The Vision of SEMPER / Part I: |
Secure Electronic Commerce / 1: |
The Notion of "Electronic Commerce" / 1.1: |
Example 1: Shopping over the Internet / 1.1.1: |
Example 2: Business-to-Business Commerce / 1.1.2: |
What's Special about Electronic Commerce? / 1.2: |
Virtuality of Electronic Commerce / 1.2.1: |
The Internet as a Hostile Environment / 1.2.2: |
Insecure User Equipment / 1.2.3: |
New Opportunities to Commit Fraud / 1.2.4: |
Existing Approaches to Secure Electronic Commerce / 1.3: |
Secure Channels / 1.3.1: |
Trusted Market Provider / 1.3.2: |
Digital Signatures and Public-Key Infrastructures / 1.3.3: |
Payment Systems / 1.3.4: |
The Whole Picture of Electronic Commerce / 1.4: |
Resulting Goals of SEMPER / 1.5: |
Security Requirements / 1.5.1: |
The SEMPER Focus / 1.5.2: |
Technical Framework / 2: |
The SEMPER Model / 2.1: |
Approach / 2.2: |
Architecture / 2.3: |
Protocols and Implementation / 2.4: |
Legal Framework / 3: |
Introduction / 3.1: |
Predictable Liability for Signature Keys / 3.2: |
Commitments without Online Third Party / 3.2.1: |
Liability-Cover Service / 3.2.2: |
Security and Market Effectiveness / 3.2.3: |
The SEMPER Electronic-Commerce Agreement / 3.3: |
Structure of SECA / 3.3.1: |
Introducing Electronic-Commerce Agreements / 3.3.2: |
Conclusions / 3.4: |
Vision of Future Products / 4: |
Four Facets of SEMPER as a Product / 4.1: |
SEMPER-based Business Applications / 4.2: |
Secure Internet Shopping / 4.2.1: |
Person-to-Person Scenario: The Fair Internet Trader / 4.2.2: |
Outlook / 4.3: |
Project Achievements / Part II: |
Organizational Overview / 5: |
Structure of SEMPER / 5.1: |
Lessons Learned / 5.2: |
Initial Education / 5.2.1: |
Common Understanding / 5.2.2: |
Teams of Individuals, not Organizations / 5.2.3: |
Important Concepts / 6: |
The Model of Deals, Transfers, and Exchanges / 6.1.1: |
Global Security Concepts / 6.1.2: |
Security Attributes / 6.1.3: |
Transactions, Sessions, Contexts / 6.1.4: |
Service Architecture / 6.2: |
Business Applications / 6.2.1: |
Commerce Layer / 6.2.2: |
Transfer-and-Exchange Layer / 6.2.3: |
Business-Item Layer / 6.2.4: |
Supporting Services / 6.2.5: |
Implementation Architecture / 6.3: |
Structure of a Block: Manager-Module Concept / 6.3.1: |
Communication / 6.3.2: |
Business Applications and Browser Integration / 6.3.3: |
Prototype / 6.4: |
Experiments / 6.5: |
Trial Sites and Services / 7.1: |
Internal SEMPER Trials / 7.2.1: |
Freiburg Basic Trial / 7.2.2: |
SME Trials / 7.2.3: |
Freiburg SME Trial / 7.2.4: |
MOMENTS Trial / 7.2.5: |
Trial Implementations / 7.3: |
Trial Services / 7.3.1: |
Equipment and Set-Up / 7.3.2: |
SME Business Applications / 7.3.3: |
Trial Participants' Reactions / 7.3.4: |
Initializing the SEMPER Software / 7.4.1: |
Purse Creation and Management/Payment Options / 7.4.2: |
TINGUIN (Trustworthy User Interface) / 7.4.3: |
Secure Identification and Document Exchange / 7.4.4: |
Service Providers' Reaction / 7.5: |
Conclusion / 7.6: |
The Fair Internet Trader / 8: |
Vision of a Person-to-Person Electronic-Commerce Tool / 8.1: |
A New Type of Electronic Commerce / 8.1.1: |
The Role of a Tool / 8.1.2: |
The FIT from a User Perspective / 8.2: |
Overview / 8.2.1: |
Negotiation Stage / 8.2.2: |
Contract Signing Stage / 8.2.3: |
Fulfillment Stage / 8.2.4: |
Disputes / 8.2.5: |
Internal Design / 8.3: |
The Messages Subsystem / 8.3.1: |
The Display Subsystem / 8.3.3: |
The Flow Subsystem / 8.3.4: |
Execution Model / 8.3.5: |
The Commerce Layer: A Framework for Commercial Transactions / 8.4: |
Technical Approach / 9.1: |
The Challenge / 9.1.1: |
The Generic Deal Approach / 9.1.2: |
Concepts and Architecture / 9.2: |
The Commerce-Transaction Service Model / 9.2.1: |
Trust Relations / 9.2.2: |
Commerce Transaction / 9.2.3: |
Commerce Deal / 9.2.4: |
The Commerce Service API Access Control / 9.2.5: |
Authorization of Commerce Transactions / 9.2.6: |
Service Quality Management / 9.2.7: |
Design Overview / 9.3: |
The Commerce-Layer Use Cases / 9.3.1: |
Class Diagram / 9.3.2: |
Commerce Transactions / 9.3.3: |
Representation of a Commerce Transaction / 9.3.4: |
The Downloader / 9.3.5: |
Scenarios / 9.3.6: |
Using the Commerce Transaction Service / 9.4: |
Case Description / 9.4.1: |
Definition of Transaction Classes / 9.4.2: |
Activation of a Deal / 9.4.3: |
Inspection of a Deal / 9.4.4: |
Fair Exchange: A New Paradigm for Electronic Commerce / 9.4.5: |
Introduction and Overview / 10.1: |
Why "Generic" Fair Exchange? / 10.1.1: |
Notation and Assumptions / 10.1.2: |
Related Work / 10.2: |
Certified Mail / 10.2.1: |
Contract Signing / 10.2.2: |
Fair Purchase / 10.2.3: |
Using Transfers and Fair Exchanges / 10.3: |
Transfers of Basic Business Items / 10.3.1: |
Fair Exchange / 10.3.2: |
A Model of Transfers Enabling Fair Exchange / 10.4: |
External Verifiability / 10.4.1: |
Generatability / 10.4.2: |
Revocability / 10.4.3: |
Examples / 10.4.4: |
Transfer-based Generic Fair Exchange / 10.5: |
Exchanging Externally Verifiable and Generatable Items / 10.5.1: |
Exchanging Externally Verifiable and Revocable Items / 10.5.2: |
Efficiency / 10.5.3: |
The SEMPER Fair-Exchange Framework / 10.6: |
Class Hierarchy / 10.6.1: |
The Transfer-and-Exchange Framework in Action / 10.6.2: |
Extending the Transfer-and-Exchange Layer / 10.6.3: |
The Payment Framework / 11: |
Models of Electronic Payment Systems / 11.1: |
Players / 11.2.1: |
Payment Models / 11.2.2: |
Design of the Framework / 11.3: |
Scope / 11.3.1: |
Functional Architecture / 11.3.2: |
Purses / 11.3.3: |
Transactions and Transaction Records / 11.3.5: |
Payment Manager / 11.3.6: |
Adapting a Payment System / 11.4: |
Using the Generic Payment Service Framework / 11.5: |
Payment Transactions / 11.5.1: |
Special Application Functionality / 11.5.2: |
Token-based Interface Definition / 11.6: |
Extending the Design / 11.7: |
Dispute Management / 11.7.1: |
Payment Security Policies / 11.7.2: |
Summary / 11.8: |
Trust Management in the Certificate Block / 12: |
Public-Key Infrastructure / 12.1: |
The Need for Trust Management / 12.2: |
Specifying Trusted CAs and Acceptable Certificates / 12.2.1: |
Selecting Certificates Automatically in a Business Session / 12.2.2: |
Design of Policy Management / 12.3: |
Maintaining Information about Policies / 12.3.1: |
Using Policies / 12.3.2: |
Negotiation of Certificates / 12.3.3: |
Prototype Implementation / 12.4: |
Public-Key Infrastructure in the SEMPER Trials / 12.4.1: |
Trust Management / 12.4.2: |
Netscape Communicator / 12.5: |
Microsoft Internet Explorer / 12.5.2: |
Policy Maker / 12.5.3: |
Limiting Liability in Electronic Commerce / 13: |
Necessity to Limit Liability / 13.1: |
Separation Between Digital Signature and Undeniable Commitment / 13.1.2: |
Principles and Achievements of the Solution Proposed / 13.1.3: |
Description of the Commitment Service / 13.2: |
What Exactly is an Undeniable Commitment? / 13.2.1: |
Initialization of the Subscriber / 13.2.2: |
Key Certificate / 13.2.3: |
Key Revocation / 13.2.4: |
Commitment Request and Response / 13.2.5: |
Validity of the Commitment Certificates / 13.2.6: |
Using the Commitment Service as Liability-Cover Service / 13.2.7: |
Integration in a Legal Framework / 13.2.8: |
Possible Variants and Supplements / 13.3: |
Limits / 13.3.1: |
Message Flow / 13.3.2: |
Combination with "Solvency Service" / 13.3.3: |
Recharging Liabilities / 13.3.4: |
Several Relying Parties or Beneficiaries / 13.3.5: |
Other Kinds of Authorization and Issuance of Commitment Certificates / 13.3.6: |
Who is Liable for Failures at the CCA? / 13.4: |
Reasons for Merchants to Use the Commitment Service / 13.5: |
Chambers of Commerce to Provide the Commitment Service? / 13.5.2: |
Reasons for Buyers to Use the Commitment Service / 13.5.3: |
Legal Aspects / 14: |
Legal Issues in Electronic Commerce / 14.1: |
Applicable Law and Jurisdiction / 14.2.1: |
Electronic Authentication-Validity of Digital Signatures / 14.2.2: |
Proof of Digital Signatures / 14.2.3: |
Regulations for Use and Export of Dual-Use Goods / 14.2.4: |
Consumer-Protection Laws / 14.2.5: |
Privacy and Data Protection / 14.2.6: |
Advertising, Competition, Spamming / 14.2.7: |
Content of Contracts and Internet Pages / 14.2.8: |
Contract Law / 14.2.9: |
Copyright and Trademark / 14.2.10: |
Payment / 14.2.11: |
Taxation / 14.2.12: |
Selected Approaches at Legal Frameworks / 14.2.13: |
UNCITRAL Model Law on Electronic Commerce / 14.3.1: |
Approach of the Commission of the European Community (CEC) / 14.3.2: |
OECD Guidelines / 14.3.3: |
Utah Digital Signature Act (1996) / 14.3.4: |
German Digital Signature Act (1997) / 14.3.5: |
Electronic Data Interchange Agreements / 14.3.6: |
General / 14.3.7: |
SECA CAs / 14.4.2: |
SECA Legal Body / 14.4.3: |
Joining SECA / 14.4.4: |
Liability-Limits in SECA / 14.4.5: |
Blacklists of Players Claiming Compromised Keys and Signatures / 14.4.6: |
Levels of Equipment / 14.4.7: |
The Vision of SEMPER / Part I: |
Secure Electronic Commerce / 1: |
The Notion of "Electronic Commerce" / 1.1: |