Abstract
In our previous work [8] we defined complex transactions as the combination in any form of aggregate and optional transactions. The solution from [8] proposes an e-commerce protocol for complex transactions in that the customer wants to buy several different physical products from different merchants ensuring strong fair exchange, atomicity, effectiveness, timeliness, non-repudiation, integrity and confidentiality. In this paper, we improve the protocol for complex transactions from [8] by providing a more efficient protocol for each subtransaction from complex transaction. Also, we formally verify our improved solution using AVISPA. The verification results obtained using AVISPA demonstrate that our improved solution preserves all security requirements obtained in [8].
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alaraj, A.: Fairness in physical products delivery protocol. Int. J. Comput. Netw. Commun. (IJCNC) 4(6), 99 (2012)
Armando, A., Compagna, L.: SATMC: a SAT-based model checker for security protocols. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS, vol. 3229, pp. 730–733. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30227-8_68
Asokan, N.: Fairness in electronic commerce. Ph.D. thesis, University of Waterloo, Canada (1998)
AVISPA Team: AVISPA v1.1 User Manual. Version: 1.1 (2006). http://www.avispa-project.org/
AVISPA Team: HLPSL Tutorial: A Beginner’s Guide to Modelling and Analysing Internet Security Protocols. Version: 1.1 (2006). http://www.avispa-project.org/
Basin, D., Modersheim, S., Vigano, L.: OFMC: a symbolic model-checker for security protocols. Int. J. Inf. Secur. 4, 181–208 (2005). https://doi.org/10.1007/s10207-004-0055-7
Bîrjoveanu, C.V.: Anonymity and fair-exchange in e-commerce protocol for physical products delivery. In: 12th International Conference on Security and Cryptography, pp. 170–177. SCITEPRESS (2015). https://doi.org/10.5220/0005508801700177
Bîrjoveanu, C.V., Bîrjoveanu, M.: An optimistic fair exchange e-commerce protocol for complex transactions. In: 15th International Joint Conference on e-Business and Telecommunications, ICETE 2018, SECRYPT, vol. 2, pp. 277–288. SCITEPRESS (2018). https://doi.org/10.5220/0006853502770288
Boichut, Y., H\(\acute{e}\)am, P-C., Kouchnarenko, O.: Automatic verification of security protocols using approximations. Research Report RR-5727, INRIA (2005)
Chevalier, Y., et al.: A high level protocol specification language for industrial security-sensitive protocols. In: Workshop on Specification and Automated Processing of Security Requirements, pp. 193–205. Austrian Computer Society (2004)
Djuric, Z., Gasevic, D.: FEIPS: a secure fair-exchange payment system for internet transactions. Comput. J. 58(10), 2537–2556 (2015)
Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Trans. Inf. Theory 2(29), 198–208 (1983)
Draper-Gil, G., Ferrer-Gomila, J.L., Hinarejos, M.F., Zhou, J.: An asynchronous optimistic protocol for atomic multi-two-party contract signing. Comput. J. 56(10), 1258–1267 (2013)
Ferrer-Gomila, J.L., Onieva, J.A., Payeras, M., Lopez, J.: Certified electronic mail: properties revisited. Comput. Secur. 29(2), 167–179 (2010). https://doi.org/10.1016/j.cose.2009.06.009
Li, H., Kou, W., Du, X.: Fair e-commerce protocols without a third party. In: 11th IEEE Symposium on Computers and Communications. IEEE (2006). https://doi.org/10.1109/ISCC.2006.74
Liu, Y.: An optimistic fair protocol for aggregate exchange. In: 2nd International Conference on Future Information Technology and Management Engineering. IEEE (2009). https://doi.org/10.1109/FITME.2009.145
Liu, Z., Pang, J., Zhang, C.: Verification of a key chain based TTP transparent CEM protocol. Electron. Notes Theoret. Comput. Sci. 274, 51–65 (2011). https://doi.org/10.1016/j.entcs.2011.07.006
Mukhamedov, A., Ryan, M.D.: Fair multi-party contract signing using private contract signatures. Inf. Comput. 206(2–4), 272–290 (2008). https://doi.org/10.1016/j.ic.2007.07.007
Onieva, J.A., Lopez, J., Zhou, J.: Secure Multi-Party Non-Repudiation Protocols and Applications. Springer, Heidelberg (2009). https://doi.org/10.1007/978-0-387-75630-1
Turuani, M.: The CL-Atse protocol analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006). https://doi.org/10.1007/11805618_21
Vigano, L.: Automated security protocol analysis with the AVISPA tool. Electron. Notes Theoret. Comput. Sci. 155, 61–86 (2006). https://doi.org/10.1016/j.entcs.2005.11.052
Yanping, L., Liaojun, P.: Multi-party non-repudiation protocol with different message exchanged. In: 5th International Conference on Information Assurance and Security. IEEE (2009). https://doi.org/10.1109/IAS.2009.329
Zhang, Q., Markantonakis, K., Mayes, K.: A practical fair exchange e-payment protocol for anonymous purchase and physical delivery. In: 4th ACS/IEEE International Conference on Computer Systems and Applications. IEEE (2006). https://doi.org/10.1109/AICCSA.2006.205188
Zhou, J., Onieva, J.A., Lopez, J.: Optimised multi-party certified email protocols. Inf. Manag. Comput. Secur. J. 13(5), 350–366 (2005). https://doi.org/10.1108/09685220510627250
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Bîrjoveanu, C.V., Bîrjoveanu, M. (2019). Automated Verification of E-Commerce Protocols for Complex Transactions. In: Obaidat, M. (eds) E-Business and Telecommunications. ICETE 2018. Communications in Computer and Information Science, vol 1118. Springer, Cham. https://doi.org/10.1007/978-3-030-34866-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-34866-3_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34865-6
Online ISBN: 978-3-030-34866-3
eBook Packages: Computer ScienceComputer Science (R0)