Abstract
A threshold scheme is employed for protecting confidential files against unauthorized perusal and permitting collective update in an e-commerce environment. The proposed system requires a subset of a designated group of ‘trustees’ readily available over the network in an operational time frame (e.g., a session). Sensitive applications running on a physically secure machine contain built-in processing to initiate collective authorization when needs arise. Authorizations in the form of partial passwords are sent over the network and are protected using SSL based cryptographic protocols. A collective encryption/decryption for file mechanism to control read accesses is also described.
Similar content being viewed by others
References
Brickell, E.F. (1990), “Some Ideal Secret Sharing Schemes.” J. Combin. Math. and Combin. Comput. 9, 105–113.
Denning, D.E.R. (1982). Cryptography and Data Security. Harlow, UK: Addison-Wesley.
Elizabeth, D. and R. Denning. (1982). Cryptography and Data Security. Reading, MA: Addison-Wesley.
Gerald, C.F. and P.O. Wheatley. (1994). Applied Numerical Analysis. Harlow, UK: Addison-Wesley.
Leong, P.C. and P.C. Tan. (1999). “Shamir's Shared Secret Scheme in GF(p m).” In Proceedings of the IEEE TENCON'99. Cheju, Korea: IEEE Press, pp. 463–466.
McLaren and McLaren. (2000). E-Commerce Business on the Internet. Singapore: Thomson Learning.
Shamir, A. (1979). “How to Share a Secret.” Communications of the ACM 22, 612–613.
Schneider, G. and J.T. Perry. (2000). Electronic Commerce. Singapore: Thomson Learning.
Schneier, B. (1996), Applied Cryptography. Harlow, UK: Addison-Wesley.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Tan, E., Leong, P. & Sio, L. Group-Access Control of Confidential Files in E-Commerce Management Using Shared-Secret Scheme. Electronic Commerce Research 2, 151–158 (2002). https://doi.org/10.1023/A:1013304522599
Issue Date:
DOI: https://doi.org/10.1023/A:1013304522599