Receipt Management- Transaction History based Trust Establishment

Get BibTex-formatted data

Download

PDF

Author

Abhilasha Bhargav-Spantzel, Jungha Woo, Elisa Bertino

Tech report number

CERIAS TR 2007-32

Entry type

article

Abstract

In a history-based trust-management system, users and service providers use information about past transactions to make trust-based decisions concerning current transactions. One category of such systems is represented by the reputation systems. However, despite the growing body of experience in building reputation systems, there are several limitations on how they are typically implemented. They often rely on scores that are evaluated by service providers and are often not reliable or well understood. We believe that reputation has to be based on objective and reliable information. In such context, transaction histories play an important role. In this paper, we present the VeryIDX system that implements an electronic receipt infrastructure and supports protocols to build and manage online transaction history of users. The receipt protocols are shown to have several essential security and privacy properties. We present a basic yet reasonably expressive language which provides service providers with a new way to establish trust based on users' transaction history. We also describe the architecture and prototype implementation of VeryIDX, based on several important design considerations of a real-world e-commerce system infrastructure.

Download

PDF

Date

2007

URL

http://homes.cerias.purdue.edu/~bhargav/pdf/ReceiptDIM07.pdf

Booktitle

In the Proceedings of the ACM CCS DIM '07

Institution

Purdue University

Key alpha

Identity Management, History Based Access Control, Trust, Security, Privacy

School

Computer Science Department

Affiliation

CERIAS

Publication Date

2007-01-01

Subject

Identity Management, Security, Privacy, History based Access COntrol

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Identity Management, History Based Access Control, Trust, Security, Privacy,
	title = "Receipt Management- Transaction History based Trust Establishment",
	author = "Abhilasha Bhargav-Spantzel, Jungha Woo, Elisa Bertino",
	year = "2007",
	booktitle = "In the Proceedings of the ACM CCS DIM '07",
	institution = "Purdue University",
	school = "Computer Science Department",
	abstract = "In a history-based trust-management system, users and service providers use
information about past transactions to make trust-based decisions concerning
current transactions. One category of such systems is represented by the
reputation systems. However, despite the growing body of experience in building
reputation systems, there are several limitations on how they are typically
implemented. They often rely on scores that are evaluated by service providers
and are often not reliable or well understood. We believe that reputation has
to be based on objective and reliable information. In such context, transaction
histories play an important role. In this paper, we present  the VeryIDX system
that implements an electronic receipt infrastructure and supports protocols to
build and manage online transaction history of users. The receipt protocols are
shown to have several essential security and privacy properties. We present a
basic yet reasonably expressive language which provides service providers with
a new way to establish trust based on users' transaction history. We also
describe the architecture and prototype implementation of VeryIDX, based on
several important design considerations of a real-world e-commerce system
infrastructure.",
	affiliation = "CERIAS",
	subject = "Identity Management, Security, Privacy, History based Access COntrol",
	url = "http://homes.cerias.purdue.edu/~bhargav/pdf/ReceiptDIM07.pdf",
}