Designing a Secure E-commerce with Credential Purpose-based Access Control
The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only those parts of the application that an individual user needs to accomplish his or her particular transactions. This paper discusses an access control model based on credential and purpose and how it was proposed to design a secure e-commerce.
2. Agrawal, R., Kiernan, J. and Srikant, R. (2002). Hippocratic Database. Proceedings of the 28th International Conference on Very Large Data Bases, 143-154.
3. Chauduri, S., Kaushik, R., and Ramamurthy, R. (2011). Database Access Control & Privacy: Is There A Common Ground. Proceedings of the 5th Biennial Conference on Innovative Data Systems Research. January 9-12. Asilomar, California, USA, 2010. 96-103.
4. Dagdee, N. and Vijaywargiya, R. (2009b). Credential Based Hybrid Access Control Methodology for Shared Electronic Health Records. International Conference on Information Management and Engineering. 3-5 April. S.D. Bansal Coll. of Technol., Indore. 624-628.
5. LeFevre, K., Agrawal, R., Ercegovac, V. and Ramakrishnan, R. (2004). Limiting Disclosure in Hippocratic Databases. Proceedings of the Thirtieth International Conference on Very Large Data Bases. 30, 108-119.
6. Samarati, P. and De Capitani, S. V. (2001). Access Control: Policies, Models, and Mechanisms. Foundations of Security Analysis and Design. 137-196.
7. Yang, N., Barringer, H., & Zhang, N. (2008). A Purpose-Based Access Control Model. Journal of Information Assurance and Security. 51-58.
8. Yang, C. and Zhang, C. N. (2003). Designing Secure E-commerce with Role-based Access Control. Proceedings of the IEEE International Conference on E-Commerce, 2003. 313-319.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.