CRYPTO '89 Proceedings on Advances in cryptology
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Decentralized user-role assignment for Web-based intranets
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
An Oracle implementation of the PRA97 model for permission-role assignment
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Communications of the ACM
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The RSL99 language for role-based separation of duty constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Untraceable off-line electronic cash flow in e-commerce
ACSC '01 Proceedings of the 24th Australasian conference on Computer science
Ticket-based service access scheme for mobile users
ACSC '02 Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4
Secure and Efficient Off-Line Digital Money (Extended Abstract)
ICALP '93 Proceedings of the 20th International Colloquium on Automata, Languages and Programming
Future Directions in Role-Based Access Control Models
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
On the Security of ElGamal Based Encryption
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Building a consumer scalable anonymity payment protocol for Internet purchases
RIDE '02 Proceedings of the 12th International Workshop on Research Issues in Data Engineering: Engineering E-Commerce/E-Business Systems (RIDE'02)
NetBill security and transaction protocol
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Anonymous access scheme for electronic-services
ACSC '04 Proceedings of the 27th Australasian conference on Computer science - Volume 26
Protecting Information Sharing in Distributed Collaborative Environment
Advanced Web and NetworkTechnologies, and Applications
Hi-index | 0.00 |
A flexible payment scheme and its permission-role assignments are proposed in this paper. The scheme uses electronic cash for payment transactions. In this protocol, from the viewpoint of banks, consumers can improve anonymity if they are worried about disclosure of their identities. A role called anonymity provider agent (AP) provides a high level of anonymity for consumers. The role AP certifies re-encrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this method, each consumer can get a required anonymity level, depending on the available time, computation and cost.There are two types of problems that may arise in permission-role assignments. One is related to authorization granting process. Conflicting permissions may be granted to a role, and as a result, users with the role may have or derive a high level of authority. Another is related to authorization revocation. When permission is revoked from a role, the role may still have the permission from other roles. To solve these problems, we first analyze the duty separation constraints of the roles and role hierarchies in the scheme, then discuss granting a permission to a role, weak revocation permissions and strong revocation permissions for the scheme.