Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction and Overview
Transaction Objectives
Transaction Protocol Auxiliary Messages
The Transaction Protocol
Complaints and Failure Analysis
Conclusion
References
All Topics
Computer Science
Cybersecurity

NetBill security and transaction protocol

Profile image of Marvin SirbuMarvin Sirbu

1995

Abstract

cyberspace with no easily identifiable place of business for the merchant or physical delivery site for the customer. Transactions are subject to observation by third parties sharing the network. And the use of computers to support transactions makes record keeping easier, exacerbating privacy problems arising from transaction data collection by merchants. Supporting transactions in cyberspace requires electronic analogs for many familiar procedures from face-to-face transactions. Parties need to know with whom they are dealing, or at least verify their creditworthiness. They need to be able to negotiate prices, perhaps providing credentials entitling them to special discounts, such as a student ID. Parents need methods to control where their children shop in cyberspace. In the case of information goods, the value of an item may be as low as a few cents, requiring transaction mechanisms which impose per-transaction overheads much smaller than those for typical check and credit card purchases. Merchants need to restrict the class of customers they support based on their credentials, to restrict distribution of sensitive materials. We are building a system called NetBill which is optimized for the selling and delivery of low-priced network goods. A customer, represented by a client computer, wishes to buy information from a merchant's server. An account server (the NetBill server), maintains accounts for both customers and merchants, linked to conventional financial institutions. A NetBill transaction transfers information goods from merchant to customer, debiting the customer's NetBill account and crediting the merchant's account for the value of the goods. When necessary, funds in a customer's NetBill account can be replenished from a bank or credit card; similarly, funds in a merchant's NetBill account are made available by depositing them in the merchant's bank account. NetBill acts as an aggregator to combine many small transactions into larger conventional transactions, amortizing conventional overhead fees. The transfer of an information good consists of delivering bits to the customer. Users may be charged on a per item basis, by a subscription allowing unlimited

Related papers

Billing System Design Based on Internet Environment
Muzhir Al Ani

International Journal of Advanced Computer Science and Applications, 2012

This paper deals with the design of Internet billing system, in which it is possible pay invoices electronically. This approach is implemented via virtual banks, in which the process of money transfer can be implemented. In other hand many applications can be realize such as; deposit e-money, withdrawal e-money and determine account balance. A Gate way translator is used to apply authentication rules, security and privacy.

View PDFchevron_right
Cybermoney in the Internet: An Overview over new Payment Systems in the Internet
Ruediger Grimm

IFIP Advances in Information and Communication Technology, 1996

This article gives an overview over some of the most promising electronic payment systems: iKP, SET (as harmonization of Mastercard-SEPP and VISA-STT), Express, First Virtual, CyberCash, Ecash, CAFE, Mondex, Ravensburg's GeldKarte. We describe their technical and application aspects. We highlight the role of smartcards for their usage and their applicability for the Internet. As an introduction to the overview, we present some theoretical considerations on digital money. We formulate critical requirements for digital money and how money can appropriately be expressed by digital means. We also discuss the problem of fair exchange of money versus goods.

View PDFchevron_right
M&E-NetPay: A Micropayment System for Mobile and Electronic Commerce
Xiaodi Huang

Symmetry, 2016

As an increasing number of people purchase goods and services online, micropayment systems are becoming particularly important for mobile and electronic commerce. We have designed and developed such a system called M&E-NetPay (Mobile and Electronic NetPay). With open interoperability and mobility, M&E-NetPay uses web services to connect brokers and vendors, providing secure, flexible and reliable credit services over the Internet. In particular, M&E-NetPay makes use of a secure, inexpensive and debit-based off-line protocol that allows vendors to interact only with customers, after validating coins. The design of the architecture and protocol of M&E-NetPay are presented, together with the implementation of its prototype in ringtone and wallpaper sites. To validate our system, we have conducted its evaluations on performance, usability and heuristics. Furthermore, we compare our system to the CORBA-based (Common Object Request Broker Architecture) off-line micro-payment systems. The results have demonstrated that M&E-NetPay outperforms the .NET-based M&E-NetPay system in terms of performance and user satisfaction.

View PDFchevron_right
Flexible and Scalable Credential Structures: NetBill Implementation and Experience
Marvin Sirbu

In electronic commerce consumers often need to present attributes such as membership in order to benefit from specific pricing or access. A scalable, efficient mechanism for conveying attributes independently from authentication is required. In this paper we describe a system based on a combination of Public Key Kerberos for Distributed Authentication (PKDA) and attribute credentials as a means for solving meeting these requirements. This system is compared to other proposals for distributed authentication and authorization, and is shown to be superior in several respects. The system has been implemented as part of the NetBill micropayment system and has been demonstrated to work well in meeting the stated requirements.

View PDFchevron_right
The CATI Project: Charging and Accounting Technology for the Internet
Bernhard Plattner

Lecture Notes in Computer Science, 1999

The objectives of the CATI project (Charging and Accounting Technology for the Internet) include the design, implementation, and evaluation of charging and accounting mechanisms for Internet services and Virtual Private Networks (VPN). They include the enabling technology support for open, Internet-based Electronic Commerce platforms in terms of usage-based transport service charging as well as high-quality Internet transport services and its advanced and flexible configurations for VPNs. In addition, security-relevant and trust-related issues in charging, accounting, and billing processes are investigated. Important application scenarios, such as an Internet telephony application as well as an Electronic Commerce shopping network, demonstrate the applicability and efficiency of the developed approaches. This work is complemented by an appropriate cost model for Internet communication services, including investigations of suitable usage-sensitive pricing models.

View PDFchevron_right
A practical electronic payment scheme
Kyung Sup Kwak

2009 9th International Symposium on Communications and Information Technology, 2009

In this paper, by converse using blind signature, we propose a practical electronic payment scheme for electronic commerce. This scheme is different from the existing schemes used widely in the internet at present and it does not need the strong trust between customer and merchant. In this scheme, a semi-trusted third party (S-TTP) is introduced to provide a fair commerce environment. The S-TTP takes part in the protocol on-line and is not leaked any secure information about the business. Moreover, the users do not need to register to S-TTP. An advantage of the scheme is that this approach does not require the intervention of the third party in case of dispute, if one user cheats or simply crashes.

View PDFchevron_right
Mudra: An Electronic Payment Scheme for Networks
Vishv Malhotra

Revenue collection services are deemed essential for attracting quality services on the networks. Generally these collections will be of small amounts but will be frequent. A water-tight authorisation check is not costeffective in such an environment. This paper introduces an inexpensive, robust and fast scheme for authorising the credit usage. The scheme is especially suited to small credit brokers as it does not involve any special hardware.

View PDFchevron_right
M&E-NetPay: A Micropayment System for Mobile and Electronic Commerce
Xiaodi Huang

Symmetry, 2016

As an increasing number of people purchase goods and services online, micropayment systems are becoming particularly important for mobile and electronic commerce. We have designed and developed such a system called M&E-NetPay (Mobile and Electronic NetPay). With open interoperability and mobility, M&E-NetPay uses web services to connect brokers and vendors, providing secure, flexible and reliable credit services over the Internet. In particular, M&E-NetPay makes use of a secure, inexpensive and debit-based off-line protocol that allows vendors to interact only with customers, after validating coins. The design of the architecture and protocol of M&E-NetPay are presented, together with the implementation of its prototype in ringtone and wallpaper sites. To validate our system, we have conducted its evaluations on performance, usability and heuristics. Furthermore, we compare our system to the CORBA-based (Common Object Request Broker Architecture) off-line micro-payment systems. The results have demonstrated that M&E-NetPay outperforms the .NET-based M&E-NetPay system in terms of performance and user satisfaction.

View PDFchevron_right
Payment transactions, instruments, and systems: A survey
David Humphrey

Journal of Banking & Finance, 1997

The payments literature ranges from theoretical general equilibrium models to practical payment issues related to the day-today operation of various national networks for the transfer of money. It is an area where economic theory and institutional structure are often closely intertwined and it is currently undergoing signi®cant change, shifting from costly paper-based systems to technologically advanced electronic payments. The extant literature is surveyed here with the aim of integrating the various strands of payment research which have been largely pursued separately. In addition, we present newly available data to illustrate and investigate a number of underdeveloped areas in this literature.

View PDFchevron_right
An Online, Transferable E-Cash Payment System
Sai Anand

2000

Most electronic cash (e-cash) based payment systems that have been proposed do not possess the property of transferability. Transferability in an e-cash based system means that when a payee receives an electronic coin in a transaction he may spend it without depositing the coin first and getting a new coin issued from a bank. Usually electronic coins that are transferred in a transaction have a lifetime of the trans-action itself. In this paper, we propose a payment system where coins can be transferred over multiple hands, spread over various transactions, similar to physical cash. Detection or prevention of double spending of coins is a critical issue in online e-cash payment systems. In our system the verification is distributed across multiple entities as opposed to the case of a coin-issuing entity or a central bank alone being responsible for the verification. A resolution mechanism for handling disputes is also presented. The proposed system provides guarantees of anonymity, fairness and transferability.

View PDFchevron_right

References (13)

  1. Alireza Bahreman and J.D. Tygar. "Certified Electronic Mail." In Proceedings of the Internet Society Symposium on Network and Distributed System Security, pages 3-19, San Diego, CA, February 1994.
  2. M. Bellare, et al. iKP Family of Secure Electronic Payment Protocols. http://www.zurich.ibm.com/ Technology/security/extern/ ecommerce
  3. Benjamin Cox. Maintaining Privacy in Electronic Transactions. Information Networking Institute Technical Report TR 1994-8, Fall 1994.
  4. Stephen Kent. RFC 1422: Privacy Enhancement for Electronic Mail: Part II: Certificate-Based Key Management. Internet Activities Board Request For Comments 1422, February 1993.
  5. National Institute of Standards and Technology. FIPS 180: Federal Information Processing Standard: Secure Hash Standard (SHS). April 1993.
  6. National Institute of Standards and Technology. FIPS 186: Federal Information Processing Standard: Digital Signature Standard (DSS). May 1994.
  7. B. Clifford Neuman. "Proxy-Based Authorization and Accounting for Distributed Systems." In Proceedings of the 13th International Conference on Distributed Computing Systems, pages 283-291, May 1993.
  8. R. Rivest, A. Shamir, L. Adleman. "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems." In Communications of the ACM, 21(2), February 1978.
  9. Bruce Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C. New York: John Wiley & Sons, 1994.
  10. Marvin Sirbu and J.D. Tygar. "NetBill: An Internet Commerce System Optimized for Network Delivered Services." In IEEE Personal Communications, pages 6-11, August 1995.
  11. Alexander Somogyi, Thomas Wagner, et al. NetBill. Information Networking Institute Technical Report TR 1994-11, Fall 1994.
  12. Jennifer G. Steiner, B. Clifford Neuman and Jeffrey I. Schiller. "Kerberos: An Authentication Service for Open Network Systems." In USENIX Winter Conference, pages 191-202, February 1988.
  13. J. D. Tygar. "Atomicity in Electronic Commerce" (invited paper), to appear in ACM/IEEE 21st Conference on Principles of Distributed Computation, 1996.

Related papers

Implementation of Improved Billing System
abhishek kumar, Vathsavi Venkat, International Journal of Scientific Research in Computer Science, Engineering and Information Technology IJSRCSEIT

International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2020

Paperless billing is a process that businesses can use to get paid quickly and securely without dealing with the hassles of paper bills and check payments. Paperless bills allow bill delivery and payment to take place completely online, which improves efficiency while reducing costs. Paperless Billing generally involves integrating multiple systems. These include billing system, the banking industry, customer’s paying system, as well as an online interface for the paperless billing system. Paperless billing is most helpful for businesses that send recurring bills to customers. Paperless bills are an option for delivering bills. Bills could be presented as electric documents, such as PDF, or on websites. This gives the customer the ability to review bills before sending payment. Alternately, customers can also set up automated payments in order to pay without even touching a button. We can shop and create bills by using the mobile application. Paperless Bills offer benefits to both the seller as well as the customer. Some of the biggest benefits from Paperless Billing include: Low cost of delivering the bills to customers Better security than paper and snail mail Option for automatic storage of bill When user scans bar code from the product, the user application extracts the product data and displays it on the system application. The user is then asked whether they want to add more products. If user wants to add more products, the user can add it, otherwise user can quit and the bill will be generated and displayed on the screen with the price of the products totaled. The QR code is then generated. The customer can then scan the QR code and the bill will be transferred to the customer’s phone. The bill can be saved by the customer on their phone.

View PDFchevron_right
Transaction management for sender/receiver-payment schemes in charging and accounting systems for interconnected networks
Ibrahim Okumus

2004

In this paper, we present an Internet transaction management system for sender/receiver payment schemes. This system allows an arbitrary split of transaction charges between two communication partners. Using this kind of system, new business models can be implemented on the Internet. The new system provides more flexibility than existing charging schemes. Under these new business models, service providers can pick up a share of the cost for the transaction with any of their customers; offer collect-call type of services; or provide services as the 900 services on the telephone network. This paper describes in detail the transaction management protocol (TMP), its implementation, and the transaction management service platform (TMS). The TMP specifies the protocol state diagram as well as the process of how the costs for resource usage can be allocated to communicating end-users. The TMS platform defines the architecture and the modules, simplifying the implementation of the TMP on the Internet. The TMS provides a module-based transaction management environment, carrying transaction signals such as message schema, accounting policy information, communication reference information, and end-user agreement information. In addition to this, an application of the TMS in the framework of bandwidth broker interconnection networks and a short evaluation of the proposed transaction management system are given.

View PDFchevron_right
Internet billing service design and prototype implementation
Marvin Sirbu

IMA Intellectual Property Project Proceedings, 1994

A group of students in the M.S. program in Information Networking at Carnegie Mellon University have designed and implemented a prototype of an Internet Billing Service--an electronic credit card service for the Internet environment. The service provides account management, authentication, access control, credit verification, management reporting, billing and collection services to network-based service providers.

View PDFchevron_right
(2006). "Online payment gateways used to facilitate e-commerce transactions and improve risk management," Communications of the Association for Information Systems
Taylor M Wells, Sean Humphreys, Greg Moody, Paul Benjamin Lowry

Communications of the Association for Information Systems, 2006

As online transactions continue to increase and become a significant part of the global economy, the ability to accept payments online becomes more important for businesses. This paper evaluates the literature and provides current information for IS researchers and instructors focusing on electronic commerce. In this paper, we explore the components of e-credit providers (conventional, person-to-person, and third-party) and explain how each system processes a single transaction. We then analyze several market leaders in each segment and summarize the strengths and weaknesses of each company. We provide guidelines for selecting an e-credit provider and highlight the options that apply best to online businesses. Finally, we outline potential areas of future research and provide a simple tutorial on creating a business account with PayPal website Payments Standard as an example of an online payment provider.

View PDFchevron_right
A Generic Electronic Payment Model Supporting Multiple Merchant Transactions
Tsz fu Ho

Computers & Security, 2000

This paper presents a generic electronic payment model which is intended for a multi-merchant transaction, in which more than one merchant (the retailer, multiple resellers and content providers) are involved in the distribution of electronic contents. With our payment model, every involved merchant will be notified to verify the license information of a content on the settlement day before the customer actually pays for his purchase.Thus, piracy can be discouraged, intellectual property rights of electronic contents can be protected. Each of the involved merchants can obtain his own deserved share of the customer's payment in accordance with their union agreement on this content.As examples to demonstrate the applications of our generic payment model, two well-known payment systems are enhanced herein, based on our payment model.

View PDFchevron_right

Related topics

  • Business
  • Computer Science
  • Computer Security
  • IT Security
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved