Giannakis Antoniou

E-commerce: protecting purchaser privacy to enforce trust

It has been well documented that lack of trust between commercial entities and purchasers can restrict the potential of e-commerce. This may be because the purchaser is required to provide personal information to the commercial entity, which may then be abused, or because the purchaser may be suspicious that after payment has been processed, the goods purchased will not arrive. The challenge for the researcher is to determine the e-commerce model which maximizes the trust a purchaser has when shopping online.In this paper, we focus on the personal information which must be revealed by the purchaser when purchasing online and we present the first comprehensive analysis of personal information distributed in an e-commerce setting from the point of view of the purchaser and his perception of trust in an online transaction. We introduce a measure of trust based on the information distributed to the parties in the transaction and isolate the instances which maximize trust for the purchaser relative to the personal information revealed. This leads us to the establishment of a theoretical framework on which to compare e-commerce protocols and to the development of four new models, all of which, as we demonstrate, are better in concrete ways than the traditional e-commerce model based on secure e-payment protocols. While the overall cost of implementation to the parties remains the same as in the traditional protocols, there is a slight overall decrease in cost to the seller but a slight increase in cost to the deliverer. However, the small additional costs to the deliverer are mitigated by the opportunity for new capabilities and business. Implementation of our work is likely to improve consumer trust and therefore lead to an increase in on-line commerce, especially in countries where privacy recognition is not strong.

Privacy and forensics investigation process: The ERPINA protocol

The rights of an Internet user acting anonymously conflicts with the rights of a Server victim identifying the malicious user. The ERPINA protocol, introduced in this paper, allows an honest user communicating anonymously with a Server through a PET, while the identity of a dishonest user is revealed. Prior research failed to distinguish objectively between an honest user and an attacker; and a reliable and objective distinguishing technique is lacking. The ERPINA protocol addresses the reliability issue efficiently by defining from the beginning of the communication what is considered as malicious and what is not.

RPINA- Network Forensics Protocol Embedding Privacy Enhancing Technologies

Although privacy is considered to be the ultimate right for every user to enjoy intercommunications with security and anonymity, the provision for such a service could easily be adapted as a hiding cover by malicious users. Privacy enhancing technologies (PETs) should not only hide the identity of legitimate users but also provide means by which evidence of malicious activity can be gathered and revealed when necessary. This paper proposes a network forensics protocol called RPINA (respect private information, not abuser) which may operate over PETs, without violating the privacy of innocent users, but only the privacy of abusers. This approach introduces a new dimension in the relation between these two opposite-goal technologies, which enhances their viability in the global network environment

Monitoring Employees' Emails without Violating Their Privacy Right

The capability of an employee to violate the policy of an organization is a concern for an employer. Monitoring is a measure taken by an employer to discourage an employee from acting inappropriately. However, current monitoring techniques tend to raise privacy issues because they violate the privacy rights of employees. Applying a monitoring technique without violating the privacy of employees is the aim of this paper. We propose a design and a protocol which give an employer the opportunity to monitor employee email in order to detect company policy violations. This can be achieved without violating the privacy of honest employees, while at the same time revealing evidence about the illegal actions of dishonest employees.

Incorporating Security Requirements into Communication Protocols in Multi-agent Software Systems

A communication protocol is a fundamental component of a multi-agent system. The security requirements for a communication protocol should be articulated during the early stages of software development. However, there is no formal way provided for software developers to find out what makes a communication protocol secure and what are secure designs. In this paper we propose a method that defines security requirements, bridges security requirement analysis with security design, and integrates the security techniques into a communication protocol to fulfill the security requirements.This paper presents a compile-time placement method of mobile relational operators MROs in a large scale environment. MROs are self adaptive to changing runtime conditions by deciding their execution place if they discover compile-time estimation errors. Proposed placement methods tend to have a main drawback with MROs running over a large scale environment: their focus is on finding optimal performance depending on single-point estimation at compile-time, instead of optimal performance over an estimation interval. We propose: (i) to determine the migration space of a MRO including the sites on which the MRO is allowed to migrate during its execution, and (ii) to find the robust site which will allow acceptable response time in an estimation interval. Performance study shows that, with a risk of loosing around 6% in response time, it is possible to gain up to 300% with the proposed robust placement.

A Privacy Preserving E-Payment Scheme

Secure electronic payment is an integral part of e-commerce. The epayment systems in current use require the revealing of the purchaser’s payment information to the seller, while purchasers are not always happy to subject the details of their payment information to possible misuse by sellers. As a result, the uptake of e-commerce is hampered from reaching its full potential. In this paper, we propose an online payment scheme which uses the traditional e-payment infrastructure but which reveals no payment information to the seller. This is done with only an incremental increase in computational power.

An Anonymity Revocation Technology for Anonymous Communication

A number of privacy-enhancing technologies (PETs) have been proposed in the last three decades offering unconditional communication anonymity to their users. Unconditional anonymity can, however, be a security threat because it allows users to employ a PET in order to act maliciously while hiding their identity. In the last few years, several technologies which revoke the identity of users who use PETs have been proposed. These are known as anonymity revocation technologies (ARTs). However, the construction of ARTs has been developed in an ad hoc manner without a theoretical basis outlining the goals and underlying principles. In this chapter we present a set of fundamental principles and requirements for construction of an ART, identifying the necessary features. We then propose an abstract scheme for construction of an ART based on these features.

A Trusted Approach to E-Commerce

It has been well documented that lack of trust between commercial entities and purchasers can restrict the potential of e-commerce. This may be because the purchaser is required to provide sensitive information to the commercial entity or because the purchaser may be suspicious that after payment has been processed, the goods purchased will not arrive. The challenge for the researcher is to determine the e-commerce model which maximizes the trust relationship. In this paper, we introduce a measure of the trust based on the information distributed to the parties in the transaction and isolate the instances which maximize trust for the purchaser. This leads us to propose four new models for e-commerce which would improve consumer trust and therefore likely lead to an increase in on-line commerce. We demonstrate that no new technologies are needed in order to implement these new models.

Designing Information Systems Which Manage or Avoid Privacy Incidents

In this paper, we consider an information system (IS) to be a set of technologies together with a set of rules about those technologies. An IS is considered to be prone to a privacy incident if it does not fully protect the private information of a user or if a dishonest user can take advantage of the privacy protection offered by the IS. This work identifies the potential privacy incidents that may occur in an IS, and proposes a framework, the MAPI Framework (Manage or Avoid Privacy Incidents), which designs IS to manage or avoid privacy incidents. The MAPI Framework can also be used for evaluating IS by identifying the missing or inappropriate technologies which may lead to privacy incidents.

Applying a cryptographic scheme in the RPINA protocol

The Respect Private Information of Non Abusers (RPINA) protocol allows users to communicate anonymously while the corresponding server ensures that the identity of the user will be revealed by a third party, called Directory Service (DS), should the user attempt a malicious attack. However, malicious co-operation between the server and the DS is the major vulnerability of the RPINA protocol. In this paper we introduce a technique, which decrease this vulnerability.