Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป A Resilient Access Control Scheme for Secure Electronic Transactions
Tweet

connect with us

A Resilient Access Control Scheme for Secure Electronic Transactions

Authors: 

Jong-Hyeon Lee, University of Cambridge

Abstract: 

There have been many studies of the management of personal secrets such as PIN codes, passwords, etc., in access control mechanisms. The leakage of personal secrets is one of the most significant problems in access control. To reduce such risks, we suggest a way of authenticating customers without transferring explicit customer secrets. Furthermore, we give a secure on-line transaction scheme based on our access control mechanism.

Needham gave an example of Personal Identification Number (PIN) management for banking systems [Nee97] that presented a way to control PIN codes. It inspired us to develop an access control model for electronic transactions which enforces a strict role definition for personal secret generation and maintenance. We extend it to a payment model. Our scheme provides enhanced privacy for customers, non-repudiation of origin for the customer order and payment transactions, and protection from personal secret leakage. Since it does not rely on either public key cryptosystems or auxiliary hardware such as chip cards and readers, its deployment within existing environments could be cost-effective.

Jong-Hyeon Lee, University of Cambridge

BibTeX
@inproceedings {261131,
author = {Jong-Hyeon Lee},
title = {A Resilient Access Control Scheme for Secure Electronic Transactions},
booktitle = {3rd USENIX Workshop on Electronic Commerce (EC 98)},
year = {1998},
address = {Boston, MA},
url = {https://www.usenix.org/conference/3rd-usenix-workshop-electronic-commerce/resilient-access-control-scheme-secure-electronic},
publisher = {USENIX Association},
month = aug,
}
Download

Links

Paper: 
http://usenix.org/publications/library/proceedings/ec98/full_papers/lee/lee.pdf
Paper (HTML): 
http://usenix.org/publications/library/proceedings/ec98/full_papers/lee/lee_html/lee.html
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us