Authorization Methods for E-Commerce Applications
نویسنده
چکیده
In the recent past, a lot of work has been done in establishing public key infrastructures (PKIs) for electronic commerce (e-commerce) applications. Unfortunately, most of these PKIs can only be used to authenticate the participants of e-commerce applications; they can't be used to properly authorize the participants and to control access to system resources accordingly. Consequently, these PKIs address only half of the problem with regard to e-commerce applications, and some complementary technologies are required to address the authorization problem, as well. In this paper, we elaborate on such technologies and corresponding authorization methods for e-commerce applications. In particular, we address certificate-based authorization, the use of attribute and SDSI/SPKI certificates, as well as the use of databases. We conclude with the insight that there is no single best authorization method, and that different e-commerce applications may require different authorization methods.
منابع مشابه
A flexible distributed authorization protocol
While there has been considerable eeort in creating a single sign-on solution for interoperability among au-thentication methods, such interoperability across authorization methods has received little attention. This paper presents a exible distributed authorization protocol that provides the full generality of restricted proxies while supporting the functionality of and interop-erability with ...
متن کاملAgent Fabrication and Its Implementation for Agent-Based Electronic Commerce
In the last decade, agent-based e-commerce has emerged as a potential role for the next generation of e-commerce. How to create agents for e-commerce applications has become a serious consideration in this field. This paper proposes a new scheme named agent fabrication and elaborates its implementation in multi-agent systems based on the SAFER (Secure Agent Fabrication, Evolution & Roaming) arc...
متن کاملPerformance Evaluation of e-business applications using PNML
This paper proposes the use of XML Petri Nets (PNML), a kind of high-level Petri Nets, for modeling, development, management and performance Web-based systems, e-Activities like e-Business, Business-to-Business (B2B), e-Commerce and mobile applications wireless in the Web or ad-hoc networks. The combination of Petri Nets and XML (Extensible Markup Language) files are emerging as an important ap...
متن کاملSimulation e-business applications using PNML
This paper proposes the use of XML Petri Nets (PNML), a kind of high-level Petri Nets, for simulations Web-based systems, e-Activities like e-Business, Business-to-Business (B2B), e-Commerce and mobile applications wireless in the Web or ad-hoc networks. The combination of Petri Nets and XML (Extensible Markup Language) files are emerging as an important approach for the specification of comple...
متن کاملRole-Based Access Control for E-commerce Sea-of-Data Applications
Sea-of-Data (SoD) applications (those that need to process huge quantities of distributed data) present specific restrictions, which make mobile agent systems one of the most feasible technologies to implement them. On the other hand mobile agent technologies are in a hot research state, specially concerning security. We present an access control method for mobile agent systems. It is based on ...
متن کامل