Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 30184
Considerations of Public Key Infrastructure (PKI), Functioning as a Chain of Trust in Electronic Payments Systems

Authors: Theodosios Tsiakis, George Stephanides, George Pekos

Abstract:

The growth of open networks created the interest to commercialise it. The establishment of an electronic business mechanism must be accompanied by a digital – electronic payment system to transfer the value of transactions. Financial organizations are requested to offer a secure e-payment synthesis with equivalent level of security served in conventional paper-based payment transactions. PKI, which is functioning as a chain of trust in security architecture, can enable security services of cryptography to epayments, in order to take advantage of the wider base either of customer or of trading partners and the reduction of cost transaction achieved by the use of Internet channels. The paper addresses the possibilities and the implementation suggestions of PKI in relevance to electronic payments by suggesting a framework that should be followed.

Keywords: Electronic Payment, Security, Trust

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1084606

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1021

References:


[1] B. Corbitt, T. Thanasankit, H.Yi, Trust and e-commerce: a study of consumer perceptions, Electronic Commerce Research and Applications, 2, 2003, pp. 203-215
[2] R. Lukose, B. Huberman, A methodology for managing risk in electronic transactions over the Internet, Netnomics, 2000, pp. 25-36
[3] S. Gaines, Z. Norman, Some Security Principles and Their Application to Computer Security, the National Science Foundation under Grant No.MCS76-00720
[4] G. Whitson, Computer security: theory, process and management- Consortium for Computing Sciences in Colleges, JCSC 18, 2003
[5] D. Pipkin, Information Security. Prentice Hall PTR, 2000
[6] L. Fera, M. Hu, G. Cheung, M. Soper, Digital cash payment systems, Report, 1996
[7] S. Katsikas, The Role of Public Key Infrastructure in Electronic Commerce- The electronic journal for e-Commerce Tools & Applications, eJETA.org, Vol.1, No.1, 2002
[8] C. Westland, Transaction Risk in Electronic Commerce, Decision Support Systems 33, Elsevier, 2002, pp. 82-103
[9] P. Skevington, T. Hart, Trusted third parties in electronic commerce, BT Technology Journal, Vol. 15, No 2, 1997
[10] S. Lancaster, S. Yen, S. Huang, Public key infrastructure: a micro and macro analysis, Computer Standards & Interfaces 25, Elsevier Science, 2003, pp. 437-446
[11] Y. Tan, A Trust Matrix Model for Electronic Commerce, Trust Management, LNCS Springer-Verlag, 2692, 2003, pp. 33-45
[12] J. Camp, Designing for Trust, LNAI 2631, Springer-Verlag, 2003, pp. 15-29
[13] J. Daniel, Patterns of Trust and Policy, New Security Paradigms Workshop Langdale, 1998, Cumbria UK
[14] S. Brainov, T. Sandholm, Contracting with Uncertain Level of Trust, 1999, ACM 158113-176
[15] M. Patton, A. Josang, Technologies for Trust in Electronic Commerce, Electronic Commerce Research, Vol. 4, 2004, pp. 9-21
[16] ITU-T Recommendation X.509 (2000) Information Technology, Open systems interconnection - The Directory: Public-key and attribute certificate frameworks
[17] C. Corritorea, B. Krachera, S. Wiedenbeck, On-line trust: concepts, evolving themes, a model, Int. J. Human-Computer Studies 58, 2003, pp. 737-758
[18] J. Viega, T. Kohno, B. Potter, Trust (and mistrust) in secure applications, Communications of the ACM, Vol. 44, No. 2, 2001
[19] T. Beth, M. Borcherding, B. Klien, Valuation of Trust in Open Networks, Proceedings of the European Symposium on Research in Computer Security, Brighton, 1994
[20] L Ho, Distributed Security Management in the Internet, Journal of Network and Systems Management, Vol. 7, No. 2, 1999
[21] H.-W.-P. Beadle, R. Gonzalez, R. Safavi-Naini, S. Bakhtiari Review of Internet Payment Schemes, Proceedings of ATNAC-96, 1996
[22] M. Chesher, R. Kaura, Electronic commerce and business communications, Springer-Verlag, 1998
[23] E. Verheul, B. Koops, H. Tilborg, Public key infrastructure - Binding cryptography -- A fraud-detectible alternative to key-escrow proposals, Computer Law and Security Report, Vol. 13, no.1, 1997, pp. 3-14
[24] D. Pointcheval, Practical Security in Public-Key Cryptography, ICICS 2001, Lecture Notes in Computer Science Vol. 2288, 2002, pp. 1-17
[25] T. Aura, D. Gollmann, Communications security on the Internet, Focus Software, No. 105, Volume 2, Issue 3, 2001, pp. 104-111
[26] I. Mavridis, G. Pangalos, T. Koukouvinos, S. Muftic, A Secure Payment System for Electronic Commerce, 10th International Workshop on Database & Expert Systems Applications, Florence, Italy, 1999
[27] P. Havinga, G. Smit, A. Helme, Survey of electronic payment methods and systems, University of Twente, department of Computer Science
[28] Electronic Payment Systems Observatory (ePSO), Building Security and Consumer Trust in Internet Payments, Background Paper No. 7, 2002
[29] Yu Hsiao-Cheng, His Kuo-Hua, Kuo Pei-Jen, Electronic payment systems: an analysis and comparison of types, Technology in Society 24, 2002, pp. 331-347
[30] D. Abrazhevich, Classification and Characteristics of Electronic Payment Systems, Lecture Notes in Computer Science, Vol. 2115, 2001, pp. 81-90
[31] J. L. Abad-Peiro, N. Asokan, M. Steiner, M. Waidner, Designing a generic payment service, Technical Report 212ZR055, IBM Zurich Research Laboratory, 1996, Availiable: http://www.semper.org/info/212ZR055.ps.gz,
[32] D. Bruschi, A. Curtil, E. Rosti, A quantitative study of Public Key InC. Sundt, PKI ÔÇö Panacea1 or Silver Bullet, Information Security Technical Report, Vol 5, No. 4, 2000, pp.53-65frastructures, Computers & Security, Vol 22, No 1, 2003, pp. 56-67
[33] C. Sundt, PKI ÔÇö Panacea1 or Silver Bullet, Information Security Technical Report, Vol 5, No. 4, 2000, pp.53-65
[34] S. Gritzalis, S. Katsikas, D. Lekkas, K. Moulinos, E. Polydorou, Securing The Electronic Market: The KEYSTONE Public Key Infrastructure Architecture, Computers & Security, Vol. 19, No. 8, 2000, pp. 731-746
[35] K. Liaquat, Deploying Public Key Infrastructures, Information Security Technical Report, Vol. 3, No. 2, 1998, pp. 18-33
[36] R. Hunt, PKI and Digital Certification Infrastructure, Proceedings of the 9th IEEE International Conference on Networks (ICON.01), 2001, pp. 234-239
[37] A. Gómez, G. MartÛnez, Ó. Cánovas New security services based on PKI, Future Generation Computer Systems 19, 2003, pp. 251-262
[38] J. Weise, Public Key Infrastructure Overview, Sun BluePrints™, 2001
[39] RSA Inc. Understanding Public Key Infrastructure (PKI), An RSA Data Security White Paper, RSA Data Security, Inc., 1999
[40] M. Henderson, R. Coulter, Modelling Trust Structures for Public Key Infrastructures, ACISP 2002, Lecture Notes in Computer Science, Vol. 2384, 2002, pp. 56-70
[41] S. Gritzalis, D. Gritzalis, A Digital Seal solution for deploying Trust on Commercial Transactions, Information Management and Computer Security, Vol.9, No.2, 2001, pp.71-79
[42] M. Benantar, The Internet public key infrastructure, IBM, 2001