Wang, Hua and Cao, Jinli and Zhang, Yanchun (2005) A flexible payment scheme and its role-based access control. IEEE Transactions on Knowledge and Data Engineering, 17 (3). pp. 425-436. ISSN 1041-4347
Metadata
| HTML Citation | EndNote | Dublin Core | Reference Manager |
Full text available as:
![[img]](/style/images/fileicons/application_pdf.png)
| PDF (Published Version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader 987Kb |
Official URL: http://doi.ieeecomputersociety.org/10.1109/TKDE.2005.35
Identification Number or DOI: doi: 10.1109/TKDE.2005.35
Abstract
[Abstract]: This paper proposes a practical payment protocol with scalable anonymity for Internet purchases, and analyzes its rolebased access control (RBAC). The protocol uses electronic cash for payment transactions. It is an offline payment scheme that can prevent a consumer from spending a coin more than once. Consumers can improve anonymity if they are worried about disclosure of their identities to banks. An agent provides high anonymity through the issue of a certification. The agent certifies reencrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new method, each consumer can get the required anonymity level, depending on the available time, computation, and cost. We use RBAC to manage the new payment scheme and improve its integrity. With RBAC, each user may be assigned one or more roles, and each role can be assigned one or more privileges that are permitted to users in that role. To reduce conflicts of different roles and decrease complexities of administration, duty separation constraints, role hierarchies, and scenarios of end-users are analyzed.
| Item Type: | Article (Commonwealth Reporting Category C) |
|---|---|
| Additional Information: | Published version deposited in accordance with the copyright policy of the publisher. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder. Copyright 2005 IEEE. Personal use of this material is permitted. This material is posted here with permission of the IEEE. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. |
| Uncontrolled Keywords: | electronic cash; anonymity; integrity; trace ability; hash function; internet purchases; electronic payment transactions; offline payment scheme; role-based access; control certification |
| Fields of Research (FOR2008): | 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150399 Business and Management not elsewhere classified 08 Information and Computing Sciences > 0806 Information Systems > 080609 Information Systems Management |
| Subjects: | 280000 Information, Computing and Communication Sciences > 280100 Information Systems > 280102 Information Systems Management 350000 Commerce, Management, Tourism and Services > 350200 Business and Management > 350213 Electronic Commerce |
| Socio-Economic Objective (SEO2008): | UNSPECIFIED |
| ID Code: | 3161 |
| Deposited By: | |
| Deposited On: | 11 Oct 2007 11:21 |
| Last Modified: | 27 Feb 2012 12:24 |
Archive Staff Only: edit this record