Web Information Systems Engineering, International Conference on (2001)
Dec. 3, 2001 to Dec. 6, 2001
Hua Wang , University of Southern Queensland
Jinli Cao , University of Southern Queensland
Yanchuan Zhang , University of Tasmania
This paper proposes a secure, scalable anonymity and practical payment protocol for Internet purchases, and uses role based access control (RBAC) to manage the new payment scheme. The protocol uses electronic cash for payment transactions. In this new protocol, from the viewpoint of banks, consumers can improve anonymity if they are worried about disclosure of their identities. An agent provides a higher anonymous certificate and improves the security of the consumers. The agent will certify re-encrypted data after verifying the validity of the content from consumers, but with no private information of the consumers required. With this new method, each consumer can get the required anonymity level, depending on the available time, computation and cost.We also analyse how to prevent a consumer from spending a coin more than once. Furthermore, we use RBAC to manage the new payment scheme. Each user may be assigned one or more roles, and each role can be assigned one or more privileges that are permitted to users in that role. Security administration with RBAC consists of determining operations that must be executed by persons in particular jobs, and assigning employees to proper roles. RBAC can improve system security and reduce conflicts of different roles. The complexities with RBAC can be decreased by mutually exclusive roles and role hierarchies.
Electronic-cash, Anonymity, Traceability, Hash function.
Y. Zhang, J. Cao and H. Wang, "A Consumer Scalable Anonymity Payment Scheme with Role-Based Access Control," Proceedings of 2nd International Conference on Web Information Systems Engineering(WISE), Kyoto, Japan, 2001, pp. 0053.