A user-centric anonymous authorisation framework in e-commerce environment

ACM International Conference Proceeding Series

Volumn 60, Issue , 2004, Pages 138-147

  Au, Richard ^a   Vasanta, Harikrishna ^a   Choo, Kim Kwang Raymond ^a   Looi, Mark ^a  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS RIGHTS; ATTRIBUTE CERTIFICATE; BINDING SIGNATURES; CREDENTIAL-BASED APPROACH; E-COMMERCE; IDENTITY-BASED; OPEN ENVIRONMENT; SERVICE PROVIDER; THIRD PARTIES; TRUST ESTABLISHMENT; USER PRIVACY; USER-CENTRIC;

ACCESS CONTROL;

ELECTRONIC COMMERCE;

EID: 77954474147     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1052220.1052238     Document Type: Conference Paper

References (28)

1. P. Ashley, S. Hada, and G. Karjoth. E-P3P Privacy Policies and Privacy Authorisation. In Proceedings of ACM Workshop on Privacy in Electronic Society, pages 103-109, 2002.
2. P. Ashley and M. Vandenwauver. Practical Intranet Security : An Overview of the State of the Art and Available Technolgies. Kluwer Academic Publishers, 1999.
3. R. Au, M. Looi, and P. Ashley. Cross Domain One-Shot Authorisation using Smart Card. In Proceedings of 7th ACM Conference on Computer and Communication Security (CCS' 2000), pages 220-227, 2000.
4. T. Aura and C. Ellison. Privacy and Accountability in Certificate Systems. In Helsinki University of Technology Laboratory for Theoretical Computer Science Research Report 61, 2000.
5. M. Bellare, A. Boldyreva, and S. Micali. Public-key Encryption in a Multi-User Setting: Security Proofs and Improvements. In Advances in Cryptology - Eurocrypt, pages 259 - 274. Springer-Verlag, 2000. Lecture Notes in Computer Science Volume 1807.
6. M. Bellare, R. Canetti, and H. Krawczyk. Keying Hash Functions for Message Authentication. In Advances in Cryptology - Crypto 96, pages 1-15. Springer-Verlag, 1996. Lecture Notes in Computer Science Volume 1109.
7. M. Bellare, R. Guerin, and H. Krawczyk. XOR MACs: New Methods For Message Authentication Using Finite Pseudorandom Functions. In 16th Annual International Cryptology Conference on Advances in Cryptology, pages 15-28. Springer-Verlag, 1995. Lecture Notes in Computer Science Volume 963.
8. M. Bellare and Phillip Rogaway. Provably Secure Session Key Distribution: The Three Party Case. In 27th ACM Symposium on the Theory of Computing, pages 57-66. ACM Press, 1995.
9. L. Cardelli. Abstractions for Mobile Computation. In Secure Internet Programming: Security Issues for Mobile and Distributed Objects, LNCS 1603, pages 51-79. Springer Verlag, 1999.
10. D. Chaum. Untraceable Electronic Mail, Return addresses and digital Pseudonyms. In Communications of the ACM, volume 24, pages 84-88, 1981.
11. D. Chaum. Security Without Identification: Transaction Systems to Make Big Brother Obsolete. In Communications of the ACM, volume 28, pages 1030-1044, 1985.
12. R. Clarke. Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice. In Proceedings of User Identification & Privacy Protection Conference, 1999.
13. R. Cramer and V. Shoup. Design and Analysis of Practical Public-Key Encryption Schemes Secure Against Adaptive Chosen Ciphertext Attack. SIAM Journal on Computing, 33(1):167-226, 2003.
14. C. Ellison. Improvements on Conventional PKI Wisdom. In Proceedings of the First Annual PKI Research Workshop, pages 165-175, 2003.
15. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI Certificate Theory. In RFC 2693, Internet Engineering Task Force, 1999.
16. C. Farkas, G. Ziegler, A. Meretei, and A. Lorincz. Anonymity and Accountability in Self-organising Electronic Communities. In Proceedings of ACM Workshop on Privacy in Electronic Society, pages 81-90, 2002.
17. S. Farrell and R. Housley. An Internet Attribute Certificate for Authorisation. In RFC 3281, Internet Engineering Task Force, 2002.
18. B. Friedman, P.H. Khan, and D.C. Howe. Trust Online. In Communications of the ACM, volume 43, pages 34-40, 2000.
19. S. Goldwasser and S. Micali. Probabilisitic Encryption. Journal of Computer and System Sciences, 28:270-299, 1984.
20. S. Goldwasser, S. Micali, and R. L. Rivest. A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM Journal on Computing, 17(2):281-308, 1988.
21. D.L. Hoffman, T.P. Novak, and T. Peralta. Building Consumer Trust Online. In Communications of the ACM, volume 42, pages 80-85, 1999.
22. G. Karjoth, M. Schunter, and M. Waidner. Platform for Enterprise Privacy Practices - Privacy-enabled Management of Customer Data. In Proceedings of the Privacy Enhancing Technologies Conference, volume LNCS 2482, pages 69-84, 2003.
23. A. Pfitzmann and M. Kohntopp. Anonymity, Unobservability and Pseudonymity - A proposal for Terminology. In Proceedings of the workshop on Design issues in anonymity and unobservability, LNCS 2009, Springer-Verlag, 2000.
24. M.G. Reed, P. F. Syverson, and D. Goldschlag. Anonymous Connections and Onion Routing. In IEEE Journal on Selected Areas in Communications, volume 16, pages 482-494, 1998.
25. M.K. Reiter and A.D. Rubin. Crowds: Anonymity for Web Transactions. In ACM Transactions on Information and System Security, volume 1, pages 66-92, 1998.
26. W3C. Platform for Privacy Preferences. In URL: www.w3.org/P3P.
27. ITU-T Recommendation X.509. In Information technology - Open systems interconnection - the directory: Public-key and attribute certificate frameworks, 2000.
28. ITU-T Recommendation X.812. ISO 10181-3: Information Technology - Open Systems Interconnection - Security Frameworks for Open Systems : Access Control Framework. International Organisation for Standarisation, 1996.