A decentralised public key infrastructure for customer-to-customer e-commerce Online publication date: Thu, 28-Apr-2005
by Karl Aberer, Anwitaman Datta, Manfred Hauswirth
International Journal of Business Process Integration and Management (IJBPIM), Vol. 1, No. 1, 2005
Abstract: The success story of eBay has shown the demand for customer-to-customer (C2C) electronic commerce. eBay is a centralised infrastructure with all its scalability problems (network bandwidth, server load, availability, etc.). In this paper, we argue that C2C e-commerce is an application domain that maps naturally onto the emerging field of peer-to-peer (P2P) systems simply by its underlying interaction model of customers, i.e., peers. This offers the opportunity to take P2P systems beyond mere file sharing systems into interesting new application domains. The long-term goal would be to design a fully functional decentralised system which resembles eBay without eBay's dedicated, centralised infrastructure. Since security (authenticity, non-repudiation, trust, etc.) is key to any e-commerce infrastructure, our envisioned P2P e-commerce platform has to address these security issues adequately. As the first step in this direction, we present an approach for a completely decentralised P2P public key infrastructure (PKI) which can serve as the basis for higher-level security service. We base it on a statistical approach and present an analytical model to quantify its behaviour and properties and to provide probabilistic guarantees. To justify our claims, we provide a first-order analysis and discuss the PKI's resilience against various known threats and attack scenarios.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Business Process Integration and Management (IJBPIM):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook