LAYERED ARCHITECTURE FOR SECURE E-COMMERCE APPLICATIONS

Amir Herzberg, Igal Yoffe

Abstract

We present a layered architecture for secure e-commerce applications and protocols with fully automated dispute-resolution process, robust to communication failures and malicious faults. Our design is modular, with precise yet general-purpose interfaces and functionalities, and allows usage as an underlying secure service to different e-commerce, e-banking and other distributed systems. The interfaces support diverse, flexible and extensible payment scenarios and instruments, including direct buyer-seller payments as well as (the more common) indirect payments via payment service providers (e.g. banks). Our design is practical, efficient, and ensures reliability and security under realistic failure and delay conditions.

References

  1. Bellare, M., Garay, J., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Herrenweghen, E. V., and Waidner, M. (2000). Design, Implementation and Deployment of the iKP Secure Electronic Payment System. In Journal on Selected Areas in Communication, special issue on Network Security, volume 18, pages 611-627.
  2. Chaum, D. (1983). Blind Signatures for Untraceable Payments. In Advances in Cryptology - Proceedings of CRYPTO 7882, pages 199-203. D. Chaum, R. L. Rivest, and A. T. Sherman, Eds., Plenum, NY.
  3. Cox, B., Tygar, J. D., and Sirbu, M. (1995). NetBill security and Transaction Protocol. In The First USENIX Workshop on Electronic Commerce, pages 77-88.
  4. Herreweghen, E. V. (2000). Non-repudiation in SET: Open Issues. In Proceedings of the 4th Conference on Financial Cryptography.
  5. Herzberg, A. (2003). Payment technologies for Ecommerce, Chapter 13, Micropayments. SpringerVerlag.
  6. Herzberg, A. (2004). Controlling Spam by Secure Internet Content Selection. In Proceedings of Secure Communication Networks (SCN), volume 3352 of LNCS, pages 337-350. Springer-Verlag.
  7. J. Tang, A. Fu, J. V. (2004). Supporting Dispute Handling in E-commerce Transactions, a Framework and Related Methodologies. In Electronic Commerce Research Journal, volume 4, pages 393-413. Kluwer Academic.
  8. Kremer, S. and Markowitch, O. (2003). Fair Multi-Party Non-Repudiation Protocols. International Journal on Information Security, 1(4):223-235.
  9. Kremer, S., Markowitch, O., and Zhou, J. (2002). An Intensive Survey of Non-repudiation Protocols. Computer Communications, 25(17):1606-1621.
  10. Lacoste, G., Pfitzmann, B., Steiner, M., and Waidner, M., editors (2000). SEMPER - Secure Electronic Marketplace for Europe, volume 1854 of Lecture Notes in Computer Science. Springer-Verlag.
  11. Micali, S. and Rivest, R. (2002). Micropayments revisited. In Progress in Cryptology - CT-RSA 2002, volume 2271 of LNCS. In Bart Preneel, editor, SpringerVerlag.
  12. N. Asokan, V. Shoup, M. W. (2000). Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications, 18:593-610.
  13. Nenadic, A. and Zhang, N. (2003). Non-repudiation and Fairness in Electronic Data Exchange. In Proceedings of 5th International Conference on Enterprise Information Systems (ICEIS), pages 55-62, Angers, France.
  14. Pfitzmann, B., Schunter, M., and Waidner, M. (2000). Provably Secure Certified Mail. In IBM Research Report RZ 3207 (#93253), IBM Research Division, Zurich.
  15. R. Rivest, A. S. (1996). PayWord and MicroMint: Two Simple Micropayment Schemes. In Proceedings of the International Workshop on Security Protocols, pages 69-87.
  16. Ray, I. and Ray, I. (2002). Fair exchange in E-commerce. SIGecom Exch., 3(2):9-17.
  17. Zhou, J. (2001). Non-repudiation in electronic commerce. Computer Security Series. Artech House.
  18. Zhou, J., Deng, R. H., and Bao, F. (1999). Evolution of Fair Non-repudiation with TTP. In ACISP 7899: Proceedings of the 4th Australasian Conference on Information Security and Privacy, pages 258-269, London, UK. Springer-Verlag.
Download


Paper Citation


in Harvard Style

Herzberg A. and Yoffe I. (2006). LAYERED ARCHITECTURE FOR SECURE E-COMMERCE APPLICATIONS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 118-125. DOI: 10.5220/0002099801180125


in Bibtex Style

@conference{secrypt06,
author={Amir Herzberg and Igal Yoffe},
title={LAYERED ARCHITECTURE FOR SECURE E-COMMERCE APPLICATIONS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={118-125},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002099801180125},
isbn={978-972-8865-63-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - LAYERED ARCHITECTURE FOR SECURE E-COMMERCE APPLICATIONS
SN - 978-972-8865-63-4
AU - Herzberg A.
AU - Yoffe I.
PY - 2006
SP - 118
EP - 125
DO - 10.5220/0002099801180125