Article

A flexible payment scheme and its role-based access control

Univ. of Southern Queensland, Toowoomba, Qld., Australia
IEEE Transactions on Knowledge and Data Engineering (Impact Factor: 1.82). 04/2005; 17(3):425- 436. DOI: 10.1109/TKDE.2005.35
Source: IEEE Xplore

ABSTRACT This work proposes a practical payment protocol with scalable anonymity for Internet purchases, and analyzes its role-based access control (RBAC). The protocol uses electronic cash for payment transactions. It is an offline payment scheme that can prevent a consumer from spending a coin more than once. Consumers can improve anonymity if they are worried about disclosure of their identities to banks. An agent provides high anonymity through the issue of a certification. The agent certifies reencrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new method, each consumer can get the required anonymity level, depending on the available time, computation, and cost. We use RBAC to manage the new payment scheme and improve its integrity. With RBAC, each user may be assigned one or more roles, and each role can be assigned one or more privileges that are permitted to users in that role. To reduce conflicts of different roles and decrease complexities of administration, duty separation constraints, role hierarchies, and scenarios of end-users are analyzed.

Download full-text

Full-text

Available from: Jinli Cao, Feb 20, 2013
0 Followers
 · 
142 Views
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: An electronic cash system allows the exchange of digital coins with value assured by the bank's signature and with concealed user identity. In an electronic cash system, a user can withdraw coins from the bank and then spends each coin anonymously and unlinkably. In this paper we propose a secure and efficient off-line electronic payment system based on bilinear pairings and group signature schemes. The anonymity of the customer is revocable by a trustee in case of a dispute. Because the amount of communication in the payment protocol is about 480 bits, the proposed off-line electronic payment system can be used in wireless networks with limited bandwidth.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: A global education system, as a key area in future IT, has fostered developers to provide various learning systems with low cost. While a variety of e-learning advantages has been recognized for a long time and many advances in e-learning systems have been implemented, the needs for effective information sharing in a secure manner have to date been largely ignored, especially for virtual university collaborative environments. Information sharing of virtual universities usually occurs in broad, highly dynamic network-based environments, and formally accessing the resources in a secure manner poses a difficult and vital challenge. This paper aims to build a new rule-based framework to identify and address issues of sharing in virtual university environments through role-based access control (RBAC) management. The framework includes a role-based group delegation granting model, group delegation revocation model, authorization granting, and authorization revocation. We analyze various revocations and the impact of revocations on role hierarchies. The implementation with XML-based tools demonstrates the feasibility of the framework and authorization methods. Finally, the current proposal is compared with other related work.
    IEEE Transactions on Knowledge and Data Engineering 06/2009; 21:840-853. DOI:10.1109/TKDE.2008.132 · 1.82 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Many electronic cash systems have been proposed with the proliferation of the Internet and the activation of electronic commerce. E-cash enables the exchange of digital coins with value assured by the bank's signature and with concealed user identity. In an electronic cash system, a user can withdraw coins from the bank and then spends each coin anonymously and unlinkably. In this paper, we design an efficient anonymous mobile payment system based on bilinear pairings, in which the anonymity of coins is revocable by a trustee in case of dispute. The message transfer from the customer to the merchant occurs only once during the payment protocol. Also, the amount of communication between customer and merchant is about 800 bits. Therefore, our mobile payment system can be used in the wireless networks with the limited bandwidth. The security of the new system is under the computational Diffie-Hellman problem in the random oracle model.
    Informatica 01/2009; 20:579-590. · 0.90 Impact Factor