Academic literature on the topic 'Mobile commerce – Cryptography'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Mobile commerce – Cryptography.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Journal articles on the topic "Mobile commerce – Cryptography"
1
Lizama Pérez, Luis Adrián, Leonardo Javier Montiel Arrieta, Flor Seleyda Hernández Mendoza, Luis Adrián Lizama Servín, and Eric Simancas Acevedo. "Public hash signature for mobile network devices." Ingeniería Investigación y Tecnología 20, no. 2 (2019): 1–10. http://dx.doi.org/10.22201/fi.25940732e.2019.20n2.018.
Full textAbstract:
In this work we have developed a digital signature protocol using hash functions that once implemented on mobile devices have demonstrated to be secure and efficient. It has been incorporated a model for a Certification Authority to exchange public keys between users. This work constitutes an experimental research, which bears a certain resemblance to theoretical research, but is not intended to propose a new theory, but to establish the behavior of a system to know its characteristics, in order to improve its knowledge and/or its performance. The hash signature system was tested on mobile communication devices. The experimental results show that the hash signature improves the efficiency to generate the cryptographic keys and the signing and verification processes when compared to ECC. Likewise, when generating 2048 keys, the hash signature is faster than RSA. In addition, the larger RSA keys consume a significative time, while the hash does not require to increase the size of the keys. Although we have not included here a formal analysis about the protocol, we highlight some points that improve the security of the proposed protocol. Finally, this work constitutes a new approach to public key cryptography based on hash functions that could be used to make digital signatures in electronic commerce. This method is suitable for mobile network devices due to the high speed and low hardware requirements of the hash functions. The method described here, which is compatible with hash functions, belongs to the field of post-quantum cryptography. The security of the method is based on the security of the hash cryptography, which is widely known and discussed.
2
Tan, Zuo Wen. "A Note on an Enhanced Three-Party Authentication Key Exchange Protocol." Key Engineering Materials 439-440 (June 2010): 1367–72. http://dx.doi.org/10.4028/www.scientific.net/kem.439-440.1367.
Full textAbstract:
Recently, Chen et al. proposed an efficient three-party encrypted key exchange protocol based upon Schnorr’s digital signature scheme with fewer rounds. However, J.H. Yang and C. C. Chang showed that Chen et al.’s protocol still has the high computation cost and communication cost. Moreover, Chen et al.’s protocol suffers from stolen-verifier attacks. Then J.H. Yang and C. C. Chang proposed a three-party authenticated key exchange protocol without password by using elliptic curve cryptography. Their improved protocol requires smaller transmitted message size and less communication times, which is well suitable for resource-limited environments such as mobile communication and mobile commerce. Unfortunately, we find that Yang et al.’s protocol is vulnerable to replay attacks, denial-of-Service attacks and impersonation attacks.
3
Yang, Jen-Ho, and Chin-Chen Chang. "An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments." Journal of Systems and Software 82, no. 9 (2009): 1497–502. http://dx.doi.org/10.1016/j.jss.2009.03.075.
Full text
4
Ramasamy, Priya, Vidhyapriya Ranganathan, Venketesh Palanisamy, and Seifedine Kadry. "Securing one-time password generation using elliptic-curve cryptography with self-portrait photograph for mobile commerce application." Multimedia Tools and Applications 79, no. 23-24 (2019): 17081–99. http://dx.doi.org/10.1007/s11042-019-7615-3.
Full text
5
He, Debiao, Yitao Chen, and Jianhua Chen. "An Id-Based Three-Party Authenticated Key Exchange Protocol Using Elliptic Curve Cryptography for Mobile-Commerce Environments." Arabian Journal for Science and Engineering 38, no. 8 (2013): 2055–61. http://dx.doi.org/10.1007/s13369-013-0575-4.
Full text
6
Tso, Raylin. "Untraceable and Anonymous Mobile Payment Scheme Based on Near Field Communication." Symmetry 10, no. 12 (2018): 685. http://dx.doi.org/10.3390/sym10120685.
Full textAbstract:
With the developments of mobile communications, M-commerce has become increasingly popular in recent years. However, most M-commerce schemes ignore user anonymity during online transactions. As a result, user transactions may easily be traced by shops, banks or by Internet Service Providers (ISPs). To deal with this problem, we introduce a new anonymous mobile payment scheme in this paper. Our new scheme has the following features: (1) Password-based authentication: authentication of users is done by low-entropy password; (2) Convenience: the new scheme is designed based on near field communication (NFC)-enabled devices and is compatible with EuroPay, MasterCard and Visa (EMV-compatible); (3) Efficiency: users do not need to have their own public/private key pairs and confidentiality is achieved via symmetric-key cryptography; (4) Anonymity: users use virtual accounts in the online shopping processes, thereby preventing attackers from obtaining user information even if the transaction is eavesdropped; (5) Untraceablity: no one (even the bank, Trusted Service Manager (TSM), or the shop) can trace a transaction and link the real identity with the buyer of a transaction; (6) Confidentiality and authenticity: all the transaction is either encrypted or signed by the sender so our new scheme can provide confidentiality and authenticity. We also present the performance and the security comparison of our scheme with other schemes. The results show that our scheme is applicable and has the most remarkable features among the existing schemes.
7
M E, Raghu, and K. C Ravishankar. "Encryption and Decryption of an Image Data – a Parallel Approach." International Journal of Engineering & Technology 7, no. 3.34 (2018): 674. http://dx.doi.org/10.14419/ijet.v7i3.34.19414.
Full textAbstract:
Multimedia data has been essential part of our lives, from instant messaging application to social media. Instant messaging applications like WhatsApp uses AES 256 bit key for security purpose. The security measures are taken so as to protect the data from unauthorized access and to ensure privacy. This paper mainly considers image data as source for encryption and decryption. Along with text, AES algorithm is used for image cryptography, in its suitable way. The AES algorithm is chosen because of its highly secured way of encryption and decryption. Time required for the procedure of encryption and decryption is also measured. Present use of Internet, mobile and socialmedia made images considerable value in our daily life. Securing multimedia data is becoming an important issue in communication and storage. Secured communication of digital images is needed in many areas, such as electronic commerce,medical imaging systems, mobile check deposit, online photograph album, military image communication, etc.., There is a need of developing fast encryption methodologies for such communication
8
Issad, M., N. Anane, A. M. Bellemou, and B. Boudraa. "Secure Hybrid Crypto-system AES/RSA on FPGA for Data Communication." Malaysian Journal of Computing and Applied Mathematics 3, no. 1 (2020): 14–23. http://dx.doi.org/10.37231/myjcam.2020.3.1.38.
Full textAbstract:
With the development of information technologies, our environment is surrounded by digital data that transit via networks. When data are important, they become vulnerable to external attacks which can be avoided by using cryptography which provides confidentiality, integrity and availability required to secure digital data transactions such as e- commerce, mobile telephony and Internet. This paper deals with securing data transmitted over a network composed by a server and several clients, where a security platform has been integrated into the server and embedded on an FPGA circuit. The protection of data transfer between clients is provided by hybrid cryptography combining symmetric and asymmetric cryptographies. The security of client-server communication is ensured by the AES protocol and the Diffie-Hellman key exchange protocol. To offer a good management of keys and their sharing, a dedicated system for generating keys is designed to fit with public key infrastructures. This system is a part of the server and has been implemented using JAVA language and executed on a computer. This communication system provides a Graphical User Interface (GUI) offering to clients ease and flexibility in transferring their data.
9
Islam, S. K. Hafizul, Ruhul Amin, G. P. Biswas, Mohammad Sabzinejad Farash, Xiong Li, and Saru Kumari. "An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments." Journal of King Saud University - Computer and Information Sciences 29, no. 3 (2017): 311–24. http://dx.doi.org/10.1016/j.jksuci.2015.08.002.
Full text
10
Mochammad Rizky Royani and Arief Wibowo. "Web Service Implementation in Logistics Company uses JSON Web Token and RC4 Cryptography Algorithm." Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 4, no. 3 (2020): 591–600. http://dx.doi.org/10.29207/resti.v4i3.1952.
Full textAbstract:
The development of e-commerce in Indonesia in the last five years has significantly increased the growth for logistics service companies. The Indonesian Logistics and Forwarders Association (ALFI) has predicted the growth potential of the logistics business in Indonesia to reach more than 30% by 2020. One of the efforts of logistics business companies to improve services in the logistics services business competition is to implement web service technology on mobile platforms, to easy access to services for customers. This research aims to build a web service with a RESTful approach. The REST architecture has limitations in the form of no authentication mechanism, so users can access and modify data. To improve its services, JSON Web Token (JWT) technology is needed in the authentication process and security of access rights. In terms of data storage and transmission security, a cryptographic algorithm is also needed to encrypt and maintain confidentiality in the database. RC4 algorithm is a cryptographic algorithm that is famous for its speed in the encoding process. RC4 encryption results are processed with the Base64 Algorithm so that encrypted messages can be stored in a database. The combination of the RC4 method with the Base64 method has strengthened aspects of database security. This research resulted in a prototype application that was built with a combination of web service methods, JWT and cryptographic techniques. The test results show that the web service application at the logistics service company that was created can run well with relatively fast access time, which is an average of 176 ms. With this access time, the process of managing data and information becomes more efficient because before making this application the process of handling a transaction takes up to 20 minutes.
Dissertations / Theses on the topic "Mobile commerce – Cryptography"
1
Alimi, Vincent. "Contributions au déploiement des services mobiles et à l'analyse de la sécurité des transactions." Phd thesis, Caen, 2012. http://www.theses.fr/2012CAEN2061.
Full textAbstract:
Les transactions électroniques ont ouvert la voie à une multitude de possibilités déclinées sous diverses formes : le portail internet d’une banque pour consulter ses comptes, une carte à puce permettant d’ouvrir une porte ou de valider son titre de transport en commun, une application téléchargée sur un ordinateur ou un équipement mobile comme un assistant personnel numérique ou un téléphone portable. Cette dernière catégorie d’´equipement mobile est extrêmement porteuse en termes d’offres de services. En effet, un mobile est un équipement nomade, connecté à l’Internet avec des débits de plus en plus élevés, et il est aussi de plus en plus puissant. Avec l’avènement de la technologie NFC (Near Field Communication) et des architectures sécurisées, le mobile a maintenant la possibilité d’héberger des applications sensibles dans une puce sécurisée, appelée « Secure Element ». Contrairement aux facteurs de formes plastiques, le Secure Element est un environnement dynamique sur lequel on peut charger des applications qui seront accessibles par un lecteur comme un terminal de paiement ou un lecteur de badge d’accès à un bâtiment. On parle alors de service mobile sans-contact ou de service mobile NFC. Nous proposons dans cette thèse d’apporter plusieurs contributions pour faciliter le déploiement de services mobiles exploitant un Secure Element. L’adoption de ce type de service pour des applications `a forte valeur ajoutée passe par une infrastructure et des outils partagés par les différents acteurs. Dans un premier temps, nous proposons trois contributions pour l’aide au déploiement de services mobiles basé sur un Secure Element afin de : faciliter la personnalisation d’un Secure Element par un TSM non propriétaire de celui-ci, faciliter l’échange de clés pour le TSM et réaliser une transaction avec un téléphone mobile comme Terminal de Paiement Electronique). Dans un second temps, nous nous intéressons à l’analyse de la sécurité des transactions de paiement<br>Electronic transactions have paved the way for a multitude of services in various forms : a home banking web portal, an access control smart card opening a door or paying a transit fare, or an application downloaded onto a computer or a mobile device such a personal digital assistant or a mobile phone. The latter category of mobile equipment is extremely promising in terms of service offers. Indeed, a mobile handheld device is connected to the Internet with speeds higher and higher and is also more powerful. With the advent of the NFC (Near Field Communication) technology and secure architectures, mobile devices now has the ability to host sensitive applications in a secure chip, called « Secure Element ». Unlike plastic form factors, the Secure Element is a dynamic environment where you can download applications that will be accessible by a reader such as a point of sale or an access control reader. Those services are called mobile contactless services or NFC mobile services. We propose in this thesis several contributions to facilitate the deployment of mobile services based on a Secure Element. The adoption of this high added value services relies on an infrastructure and tools shared by different actors. As a first step, we propose three contributions to aid the deployment of mobile services Secure Element based allowing to: facilitate the personalization of a Secure Element by a TSM non-owner thereof, facilitate the exchange of keys for the TSM and perform a transaction with a mobile phone as a point of sale. In a second step, we focus on the analysis of payment transactions
2
Gaber, Chrystel. "Sécurisation d'un système de transactions sur terminaux mobiles." Phd thesis, Université de Caen, 2013. http://tel.archives-ouvertes.fr/tel-01009369.
Full textAbstract:
Les transactions sur mobile suscitent depuis quelques années un intérêt grandissant. Cette thèse se place dans le contexte d'un tel service géré par un opérateur de téléphonie mobile. Les transactions sont réalisées entre souscrivants du service uniquement à l'aide de monnaie électronique privative émise par l'opérateur. Le problème de cette thèse réside dans la sécurisation de ces types de services. Nous proposons dans cette thèse une architecture permettant de garantir une sécurité de bout-en-bout entre l'application et la plateforme de paiement. Celle-ci est basée sur l'utilisation conjoint d'un élément de sécurité SE et d'un environnement d'exécution sécu risée TEE. Différentes transactions ont été considérées, paiement marchand et transferts entre particuliers, ainsi que différents modes, tout-connecté, déconnecté ou semi-connecté. Les protocoles proposés ont été vérifiés formellement et leurs performances ont été étudiées. Une étude comparative entre différents algorithmes de classification est également réalisée pour les adapter à la détection de la fraude. A cet effet, le système de paiement et le comportement de ses utilisateurs a été modélisé pour créer un générateur de données synthétiques. Une validation préliminaire de ce simulateur a été réalisée. L'originalité du simulateur est qu'il se base sur l'exploitati on de données provenant d'un service déployé sur le terrain.
3
Fourati, Alia. "Approches de sécurisation pour le commerce électronique sur les réseaux mobiles." Toulouse 3, 2005. http://www.theses.fr/2005TOU30166.
Full textAbstract:
Dans une transaction type de m-commerce (commerce mobile), un client mobile se connecte à un serveur marchand pour effectuer des achats. La sécurisation de ces transactions est une tâche indispensable puisqu'elles transmettent des données sensibles, telles que les coordonnées bancaires des clients. De ce fait, le développement du marché du m-commerce s'avère être étroitement lié au niveau de sécurité offert par les réseaux qui les véhiculent. Cette thèse se propose d'étudier les besoins de sécurité, puis d'offrir des schémas de sécurité appropriés pour les applications de m-commerce, et ce dans différents contextes de propagation. Dans les premiers travaux de la thèse, nous nous sommes intéressés au contexte du m-commerce sur le WAP1. X. Nous avons ainsi proposé le protocole WSET pour sécuriser le paiement du m-commerce sur le WAP1. X. Ce protocole est inspiré des protocoles SET et WTLS, et permet de contourner la faille du “WAP Gap”, ainsi qu'une nouvelle faille identifiée, celle du “marchand malhonnête”. WSET offre la sécurité de bout en bout des coordonnées bancaires entre le client et la passerelle de paiement. Nous nous sommes ensuite focalisés sur le déploiement de l'application d'enchères sur les réseaux adhoc. Ce nouveau type de WLAN représente en effet un support de déploiement attrayant pour cette application de par les nouvelles possibilités qu'il offre (absence d'infrastructure, rapidité et faible coût de déploiement, ubiquité et auto-gestion). Cependant, ces réseaux de nature radio présentent plusieurs vulnérabilités. Pour que le déploiement des enchères sur les réseaux ad hoc soit possible, nous nous sommes penchés d'abord sur la sécurisation du réseau ad hoc support. Un schéma de sécurité distribué et auto-géré a alors été défini pour le protocole de routage OLSR régissant le réseau ad hoc. Ce schéma assure l'intégrité des messages de contrôle tout en respectant les caractéristiques des réseaux ad hoc. Enfin, une architecture d'un modèle d'enchères déployé sur les réseaux ad hoc a été spécifiée. Ce modèle original permet la mise en place spontanée d'une application d'enchères n'importe où et n'importe quand, respectant ainsi les caractéristiques de leur réseau de déploiement. A ce modèle d'enchères, nous avons ensuite introduit des schémas répondant à ses besoins fondamentaux : l'intégrité des mises et l'équité de l'enchérissement. Nous avons proposé un algorithme de sécurité distribué, basé sur les techniques de la cryptographie à seuil, et assurant l'intégrité des offres. La considération de l'équité, ainsi que des paramètres du réseau de déploiement, a enfin permis de calculer la durée des tours théorique et nécessaire à l'équité de l'enchérissement<br>In a typical m-commerce (mobile commerce) transaction, a mobile client connects to a merchant server in order to carry out purchases. Securing these transactions is a fundamental task since they transmit critical data, such as the client credit card number. Therefore, the development of the m-commerce becomes closely related to the security level offered by their networks support. This thesis aims to study the security requirements, and then to offer suitable securing schemes to m-commerce applications conducted in various contexts of propagation. In the first works, we have focused on the context of m-commerce over WAP1. X. We have then proposed a protocol, WSET, securing the m-commerce payment over the WAP1. X mobile networks. This protocol is inspired from the SET and WTLS protocols, and avoids two security flaws: the well known “WAP Gap” flaw; and a new identified security flaw which we have named the “the dishonest merchant”. WSET offers an end to end security to the payment data between the client and the payment gateway. In the following works, we have focused on the deployment of auctions over ad hoc networks. In fact, this new kind of WLAN represents an attractive deployment support for this application, due to the new possibilities that it offers (absence of infrastructure, rapidity and low cost of deployment, ubiquity, and self-management). However, these radio networks present many vulnerabilities. .
4
Van, der Merwe Pieter Ben. "Mobile commerce over GSM a banking perspective on security /." 2003. http://upetd.up.ac.za/thesis/available/etd-07202004-111814.
Full text
5
Yu, Min-Chieh. "A secure mobile agent e-commerce protocol." Thesis, 2015. http://hdl.handle.net/1805/10117.
Full textAbstract:
Indiana University-Purdue University Indianapolis (IUPUI)<br>There are many advantages of mobile agent such as delegation of tasks, asynchronous processing, adaptable service in interfaces, and code shipping. Mobile agents can be utilized in many areas such as electronic commerce, information retrieval, network management, etc. The main problem with mobile agents is security. The three basic security design goals of a system are confidentiality, integrity, and availability. The goal of this thesis concerns the property of secure purchasing by mobile agents. First present Jalal's anonymous authentication protocol. Next, we construct our single mobile agent protocol based on Jalal's authentication technique. Also, we add some addition cryptography techniques to make the data more secure during its migration. Lastly, we build a multiple mobile agent protocol based on the single mobile agent protocol. Here, the multiple mobile agents are capable to make the decision and purchase the item for user.
6
Van, der Merwe Pieter Ben. "Mobile commerce over GSM: A banking perspective on security." Diss., 2004. http://hdl.handle.net/2263/26431.
Full textAbstract:
GSM has changed the face of communication and information exchange, much as the Internet did. With the advances made in the mobile technology arena, new opportunities are created. Mobile Commerce (m-Commerce) is one such opportunity. Each new advance in technology brings with it associated risks. This dissertation focuses on the risks involved with m-Commerce for the banking industry. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m-Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels.<br>Dissertation (M.Sc (Electronics))--University of Pretoria, 2005.<br>Electrical, Electronic and Computer Engineering<br>unrestricted
Book chapters on the topic "Mobile commerce – Cryptography"
1
Sánchez Guerrero, Javier, Sandra Carrillo Ríos, Darwin García Herrera, and Julio Mocha-Bonilla. "Cryptographic Systems and Threats in e-Commerce." In Internet of Things, Infrastructures and Mobile Applications. Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-49932-7_47.
Full text
2
Harshita, Sarvesh Tanwar, and Sarvesh Tanwar. "Security Issues and Countermeasures of Online Transaction in E-Commerce." In Mobile Commerce. IGI Global, 2018. http://dx.doi.org/10.4018/978-1-5225-2599-8.ch046.
Full textAbstract:
Nowadays, e-commerce is one of the most growing sectors in the field of internet. It gives the flexibility to shop online, transact online, transfer money online and many more feature to its internet users. As the growth of e-commerce increases, e-commerce security also comes out a major concern to ensure its user a secure transaction without any fear over the network. Banking sector is one of the most prominent sectors of growth in world of e-commerce, but as its demand increases the security and risks along with it also increases. E-commerce security must ensure major security features of cryptography: privacy, authentication, access control, confidentiality and protect data from un-authorized access. In this chapter, all aspects regarding e-commerce describes from its introduction to its security, countermeasures and an example of doing secure payment from any website.
3
Leong, Leslie, and Andrzej T. Jarmoszko. "Cryptography." In Information Security and Ethics. IGI Global, 2008. http://dx.doi.org/10.4018/978-1-59904-937-3.ch231.
Full textAbstract:
The emphasis and increased awareness of information security require an understanding and knowledge of the technology that supports it. As the risks and complexity of security keep growing along with the development of the Internet and e-commerce, securing information has become of utmost importance. With the worries about cyber-terrorism, hackers, and white-collar crimes, the demand for a stronger security mechanism in cryptography becomes apparent. Although wireless cryptography is still in its infancy, there are encryption technologies that may support the limitations of a mobile device.
4
Samundeeswari, E. S., and F. Mary Magdalene Jane. "Mobile Code and Security Issues." In Mobile and Ubiquitous Commerce. IGI Global, 2009. http://dx.doi.org/10.4018/978-1-60566-366-1.ch014.
Full textAbstract:
Over the years computer systems have evolved from centralized monolithic computing devices supporting static applications, into client-server environments that allow complex forms of distributed computing. Throughout this evolution limited forms of code mobility have existed. The explosion in the use of the World Wide Web coupled with the rapid evolution of the platform independent programming languages has promoted the use of mobile code and at the same time raised some important security issues. This chapter introduces mobile code technology and discusses the related security issues. The first part of the chapter deals with the need for mobile codes and the various methods of categorizing them. One method of categorising the mobile code is based on code mobility. Different forms of code mobility like code on demand, remote evaluation and mobile agents are explained in detail. The other method is based on the type of code distributed. Various types of codes like Source Code, Intermediate Code, Platform-dependent Binary Code, Just-in-Time Compilation are explained. Mobile agents, as autonomously migrating software entities, present great challenges to the design and implementation of security mechanisms. The second part of this chapter deals with the security issues. These issues are broadly divided into code related issues and host related issues. Techniques like Sandboxing, Code signing and Proof carrying code are widely applied to protect the hosts. Execution tracing, Mobile cryptography, Obfuscated code, Co-Operating Agents are used to protect the code from harmful agents. The security mechanisms like language support for safety, OS level security and safety policies are discussed in the last section. In order to make the mobile code approach practical, it is essential to understand mobile code technology. Advanced and innovative solutions are to be developed to restrict the operations that mobile code can perform but without unduly restricting its functionality. It is also necessary to develop formal, extremely easy to use safety measures.
5
Hua, Feng, and Sheng-Uei Guan. "Agents and Payment Systems in E-Commerce." In Internet Commerce and Software Agents. IGI Global, 2001. http://dx.doi.org/10.4018/978-1-930708-01-3.ch017.
Full textAbstract:
Since the 1990s, the World Wide Web has brought about innumerable changes to the ways enterprises do business. Electronic commerce is emerging as one of the most important applications on the Internet. The use of agents in e-commerce is a new research area. Agents can provide effective, fast, and cheap ways to make deals and execute transactions in cyberspace. Abstract representations of value have been developed from metal, paper notes, and bank checks to savings cards, credit cards, and now electronic forms. This chapter presents a brief survey of existing different types of payment systems and focuses on mobile agent-based computing trends in e-commerce. By combining software agent technology with cryptographic techniques, an agent-based e-payment scheme built for the SAFER e-commerce architecture is proposed, which is aimed to provide a flexible and secure financial infrastructure for Internet commerce.
6
Guan, Sheng-Uei. "E-Commerce Agents and Payment Systems." In Electronic Business. IGI Global, 2009. http://dx.doi.org/10.4018/978-1-60566-056-1.ch051.
Full textAbstract:
An emerging outcome of the popularization of the Internet is the electronic commerce and payment systems, which present great opportunities for businesses, reduce transaction costs, and provide faster transaction time. Research has been conducted with new technologies, like mobile Internet used by business models (Baek & Hong, 2003). However, before using the Internet, it is essential to provide security in transferring monetary value over the Internet. Quite a number of protocols have been proposed for these secure payment systems, including NetBill, NetCheque, Open Market, iKP, Millicent, SET (Sherift & Serhrouchni, 1998), ECash (Brands, 1995), NetCash, CAFÉ (Mjolsnes & Michelson, 1997), EMV cards (Khu-Smith & Mitchell, 2002), and so forth. These systems are designed to meet diverse requirements, each with particular attributes. Automation and intelligence is another issue that poses challenges in the development of e-commerce. Agent technology has been incorporated into the area of e-commerce to provide automation and intelligence for the e-trade process. Agent is a software program, which is capable of accomplishing tasks autonomously on behalf of its user. Agents must provide highly trustworthy consistency and fault tolerance to avoid eavesdropping and fraud. Also, they should have roaming capability so as to extend their capabilities well beyond the limitations of owners’ computers. This article will discuss some related components under the Secure Agent Fabrication, Evolution, and Roaming (SAFER) architecture (Guan & Hua, 2003; Guan & Yang, 2004; Guan & Zhu, 2002; Ng, Guan, & Zhu, 2002; Zhu, Guan, Yang, & Ko, 2000) and propose an agent-based payment scheme for SAFER. Different types of electronic payment systems have been developed to meet their diverse requirements, which generally include integrity, authorization, confidentiality, availability, and reliability for security requirements (Asokan & Johnson, 1997). Payment systems can be classi- fied in a variety of ways according to their characteristics (Dahab & Ferreira, 1998), such as the exchange model (cash like, check like or hybrid), central authority contact (online or offline), hardware requirements (specific or general), payment amount (micropayment), and so forth. Among all the available payment schemes in the market, e-cash is one of the best in terms of security, flexibility, and full anonymity. E-cash is a cash-like online system that uses electronic coins as tokens. E-cash has its unique advantages, such as flexibility, integrity, and full anonymity that cannot be found in electronic check and credit card-based systems. It uses cryptographic techniques to provide full anonymity. The agent based payment scheme for SAFER adopts some similar principles and concepts of e-cash.
7
Lin, Koong, Chad Lin, and Huei Leu. "Decision Analysis for Business to Adopt RFID." In Ubiquitous and Pervasive Computing. IGI Global, 2010. http://dx.doi.org/10.4018/978-1-60566-960-1.ch076.
Full textAbstract:
The need for more and more flexibility (in terms of time and location) in business operations, context-based services, decentralization of business processes, and information processing and innovative services has introduced new ubiquitous environments, sensing technologies, and pervasive devices. This new category of devices, sensors, and ubiquitous environments, has the capabilities to observe the users all the time using sensors; provide timely information to service providers using communication channels; and offer accurate services to users anywhere and anytime through tiny mobile terminals. This chapter provides the users of the pervasive business technologies an overview of the basic infrastructure and protocols used to form these ubiquitous wireless environments and provide context-based comfort, while taking care of confidentiality, secrecy, integrity, and authenticity. Along with an introduction to the markup languages, protocols, and security threats, the chapter concludes with the discussion of a range of common biometric, cryptographic, and routing solutions. The spending for RFID (radio frequency identification) has been increasing rapidly in recent years. According to Gartner, global spending on RFID is likely to reach US$3 billion by 2010 (CNET, 2005). In addition, interests continue to grow for the adoption of this mobile computing and commerce device in many different types of applications (ABI, 2006). In 2005, Wal-Mart asked its top 100 suppliers to use RFID tags, and this had a profound effect on the projected growth of RFID technology as well as potential applications in the industrial, defense, and retails sectors (Albertsons, 2004). However, very few studies have examined and evaluated the adoption of RFID options by the organizations. Organizations face various risks and uncertainties when assessing the adopted mobile technologies. Different organizations are likely to encounter different challenges and problems. This research aims to develop a mechanism that can help organizations to specify their risks and choose a suitable adoption alternative. This research has adopted the AHP (analytic hierarchy process) methodology to analyze the data, as it is useful for analyzing different RFID adoption alternatives and can assist organizations in predicting the possible issues and challenges when adopting RFID. The objectives of this article are to: (1) describe basic components of a mobile computing and commerce device, RFID; and (2) explore the current practices, issues, and applications in this mobile technology.
Conference papers on the topic "Mobile commerce – Cryptography"
1
Shen, Guicheng, and Xuefeng Zheng. "Java Cryptography Architecture and Security of Electronic Commerce." In 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM). IEEE, 2008. http://dx.doi.org/10.1109/wicom.2008.2125.
Full text
2
Wang, T. I., K. H. Tsai, and M. C. Lee. "A two-layer cryptographic scheme for an e-service framework based on mobile agents." In IEEE International Conference on e-Technology, e-Commerce and e-Service, 2004. EEE '04. 2004. IEEE, 2004. http://dx.doi.org/10.1109/eee.2004.1287294.
Full text