A flexible payment scheme and its role-based access control

Univ. of Southern Queensland, Toowoomba, Qld., Australia;
IEEE Transactions on Knowledge and Data Engineering (Impact Factor: 1.89). 04/2005; 17(3):425- 436. DOI: 10.1109/TKDE.2005.35
Source: IEEE Xplore

ABSTRACT This work proposes a practical payment protocol with scalable anonymity for Internet purchases, and analyzes its role-based access control (RBAC). The protocol uses electronic cash for payment transactions. It is an offline payment scheme that can prevent a consumer from spending a coin more than once. Consumers can improve anonymity if they are worried about disclosure of their identities to banks. An agent provides high anonymity through the issue of a certification. The agent certifies reencrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new method, each consumer can get the required anonymity level, depending on the available time, computation, and cost. We use RBAC to manage the new payment scheme and improve its integrity. With RBAC, each user may be assigned one or more roles, and each role can be assigned one or more privileges that are permitted to users in that role. To reduce conflicts of different roles and decrease complexities of administration, duty separation constraints, role hierarchies, and scenarios of end-users are analyzed.

  • [Show abstract] [Hide abstract]
    ABSTRACT: With the growing importance of privacy in data access, much research has been done on the privacy protecting technology in the recent years. Developing an access control model and related mechanisms to support a selective access data has become important. The extensible markup language (XML) is rapidly emerging as the new standard language for semi-structured data representation and exchange on the Internet with more and more information being distributed in XML format. In this paper, we present a comprehensive approach for privacy preserving access control based on the notion of purpose. In our model, purpose information associated with a given data element in an XML document specifies the intended use of the data elements. An important issue addressed in this paper is the granularity of data labeling for data elements in XML documents and tree databases with which purposes can be associated. We address this issue in native XML databases and propose different labeling schemes for XML documents. We also propose an approach to represent purpose information to support access control based on purpose information. Our proposed solution relies on usage access control models as well as the components that are based on the notions of the purpose information used in subjects and objects. Finally, comparisons with related works are analysed. Copyright © 2011 John Wiley & Sons, Ltd.
    Concurrency and Computation Practice and Experience 07/2012; 24(10):1154-1166. · 0.85 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Online social network has developed significantly in recent years. Most of current research has utilized the property of online social network to spread information and ideas. Motivated by applications in social networks (such as alcohol intervention strategies), a variation of the dominating set called a positive influence dominating set (PIDS) has been studied in the literature. However, the existing work all focused on greedy algorithms for the PIDS problem with different approximation ratios, which are limited to find approximate solutions to PIDS in large networks. In order to select a minimal PIDS (MPIDS) in large social networks, we first present a self-stabilizing algorithm for the MPIDS problem in this paper, which can find a MPIDS in an arbitrary network graph without any isolated node. It is assumed that the nodes in the proposed algorithm have globally unique identifiers, and the algorithm works under a central daemon. We further prove that the worst case convergence time of the algorithm from any arbitrary initial state is O(n2) steps where n is the number of nodes in the network.
    Proceedings of the Twenty-Fourth Australasian Database Conference - Volume 137; 01/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Online reservation systems have grown over the last recent years to facilitate the purchase of goods and services. Generally, reservation systems require that customers provide some personal data to make a reservation effective. With this data, service providers can check the consumer history and decide if the user is trustable enough to get the reserve. Although the reputation of a user is a good metric to implement the access control of the system, providing personal and sensitive data to the system presents high privacy risks, since the interests of a user are totally known and tracked by an external entity. In this paper we design an anonymous reservation protocol that uses reputations to profile the users and control their access to the offered services, but at the same time it preserves their privacy not only from the seller but the service provider.
    Proceedings of the 13th International Conference on Electronic Commerce; 08/2011

Full-text (2 Sources)

Available from
May 21, 2014