• Corpus ID: 166796856

Token-mediated certification and electronic commerce

  title={Token-mediated certification and electronic commerce},
  author={Daniel E. Geer and Donald T. Davis},
Public key technology presumes the availability of certificates and certifying authorities (CAs) living within a shallow hierarchy rooted at a few (n ≪ 100) public CAs. We propose an alternative that lessens the day-today dependence on centralized CAs while deepening the certificate tree. We do this by suggesting that smartcards provide CA functions, thus re-framing some payment problems as simpler authorization problems. 
2 Citations
Using agents to improve security and convenience in mobile e-commerce
  • Jian Tang, J. Veijalainen
  • Computer Science
    Proceedings of the 34th Annual Hawaii International Conference on System Sciences
  • 2001
The main driving force for the rapid acceptance rate of small sized mobile devices to do e-commerce is its increased convenience and efficiency in performing simple transactions compared with the
Systeme de transfert de commande
L'invention concerne un terminal de communication mobile (1) qui transmet ses propres informations d'identification et une demande d'informations d'approbation de transfert de commande a un serveur


Network security via private-key certificates
This system combines a new notion of private-key certificates, a simple key-translation protocol, and key-distribution so that users can communicate securely while sharing neither an encryption key nor a network connection.
Requirements for network payment: the NetCheque perspective
NetCheque is a payment system based on the credit-debit model that meets the requirements of security, reliability, scalability, anonymity, acceptability, customer base, flexibility, convertibility, efficiency, ease of integration with applications, and ease of use.
Compliance Defects in Public Key Cryptography
This paper presents five compliance defects that are inherent in public-key cryptography; these defects make public- key cryptography more suitable for server-to-server security than for desktop applications.
Payment switches for open networks
This work describes the first operational Internet payment switch that provides real-time authorization suitable for direct use by merchant servers and implements switch based authorization and settlement aggregation for micro-payments, and includes an extensive customer support system in order to provide a high level of customer confidence in electronic commerce.
Authentication in distributed systems: theory and practice
A theory of authentication and a system that implements it, based on the notion of principal and a "speaks for" relation between principals, that explains how to reason about a principal's authority by deducing the other principals it can speak for.
Decentralized trust management
This paper presents a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships, and describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services.
Robustness Principles for Public Key Protocols
A number of attacks, some new, on public key protocols are presented, and a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which can be exploited.
On the Factorization of RSA-120
This work presents data concerning the factorization of the 120-digit number RSA-120, which was factored on July 9, 1993, using the quadratic sieve method, and discusses the issue of the crossover point between these two methods.
Arini, Mustika. 2007. Racism in “To Kill A Mockingbird” Novel: Genetic Structuralism Approach. Unpublished: Muhammadiyah University of Surakarta. Blake, Nelson Manfred. 1972. A History of American