Abstract
Common Electronic Purse Specification (CEPS) used by European countries, elaborately defines the transaction between customer’s CEP card and merchant’s point of sales (POS) terminal. However it merely defines the specification to transfer the transactions between the Merchant and Merchant Acquirer (MA). This paper proposes a novel approach by introducing an entity, mobile merchant acquirer (MMA) which is a trusted agent of MA and principally works on man in middle concept, but facilitates remote two fold mutual authentication and secure transaction transfer between Merchant and MA through MMA. This approach removes the bottle-neck of connectivity issues between Merchant and MA in limited connectivity environment. The proposed protocol ensures the confidentiality, integrity and money atomicity of transaction batch. The proposed protocol has been verified for correctness by Spin, a model checker and security properties of the protocol have been verified by avispa.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abrazhevich, D.: Classification and Characteristics of Electronic Payment Systems. In: Bauknecht, K., Madria, S.K., Pernul, G. (eds.) EC-Web 2001. LNCS, vol. 2115, pp. 81–90. Springer, Heidelberg (2001)
Medvinsky, G., Neuman, B.C.: NetCash-A design for practical electronic currency on internet. In: Proceedings of the first ACM conference on computer and communication security (November 1993)
Devane, S.R., Phatak, D.B.: Introducing MMA in CEPS for Indian business Scenario. In: Proceedings The Future of Smart Card, e-smart 2003, Sofia Antipolice, France (2003)
Common Electronic Purse Specifications, Technical Specification, Version 2.3 (March 2001) (Copyright CEPSCO 1999, 2000, 2001)
Ray, I., Ray, I.: Failure Analysis of an E-commerce Protocol Using Model Checking. In: Proceedings of the Second International Workshop on Advanced Issues of E-Commerce and Web-based Information Systems, Milpitas, CA, June 2000, pp. 176–183 (2000)
Heintze, N., Tygar, J., Wing, J., Wong, H.: Model Checking Electronic Commerce Protocols. In: Proceedings of the 2nd USENIX Workshop in Electronic Commerce, November 1996, pp. 146–164 (1996)
Cox, B., Tygar, J.D., Sirbu, M.: NetBill Security and Transaction Protocol. In: Proceedings of the 1st USENIX Workshop in Electronic Commerce, July 1995, pp. 77–88 (1995)
Chaum, A.F.D., Naor, M.: Untraceable electronic cash. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 200–212. Springer, Heidelberg (1991)
Holzmann, G.J.: The Model Checker SPIN. IEEE Transactions On Software Engineering 23(5) (May 1997)
Jøsang, A.: Security protocol verification using SPIN. In: Gregoire, J.-C. (ed.) Proceedings of the First SPIN Workshop, INRS-Telecommunications, Montreal, Canada (1995); SPIN Manual, www.spinroot.com (downloaded, January 25 2006)
Shaikh, R., Devane, S.: Formal Verification of Protocol Using SPIN and AVISPA., M.E. Dissertation report, Mumbai University, Mumbai (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Devane, S., Phatak, D. (2009). Secure Transaction Protocol for CEPS Compliant EPS in Limited Connectivity Environment. In: Di Noia, T., Buccafurri, F. (eds) E-Commerce and Web Technologies. EC-Web 2009. Lecture Notes in Computer Science, vol 5692. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03964-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-03964-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03963-8
Online ISBN: 978-3-642-03964-5
eBook Packages: Computer ScienceComputer Science (R0)