Scalable Regulation of Inter-enterprise Electronic Commerce
- 617 Downloads
In the current electronic-commerce literature, a commercial transaction is commonly viewed as an exchange between two autonomous principals operating under some kind of contract between them—which needs to be formalized and enforced. But the situation can be considerably more complex in the case of inter-enterprise (also called businessto- business, or B2B) commerce. The participants in a B2B transaction are generally not autonomous agents, since their commercial activities are subject to the policies of their respective enterprises.
It is our thesis, therefore, that a B2B transaction should be viewed as being governed by three distinct policies: the two policies that regulate the activities of the two principals, while operating as representatives of their respective enterprises, and the policy that reflects the contract between the two enterprises. These policies are likely to be independently developed, and may be quite heterogeneous. Yet, they have to interoperate, and must all be brought to bear in regulating each B2B transaction. This paper presents a mechanism for formulating such interoperating policies, and for their scalable enforcement, thus providing for regulated inter-enterprise electronic commerce.
Unable to display preview. Download preview PDF.
- 1.X. Ao, N. a Minsky, and V. Ungureanu. Formal treatment of certificate revocation undr communal access control. In Proceedings of the IEEE Symposium on Security and Privacy, pages 116–129, Oakland, California, May 2001.Google Scholar
- 2.C. Bidan and V. Issarny. Dealing with multi-policy security in large open distributed systems. In Proceedings of 5th European Symposium on Research in Computer Security, pages 51–66, September 1998.Google Scholar
- 3.S. Glassman, M. Manasse, M. Abadi, P. Gauthier, and P. Sobalvarro. The Millicent protocol for inexpensive electronic commerce. In Fourth International World Wide Web Conference Proceedings, pages 603–618, December 1995.Google Scholar
- 4.L. Gong and X. Qian. Computational issues in secure interoperation. IEEE Transctions on Software Engineering, pages 43–52, January 1996.Google Scholar
- 5.S. Ketchpel and H. Garcia-Molina. Making trust explicit in distributed commerce transactions. In Proceedings of the International Conference on Distributed Computing Systems, pages 270–281, 1996.Google Scholar
- 6.N.H. Minsky. The imposition of protocols over open distributed systems. IEEE Transactions on Software Engineering, February 1991.Google Scholar
- 8.M. Roscheisen and T. Winograd. A communication agreement framework for access/ action control. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, May 1996.Google Scholar
- 9.B. Schneier. Applied Cryptography. John Wiley and Sons, 1996.Google Scholar
- 10.V. Ungureanu and N.H. Minsky. Establishing business rules for inter-enterprise electronic commerce. In Proc. of the 14th International Symposium on DIStributed Computing (DISC 2000); Toledo, Spain; LNCS 1914, pages 179–193, October 2000.Google Scholar