1. INTRODUCTION6. ReferencesCS 632 - PAPER SURVEY: TOPICS IN E-COMMERCEMohammad Waqar Alam1. INTRODUCTIONThere has been tremendous demand for trading over the Internet ever since its popularity exploded. Many have predicted that networked trading would have an enormous impact on world economy. However, electronic commerce (E-Commerce, or EC) has several obstacles to overcome before it reaches its full potential.This paper surveys 5 articles and identifies two diverse areas of research within the field of E-commerce. Firstly, transaction management issues such as atomicity of actions and customer anonymity have been considerably explored. A second issue involves software engineering; component-based programming has emerged as the leading implementation methodology employed in EC. Related to this issue is the rise of XML as the standard language for EC documents and business to business communications. Figure 1 gives an overview of the ideas covered in the papers read.Section 2 deals with papers on transaction management issues in E-Commerce. E-CommerceTransactionProcessingSoftwareImplementationAnonymity AtomicityComponent-BasedXML UsageChallenges faced are:FlexibilityCodeReuseExtensibilityInteroperabilityStandardsTrusted/UntrustedIntelligent TradeAgentOffline/OnlineBank or ThirdPartyProtocolsCurrent ideas leading towards Aiming to provide As a solution towards problems withRequires bothIn the presence ofAchieved viaFigure 1: Ideas discussed in this surveySection 3 extracts ideas recommending and implementing component based programming, and Section 4 introduces the projected role of XML. Most of the discussion in this survey is based upon:1. J. D. Tygar. Atomicity in Electronic Commerce. 2. J. Camp, M. Harkavy, J. D. Tygar, B. Yee. Anonymous Atomic Transactions.3. J. Domingo-Ferrer, J. Herrera-Joancomarti. An Anonymous Electronic Commerce Scheme with an Off-Line Authority and Untrusted Agents.4. M. Bichler, A. Segev, J. Zhao. Component-based E-Commerce: Assessment of Current Practices and Future Directions.5. B. Meltzer, R. Glushko. XML and Electronic Commerce: Enabling the Network Economy.Other papers such as [5] and [7] were also analyzed for supplemental ideas.2. Atomicity and Anonymity in E-CommerceTygar [1] systematically introduces the notion of atomicity in transactions in EC. He defines three levels: Money Atomicity: Money atomic protocols affect the transfer of funds from one partyto another without the possibility of creation or destruction of money. Goods Atomicity: Goods atomic protocols are money atomic and effect an exact transfer of goods for money (analogous to cash-on-delivery). Certified Delivery: Such protocols are goods atomic and allow both merchant and customer to prove exactly which goods were delivered. Two flavors are present – one-sided allows only the customer to prove what was delivered, while two-sided provides symmetric power.Tygar’s research shows that many of the existing EC protocols do not satisfy the basic requirement of money atomicity. In response, his group developed NetBill at Carnegie Mellon University, a system that provides all three levels of atomicity. The NetBill protocol is effectively detailed in [1], and a high level description is given here. The system has three components: a merchant, a customer and the NetBill server. The server is equivalent to an online bank and customers have accounts there. The protocol has threephases:1. Price Request Phase: Customer contacts merchant requesting price quote; she specifies her identity, (group) credentials, product ID (PID), transaction ID (TID) and optional flags. Merchant responds with price, specified by PID and TID.2. Goods Delivery Phase: Merchant receives request for the product and sends it to the customer after encrypting it with a unique key, K. Backup information for the server is also created.3. Payment Phase: Customer sends the merchant a form of payment (redeemable at the server) along with her identity. The merchant forwards this to the server, with other information such as his account number and key K. After authentication, the NetBill server sends the customer K for decryption.It is assumed in this model that goods purchased can be encrypted by the merchant, who releases the decryption key to the server upon receiving payment. One of the disadvantages is that all messages exchanged are encrypted with various keys, resulting in a computationally expensive protocol. The NetBill server has a record of the goods specified by the customer, as well as those sent by the merchant. This results in certified delivery. The paper does not specify how the system would work for goods that can not be encrypted and sent over the network; I assume a similar mechanism would be necessary to implement excludability in the absence of a merchant specified “key.” The author envisions a large packaging and shipping industry resulting from this.The NetBill system introduces customer anonymity by allowing pseudonyms, generated by a separate server. However, this does not implement full anonymity since there is still one component (pseudonym server) that knows the true identity of the customer.The issue of full anonymity is addressed in [2] by Camp et al. The protocol specified hereguarantees goods atomicity, with variations that allow certified delivery. It differs from the NetBill protocol in that there is a fourth component, the transaction log. The protocol has two phases: Withdrawal and Exchange: After negotiation between customer and merchant has transpired, a blinded-request protocol is used to communicate between the customer and bank. Funds are withdrawn in the form of single-use tokens. Purchase: Merchant sends encrypted goods and transaction number. The customer decides upon an expiration time for the token, as well as a log for the transaction. Shecommunicates her desire to proceed to the bank, which authenticates and forwards this intention to the merchant. The merchant commits by sending the merchandise keyto the log, along with authentication information.This protocol is based on ideas from the two-phase commit model and assumes that the merchant trusts the log. Unfortunately, the encryption/decryption of messages make this protocol computationally expensive as well. Both the above papers had one-to-one interactions between a customer and a merchant, aswell as an online bank. In [3], Domingo-Ferrer and Herrera-Joancomarti explore the usage of Intelligent Trade
View Full Document