Towards a Generalized Payment Model for Internet Services ?

Prerequisite for the success of new business models in the Internet, such as pay-per-view, will be an efficient and interoperable electronic payment system. Many protocols and frameworks for various business domains exist. However, they are mostly incompatible which makes it hard for service providers to design for change. We investigated several standard payment scenarios and configurations and analyzed shortcomings of existing payment schemes. As a result, we developed expressive, common payment abstractions and came up with a generalized payment model which hides the payment mechanisms used, but offers a common, high-level interface and supports a wide range of business models. In this paper, we present our generalized payment model and its accompanying security model for Internet services. We discuss its abstractions and protocols and evaluate it in an Internet-scale push system.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[3]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[4]  Nathaniel S. Borenstein,et al.  MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies , 1992, RFC.

[5]  Steve Vinoski Distributed Object Computing With CORBA , 1993 .

[6]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[7]  L. Stein,et al.  The Green Commerce Model , 1995 .

[8]  Andreas Paepcke,et al.  U-PAI: A Universal Payment Application Interface , 1996 .

[9]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[10]  Martín Abadi,et al.  The Millicent Protocol for Inexpensive Electronic Commerce , 1995, World Wide Web J..

[11]  Doug Lea,et al.  Concurrent programming in Java - design principles and patterns , 1996, Java series.

[12]  Theodore C. Goldstein The Gateway Security Model in the Java Electronic Commerce Framework , 1997, Financial Cryptography.

[13]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[14]  Manfred Hauswirth,et al.  MiMi: A Java Implementation of the MicroMint Scheme , 1997, WebNet.

[15]  Jason Hunter Java servlet programming , 1998, Java series.

[16]  Dan Boneh,et al.  SWAPEROO: A Simple Wallet Architecture for Payments, Exchanges, Refunds, and Other Operations , 1998, USENIX Workshop on Electronic Commerce.

[17]  Clemens A. Szyperski,et al.  Component software - beyond object-oriented programming , 2002 .

[18]  Ricarda Weber Chablis - Market Analysis of Digital Payment Systems , 1998 .

[19]  N. Asokan,et al.  Designing a Generic Payment Service , 1998, IBM Syst. J..

[20]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[21]  T. Dierks,et al.  The TLS protocol , 1999 .

[22]  Manfred Hauswirth,et al.  Internet-scale push systems for information distribution|architecture , 1999 .

[23]  Vesna Hassler,et al.  Security Fundamentals for E-Commerce , 2000 .

[24]  Michael Puhrerfellner An implementation of the Millicent micro-payment protocol and its application in a pay-per-view busi , 2000 .

[25]  Birgit Pfitzmann,et al.  SEMPER - Secure Electronic Marketplace for Europe , 2000, Lecture Notes in Computer Science.

[26]  Martina Umlauft,et al.  A Java Component User Interface for the Minstrel Push System , 2000 .

[27]  K. Luttge E-charging API: outsource charging to a payment service provider , 2001, IEEE Intelligent Network 2001 Workshop. IN 2001 Conference Record (Cat. No.01TH8566).

[28]  Andreas Wombacher,et al.  An Architecture for Information Commerce Systems , 2001 .

[29]  Mehdi Jazayeri,et al.  A phase model for e-commerce business models and its application to security assessment , 2001, Proceedings of the 34th Annual Hawaii International Conference on System Sciences.

[30]  James Goodwill Apache Jakarta Tomcat , 2002, Apress.

[31]  Ahmad-Reza Sadeghi,et al.  Electronic Payment Systems , 2003, Digital Rights Management.