Group-Access Control of Confidential Files in E-Commerce Management Using Shared-Secret Scheme

Authors:
E. C. Tan;P. C. Leong;L. T. Sio
Affiliations:
School of Computer Engineering, Nanyang Technological University, Nanyang Avenue, Singapore 639798, Singapore asectan@ntu.edu.sg;School of Computer Engineering, Nanyang Technological University, Nanyang Avenue, Singapore 639798, Singapore;School of Computer Engineering, Nanyang Technological University, Nanyang Avenue, Singapore 639798, Singapore
Venue:
Electronic Commerce Research
Year:
2002

Citing 3
Cited 1

How to share a secret

Communications of the ACM
Cryptography and data security

Cryptography and data security
Electronic Commerce, Sixth Edition

Electronic Commerce, Sixth Edition

Evolution of e-commerce Web sites: A conceptual framework and a longitudinal study

Information and Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

A threshold scheme is employed for protecting confidential files against unauthorized perusal and permitting collective update in an e-commerce environment. The proposed system requires a subset of a designated group of ‘trustees’ readily available over the network in an operational time frame (e.g., a session). Sensitive applications running on a physically secure machine contain built-in processing to initiate collective authorization when needs arise. Authorizations in the form of partial passwords are sent over the network and are protected using SSL based cryptographic protocols. A collective encryption/decryption for file mechanism to control read accesses is also described.