REVIEW: "Non-Repudiation in Electronic Commerce", Jianying Zhou
From: Rob Slade, doting grandpa of Ryan and Trevor (rslade_at_sprint.ca)
Date: 04/20/04
- Next message: ML: "Re: How to get a site's ssl cert?"
- Previous message: Adfa: "Cracking decrypted file when knowing partial contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Apr 2004 15:34:12 GMT
BKNNRPDT.RVW 20031205
"Non-Repudiation in Electronic Commerce", Jianying Zhou, 2001,
1-58053-247-0, U$89.00/C$131.95
%A Jianying Zhou
%C 685 Canton St., Norwood, MA 02062
%D 2001
%G 1-58053-247-0
%I Artech House/Horizon
%O U$89.00/C$131.95 617-769-9750 800-225-9977 fax: +1-617-769-6334
%O http://www.amazon.com/exec/obidos/ASIN/1580532470/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/1580532470/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/1580532470/robsladesin03-20
%P 200 p.
%T "Non-Repudiation in Electronic Commerce"
The preface outlines non-repudiation as a security service in its own
right, with supporting requirements, rather than an effect of another
security mechanism. This position is in rather interesting contrast
to most works that tag non-repudiation onto the list of functions that
can be accomplished by asymmetric (public key) cryptography: a
benefit, but a bit of an afterthought.
Chapter one gives us an introduction to the basics of non-repudiation,
in both electronic mail and electronic commerce. Various parties to a
transaction, the means, requirements, and forms of evidence all make
up the fundamentals of non-repudiation in chapter two. Digital
signatures are the traditional, but not the only way to prevent
repudiation of a transaction or message, and chapter three examines
four approaches for maintaining their validity. Chapter four
investigates the concept of fairness in a non-repudiation system,
ensuring that where the transaction is not completed neither side is
able to obtain an advantage over the other. In general, fairness
requires either gradual disclosure (in an ad hoc situation) or the
involvement of a trusted third party. Specific "Fair" protocols are
reviewed in chapter five. Chapter six looks at the ISO's
(International Standards Organization) non-repudiation mechanisms.
Case studies of the detailed requirements and proposed protocols for
an online lottery (which also involves anonymity) and mobile
(wireless) billing are in chapter seven. Chapter eight has a summary
of the main points in the book, and appendix A deals with formal
verification of non-repudiation.
A detailed and interesting account of a rather neglected but important
topic.
copyright Robert M. Slade, 2003 BKNNRPDT.RVW 20031205
-- ====================== rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu "If you do buy a computer, don't turn it on." - Richards' 2nd Law ============= for back issues: [Base URL] site http://victoria.tc.ca/techrev/ or mirror http://sun.soci.niu.edu/~rslade/ CISSP refs: [Base URL]mnbksccd.htm Security Dict.: [Base URL]secgloss.htm Security Educ.: [Base URL]comseced.htm Book reviews: [Base URL]mnbk.htm [Base URL]review.htm Partial/recent: http://groups.yahoo.com/group/techbooks/ Security Educ.: http://groups.yahoo.com/group/comseced/ Review mailing list: send mail to techbooks-subscribe@egroups.com or techbooks-subscribe@topica.com
- Next message: ML: "Re: How to get a site's ssl cert?"
- Previous message: Adfa: "Cracking decrypted file when knowing partial contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
