The practical detailed requirements of accountability and its application in the electronic payment protocols

With the development of electronic commerce, a lot of electronic commerce systems have been put into practices. Electronic payment system is the key part of it. Thus many electronic payment protocols have been introduced. Accountability is a core property of the electronic payment protocols. Accountability is the property whereby the association of a unique originator with an object or action can be proved to a third party. Accountability consists of money accountability and goods accountability. Until now several logics about the accountability have been introduced, such as Herreweghen logic, Kailar logic, Kessler&Neumann logic and Kungpisdan&Permpoontanalarp logic. But it is difficult for people to use these logics in practice. In this paper we introduce the practical detailed requirements of money accountability and goods accountability. According to the requirements we can easily judge whether the electronic payment protocols have the goods accountability and money accountability or not without complex analyses and logic reasoning. We use the Kessler&Neumann logic to prove the soundness of the requirements. In the last we chose the SOCPT protocol as example to illustrate the application of the requirements presented.

[1]  Michael Stumm,et al.  NetCents: A Lightweight Protocol for Secure Micropayments , 1998, USENIX Workshop on Electronic Commerce.

[2]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[3]  Nadarajah Asokan,et al.  Fairness in electronic commerce , 1998, Research report / RZ / IBM / IBM Research Division / Zürich Research Laboratory.

[4]  Rajashekar Kailar,et al.  Accountability in Electronic Commerce Protocols , 1996, IEEE Trans. Software Eng..

[5]  E. Gabber,et al.  Agora: a minimal distributed protocol for electronic commerce , 1996 .

[6]  N. Asokan,et al.  Towards a Framework for Handling Disputes in Payment Systems , 1998, USENIX Workshop on Electronic Commerce.

[7]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[8]  J. Doug Tygar,et al.  Atomicity in electronic commerce , 1996, NTWK.

[9]  Supakorn Kungpisdan,et al.  Practical Reasoning about Accountability in Electronic Commerce Protocols , 2001, ICISC.

[10]  Ronald Cramer,et al.  The ESPRIT Project CAFE - High Security Digital Payment Systems , 1994, ESORICS.

[11]  Mihir Bellare,et al.  iKP - A Family of Secure Electronic Payment Protocols , 1995, USENIX Workshop on Electronic Commerce.

[12]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[13]  Chew Lim Tan,et al.  Virtual card payment protocol and risk analysis using performance scoring , 2001, Proceedings 15th International Parallel and Distributed Processing Symposium. IPDPS 2001.

[14]  Volker Kessler,et al.  AUTLOG-an advanced logic of authentication , 1994, Proceedings The Computer Security Foundations Workshop VII.

[15]  Els Van Herreweghen Non-repudiation in SET: Open Issues , 2000, Financial Cryptography.

[16]  Marvin A. Sirbu,et al.  NetBill: an Internet commerce system optimized for network-delivered services , 1995, IEEE Wirel. Commun..

[17]  Stefek Zaba E-commerce payment protocols: requirements and analysis , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[18]  BO MENG Applying Accountability and Atomicity to Secure Electronic Transaction , 2002 .

[19]  B. Clifford Neuman,et al.  NetCash: a design for practical electronic currency on the Internet , 1993, CCS '93.

[20]  Marvin A. Sirbu,et al.  Flexible and Scalable Credential Structures: NetBill Implementation and Experience , 1999 .

[21]  Mark S. Manasse,et al.  The Millicent Protocols for Electronic Commerce , 1995, USENIX Workshop on Electronic Commerce.

[22]  Heike Neumann,et al.  A Sound Logic for Analysing Electronic Commerce Protocols , 1998, ESORICS.

[23]  Bo Meng,et al.  SOCPT: a secure online card payment protocol , 2004, 8th International Conference on Computer Supported Cooperative Work in Design.

[24]  B. Clifford Neuman,et al.  Electronic Currency for the Internet , 1993, Electronic Markets.

[25]  Rajashekar Kailar Reasoning about accountability in protocols for electronic commerce , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.