A Privacy Preserving ECommerce Oriented Identity Management Architecture

2011 2011

Other formats: Order a copy

Abstract (summary)

We discuss the construction of a deployable and privacy-preserving identity management architecture addressing all aspects of electronic commerce using the existing privacy preserving cryptographic primitives, while at the same time guaranteeing compatibility with current business models. Absolute privacy, which in our case is consumers privacy, is defined as the combination of consumers anonymity and their transaction unlinkability; this is very commonly violated in today's online eCommerce world. It is apparent that, because of the monetary nature of most popular online activities, accountability is a prerequisite for every applicable privacy-enhancing mechanism. We present an architecture which addresses privacy issues raised in all aspects of eCommerce, including online advertising, online payments, delivery of online purchases, and merchant-buyer evaluation systems, and aims to prevent any unauthorized entity from building and distributing consumers profiles or tracing their transactions. In addition, as online transactions can affect consumers credit scores, and are strongly associated with consumers normal activities such as bank account management and taxation, we extended our privacy-preserving protocols to a card-based identity management architecture; this deals with many types of financial activities and consumers attributes. Card-loss related mechanisms, such as advanced card-owner authentication techniques, privacy-preserving card-content recovery, and automatic and recursive credentials invalidation are also addressed in our work. It is noteworthy that privacy is incorporated in our protocols as an option, i.e., it is guaranteed only if the individual choses to; the consumer always has the option of using the existing non-privacy preserving methods.

The combination of privacy with accountability and deployability to achieve proper operation of such a variety of user activities in a centralized manner constitutes both the main innovation and contribution of this work. Accountability is a critical requirement in all monetary eCommerce activities, while deployability is a prerequisite for protocols applicability. We consider deployability in three ways: (a) in our attack model, for which we make real world assumptions, (b) in the designed architecture, where we did not introduce changes in current systems structure, and (c) by integrating in our protocols useful properties that are currently supported, while incentivizing our protocols' application by offering monetary benefits to most system entities.

Indexing (details)

Electrical engineering;
Computer science;
Electronic commerce;
0544: Electrical engineering
0984: Computer science
Identifier / keyword
Applied sciences; E-commerce; Identity management; Privacy preservation
A Privacy Preserving ECommerce Oriented Identity Management Architecture
Androulaki, Elli
Number of pages
Publication year
Degree date
School code
DAI-B 72/06, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
Bellovin, Steven
Columbia University
University location
United States -- New York
Source type
Dissertations & Theses
Document type
Dissertation/thesis number
ProQuest document ID
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.