Ralf Hauser scite author profile

Abstract-This paper discusses the design, implementation and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols -i = 1, 2, 3 -developed at IBM Research. The protocols implement credit cardbased transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security.In addition to being both a pre-cursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity -as well as the security and relative simplicity of the underlying mechanisms -make the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.

show abstract

SSL/TLS session-aware user authentication – Or how to effectively thwart the man-in-the-middle

Oppliger

Hauser²,

Basin

2006

Computer Communications

View full text Add to dashboard Cite

Abstract. Man-in-the-middle attacks pose a serious threat to SSL/TLSbased electronic commerce applications, such as Internet banking. In this paper, we argue that most deployed user authentication mechanisms fail to provide protection against this type of attack, even when they run on top of SSL/TLS. As a possible countermeasure, we introduce the notion of SSL/TLS session-aware user authentication, and present different possibilities for implementing it. More specifically, we start with a basic implementation that employs impersonal authentication tokens. Afterwards, we address extensions and enhancements and discuss possibilities for implementing SSL/TLS session-aware user authentication in software.

show abstract

Reducing the cost of security in link-state routing

Hauser¹,

Przygienda²,

Tsudik³

View full text Add to dashboard Cite

SSL/TLS Session-Aware User Authentication

Oppliger¹,

Hauser²,

Basin

2008

Computer

View full text Add to dashboard Cite

Lowering security overhead in link state routing

Hauser¹,

Przygienda²,

Tsudik³

1999

Computer Networks

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ralf Hauser

Design, implementation, and deployment of the iKP secure electronic payment system

SSL/TLS session-aware user authentication – Or how to effectively thwart the man-in-the-middle

Reducing the cost of security in link-state routing

SSL/TLS Session-Aware User Authentication

Lowering security overhead in link state routing

Contact Info

Product

Resources

About