FIDES – A Middleware E-Commerce Security Solution

This paper reports on the on-going Fair Integrated Data Exchange Services (FIDES) project aimed at developing a security middleware solution to support e-commerce transactions and the provision of the important fair exchange and nonrepudiation security services. Fair exchange ensures that either both business parties participating in a transaction receive the exchanged valuable items or neither party receives anything useful. Non-repudiation ensures that neither party involved in the exchange can falsely deny sending or receiving a particular item and therefore taking part in the transaction.

[1]  Ning Zhang,et al.  Fair certified e-mail delivery , 2004, SAC '04.

[2]  Qi Shi,et al.  Signature-based Approach to Fair Document Exchange , 2003 .

[3]  Robert H. Deng,et al.  Practical protocols for certified electronic mail , 1996, Journal of Network and Systems Management.

[4]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[5]  Dieter Gollmann,et al.  An efficient non-repudiation protocol , 1997, Proceedings 10th Computer Security Foundations Workshop.

[6]  Indrajit Ray,et al.  An Optimistic Fair Exchange E-commerce Protocol with Automated Dispute Resolution , 2000, EC-Web.

[7]  Bruce Schneier,et al.  A certified e-mail protocol , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[8]  Dieter Gollmann,et al.  Certified Electronic Mail , 1996, ESORICS.

[9]  Ning Zhang,et al.  An efficient protocol for anonymous and fair document exchange , 2003, Comput. Networks.

[10]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[11]  Ning Zhang,et al.  A secure and fair DSA-based signature exchange protocol , 2004, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769).

[12]  Dieter Gollmann,et al.  Observations on Non-repudiation , 1996, ASIACRYPT.

[13]  Ning Zhang,et al.  A security protocol for certified e-goods delivery , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[14]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[15]  Giuseppe Ateniese,et al.  Efficient verifiable encryption (and fair exchange) of digital signatures , 1999, CCS '99.

[16]  Colin Boyd,et al.  Off-Line Fair Payment Protocols Using Convertible Signatures , 1998, ASIACRYPT.

[17]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[18]  Jianyi Lin,et al.  Computer crime and security survey , 2002 .

[19]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[20]  Liqun Chen,et al.  Efficient Fair Exchange with Verifiable Confirmation of Signatures , 1998, ASIACRYPT.

[21]  Robert H. Deng,et al.  Efficient and practical fair exchange protocols with off-line TTP , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[22]  Michael K. Reiter,et al.  Fair Exchange with a Semi-Trusted Third Party (extended abstract) , 1997, CCS.

[23]  Henning Pagnia,et al.  On the Impossibility of Fair Exchange without a Trusted Third Party , 1999 .

[24]  Ning Zhang,et al.  Achieving Non-Repudiation of Receipt , 1996, Comput. J..

[25]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.