16th Bled Electronic Commerce Conference
نویسندگان
چکیده
Attribute-based access control (ABAC) is a very powerful and flexible security technique making it possible to overcome limitations of traditional role-based and discretionary access controls. ABAC enables the dynamic handling of vast numbers of heterogeneous and changing resources and users, a task especially relevant for E-Commerce or distributed computing. With an authentication and authorisation infrastructure (AAI) in place, service providers could benefit from synergies and outsourcing possibilities and, simultaneously, strengthening their security level. In addition, AAIs could arbitrate between users’ privacy issues and vendors’ information demands, using privacy enhancing technologies. However, implementing ABAC is not trivial; nor is the derivation of attributes or metadata. This work proposes a solution to the demands for privacy aware, usable, secure, and outsourceable ECommerce infrastructures with an AAI / ABAC combination. We introduce relevant technologies and an implementation that is evaluated. The prototype is based on the Liberty Alliance’s ID-FF system, using XACML elements and classification tools.
منابع مشابه
User Acceptance of Electronic Commerce: Contributions from the Bled eConference
User acceptance of electronic commerce continues to be a popular topic at the Bled eConference. The paper reviews the past contributions of the conference in this specific area. The review deals with those studies that have an empirical and quantitative component, and those studies where the emphasis has been on testing theories of user acceptance. The paper establishes three phases in which Bl...
متن کاملRealization of Legal Requirements on Digital Signatures in Electronic Commerce
Some very fundamental obstacles inhibit, or at least slow down the success and growth of Electronic Commerce. These are, among others, the lack of real comfortable and secure payment systems, as well as a lack of a trustworthy environment for business transactions. However, these requirements can not be put into practice without digital signatures. Digital signatures may be used in any of the p...
متن کامل16th Bled Electronic Commerce Conference
The astounding growth in cell phone and personal digital assistants (PDAs) has resulted in a new platform for computing engineering. Accordingly, a number of situations concerning business and dealer operations can be well managed with the use of such mobile devices or a combination of them. On the other hand, some software architectures like the Java 2 Micro Edition (J2ME) represent an excelle...
متن کاملPreface to the special issue "Bled eConference 2011 and 2012"
This special issue comprises selected papers from the 24th and the 25th Bled eConference. The Bled eConference is an annual conference addressing especially eCommerce and eBusiness related topics. Furthermore, the conference targets all aspects of “e” and beyond. The 24th Bled eConference was titled “eFuture: Creating Solutions for the Individual, Organisations and Society”, and the 25th annive...
متن کاملEfficient Consumer Response: a Preliminary Comparison of U.s. and European Experiences
Within the domain of Electronic Commerce, Efficient Consumer Response (ECR) is a grocery industry management strategy designed to make the industry more efficient and responsive to consumers' needs. Although ECR originated in the US, the concept has been adopted in Europe, Australia and, slowly, in other regions. This paper discusses the concept of ECR and its development, and then examines the...
متن کامل