Gérard Lacoste

Semper--Secure Electronic Marketplace for Europe

The Vision of SEMPER.- I. The Vision of SEMPER.- Secure Electronic Commerce.- Technical Framework.- Legal Framework.- Vision of Future Products.- II. Project Achievements.- Project Achievements.- 5: Organizational Overview.- Architecture.- Experiments.- The Fair Internet Trader.- The Commerce Layer: A Framework for Commercial Transactions.- Fair Exchange: A New Paradigm for Electronic Commerce.- 11: The Payment Framework.- 12: Trust Management in the Certificate Block.- 13: Limiting Liability in Electronic Commerce.- 14: Legal Aspects.- Future Directions in Secure Electronic Commerce.

Future Directions in Secure Electronic Commerce

The previous chapters presented results of SEMPER. In this last chapter, we step back and review issues that we encountered in SEMPER where more work–research, development or deployment–is necessary in the future. We do not aim at reviewing the state of the art, but rather present the open problems and the directions the work should take.

Chapter 11: The Payment Framework

The core of SEMPER consists of several blocks. Each block is a generic and extensible framework for a particular service. This chapter describes the design of the Payment Block: the SEMPER generic payment service framework (GPSF).

The Commerce Layer: A Framework for Commercial Transactions

This chapter presents the SEMPER proposal for a general framework for commercial applications. Its main concept is a commerce context called a deal, by which SEMPER keeps track of the flow of a business process even if that flow is controlled by an untrusted business application. The benefit of such support is that one can then allow arbitrary applications to be downloaded from business partners, thus combining the use of SEMPER services and the support of partner-specific business models. Hence authorization of security-critical actions triggered by the applications, the relation to access control, and downloading are also described in this chapter.

The Fair Internet Trader

This chapter presents the Fair Internet Trader (FIT) in detail. It is a new type of business application, designed for convenient and secure person-to-person electronic commerce. By this we mean electronic commerce where human interaction is needed at both ends, such as in business-to-business scenarios. We discuss our rationale, describe our prototype, and present results from interviews made during trials with this prototype.

Secure Electronic Commerce

This chapter sets the stage for the subsequent presentation of our results. We present examples of electronic commerce and the need for security, existing approaches and their shortcomings, and the overall goals and the specific focus of SEMPER.

Chapter 12: Trust Management in the Certificate Block

This chapter describes the trust management in the SEMPER Certificate Block. First, we briefly outline the use of public-key cryptography and public key infrastructures (PKI), mainly focusing on certificates and certificate authorities (CAs). The existence of several CAs offering services of different quality and certificates with different semantics is one of the main reason why trust management is needed. More precisely, trust management provides the means for enabling:

Fair Exchange: A New Paradigm for Electronic Commerce

This chapter describes the protocols and the design of the SEMPER Transfer and-Exchange Layer, in particular its generic and optimistic fair exchange protocols.

Chapter 5: Organizational Overview

This chapter briefly describes the organizational structure of SEMPER as a distributed project and reports on some general lessons we learned in the course of it.

Part I. The Vision of SEMPER

This Part I provides a condensed overview of the objectives, focus and results of the project SEMPER. It is written for a general audience interested in electronic commerce and does not require any particular technical knowledge.