CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

An Anonymous Fair-Exchange E-Commerce Protocol

Indrakshi Ray - Colorado State University

Nov 17, 2004

Size: 206.5MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

Abstract

Many business transactions over the Internet involve the exchange of digital products between two parties -- electronic mails, digital audio and video, electronic contract signing and digital signatures, to name a few. Often these transactions occur between players that do not always have identifiable place of doing business and hence do not trust each other. Consequently, there exists ample scope for any of the parties involved, to misbehave and gain advantage over the other party. To overcome this problem researchers have proposed protocols that ensure fairness, that is, no party can gain an advantage even if the party misbehaves. Most works in this area focus on gathering evidence during the protocol execution that is used later, in case of a dispute. The actual handling of the dispute is done manually, after the protocol execution, and is outside the scope of the protocol. However, in an electronic commerce environment, where the merchants and customers may disappear quickly, such "after-the-fact" protection may be inadequate.



In this work we propose an e-commerce protocol for trading digital products over the Internet. The novel features of our protocol include: (1) ensuring fair exchange, (2) not requiring manual dispute resolution in case of unfair behavior by any party, (3) assuring each party that the item he is about to receive is indeed the correct one, (4) not requiring the active involvement of a trusted third party unless a problem occurs, and (5) ensuring anonymity for the customer.

About the Speaker

Indrakshi Ray is an Assistant Professor of Computer Science at Colorado State University. She received her Ph.D. from George Mason University in the area of Information Technology. Her research spans the areas of computer security, e-commerce, database systems and formal methods. Her research is currently supported by grants from the Airforce Office of Scientific Research, the Airforce Research Laboratory, the Federal Aviation Administration and the National Science Foundation. She was the Program Chair for the 17th IFIP WG 11.3 Conference on Data and Applications Security. She is a Program Committee Member for numerous conferences in Computer Security and Database Technology, such as, ACM Conference on Computer and Communications Security, ACM Symposium on Access Control Models and Technologies, and Extending Database Technology.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.