E-commerce authentication: An effective countermeasures design model

ICEIS 2003 - Proceedings of the 5th International Conference on Enterprise Information Systems

Volumn 3, Issue , 2003, Pages 447-455

  Sawma, Victor D ^a   Probert, Robert L ^a  

^a UNIVERSITY OF OTTAWA   (Canada)

Author keywords

Authentication; Electronic commerce; Requirements analysis; Secure Electronic Transactions (SET); Security

Indexed keywords

COMMERCE; DESIGN; ELECTRONIC COMMERCE; INFORMATION SYSTEMS; LIFE CYCLE;

AUTHENTICATION MODELS; E-COMMERCE SYSTEMS; LEGITIMATE USERS; REQUIREMENTS ANALYSIS; SECURE ELECTRONIC TRANSACTION; SECURITY; SECURITY STANDARDS; USER REQUIREMENTS;

AUTHENTICATION;

EID: 70350663438     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (22)

1. Agnew, G. 2000. "Cryptography, Data Security, and Applications to E-commerce." Electronic Commerce Technology Trends Challenges and Opportunities. 69-85. IBM Press.
2. Anderson, R. 2001. "Security Engineering: A Guide to Building Dependable Distributed Systems", John Wiley & Sons. ISBN: 0-471-38922-6
3. Bellare, M., Canetti, R. and Krawczyk, H. 1998. "A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols."
4. CC Common Criteria for Information Technology Security Evaluation (1999). Retrieved October 9, 2001 from http://commoncriteria.org/
5. Chang, K. Lee, B. and Kim, T. 2002. "Open Authentication Model Supporting Electronic Commerce in Distributed Computing", Electronic Commerce Research, Vol. 2, 135-149, Kluwer Academic Publishers
6. Ford W. and Baum, M. 1997 "Secure Electronic Commerce", Prentice Hall. ISBN 0-13-476342-4
7. Freier, A. Karlton, P., and Kocher, P. 1996 "The SSL Protocol Version 3.0". Retrieved from http://wp.netscape.com/eng/ssl3/draft302.txt
8. Hawkins, S., Yen, D., and Chou, D. 2000. "Awareness and Challenges of Internet Security", Information Management & Computer Security, Vol. 8(3), MCB University Press.
9. Herzog, P. 2001. "The Open Source Security Testing Methodology Manual", version 1.5. Retrieved from http://ideahamster.org/
10. Hobley, C. 2001. Just Numbers: Numbers on Internet use, electronic commerce, IT and related figures for the European Community. Retrieved from http://europa.eu.int/
11. Kocher, C. (n.d.) "Cryptanalysis of Diffie-Hellman, RSA, DSS, and Other Systems Using Timing Attacks" Retrieved from http://www.cryptography.com/
12. NIST, National Institute of Standards and Technology, 2001. "Underlying Technical Models for Information Technology Security", 2001. Special Publication 800-33. Retrieved from: http://csrc.nist.gov/publications/
13. Nguyen, H. 2001. "Testing Applications on the Web", 285-310, John Wiley & Sons.
14. SANS, "Password Policy", Retrieved from http://www.sans.org/newlook/resources/policies/
15. th Annual Federal Information Systems Security Educator's Association (FISSEA) conference. Website: http://csrc.nist.gov/organizations/fissea/
16. Rivest, R., Shamir, A. and Adleman, L. 1978. "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, 21(2), 120-126.
17. Schneier, B. 2000. "Secrets and Lies: Digital Security in a Networked World", John Wiley & Sons
18. SecuriTeam Security Tools Archive. (n.d.) Retrieved from http://www.securiteam.com/
19. SET Secure Electronic Transaction Specification. 1997. Book 1: Business Description, Version 1.0. Retrieved from http://www.setco.org/
20. Treese, G. and Stewart, L. 1998. Designing Systems for Internet Commerce. Addison-Wesley.
21. Viega, J. and McGraw, G. 2002. "Building Secure Software", Addison-Wesley.
22. Wilson, S. 1997. "Certificates and trust in electronic commerce", Information Management & Computer Security, Vol. 5(5), 175-181, MCB University Press.