Advertisement

Advanced electronic commerce security in a workflow environment

  • Hitesh Tewari
  • Maurice McCourt
  • Donal O'Mahony
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1028)

Abstract

We have presented the design for an EDI auditing and control workbench which can combine the use of workflow as a tool to control intra-enterprise documentation together with EDI as the means by which trade documents can be transferred between organisations. The security architecture outlined protects a company from the normal risks associated with electronic trading as well as providing some means of control over the ‘signing power’ allocated to employees of the enterprise. Keys issued to individuals are coupled with a control vector specifying the conditions under which the key can be used. By extending the control vector scheme with support from appropriate secure hardware modules, it is possible to allow an individual who ordinarily can only authorise a document at a given level to collaborate with employees at the same level to enhance this signing power to that of a higher level. This reflects existing practices within organisations when paper-based trading is in force.

Throughout all of the processing, explicit recognition is given to the requirements of both internal and external auditors. This is the final ingredient in a system that provides a firm basis for making the shift to true electronic commerce.

Keywords

Control Vector Certification Authority Electronic Data Interchange Purchase Order Control Vector Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Hitesh Tewari
  • Maurice McCourt
  • Donal O'Mahony
    • 1
  1. 1.Networks and Telecommunications Research Group, Department of Computer ScienceTrinity CollegeDublin 2Ireland

Personalised recommendations