论文信息 - Conceptualizing and Implementing an Information Security Strategy for Internet Billing Systems

Conceptualizing and Implementing an Information Security Strategy for Internet Billing Systems

The decentralized nature of Internet billing sys- tems demands a careful evaluation of the pantheon of se- curity issues in order to avoid the potential occurrence of business risks that could not be easily mitigated. Under- standing that Internet security is not merely a local tech- nology issue implemented at each one of the endpoints of the interorganizational application, this paper presents an inte- grated approach based on a rigorous multi-level and multi- dimensional framework. Through synthesis, the framework evaluates and uses the available tools and techniques in a consistent manner, aiming to aid the implementation of the most effective security strategy possible. Its use and ap- plicability is demonstrated over 'Billing Mall' - an Inter- net billing system currently being developed for the Hellenic Telecommunications Organization (OTE). Keywords—Network security, cryptography, information security strategy, Internet billing systems, electronic com- merce.

Panagiotis Kanellis | Panagiota Papadopoulou | Drakoulis Martakos | Nicholas Kolokotronis

[1] Shiu-Kai Chin,et al. High-confidence design for security: don't trust—verify , 1999, CACM.

[2] Arie Segev,et al. Internet Security , 1998 .

[3] Radia J. Perlman,et al. Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[4] Frederick M. Avolio. Putting it together a multi-dimensional approach to Internet security , 1998, NTWK.

[5] W. Ford,et al. Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption , 2000 .

[6] Fabrice de Comarmond,et al. An Intermediation and Payment System Technology , 1996, Comput. Networks.

[7] D. M. Goldschlag,et al. Security issues in networks with Internet access , 1997 .

[8] Eric Hughes. A long-term perspective on electronic commerce , 1997, NTWK.

[9] Randall K. Nichols. ICSA guide to cryptography , 1998 .

[10] Bernard P. Zajac. Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[11] Kathryn Walker,et al. Computer security policies and SunScreen firewalls , 1998 .

[12] Andrew V. Abela,et al. Current Research: Value Exchange: The Secret of Building Customer Relationships on Line , 1997 .

[13] Rolf Oppliger,et al. Internet security: firewalls and beyond , 1997, CACM.

[14] Man Young Rhee. Cryptography and Secure Communications , 1993 .