wikipedia.org/
7.
http://www.authorize.net
8.
http://msdn.microsoft.com.
GVHD: V Th Thanh Vn
SVTH: Nguyn Cnh Chn

Do An Tot Nghiep Nghien Cuu Van de Bao Mat Trong Ung Dung Online Payment 179

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Do An Tot Nghiep Nghien Cuu Van de Bao Mat Trong Ung Dung Online Payment 179

Uploaded by

Copyright:

Available Formats

B CNG THNG

TRNG I HC CNG NGHIP TP.HCM

Ging Vin Hng Dn

TP. H Ch Minh, thng 04 nm 2009

SVTH: Nguyn Cnh Chn

SVTH: Nguyn Cnh Chn

TP. HCM, 4/2009

SVTH: Nguyn Cnh Chn

SVTH: Nguyn Cnh Chn

SVTH: Nguyn Cnh Chn

1.1. Thng mi in t v thanh ton in t .....................................................14

2.1. Cc thut ton v k thut m ha s dng trong thanh ton in t v

PHN TCH H THNG....................................................................84

SVTH: Nguyn Cnh Chn

3.2. Ngn ng v cc k thut..................................................................................84

4.1. Bo mt thng tin..............................................................................................95

NHN XT NH GI V HNG PHT TRIN................................110

1.1. Thit lp chng ch SSL ca Verisign............................................................112

SVTH: Nguyn Cnh Chn

1.1.2. Chun b....................................................................................................112

SVTH: Nguyn Cnh Chn

DANH MC CC BNG S HNH

HNH 2.1 THIT LP MT PHIN SSL..................................................................26

SVTH: Nguyn Cnh Chn

UNCITRAL : United Nations Commission On International Trade Law

: World Trade Organization

: Secure Sockets Layer

: Personal Identificate Number

: Bank Identificate Number

: Internet Engineering Task Force

: Transport Layer Security

: Hyper Text Transport Protocol

: Internet Messaging Access Protocol

: File Transport Protocol

: Massachusetts Institute of Technology

: Data Encryption Standard

: Digital Signature Algorithm

: Key Exchange Algorithm

: Message Digest algorithm 5

SVTH: Nguyn Cnh Chn

: Secure Hash Algorithm

: National Institute of Standards and Technology

: Pretty Good Privacy

: GNU Privacy Guard

: Federal Information Processing Standard

: National Security Agency

: Advanced Encryption Standard

: Public key infrastructure

: Uniform Resource Locator

:International Telecommunication Union

: Secure Electronic Transaction

: Local Area Network

: Common Gateway Interface

: Card Security Code

: Card Verification Value

: Card Verification Code

: Address Verification System

SVTH: Nguyn Cnh Chn

1.1.1.1. Khi nim

SVTH: Nguyn Cnh Chn

SVTH: Nguyn Cnh Chn

Cc bn tin hnh giao dch trong thng mi in

Cc giao dch thng mi truyn thng c thc