Published: September 1, 1999
Citation: IEEE Communications Magazine vol. 37, no. 9, (September 1999) pp. 74-77
Author(s)
Shukri Wakid (NIST), John Barkley (NIST), Mark Skall (NIST)
Electronic commerce over the Internet is now tens of billions of dollars per year and growing. This article describes how objects used in EC can be located and protected from unauthorized access. It discusses the three kinds of EC: customer interactions with a business, business interactions with other businesses, and interactions within a business. It characterizes the object retrieval and access management required to support the types of EC. It describes how metadata expressed in XML can be used to locate objects for retrieval and how a public key infrastructure along with role-based access control can be used to implement the distributed authentication and access control necessary to support complex access policies. In addition, the article describes activities within the Information Technology Laboratory at the National Institute of Standards and Technology which contribute to the development of related standards and tests.
Electronic commerce over the Internet is now tens of billions of dollars per year and growing. This article describes how objects used in EC can be located and protected from unauthorized access. It discusses the three kinds of EC: customer interactions with a business, business interactions with...
See full abstract
Electronic commerce over the Internet is now tens of billions of dollars per year and growing. This article describes how objects used in EC can be located and protected from unauthorized access. It discusses the three kinds of EC: customer interactions with a business, business interactions with other businesses, and interactions within a business. It characterizes the object retrieval and access management required to support the types of EC. It describes how metadata expressed in XML can be used to locate objects for retrieval and how a public key infrastructure along with role-based access control can be used to implement the distributed authentication and access control necessary to support complex access policies. In addition, the article describes activities within the Information Technology Laboratory at the National Institute of Standards and Technology which contribute to the development of related standards and tests.
Hide full abstract
Keywords
access control; electronic commerce; Internet; object retrieval; RBAC; Role-Based Access Control; World Wide Web; XML
Control Families
None selected