Wang, Hua and Cao, Jinli and Zhang, Yanchun (2004) An electronic cash scheme and its management. Concurrent Engineering: Research and Application Journal, 12 (3). pp. 247-257. ISSN 1063-293X
A secure electronic cash scheme and its role-based access control (RBAC) management are proposed in this paper. The scheme uses electronic cash for payment transactions. In this protocol, from the viewpoint of banks, consumers can improve anonymity if they are worried about disclosure of their identities. A new role called anonymity provider agent (AP) provides a highly anonymous certificate for consumers during a payment processing. The role AP certifies re-encrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. Each consumer can get a required anonymity level through this new method, depending on the available time, computation and cost. Consumers can also use different banks (cross-payment) and anonymity provider agents (multiple APs) without double-spending problems.
Role-based access control is widely used in system management and products since its advantages such as reducing administration cost and complexity. However, conflicting problems may arise between roles when RBAC is applied for system management. For example, mutually exclusive roles may be granted to a user with RBAC and the user may have or derive a high level of authority. To solve these problems, we analyze the duty separation constraints of the roles and role hierarchies in the scheme, then discuss how to grant a role to a user.
Statistics for this ePrint Item
|Item Type:||Article (Commonwealth Reporting Category C)|
|Item Status:||Live Archive|
|Faculty / Department / School:||Historic - Faculty of Sciences - Department of Maths and Computing|
|Date Deposited:||25 Oct 2007 23:13|
|Last Modified:||02 Jul 2013 22:50|
|Uncontrolled Keywords:||payment scheme, electronic cash, RBAC, AP agent, authorization, signature|
|Fields of Research :||15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150301 Business Information Management (incl. Records, Knowledge and Information Management, and Intelligence)
08 Information and Computing Sciences > 0807 Library and Information Studies > 080708 Records and Information Management (excl. Business Records and Information Management)
08 Information and Computing Sciences > 0807 Library and Information Studies > 080704 Information Retrieval and Web Search
|Identification Number or DOI:||doi: 10.1177/1063293X04046194|
Actions (login required)
|Archive Repository Staff Only|