ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
WebALPS: a survey of E-commerce privacy and security applications
Full text PdfPdf (135 KB)
Source ACM SIGecom Exchanges archive
Volume 2 ,  Issue 3  (Summer, 2001) table of contents
Pages: 29 - 36  
Year of Publication: 2001
Author
S. W. Smith  Department of Computer Science/Institute of Security Technology Studies, Dartmouth College, Hanover, New Hampshire
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 10,   Downloads (12 Months): 91,   Citation Count: 2
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/844324.844329
What is a DOI?

ABSTRACT

Web-based commerce is rife with scenarios where a party needs to trust properties of computation and data storage occurring at a remote machine, operated by a different party with different interests. In our WebALPS project, we have used off-the-shelf hardware and open source software to build trusted co-servers co-resident with Web servers, and bring the secure SSL channel all the way into these trusted co-servers. In this paper, we survey how this tool can be used to systematically address privacy and security issues in e-commerce.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
W. A. Arbaugh , D. J. Farber , J. M. Smith, A secure and reliable bootstrap architecture, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.65, May 04-07, 1997
 
2
Freier, A. O., Karlton, P., and Kocher, P. C. 1996. The ssl protocol version 3.0. http://home.netscape.com/eng/ssl3/draft302.txt.
 
3
IBM. 2000. Ibm 4758 models 2 and 23 pci cryptographic coprocessor. Product Brochure G221-9091-02. http://www.ibm.com/security/cryptocards/.
 
4
Shan Jiang, WebALPS Implementation and Performance Analysis: Using Trusted Co-servers to Enhance Privacy and Security of Web Interactions, Dartmouth College, Hanover, NH, 2001
 
5
S. Jiang , S. Smith , K. Minami, Securing Web Servers against Insider Attack, Proceedings of the 17th Annual Computer Security Applications Conference, p.265, December 10-14, 2001
 
6
Knop, E. 2001. Secure public-key services for web-based mail. Senior thesis, Department of Computer Science, Dartmouth College.
 
7
NIST. 1994. Security requirements for cryptographic modules. Federal Information Processing Standards Publication 140-1.
 
8
Smith, S. 2001. Outbound authentication for programmable secure coprocessors. Technical Report TR2001-401 (March), Department of Computer Science, Dartmouth College. http://www.cs.dartmouth.edu/~pkilab/oatr.pdf.
 
9
Smith, S., Perez, R., Weingart, S., and Austel, V. 1999. Validating a high-performance, programmable secure coprocessor. In 22nd National Information Systems Security Conference (October 1999). National Institute of Standards and Technology.
 
10
S. W. Smith , D. Safford, Practical server privacy with secure coprocessors, IBM Systems Journal, v.40 n.3, p.683-695, March 2001
 
11
Sean W. Smith , Steve Weingart, Building a high-performance, programmable secure coprocessor, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.31 n.9, p.831-860, April 23, 1999
 
12
Yee, B. 1994. Using Secure Coprocessors. Ph. D. thesis, School of Computer Science, Carnegie Mellon University. (Available as Technical Report CMU-CS-94-149.).
 
13
Yuan, Y., Ye, E., and Smith, S. 2001. Web spoofing 2001. Technical Report TR2001-409 (July), Department of Computer Science, Dartmouth College. http://www.cs.dartmouth.edu/~pkilab/demos/spoofing/.

CITED BY  2
Zishuang (Eileen) Ye , Sean Smith , Denise Anthony, Trusted paths for browsers, ACM Transactions on Information and System Security (TISSEC), v.8 n.2, p.153-186, May 2005
Zishuang (Eileen) Ye , Sean Smith, Trusted Paths for Browsers, Proceedings of the 11th USENIX Security Symposium, p.263-279, August 05-09, 2002

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.4 Electronic Commerce
          Subjects: Security

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.5 Local and Wide-Area Networks
          Subjects: Internet (e.g., TCP/IP)

  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.1 Requirements/Specifications

          Nouns: SSL

  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.1 Content Analysis and Indexing
          Subjects: Indexing methods
      H.3.5 On-line Information Services
          Subjects: Web-based services


General Terms:
Design, Languages, Management, Reliability, Standardization

Collaborative Colleagues:
S. W. Smith: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player