Skip to main content

Trusted Agent-Mediated E-Commerce Transaction Services via Digital Certificate Management

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

Agent-mediated e-commerce (AMEC) transaction services will be a paradigm shift from the existing client–server e-commerce model. In order to fulfill the leverage of AMEC intermediary services with secure and trusted service capabilities, we propose an agent-oriented public key infrastructure (PKI) operating with a variety of digital certificates. Under this agent-oriented PKI, several trusted AMEC transaction service models will be demonstrated using human and agent certificates showing, delegation, and verification protocols. We establish human/agent authentication, authorization, delegation, access control, and trusted relationships before these trusted AMEC intermediary services can be realized. This paper shows that a trusted AMEC system can be implemented in the FIPA compliant multi-agent system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Abadi, M., M. Burrows, and B. Lampson. (1993). “A Calculus for Access Control in Distributed Systems.” ACM Transactions on Programming Languages and Systems 15(4), 706–734.

    Google Scholar 

  2. Ankolekar, A. et al. (2001). “DAML-S: Semantic Markup ForWeb Services.” In Proceedings of the First Semantic Web Working Symposium, SWWS'01, Stanford University, Stanford, CA, July 30–August 1, pp. 411–430.

    Google Scholar 

  3. Aura, T. (1999). “Distributed Access-Rights Management with Delegation Certificates.” In Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Lecture Notes in Computer Science, Vol. 1603. Berlin: Springer, pp. 213–238.

    Google Scholar 

  4. Bailey, P.J. and Y. Bakos. (1997). “An Exploratory Study of the Emerging Role of Electronic Intermediaries.” International Journal of Electronic Commerce 1(3), 7–20.

    Google Scholar 

  5. Blaze, M., J. Feigenbaum, J. Ioannidis, and A.D. Keromytis. (1999). “The Role of Trust Management in Distributed System Security.” In Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Lecture Notes in Computer Science, Vol. 1603. Berlin: Springer, pp. 185–212.

    Google Scholar 

  6. Boley, H., S. Tabet, and G. Wagner. (2001). “Design Rationale of Rule ML: A Markup Language for Semantic Web Rules.” In Proceedings of the First Semantic Web Conference, Stanford, CA, pp. 381–402.

  7. Castelfranchi, C. and R. Falcone. (2000). “Trust and Control: A Dialectic Link.” Applied Artificial Intelligence 14, 799–823.

    Google Scholar 

  8. Dignum, F. (2001). “Agents, Markets, Institutions and Protocols.” In Agent Mediated Electronic Commerce: The European AgentLink Perspective. Berlin: Springer, pp. 98–114.

    Google Scholar 

  9. Ellison, C.M. (2001). “SPKI/SDSI Certificates.” http://world.std.com/.

  10. Farrell, S. and R. Housley. (2001). “An Internet Attribute Certificate Profile for Authorization.” draftietf-pkix-ac509prof-06.txt, http://www.ietf.org.

  11. FIPA. (2001). “FIPA Agent Management Specification.” Document no. XC00023, http://www.fipa. org.

  12. FIPA. (2001). “FIPA Communicative Act Library Specification.” Document no. XC00037, http://www. fipa.org.

  13. FIPA. (2001). “FIPA ACL Message Representation in XML Specification.” Document no. XC00071, http://www.fipa.org.

  14. Gerck, E. (2000). “Overview of Certification Systems: X.509, CA, PGP and SKIP.” MCG-Meta-Certificate Group, http://www.mcg.org.br.

  15. Grosof, N.B. and Y. Labrou. (1999). “An Approach to Using XML and a Rule-Based Content Language with an Agent Communication Language.” IBM Research Report RC 21491(96965), http://www. research.ibm.com.

  16. He, Q., K. Sycara, and T. Finin. (1998). “Personal Security Agent: KQML-Based PKI.” In Proceedings of the Second International Conference on Autonomous Agents.

  17. Heckman, C. and O.J. Wobbrock. (2000). “Put Your Best Fact Forward: Anthropomorphic Agents, E-Commerce Consumers, and the Law.” In Proceedings of the Fourth International Conference on Autonomous Agents, Barcelona, pp. 435–441.

  18. Hendler, J. (2001). “Agents and the Semantic Web.” IEEE Intelligent System 16(2), 30–37.

    Google Scholar 

  19. Herzberg, A. et al. (2000). “Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers.” In 2000 IEEE Symposium on Security and Privacy, pp. 2–14.

  20. Hu, Y.J. (2001). “Some Thoughts on Agent Trust and Delegation.” In Proceedings of the Fifth International Conference on Autonomous Agents, Montreal, Quebec, Canada, May 28–June 1, pp. 489–496.

  21. Jennings, R.N., K. Sycara, and M. Wooldridge. (1998). “A Roadmap of Agent Research and Development.” Autonomous Agents and Multi-Agent Systems 1, 7–38.

    Google Scholar 

  22. Johnston,W., S.Mudumbai, and M. Thompson. (1998) “Authorization and Attribute Certificates forWidely Distributed Access Control.” In Proceedings of the IEEE 7th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises-WETICE'98.

  23. Kohlas, R. and Maurer. (1999). “Reasoning About Public-Key Certification: On Binding Between Entities and Public Keys.” In Financial Cryptography 99 (FC99), Lecture Notes in Computer Science. Berlin: Springer.

    Google Scholar 

  24. Kohnfelder, L.M. (1978). “Towards a Practical Public-Key Cryptosystem.” S.B. Thesis, MIT, May.

  25. Lampson, B., M. Abadi, M. Burrows, and E. Wobber. (1992). “Authentication in Distributed Systems: Theory and Practice.” ACM Trans. Computer Systems 10(4), 265–310.

    Google Scholar 

  26. Lee, Ing-Chung and Y.J. Hu. (2001). “An Agent-Based Secure E-Commerce Environment with Distributed Authentication and Authorization Services.” In The 2001 International Conference on Internet Computing (IC-2001) Session on Agents for E-Business on the Internet, Monte Carlo Resort, Las-Vegas, USA, June 25–28.

  27. Li, N., B.N. Grosof, and J. Feigenbaum. (1999). “A Logic-Based Knowledge Representation for Authorization with Delegation.” IBM Research Report RC 21492(96966), May, http://www.research.ibm. com.

  28. Ludwig, H., L. O'Connor, and S. Kramer. (2000). “Method for Inter-Enterprise Role-Based Authorization.” In First International Conference, EC-Web 2000, London, UK, pp. 133–144.

  29. Mcllraith, A. Sheila, Tran Cao Son, and Honglei Zeng. (2001). “Mobilizing the SemanticWeb with DAMLEnabled Web Services.” In Proceedings of the Second International Workshop on the Semantic Web-SemWeb'2001, Hong Kong, China, May 1, pp. 82–87.

  30. Moukas, A., R. Guttman, G. Zacharia, and P. Maes. (2000). “Agent-Mediated Electronic Commerce: An MIT Media Laboratory Perspective.” International Journal of Electronic Commerce 4(3).

  31. Nwana, S.H. et al. (1998). “Agent-Mediated Electronic Commerce: Issues, Challenges and Some Viewpoints.” In Proceedings of the Second International Conference on Autonomous Agents, pp. 189–196.

  32. Park, S.J. and R. Sandhu. (2000). “Binding Identities and Attributes Using Digitally Signed Certificates.” In 16th Annual Computer Security Applications Conference (ACSAC), New Orleans, LA, December.

  33. Sarkar, M.B., B. Bulter, and C. Steinfield. (1995). “Intermediaries and Cybermediaries: A Continuing Role for Mediating Players in the Electronic Marketplace.” Journal of Computer-Mediated Communication 1(3), http://jcmc.huji.ac.il/vol1/issue3/sarkar.html.

  34. Sierra, C. (1999). Agent-Mediated Electronic Commerce: Scientific and Technology Roadmap. http:// www.iiia.csic.es/AMEC/.

  35. Vulkan, N. (1999). “Economic Implications of Agent Technology and E-Commerce.” The Economic Journal 109 (February), 67–90.

    Google Scholar 

  36. Winsborough, H., S. William, E. Kent, and V.E. Jones. (1999). “Negotiating Disclosure of Sensitive Credentials.” In Second Conference on Security in Communication Networks, Amalfi, Italy.

  37. Winslett, M., N. Ching, V. Jones, and I. Slepchin. (1997). “Using Digital Credentials on the World-Wide Web.” Journal of Computer Security, http://drl.cs.uiuc.edu/security/pubs.html.

  38. Wong, H.C. and K. Sycara. (1999). “Adding Security and Trust to Multi-Agent Systems.” In Proceedings of Third International Conference on Autonomous Agents (Workshop on Deception, Fraud and Trust in Agent Societies), Seattle, WA, May, pp. 149–161.

  39. Zacharia, G., and P. Maes. (2000). “Trust Management Through Reputation Mechanisms.” Applied Artificial Intelligence 14, 881–907.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

About this article

Cite this article

Hu, YJ. Trusted Agent-Mediated E-Commerce Transaction Services via Digital Certificate Management. Electronic Commerce Research 3, 221–243 (2003). https://doi.org/10.1023/A:1023474906451

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1023474906451