End to end security over the internet

Objective

The aim of this project is to contribute to the growth of the electronic commerce on Internet by developing and installing end-to-end security mechanisms for commercial transactions using the Internet infrastructure. The intention is to make a professional infrastructure that is attractive to businesses and consumers, and to support the economic growth that the Information Society offers. To fulfil this aim we propose to:

- investigate secure commercial and business operations over the Internet and build the corresponding architecture models.
- explore the multi-cultural and multi-country aspects of the models
- implement end user and server facilities, and arrange for user evaluation at all stages
- monitor and contribute to standards and market developments relevant to the field
- build prototype application packages and arrange their assessment by the consortium user members

This project will institute schemes that are appropriate to general forms of transaction, but which share core technologies that will allow businesses to use a common framework for electronic transactions of varying scales and requirements. The approach will be to make a pragmatic assessment of partner requirements, design appropriate solutions for these requirements and generalise across each set to produce the common technology framework for graceful, appropriate, large-scale electronic commerce.

The general technical approach will be to establish electronic transfer schemes for a model of business being adopted by the consortium members, based on the users specifications. There are at least 5 different areas with very different requirements and the initial phase of the project will define a model which covers the key aspects of the different areas.

- Retail. Random customers deal with established merchants for relatively small purchases. The electronic support for this model needs to be lightweight and easily reproducible on a massive scale.
- Business-to-business. Business to business contractual arrangements for long term, scheduled business transactions. Such exchanges are often application to application mediated, with a degree of mutual trust established between the two parties. This area includes transactions from SME to SME, from SME to large organisation, from the administration department to the corporate organisation. This area can also cover the different department activities like sales, marketing, support, human resource, finance, etc...
- EDI.
- Service Subscription.
- Customer Support.

We will focus our work on what we believe to be the two areas for which there is an urgent market demand: retail and business-to-business, especially within the SME context. However, the formal decision on this choice would be the result of the initial phase of this project.

One possible technology for dealing with the payment issues raised by such an "Open Market" approach is the use of smart card technology. Involving smart card in authentication/identification mechanisms is fairly straightforward: smart cards add the dimension "something you have" to the traditional "something you know" mechanism of passwords.

Also related to payment functions, another end-to-end security mechanism is the access-control methods. Typically, a document or service for sale over the Internet shall not reach the end user unless this user has successfully paid.

Fields of science

• natural sciencescomputer and information sciencesinternet
• social scienceseconomics and businessbusiness and managementcommercee-commerce

Programme(s)

• FP4-ESPRIT 4 - Specific research and technological development programme in the field of information technologies, 1994-1998

Topic(s)

• 1.16 - Distributed Systems and Database Technology

Call for proposal

Funding Scheme

Coordinator

Participants (5)