10,048 research outputs found
Pricing and Bundling Electronic Information Goods: Field Evidence
Dramatic increases in the capabilities and decreases in the costs of computers and communication networks have fomented revolutionary thoughts in the scholarly publishing community. In one dimension, traditional pricing schemes and product packages are being modified or replaced. We designed and undertook a large-scale field experiment in pricing and bundling for electronic access to scholarly journals: PEAK. We provided Internet-based delivery of content from 1200 Elsevier Science journals to users at multiple campuses and commercial facilities. Our primary research objective was to generate rich empirical evidence on user behavior when faced with various bundling schemes and price structures. In this article we report initial results. We found that although there is a steep initial learning curve, decision-makers rapidly comprehended our innovative pricing schemes. We also found that our novel and flexible "generalized subscription" was successful at balancing paid usage with easy access to a larger body of content than was previously available to participating institutions. Finally, we found that both monetary and non-monetary user costs have a significant impact on the demand for electronic access.
Means of Payment in E-Commerce (Credit Cards and E-Money)
Once the web has spread and due to the great mass of users, firms with trade activity intesified their commercial tranzactions on-line. Thus the e-commerce implies e-payments which lead to creating e-money and implicitly some specific means of payment, all of these used with the aim of deployment and development of commercial tranzactions on-line.e-commerce, First Virtual, e-cash, Net-Cash
Recommended from our members
Flexible Digital Authentication Techniques
Abstract This dissertation investigates authentication techniques in some emerging areas. Specifically, authentication schemes have been proposed that are well-suited for embedded systems, and privacy-respecting pay Web sites. With embedded systems, a person could own several devices which are capable of communication and interaction, but these devices use embedded processors whose computational capabilities are limited as compared to desktop computers. Examples of this scenario include entertainment devices or appliances owned by a consumer, multiple control and sensor systems in an automobile or airplane, and environmental controls in a building. An efficient public key cryptosystem has been devised, which provides a complete solution to an embedded system, including protocols for authentication, authenticated key exchange, encryption, and revocation. The new construction is especially suitable for the devices with constrained computing capabilities and resources. Compared with other available authentication schemes, such as X.509, identity-based encryption, etc, the new construction provides unique features such as simplicity, efficiency, forward secrecy, and an efficient re-keying mechanism. In the application scenario for a pay Web site, users may be sensitive about their privacy, and do not wish their behaviors to be tracked by Web sites. Thus, an anonymous authentication scheme is desirable in this case. That is, a user can prove his/her authenticity without revealing his/her identity. On the other hand, the Web site owner would like to prevent a bunch of users from sharing a single subscription while hiding behind user anonymity. The Web site should be able to detect these possible malicious behaviors, and exclude corrupted users from future service. This dissertation extensively discusses anonymous authentication techniques, such as group signature, direct anonymous attestation, and traceable signature. Three anonymous authentication schemes have been proposed, which include a group signature scheme with signature claiming and variable linkability, a scheme for direct anonymous attestation in trusted computing platforms with sign and verify protocols nearly seven times more efficient than the current solution, and a state-of-the-art traceable signature scheme with support for variable anonymity. These three schemes greatly advance research in the area of anonymous authentication. The authentication techniques presented in this dissertation are based on common mathematical and cryptographical foundations, sharing similar security assumptions. We call them flexible digital authentication schemes
A Survey of Access Control Models in Wireless Sensor Networks
Copyright 2014 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/)Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.Peer reviewe
Active architecture for pervasive contextual services
International Workshop on Middleware for Pervasive and Ad-hoc Computing MPAC 2003), ACM/IFIP/USENIX International Middleware Conference (Middleware 2003), Rio de Janeiro, Brazil This work was supported by the FP5 Gloss project IST2000-26070, with partners at Trinity College Dublin and Université Joseph Fourier, and by EPSRC grants GR/M78403/GR/M76225, Supporting Internet Computation in Arbitrary Geographical Locations, and GR/R45154, Bulk Storage of XML Documents.Pervasive services may be defined as services that are available "to any client (anytime, anywhere)". Here we focus on the software and network infrastructure required to support pervasive contextual services operating over a wide area. One of the key requirements is a matching service capable of as-similating and filtering information from various sources and determining matches relevant to those services. We consider some of the challenges in engineering a globally distributed matching service that is scalable, manageable, and able to evolve incrementally as usage patterns, data formats, services, network topologies and deployment technologies change. We outline an approach based on the use of a peer-to-peer architecture to distribute user events and data, and to support the deployment and evolution of the infrastructure itself.Peer reviewe
Active architecture for pervasive contextual services
Pervasive services may be defined as services that are available to any client (anytime, anywhere). Here we focus on the software and network infrastructure required to support pervasive contextual services operating over a wide area. One of the key requirements is a matching service capable of assimilating and filtering information from various sources and determining matches relevant to those services. We consider some of the challenges in engineering a globally distributed matching service that is scalable, manageable, and able to evolve incrementally as usage patterns, data formats, services, network topologies and deployment technologies change. We outline an approach based on the use of a peer-to-peer architecture to distribute user events and data, and to support the deployment and evolution of the infrastructure itself
The role of regulatory mechanisms for control of plant diseases and food security — case studies from potato production in Britain
Being aware of the potentially devastating impacts of plant diseases on food security, governments have designed and employ plant health legislation to prevent or inhibit the worst impacts. The development of such policies in Britain, and latterly in Europe, can be closely linked to disease events that have occurred in the potato sector. We analyse early and current examples of policies governing potato diseases in Britain to identify the decision processes leading to the implementation of such phytosanitary policies and how they have evolved over time and in response to different disease threats. Reasons for developing and implementing phytosanitary policies include the desire to prevent pathogens being introduced (entering and establishing in a new area), the protection of export markets, and the lack of effective control measures. Circumstances in which regulatory policies would not be appropriate could include situations where a disease is already widely distributed, unacceptable costs, lack of exclusion measures, or difficulties of disease diagnosis. We conclude that in general, government policies have worked well in protecting British potato growing over the last one hundred years, despite of the failures of some of the policies discussed here. They have also contributed much to the development of plant health policies for other crops. Voluntary grower initiatives are a new mechanism complementing existing formal policies with an additional level of security that allows individual growers to take on additional responsibility rather than relying entirely on government legislation
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
- …