A flexible payment scheme and its role-based access control

Wang, Hua and Cao, Jinli and Zhang, Yanchun (2005) A flexible payment scheme and its role-based access control. IEEE Transactions on Knowledge and Data Engineering, 17 (3). pp. 425-436. ISSN 1041-4347

PDF (Published Version)

Download (987Kb)


[Abstract]: This paper proposes a practical payment protocol with scalable anonymity for Internet purchases, and analyzes its rolebased
access control (RBAC). The protocol uses electronic cash for payment transactions. It is an offline payment scheme that can
prevent a consumer from spending a coin more than once. Consumers can improve anonymity if they are worried about disclosure of
their identities to banks. An agent provides high anonymity through the issue of a certification. The agent certifies reencrypted data
after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new
method, each consumer can get the required anonymity level, depending on the available time, computation, and cost. We use RBAC
to manage the new payment scheme and improve its integrity. With RBAC, each user may be assigned one or more roles, and each
role can be assigned one or more privileges that are permitted to users in that role. To reduce conflicts of different roles and decrease
complexities of administration, duty separation constraints, role hierarchies, and scenarios of end-users are analyzed.

Statistics for USQ ePrint 3161
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Additional Information: Published version deposited in accordance with the copyright policy of the publisher. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder. Copyright 2005 IEEE. Personal use of this material is permitted. This material is posted here with permission of the IEEE. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Faculty / Department / School: Historic - Faculty of Sciences - Department of Maths and Computing
Date Deposited: 11 Oct 2007 01:21
Last Modified: 02 Jul 2013 22:50
Uncontrolled Keywords: electronic cash; anonymity; integrity; trace ability; hash function; internet purchases; electronic payment transactions; offline payment scheme; role-based access; control certification
Fields of Research : 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150399 Business and Management not elsewhere classified
08 Information and Computing Sciences > 0806 Information Systems > 080609 Information Systems Management
Identification Number or DOI: 10.1109/TKDE.2005.35
URI: http://eprints.usq.edu.au/id/eprint/3161

Actions (login required)

View Item Archive Repository Staff Only