transactions are commanding an ever-increasing share of commercial
transactions. We not
only browse for online catalogs but also shop, bank, pay bills
and participate in auctions online. This increasing prevalence
of ecommerce transactions necessitates that we find appropriate
protocols by which to secure these transactions.
The general goal
of this research is to answer questions regarding the specific
requirements that electronic commerce protocols need to achieve,
and how the protocols can achieve them. In
our assessment, ecommerce protocols form a distinct class
of cryptographic protocols; in order to be correct, they must
conform to a unique set of criteria. We have specified the
criteria that ecommerce protocols must meet in consideration
of a concept we call, "protection of individuals' interests."
This concept underlines the types of difficulties that beset
a cryptographic treatment of ecommerce interactions, and provides
the principle for evaluating them.
the formal properties of "protection of individuals'
interests," and then develop a framework by which protocols
can be evaluated with reference to it. We then develop a model
for analyzing protocols.
W. Seo, J. A. Giampapa, and K. Sycara, "A
Multi-Agent System for Enforcing 'Need-To-Know' Security
Policies," Sixth International Bi-Conference Workshop
on Agent-Oriented Information Systems (AOIS-2004), July
Denker, L. Kagal, T. Finin, M. Paolucci, N. Srinivasan,
and K. Sycara, "Security
For DAML Web Services: Annotation and Matchmaking,"
in Proceedings of the Second International Semantic Web
Conference (ISWC 2003), Sandial Island, FL, USA, October
2003, pp 335-350.
Qi, K. Sycara, and S. Zhongmin, "Security Infrastructure
for Software Agent Societies," in Trust and Deception
in Virtual Societies, Christiano Castelfranchi and Yao-Hua
Tan (eds), Kluwer Academic Publishers, 2001. pp. 139-156.
C. Wong, "Protecting
Individuals' Interests in Electronic Commerce Protocols,"
Ph.D. Thesis, August 2000.
and K. Sycara, "Adding
Security and Trust to Multi-Agent Systems," In
Proceedings of Autonomous Agents '99 (Workshop
on Deception, Fraud and Trust in Agent Societies). May 1999,
Seattle, Washington, pp. 149-161.
He, K. Sycara, and T. Finin, "Personal
Security Agent: KQML-Based PKI," in Proceedings
of Autonomous Agents, 1998.
has been implemented in the following applications: