The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Communications of the ACM
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Untraceable off-line electronic cash flow in e-commerce
ACSC '01 Proceedings of the 24th Australasian conference on Computer science
Secure and Efficient Off-Line Digital Money (Extended Abstract)
ICALP '93 Proceedings of the 20th International Colloquium on Automata, Languages and Programming
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Divisible Electronic Cash Scheme
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
On the Security of ElGamal Based Encryption
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Building a consumer scalable anonymity payment protocol for Internet purchases
RIDE '02 Proceedings of the 12th International Workshop on Research Issues in Data Engineering: Engineering E-Commerce/E-Business Systems (RIDE'02)
NetCents: a lightweight protocol for secure micropayments
WOEC'98 Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce - Volume 3
NetBill security and transaction protocol
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Achieving secure and flexible M-services through tickets
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Ubiquitous computing environments and its usage access control
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
A framework for role-based group deligation in distributed environments
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Ticket-based mobile commerce system and its implementation
Proceedings of the 2nd ACM international workshop on Quality of service & security for wireless and mobile networks
Web services discovery based on schema matching
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Information Sciences: an International Journal
Access control management for ubiquitous computing
Future Generation Computer Systems
Security Enhancement of a Flexible Payment Scheme and Its Role-Based Access Control
Information Security and Cryptology
BPEL4RBAC: An Authorisation Specification for WS-BPEL
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
Authorization Policy Based Business Collaboration Reliability Verification
ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
A traceable E-cash transfer system against blackmail via subliminal channel
Electronic Commerce Research and Applications
Security and privacy on low-cost Radio Frequency Identification systems
International Journal of Security and Networks
WSXplorer: searching for desired web services
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Delegating revocations and authorizations
BPM'07 Proceedings of the 2007 international conference on Business process management
A novel and low-computation e-cash transfer system against blackmail for mobile communications
International Journal of Mobile Communications
A fair online payment system for digital content via subliminal channel
Electronic Commerce Research and Applications
A novel electronic cash system with trustee-based anonymity revocation from pairing
Electronic Commerce Research and Applications
Role-Based delegation with negative authorization
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Protecting disseminative information in E-Learning
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
A purpose-based access control in native XML databases
Concurrency and Computation: Practice & Experience
Anonymous reputation based reservations in e-commerce (amnesic)
Proceedings of the 13th International Conference on Electronic Commerce
ADC '13 Proceedings of the Twenty-Fourth Australasian Database Conference - Volume 137
Role-based access control to outsourced data in cloud computing
ADC '13 Proceedings of the Twenty-Fourth Australasian Database Conference - Volume 137
| Hi-index | 0.00 |
This paper proposes a practical payment protocol with scalable anonymity for Internet purchases, and analyzes its role-based access control (RBAC). The protocol uses electronic cash for payment transactions. It is an offline payment scheme that can prevent a consumer from spending a coin more than once. Consumers can improve anonymity if they are worried about disclosure of their identities to banks. An agent provides high anonymity through the issue of a certification. The agent certifies reencrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new method, each consumer can get the required anonymity level, depending on the available time, computation, and cost. We use RBAC to manage the new payment scheme and improve its integrity. With RBAC, each user may be assigned one or more roles, and each role can be assigned one or more privileges that are permitted to users in that role. To reduce conflicts of different roles and decrease complexities of administration, duty separation constraints, role hierarchies, and scenarios of end-users are analyzed.