Skip to main content

Über dieses Buch

Welcome to the second volume of the Kluwer International Series on ADVANCES IN INFORMATION SECURITY. The goals of this series are, one, to establish the state of the art of and set the course for future research in information security and, two, to serve as a central reference and timely topics in information security research source for advanced and development. The scope of this series includes all aspects of com­ puter and network security and related areas such as fault tolerance and software assurance. ADVANCES IN INFORMATION SECURITY aims to publish thor­ ough and cohesive overviews of specific topics in information security, as well as works that are larger in scope or that contain more detailed background information than can be accommodated in shorter survey articles. The series also serves as a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook treat­ ment. The success of this series depends on contributions by researchers and developers such as yourself. If you have an idea for a book that is appro­ priate for this series, I encourage you to contact either the Acquisitions Editor for the series, Lance Wobus (, or myself, the Consulting Editor for the series ( We would be happy about to discuss any potential projects with you. Additional information this series can be obtained from www.wkap.nljseries.htmjADIS.



Case Studies in E-Commerce Security


Chapter 1. Security Testing of an Online Banking Service

Online banking and electronic commerce have become an everyday reality for millions of users. Almost every large banking institution offers services such as account management, fund transfers, automatic payments, and investments through the Internet. The quality of the provided services has become a driving factor in user selection of a banking institution. Given the critical nature of the services provided, banks and financial institutions are investing substantial resources in the implementation of sophisticated financial applications that are appealing to the end-user. In the design and implementation of these applications developers face a trade-off between user-friendliness and security.
Andra L. M. dos Santos, Giovanni Vigna, Richard A. Kemmerer

Chapter 2. Software Security Analysis: an Example Case Study

This chapter presents an example outlining the process and results of a software security risk analysis. Unlike other types of security risk analyses, a software security analysis focuses on the design and implementation of the online application rather than the network and physical environment in which the application is deployed. An example is used to illustrate the benefits of a software security risk analysis and demonstrate how software security extends and complements conventional security and business risk analyses.
Brad Arkin

Chapter 3. New Security Issues in Mobile E-Commerce

By 2004, there is expected to be over 1 billion wireless device sub-scribers. The future of e-commerce appears to be headed straight for mobile e-commerce (m-commerce). Today’s workers want to be un-tethered from their desktops with the freedom to communicate with anyone, anywhere, anytime. To this end, current wireless platforms are integrating voice telephony, data, and streaming multimedia in multifunction rich-content capable devices. In the future, code will be exchanged transparently with data over wireless links. Wireless devices will have the processing power and memory of today’s desktop workstations. Wireless devices will have direct connections to file servers and network services behind the corporate firewalls. Furthermore, wireless devices will have the ability to ship and execute mobile and itinerant code such as software agents that act on the user’s behalf. The security and privacy concerns are paramount for consumers and businesses. In this chapter, we describe the key security concerns in mobile e-commerce and avenues for addressing them.
Anup K. Ghosh

Chapter 4. Problems in Policing E-Commerce Crime

Nothing works. Despite repeated attempts by FedEx employees and customers around the globe, suddenly no information is available. Everything was fine a few moments ago, but now the company, which delivers more than three million express packages to 210 countries each working day, has had its worldwide operations crippled by a failure of its information system.1 Unbeknownst to FedEx officials, the debilitating disruption in its ability to move goods around the globe is the result of a “denial of service attack” by an unknown criminal hacker.2
Marc D. Goodman

Reasoning about Secure and Private E-Commerce


Chapter 5. Strategies for Developing Policies and Requirements for Secure and Private Electronic Commerce

While the Internet is dramatically changing the way business is conducted, security and privacy issues are of deeper concern than ever before. A primary fault in evolutionary electronic commerce systems is the failure to adequately address security and privacy issues; therefore, security and privacy policies are either developed as an afterthought to the system or not at all. One reason for this failure is the difficulty in applying traditional software requirements engineering techniques to systems in which policy is continually changing due to the need to respond to the rapid introduction of new technologies which compromise those policies. Security and privacy should be major concerns from the onset, but practitioners need new systematic mechanisms for determining and assessing security and privacy. To provide this support, we employ scenario management and goal-driven analysis strategies to facilitate the design and evolution of electronic commerce systems. Risk and impact assessment is critical for ensuring that system requirements are aligned with an enterprise—s security policy and privacy policy. Consequently, we tailor our goal-based approach by including a compliance activity to ensure that all policies are reflected in the actual system requirements. Our integrated strategy thus focuses on the initial specification of security policy and privacy policy and their operationalization into system requirements. The ultimate goal of our work is to demonstrate viable solutions for supporting the early stages of the software lifecycle, specifically addressing the need for novel approaches to ensure security and privacy requirements coverage.
Annie I. Antón, Julia B. Earp

Chapter 6. Protocols for Secure Remote Database Access with Approximate Matching

Suppose that Bob has a databaseDand that Alice wants to perform a search queryqonD(e.g., “isqinD?”).Since Alice is concerned about her privacy, she does not want Bob to know the queryqor the response to the query. How could this be done? There are elegant cryptographic techniques for solving this problem under various constraints (such as “Bob should know neitherqnor the answer to the query” and “Alice should learn nothing aboutDother than the answer to the query”), while optimizing various performance criteria (e.g., amount of communication).
We consider the version of this problem where the query is of the type “isq approximatelyinD?”for a number of different notions of “approximate”, some of which arise in image processing and template matching, while others are of the string-edit type that arise in biologicalsequence comparisons. New techniques are needed in this framework of approximate searching, because each notion of “approximate equality”introduces its own set of difficulties; using encryption is more problem-atic in this framework because the items that are approximately equal cease to be so after encryption or cryptographic hashing. Practical pro-tocols for solving such problems make possible new forms of e-commerce between proprietary database owners and customers who seek to query the database, with privacy.
We first present four secure remote database access models that are used in the e-commerce, each of which has different privacy requirement.We then present our solutions for achieving privacy in each of these four models.
Wenliang Du, Mikhail J. Atallah

Chapter 7. A New Approach to Reasoning About Accountability in Cryptographic Protocols for E-Commerce

This chapter presents a generic belief logic and demonstrates how it can be used to reason about accountability in cryptographic protocols for electronic commerce. First, we explain why the analysis of accountability properties can be treated in terms of belief. Different from other logics that have been proposed earlier to deal with accountability, our logic uses more general logical terms to deal with accountability, instead of the specific predicate “canprove”. We argue that the essence of accountability is actually the ability to “make” someone “believe” something, and the notion of “make” is just another modal operator in a generic belief logic. We then describe our belief logic and present an axiomatization system for analyzing cryptographic protocols for e-commerce. Finally, we illustrate with two examples how our logic can be used for our intended purpose.
Hongxue Wang, Vijay Varadharajan, Yan Zhang

Chapter 8. Provisional Authorizations

Past generations of access control systems, when faced with an access request, have issued a “yes” (resp. “no”) answer to the access request resulting in access being granted (resp. denied). In this chapter, we ar­gue that for the world’s rapidly proliferating business to business (B2B) applications and auctions, “yes/no” responses are just not enough. We propose the notion of a “provisional authorization” which intuitively says “You may perform the desired access provided you cause condition C to be satisfied.” For instance, a user accessing an online brokerage may receive some information if he fills out his name/address, but not otherwise. While a variety of such provisional authorization mecha­nisms exist on the web, they are all hardcoded on an application by application basis. We show that given (almost) any logic L, we may define a provisional authorization specification language pASLL. pASLL is based on the declarative, polynomially evaluable authorization spec­ification language ASL proposed by Jajodia et al [JSS97]. We define programs in pASLL, and specify how given any access request, we must find a “weakest” precondition under which the access can be granted (in the worst case, if this weakest precondition is “false” this amounts to a denial). We develop a model theoretic semantics for pASLL and show how it can be applied to online sealed-bid auction servers and online contracting.
Sushil Jajodia, Michiharu Kudo, V. S. Subrahmanian


Weitere Informationen