Secure e-commerce transactions for multicast services

With the advent of an increasing number of multicast services such as audio/video streaming, news broadcast and software distribution, accounting for the resources consumed by subscribers becomes essential. However, multicast environments are inherently more susceptible to attacks because there is as yet no proper foundation for securing multicast networks. However, any e-commerce operational environment requires support for the security properties such as authentication, authorization, data confidentiality, and non-repudiation. As secured multicast services gain popularity in the Internet, at one point there would be a significant response from the service providers to support e-commerce through multicast networks. In this thesis, a Multicast Security Protection Profile (MSPP) has been presented to identify and secure the operating environment of multicast sessions. Although e-commerce protocols such as SSL, TLS, and SET protocols offer some forms of security in e-transactions, they cannot be directly extended to provide security for e-commerce sessions in the multicast (point-to-multipoint) environment. Therefore, we have designed an architectural framework, called the Secure E-Commerce Transactions for Multicast Services (SETMS), to secure e-commerce sessions for multicast environments. The SETMS framework provides authentication of host through the HIP protocol, authorization of subscriber and his e-payments through a variant of the 2KP protocol, a procedure to account for the subscriber's resource consumption, and support for non-repudiation of principal parties through PKI. The SETMS framework has been evaluated using the Common Criteria based MSPP security specification and formally validated using the AVISPA too

Informed Consent to Address Trust, Control, and Privacy Concerns in User Profiling

More and more, services and products are being personalised or\ud tailored, based on user-related data stored in so called user profiles or user\ud models. Although user profiling offers great benefits for both organisations and\ud users, there are several psychological factors hindering the potential success of user profiling. The most important factors are trust, control and privacy\ud concerns. This paper presents informed consent as a means to address the\ud hurdles trust, control, and privacy concerns pose to user profiling

U.S. Customs and Border Protection: Trade Facilitation, Enforcement, and Security

[Excerpt] This report describes and analyzes import policy and CBP’s role in the U.S. import process. (The report does not cover CBP’s role in the U.S. export control system.) The first section of the report describes the three overarching goals of U.S. import policy and the tension among them. Second, the report provides a legislative history of customs laws, followed by an overview of the U.S. import process as it operates today. Third, the import process and CBP’s role in it are discussed. The final section highlights several policy issues that Congress may consider in its oversight role or as part of customs or trade legislation, including measures seeking to provide additional trade facilitation benefits to importers and others enrolled in “trusted trader” programs, to improve enforcement of intellectual property and trade remedy laws, to strengthen cargo scanning practices, and/or to promote modernization of customs data systems, among other issues. A list of trade-related acronyms used in the report is provided in Appendix A

Building trustworthy e-Commerce wesite

The process of building consumer trust in E-Commerce is based on the presence of trust features or trust attributes in the websites. Consumer may examine e-Commerce websites for the existence of trust attributes. However, to date, which trust attributes contribute to the website’s trustworthiness and which trust attributes give more value to consumer has not been adequately explored. Therefore, the purpose of the paper is to look for the relevant trust attributes for e-Commerce websites and to identify the importance ranking of trust attributes that contribute significantly to the trustworthiness of e-Commerce website. Various journal papers and articles related to e-Commerce field have been referred in order to identify the trust attributes. An online survey that received 1230 respondents was carried out to investigate the importance ranking of ten trust attributes. The paper contributes to the discussion on how to build trust in e-Commerc

InShopnito: an advanced yet privacy-friendly mobile shopping application

Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality