A multi-agent architecture for electronic payment

The Internet has brought about innumerable changes to the way enterprises do business. An essential problem to be solved before the widespread commercial use of the Internet is to provide a trustworthy solution for electronic payment. We propose a multi-agent mediated electronic payment architecture in this paper. It is aimed at providing an agent-based approach to accommodate multiple e-payment schemes. Through a layered design of the payment structure and a well-defined uniform payment interface, the architecture shows good scalability. When a new e-payment scheme or implementation is available, it can be plugged into the framework easily. In addition, we construct a framework allowing multiple agents to work cooperatively to realize automation of electronic payment. A prototype has been built to illustrate the functionality of this design. Finally we discuss the security issues

Development of a model for smart card based access control in multi-user, multi-resource, multi-level access systems

The primary focus of this research is an examination of the issues involved in the granting of access in an environment characterised by multiple users, multiple resources and multiple levels of access permission. Increasing levels of complexity in automotive systems provides opportunities for improving the integration and efficiency of the services provided to the operator. The vehicle lease / hire environment provided a basis for evaluating conditional access to distributed, mobile assets where the principal medium for operating in this environment is the Smart Card. The application of Smart Cards to existing vehicle management systems requires control of access to motor vehicles, control of vehicle operating parameters and secure storage of operating information. The issues addressed include examination of the characteristics of the operating environment, development of a model and design, simulation and evaluation of a multiple application Smart Card. The functions provided by the card include identification and authentication, secure hash and encryption functions which may be applied, in general, to a wide range of access problems. Evaluation of the algorithms implemented indicate that the Smart Card design may be provably secure under single use conditions and conditionally secure under multiple use conditions. The simulation of the card design provided data to support further research and shows the design is practical and able to be implemented on current Smart Card types

Synthesising end-to-end security schemes through endorsement intermediaries

Composing secure interaction protocols dynamically for e-commerce continue to pose a number of challenges, such as lack of standard notations for expressing requirements and the difficulty involved in enforcing them. Furthermore, interaction with unknown entities may require finding common trusted intermediaries. Securing messages sent through such intermediaries require schemes that provide end-to-end security guarantees. In the past, e-commerce protocols such as SET were created to provide such end-to-end guarantees. However, such complex hand crafted protocols proved difficult to model check. This thesis addresses the end-to-end problems in an open dynamic setting where trust relationships evolve, and requirements of interacting entities change over time. Before interaction protocols can be synthesised, a number of research questions must be addressed. Firstly, to meet end-to-end security requirements, the security level along the message path must be made to reflect the requirements. Secondly, the type of endorsement intermediaries must reflect the message category. Thirdly, intermediaries must be made liable for their endorsements. This thesis proposes a number of solutions to address the research problems. End-to-end security requirements were arrived by aggregating security requirements of all interacting parties. These requirements were enforced by interleaving and composing basic schemes derived from challenge-response mechanisms. The institutional trust promoting mechanism devised allowed all vital data to be endorsed by authorised category specific intermediaries. Intermediaries were made accountable for their endorsements by being required to discharge or transfer proof obligations placed on them. The techniques devised for aggregating and enforcing security requirements allow dynamic creation of end-to-end security schemes. The novel interleaving technique devised allows creation of provably secure multiparty schemes for any number of recipients. The structured technique combining compositional approach with appropriate invariants and preconditions makes model checking of synthesised schemes unnecessary. The proposed framework combining endorsement trust with schemes making intermediaries accountable provides a way to alleviate distrust between previously unknown e-commerce entities

NASA Tech Briefs, July/August 1988

Topics: New Product Ideas; NASA TU Services; Electronic Components and Circuits; Electronic Systems; Physical Sciences; Materials; Computer Programs; Mechanics; Machinery; Fabrication Technology; Mathematics and Information Sciences; Life Sciences

A secure LITESET scheme

Recently, a new light-weight version of the secure electronic transaction protocol was proposed. The protocol can achieve two goals. One goal is that the security level is the same as the SET protocol. The other goal is to reduce the computational time in message generation and verification, and reduce the communication overhead. However, the protocol has a weakness, which is that non-repudiation is acquired, but confidentiality is lost. In this paper, we point out the weakness of the protocol. We also propose an improvement to the protocol to overcome this weakness

A Secure LITESET Scheme

[[abstract]]Recently, a new light-weight version of the secure electronic transaction protocol was proposed. The protocol can achieve two goals. One goal is that the security level is the same as the SET protocol. The other goal is to reduce the computational time in message generation and verification, and reduce the communication overhead. However, the protocol has a weakness, which is that non-repudiation is acquired, but confidentiality is lost. In this paper, we point out the weakness of the protocol. We also propose an improvement to the protocol to overcome this weakness

A Secure Agent-Mediated Payment Protocol

While software agents have been employed in payment protocols, they are largely passive entities, i.e., they participate in the payment protocol but do not make decision. In this paper, we propose an agent-assisted payment protocol called LITESET/A+ that empowers the payment agent (PA) to perform encryption operation for its owner. This is realized by introducing a Trusted Third Party (TTP) in the payment system based on the SET protocol (Secure Electronic Transaction) and a novel signcryption-threshold scheme. In LITESET/A+, the PA and TTP collaborate together to ensure the same level of security as the SET specification. At the same time, with the signcryptionthreshold scheme, the PA is more flexible and autonomous during trading