Certificate based PKI and B2B E-commerce: Suitable match or not?

IFIP Advances in Information and Communication Technology

Volumn 65, Issue , 2002, Pages 19-34

  Ang, Kok Ming ^a   Caelli, William J ^a  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

ELECTRONIC COMMERCE; TRUSTED COMPUTING;

ALTERNATIVE STRUCTURE; BUSINESS TO BUSINESS; BUSINESS-TO-CONSUMER; COMPUTING ENVIRONMENTS; DIRECTORY STRUCTURE; MANDATORY ACCESS CONTROL; SCALABLE SOLUTION; X.509 CERTIFICATES;

ACCESS CONTROL;

EID: 84904261253     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Conference Paper

References (29)

1. ABA (1996). Digital Signature Guidelines. American Bar Association.
2. Adams, C. and Lloyd, S. (1999). Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations. Macmillan Technical Publishing, Indianapolis, Indiana.
3. Anderson, R. J. (1994a). Liability and Computer Security - Nine Principles. In Proceedings of the Third ESORICS, volume 875 of Lecture Notes in Computer Science, pages 231-245. Springer-Verlag.
4. Anderson, R. J. (1994b). Why Cryptosystems Fail. Communications of the ACM, 37:32-40.
5. Berkovits, S., Chokhani, S., Furlong, J. A., Geiter, J. A., and Guild, J. C. (1994). Public key infrastructure study: Final report. Technical report, Mitre Corporation.
6. Biddle, C. B. (1996). Misplaced Priorities: The Utah Digital Signature Act and Liability Allocation in a Public Key Infrastructure. Unpublished but submitted to San Diego Law Review Vol. 33.
7. Crispo, B. (1998). Delegation of Responsibilities (Transcript of Discussion). In 6th International Workshop on Security Protocols, volume 1318 of Lecture Notes in Computer Science, pages 124-130. Springer-Verlag.
8. Davis, D. (1996). Compliance Defects in Public Key Cryptography. In Proceedings 6th USENIXSecurity Symposium, pages 171-178, San Jose, California. Usenix Association.
9. Dierstein, R. (1990). The Concept of Secure Information Processing Systems and Their Basic Functions. In Proceedings of 6th IFIP/Sec'90, pages 133-149, Helsinki, Finland. North Holland.
10. Diffie, W. and Hellman, M. (1976a). Multiuser Cryptographic Techniques. In Proceedings of AFIPS National Computer Conference, pages 109-112. AFIPS.
11. Diffie, W. and Hellman, M. (1976b). New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644-654.
12. E-Sign Act (2000). Electronic Signatures in Global and National Commerce Act. Second session of the 106th Congress of the United States of America on 24 January 2000.
13. Ellison, C. (1999). SPKI Requirements. RFC 2692.
14. Ellison, C. and Schneier, B. (2000). Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure. Computer Security Journal, 16(1):1-7.
15. Feigenbaum, J. (1998). Towards an Infrastructure for Authorization. In 3rd Usenix Workshop on Electronic Commerce, pages 15-19, Boston, Massachusetts. USENIX Association.
16. Harbison, W. S. (1998). Delegating Trust (Transcript of Discussion). In 6th International Workshop on Security Protocols, volume 1318 of Lecture Notes in Computer Science, pages 108-117. Springer-Verlag.
17. Jueneman, R. R. and Robertson, Jr., R. J. (1998). Biometrics and Digital Signatures in Electronic Commerce. Jurimetrics Journal of Law, Science and Technology, 38:427-457.
18. Kimberley, P. (1991). Electronic Data Interchange: A Review of the Current Status of Electronic Data Interchange Throughout the World and an Introduction to the Services. McGraw-Hill.
19. Kohnfelder, L. M. (1978). Towards a Practical Public-key Cryptosystem. Bachelor's thesis, Department of Electrical Engineering, MIT.
20. Landrock, P. (1999). Challenging the conventional view of PKI - will it really work? In Proceedings of 16th World Conference on Computer Security, Audit & Control, pages 406-424, Westminster, London. Elsevier.
21. McCullagh, A. and Caelli, W. J. (2000). Non-Repudiation in the Digital Environment. First Monday, 5(8).
22. McCullagh, A., Little, P., and Caelli, W. (1998). Electronic Signatures: Understand the Past to develop the Future. University of NSW Law Journal, 21(2).
23. Nygh, P. E. and Butt, P., editors (1997). Butterworths Australian Legal Dictionary. Butterworths, Sydney.
24. Rivest, R. L. (1998). Can We Eliminate Certificate Revocation Lists? In Proceedings of Financial Cryptography'98, pages 178-183, Berlin. Springer-Verlag.
25. Sneddon, M. (1998). Legislating to Facilitate Electronic Signatures and Records: Exceptions, Standards and the Impact on the Statute Book. University of NSW Law Journal, 21(2).
26. Stoner, J. A. F., Yetton, P. W., Criag, J. F., and Johnston, K. D. (1997). Management. Prentice-Hall, Sydney, Australia, second edition.
27. The Holy Bible (1984). The Holy Bible. International Bible Society, East Brunswick, New Jersey, New International Version edition. Exodus Ch. 18 v. 13-23.
28. Thompson, K. (1984). Reflections on Trusting Trust. Communications of the ACM, 27(8):761-763.
29. Verisign Inc. (2000). Verisign OnSite White Paper. Available at http://www.verisign.com/onsite/white paper.html.