Security Detection And Evaluation Model For Mobile Payment Environment

With the development of mobile payment,security issues of mobile payment are increasing.The research of mobile payment security is mainly about the security protection system,no one has paid enough attention to the environmental security problem before payment,and there is no better method of environmental safety assessment.The assessment of the environment safety not only provide the reference and the prevention for the follow-up payment security,but also eliminate some unsafe factors before users enter the payment system.For the risk assessment of mobile environment security,the paper proposes an environmental risk assessment method based on threat map according to the current information security assessment method.The basic idea is to build a vulnerability node in a threat map based on three security vulnerabilities.Combining the common security threat point and information security risk assessment method,this paper proposes the security threat point for the Android environment and the assessment method for the threat value of the vulnerability node.In the process of constructing the threat map,this paper consider the actual relationship between vulnerability nodes,fully characterize the connection between nodes.After completing the entire threat map,each threat value of the vulnerability node is updated based on the connection between the nodes.According to the comprehensive fuzzy risk assessment method,the transfer probability is established between the vulnerability node and the threat point.Finally this paper get the calculation formula of each threat point by the information security risk calculation method and the experiment.According to the above,proposes the threat map of the Android mobile payment environment,gets calculation formula of each threat point,shows the detection method of each vulnerability node,and the construction method of the evaluation model.Then experiments verify the feasibility for the risk assessment scheme based on the threat map.This paper proposes a map-based risk assessment scheme.According to links between specific vulnerability nodes,combining the assessment criteria,the scheme updates the risk assessment value of the vulnerability node to makes the theoretical risk condition and the actual situation in accord with.