Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
An integrated framework for security and dependability
Proceedings of the 1998 workshop on New security paradigms
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
An access control language for web services
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Open Authentication Model Supporting Electronic Commerce in Distributed Computing
Electronic Commerce Research
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
WWW '03 Proceedings of the 12th international conference on World Wide Web
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A System to Specify and Manage Multipolicy Access Control Models
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Flexible access control policy specification with constraint logic programming
ACM Transactions on Information and System Security (TISSEC)
A semantics for web services authentication
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Access control for the web via proof-carrying authorization
Access control for the web via proof-carrying authorization
Tools for design of composite Web services
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Trust but verify: authorization for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Hi-index | 0.00 |
Traditional access control a.k.a. authorisation for e commerce systems is not flexible and efficient enough to combat the new emerging security challenges and public remains concerned about the security of online transactions as can be seen from http://www.security-survey.gov.uk. Challenges like changes in consumer's behaviour, advances in broadband technology, industrial maturity and entropy converging to usher in a new era of e-commerce security. The authors' proposed framework provides trust transformation rules which have associated conditions for authorisations to control access. The introduction of trust method formalises the conditions within logical perspective. The authors aim to build the architecture and trust model for trust and authorisation within an e-commerce service system. The architecture will help to build a secure e-commerce service system. The underlying framework will not only inform researchers of a better design for secure e-commerce service, but also assist e-commerce systems developers in the understanding of intricate constructions within trust and authorisation. This includes protecting transactions records of customers in terms of information privacy and access. The authors also propose rigorous logical foundation for trust and authorisation in e-commerce service environments based on ABLP.