| The Vision of SEMPER / Part I: |
| Secure Electronic Commerce / 1: |
| The Notion of "Electronic Commerce" / 1.1: |
| Example 1: Shopping over the Internet / 1.1.1: |
| Example 2: Business-to-Business Commerce / 1.1.2: |
| What's Special about Electronic Commerce? / 1.2: |
| Virtuality of Electronic Commerce / 1.2.1: |
| The Internet as a Hostile Environment / 1.2.2: |
| Insecure User Equipment / 1.2.3: |
| New Opportunities to Commit Fraud / 1.2.4: |
| Existing Approaches to Secure Electronic Commerce / 1.3: |
| Secure Channels / 1.3.1: |
| Trusted Market Provider / 1.3.2: |
| Digital Signatures and Public-Key Infrastructures / 1.3.3: |
| Payment Systems / 1.3.4: |
| The Whole Picture of Electronic Commerce / 1.4: |
| Resulting Goals of SEMPER / 1.5: |
| Security Requirements / 1.5.1: |
| The SEMPER Focus / 1.5.2: |
| Technical Framework / 2: |
| The SEMPER Model / 2.1: |
| Approach / 2.2: |
| Architecture / 2.3: |
| Protocols and Implementation / 2.4: |
| Legal Framework / 3: |
| Introduction / 3.1: |
| Predictable Liability for Signature Keys / 3.2: |
| Commitments without Online Third Party / 3.2.1: |
| Liability-Cover Service / 3.2.2: |
| Security and Market Effectiveness / 3.2.3: |
| The SEMPER Electronic-Commerce Agreement / 3.3: |
| Structure of SECA / 3.3.1: |
| Introducing Electronic-Commerce Agreements / 3.3.2: |
| Conclusions / 3.4: |
| Vision of Future Products / 4: |
| Four Facets of SEMPER as a Product / 4.1: |
| SEMPER-based Business Applications / 4.2: |
| Secure Internet Shopping / 4.2.1: |
| Person-to-Person Scenario: The Fair Internet Trader / 4.2.2: |
| Outlook / 4.3: |
| Project Achievements / Part II: |
| Organizational Overview / 5: |
| Structure of SEMPER / 5.1: |
| Lessons Learned / 5.2: |
| Initial Education / 5.2.1: |
| Common Understanding / 5.2.2: |
| Teams of Individuals, not Organizations / 5.2.3: |
| Important Concepts / 6: |
| The Model of Deals, Transfers, and Exchanges / 6.1.1: |
| Global Security Concepts / 6.1.2: |
| Security Attributes / 6.1.3: |
| Transactions, Sessions, Contexts / 6.1.4: |
| Service Architecture / 6.2: |
| Business Applications / 6.2.1: |
| Commerce Layer / 6.2.2: |
| Transfer-and-Exchange Layer / 6.2.3: |
| Business-Item Layer / 6.2.4: |
| Supporting Services / 6.2.5: |
| Implementation Architecture / 6.3: |
| Structure of a Block: Manager-Module Concept / 6.3.1: |
| Communication / 6.3.2: |
| Business Applications and Browser Integration / 6.3.3: |
| Prototype / 6.4: |
| Experiments / 6.5: |
| Trial Sites and Services / 7.1: |
| Internal SEMPER Trials / 7.2.1: |
| Freiburg Basic Trial / 7.2.2: |
| SME Trials / 7.2.3: |
| Freiburg SME Trial / 7.2.4: |
| MOMENTS Trial / 7.2.5: |
| Trial Implementations / 7.3: |
| Trial Services / 7.3.1: |
| Equipment and Set-Up / 7.3.2: |
| SME Business Applications / 7.3.3: |
| Trial Participants' Reactions / 7.3.4: |
| Initializing the SEMPER Software / 7.4.1: |
| Purse Creation and Management/Payment Options / 7.4.2: |
| TINGUIN (Trustworthy User Interface) / 7.4.3: |
| Secure Identification and Document Exchange / 7.4.4: |
| Service Providers' Reaction / 7.5: |
| Conclusion / 7.6: |
| The Fair Internet Trader / 8: |
| Vision of a Person-to-Person Electronic-Commerce Tool / 8.1: |
| A New Type of Electronic Commerce / 8.1.1: |
| The Role of a Tool / 8.1.2: |
| The FIT from a User Perspective / 8.2: |
| Overview / 8.2.1: |
| Negotiation Stage / 8.2.2: |
| Contract Signing Stage / 8.2.3: |
| Fulfillment Stage / 8.2.4: |
| Disputes / 8.2.5: |
| Internal Design / 8.3: |
| The Messages Subsystem / 8.3.1: |
| The Display Subsystem / 8.3.3: |
| The Flow Subsystem / 8.3.4: |
| Execution Model / 8.3.5: |
| The Commerce Layer: A Framework for Commercial Transactions / 8.4: |
| Technical Approach / 9.1: |
| The Challenge / 9.1.1: |
| The Generic Deal Approach / 9.1.2: |
| Concepts and Architecture / 9.2: |
| The Commerce-Transaction Service Model / 9.2.1: |
| Trust Relations / 9.2.2: |
| Commerce Transaction / 9.2.3: |
| Commerce Deal / 9.2.4: |
| The Commerce Service API Access Control / 9.2.5: |
| Authorization of Commerce Transactions / 9.2.6: |
| Service Quality Management / 9.2.7: |
| Design Overview / 9.3: |
| The Commerce-Layer Use Cases / 9.3.1: |
| Class Diagram / 9.3.2: |
| Commerce Transactions / 9.3.3: |
| Representation of a Commerce Transaction / 9.3.4: |
| The Downloader / 9.3.5: |
| Scenarios / 9.3.6: |
| Using the Commerce Transaction Service / 9.4: |
| Case Description / 9.4.1: |
| Definition of Transaction Classes / 9.4.2: |
| Activation of a Deal / 9.4.3: |
| Inspection of a Deal / 9.4.4: |
| Fair Exchange: A New Paradigm for Electronic Commerce / 9.4.5: |
| Introduction and Overview / 10.1: |
| Why "Generic" Fair Exchange? / 10.1.1: |
| Notation and Assumptions / 10.1.2: |
| Related Work / 10.2: |
| Certified Mail / 10.2.1: |
| Contract Signing / 10.2.2: |
| Fair Purchase / 10.2.3: |
| Using Transfers and Fair Exchanges / 10.3: |
| Transfers of Basic Business Items / 10.3.1: |
| Fair Exchange / 10.3.2: |
| A Model of Transfers Enabling Fair Exchange / 10.4: |
| External Verifiability / 10.4.1: |
| Generatability / 10.4.2: |
| Revocability / 10.4.3: |
| Examples / 10.4.4: |
| Transfer-based Generic Fair Exchange / 10.5: |
| Exchanging Externally Verifiable and Generatable Items / 10.5.1: |
| Exchanging Externally Verifiable and Revocable Items / 10.5.2: |
| Efficiency / 10.5.3: |
| The SEMPER Fair-Exchange Framework / 10.6: |
| Class Hierarchy / 10.6.1: |
| The Transfer-and-Exchange Framework in Action / 10.6.2: |
| Extending the Transfer-and-Exchange Layer / 10.6.3: |
| The Payment Framework / 11: |
| Models of Electronic Payment Systems / 11.1: |
| Players / 11.2.1: |
| Payment Models / 11.2.2: |
| Design of the Framework / 11.3: |
| Scope / 11.3.1: |
| Functional Architecture / 11.3.2: |
| Purses / 11.3.3: |
| Transactions and Transaction Records / 11.3.5: |
| Payment Manager / 11.3.6: |
| Adapting a Payment System / 11.4: |
| Using the Generic Payment Service Framework / 11.5: |
| Payment Transactions / 11.5.1: |
| Special Application Functionality / 11.5.2: |
| Token-based Interface Definition / 11.6: |
| Extending the Design / 11.7: |
| Dispute Management / 11.7.1: |
| Payment Security Policies / 11.7.2: |
| Summary / 11.8: |
| Trust Management in the Certificate Block / 12: |
| Public-Key Infrastructure / 12.1: |
| The Need for Trust Management / 12.2: |
| Specifying Trusted CAs and Acceptable Certificates / 12.2.1: |
| Selecting Certificates Automatically in a Business Session / 12.2.2: |
| Design of Policy Management / 12.3: |
| Maintaining Information about Policies / 12.3.1: |
| Using Policies / 12.3.2: |
| Negotiation of Certificates / 12.3.3: |
| Prototype Implementation / 12.4: |
| Public-Key Infrastructure in the SEMPER Trials / 12.4.1: |
| Trust Management / 12.4.2: |
| Netscape Communicator / 12.5: |
| Microsoft Internet Explorer / 12.5.2: |
| Policy Maker / 12.5.3: |
| Limiting Liability in Electronic Commerce / 13: |
| Necessity to Limit Liability / 13.1: |
| Separation Between Digital Signature and Undeniable Commitment / 13.1.2: |
| Principles and Achievements of the Solution Proposed / 13.1.3: |
| Description of the Commitment Service / 13.2: |
| What Exactly is an Undeniable Commitment? / 13.2.1: |
| Initialization of the Subscriber / 13.2.2: |
| Key Certificate / 13.2.3: |
| Key Revocation / 13.2.4: |
| Commitment Request and Response / 13.2.5: |
| Validity of the Commitment Certificates / 13.2.6: |
| Using the Commitment Service as Liability-Cover Service / 13.2.7: |
| Integration in a Legal Framework / 13.2.8: |
| Possible Variants and Supplements / 13.3: |
| Limits / 13.3.1: |
| Message Flow / 13.3.2: |
| Combination with "Solvency Service" / 13.3.3: |
| Recharging Liabilities / 13.3.4: |
| Several Relying Parties or Beneficiaries / 13.3.5: |
| Other Kinds of Authorization and Issuance of Commitment Certificates / 13.3.6: |
| Who is Liable for Failures at the CCA? / 13.4: |
| Reasons for Merchants to Use the Commitment Service / 13.5: |
| Chambers of Commerce to Provide the Commitment Service? / 13.5.2: |
| Reasons for Buyers to Use the Commitment Service / 13.5.3: |
| Legal Aspects / 14: |
| Legal Issues in Electronic Commerce / 14.1: |
| Applicable Law and Jurisdiction / 14.2.1: |
| Electronic Authentication-Validity of Digital Signatures / 14.2.2: |
| Proof of Digital Signatures / 14.2.3: |
| Regulations for Use and Export of Dual-Use Goods / 14.2.4: |
| Consumer-Protection Laws / 14.2.5: |
| Privacy and Data Protection / 14.2.6: |
| Advertising, Competition, Spamming / 14.2.7: |
| Content of Contracts and Internet Pages / 14.2.8: |
| Contract Law / 14.2.9: |
| Copyright and Trademark / 14.2.10: |
| Payment / 14.2.11: |
| Taxation / 14.2.12: |
| Selected Approaches at Legal Frameworks / 14.2.13: |
| UNCITRAL Model Law on Electronic Commerce / 14.3.1: |
| Approach of the Commission of the European Community (CEC) / 14.3.2: |
| OECD Guidelines / 14.3.3: |
| Utah Digital Signature Act (1996) / 14.3.4: |
| German Digital Signature Act (1997) / 14.3.5: |
| Electronic Data Interchange Agreements / 14.3.6: |
| General / 14.3.7: |
| SECA CAs / 14.4.2: |
| SECA Legal Body / 14.4.3: |
| Joining SECA / 14.4.4: |
| Liability-Limits in SECA / 14.4.5: |
| Blacklists of Players Claiming Compromised Keys and Signatures / 14.4.6: |
| Levels of Equipment / 14.4.7: |
| The Vision of SEMPER / Part I: |
| Secure Electronic Commerce / 1: |
| The Notion of "Electronic Commerce" / 1.1: |
図書
EB
