Abstract
Web-based commerce is rife with scenarios where a party needs to trust properties of computation and data storage occurring at a remote machine, operated by a different party with different interests. In our WebALPS project, we have used off-the-shelf hardware and open source software to build trusted co-servers co-resident with Web servers, and bring the secure SSL channel all the way into these trusted co-servers. In this paper, we survey how this tool can be used to systematically address privacy and security issues in e-commerce.
- Arbaugh, W. A., Farber, D., and Smith, J. M. 1997. A secure and reliable bootstrap architecture. In Security and Privacy (1997). IEEE Computer Society. Google ScholarDigital Library
- Freier, A. O., Karlton, P., and Kocher, P. C. 1996. The ssl protocol version 3.0. http://home.netscape.com/eng/ssl3/draft302.txt.Google Scholar
- IBM. 2000. Ibm 4758 models 2 and 23 pci cryptographic coprocessor. Product Brochure G221-9091-02. http://www.ibm.com/security/cryptocards/.Google Scholar
- Jiang, S. 2001. Webalps implementation and performance analysis: Using trusted co-servers to enhance privacy and security of web interactions. Master's thesis, Department of Computer Science, Dartmouth College. (Available as Technical Report TR2001-399). Google ScholarDigital Library
- Jiang, S., Smith, S., and Minami, K. 2001. Securing web servers against insider attack. In Annual Computer Security Applications Conference (December 2001). ACSA/ACM. (A preliminary version is availabe as Technical Report TR2001-410, Dartmouth College.). Google ScholarDigital Library
- Knop, E. 2001. Secure public-key services for web-based mail. Senior thesis, Department of Computer Science, Dartmouth College.Google Scholar
- NIST. 1994. Security requirements for cryptographic modules. Federal Information Processing Standards Publication 140-1.Google Scholar
- Smith, S. 2001. Outbound authentication for programmable secure coprocessors. Technical Report TR2001-401 (March), Department of Computer Science, Dartmouth College. http://www.cs.dartmouth.edu/~pkilab/oatr.pdf.Google Scholar
- Smith, S., Perez, R., Weingart, S., and Austel, V. 1999. Validating a high-performance, programmable secure coprocessor. In 22nd National Information Systems Security Conference (October 1999). National Institute of Standards and Technology.Google Scholar
- Smith, S. and Safford, D. 2001. Practical server privacy using secure coprocessors. IBM Systems Journal 40, 3. (Special Issue on End-to-End Security). Google ScholarDigital Library
- Smith, S. and Weingart, S. 1999. Building a high-performance, programmable secure coprocessor. Computer Networks 31, 831-860. Special Issue on Computer Network Security. Google ScholarDigital Library
- Yee, B. 1994. Using Secure Coprocessors. Ph. D. thesis, School of Computer Science, Carnegie Mellon University. (Available as Technical Report CMU-CS-94-149.).Google Scholar
- Yuan, Y., Ye, E., and Smith, S. 2001. Web spoofing 2001. Technical Report TR2001-409 (July), Department of Computer Science, Dartmouth College. http://www.cs.dartmouth.edu/~pkilab/demos/spoofing/.Google Scholar
Index Terms
- WebALPS: a survey of E-commerce privacy and security applications
Recommendations
An investigation of the effect of online consumer trust on expectation, satisfaction, and post-expectation
This study proposes a framework regarding the relationship between consumer trust, satisfaction, expectation, and post-expectation in the context of electronic commerce. In particular, the framework draws together from three theories: social exchange ...
The mediating effects of habit on continuance intention
Consumer attitudes are stronger predictors of continuance intention, with or without any mediation effects from habit.Consumer satisfaction was moderated by habit; which means that consumers can enhance their level of satisfaction by developing a ...
Comments