Upload File

1 swaperoo neil daswani, dan boneh, hector garcia-molina, steven ketchpel, andreas paepcke stanford...

  • Home
  • Documents
  • 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,
21
1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments, Exchanges, Refunds, and Other Operations

Post on 21-Dec-2015

217 views

Category:

Documents


3 download

Report

Tags:

TRANSCRIPT

Page 1: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

1

SWAPEROO

Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University

A Simple Wallet Architecture for Payments, Exchanges, Refunds, and Other Operations

Page 2: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

2

Goals

Desirable wallet properties / features

Define wallet interaction model

Define Clean APIs for wallet and its components

Build Prototype

Page 3: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

3

Wallet Features

Extensible: support multiple existing and newly developed instruments and protocols

Non-Web-Centric: can be implemented in non-web environments; extensibility across devices

Symmetric: common services across commerce applications; extensibility across commerce applications

Client-Driven: user initiates all operations, including wallet invocation

Page 4: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

4

An Example

Session Initiation Dilbert -> Amazon.com

Instrument Class Negotiation Dilbert: MasterCard,

PonyCash, CyberCoin Amazon.Com: MasterCard,

VISA, CyberCoin ==> MasterCard, CyberCoin

Page 5: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

5

An Example

Protocol Negotiation for MasterCard Dilbert: SET (2KP) Amazon.Com: SET (2KP), SET (3KP),

or Unencrypted ==> SET (2KP)

Protocol Selection: SET (2KP)Available Operations: PAY, CREDIT

Page 6: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

6

An Example

Instrument Instance Selection: Dilbert’s Citibank MasterCard

Transaction Execution SET (2KP) PAY

Close Session

Page 7: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

7

SWAPEROO Architecture

User Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

WalletController

UserInterface

ClientAPI

UserInterfaceAPI

Instrument Instances

Protocols

Page 8: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

8

Function Descriptions

Instrument Manager: encryption of instruments

Protocol Manager: protocol invocation

Communication Manager: low-level, synchronous messaging

User Profile Manager: stores access control information

Wallet Controller: coordinates wallet operations & enforces access control

Page 9: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

9

Symmetric Vendors/Banks

Customer Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

VendorController

UI

Instrument Manager

Protocol Manager

Communication Manager

BankController

UI

Vendor Wallet Bank Wallet

Account Profile Manager

Page 10: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

10

Wallet Interaction Model

Open SessionInstrument Class

NegotiationProtocol NegotiationProtocol SelectionInstrument SelectionTransaction ExecutionClose Session

Open Session

Instrument ClassNegotiation

ProtocolNegotiation

ProtocolSelection

InstrumentSelection

CloseSession

TransactionExecution

Page 11: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

11

Wallet Interaction Model

Open SessionInstrument Class Instrument Class

NegotiationNegotiationProtocol NegotiationProtocol SelectionInstrument SelectionTransaction ExecutionClose Session

Open Session

Instrument ClassNegotiation

ProtocolNegotiation

ProtocolSelection

InstrumentSelection

CloseSession

TransactionExecution

Page 12: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

12

Instrument Class Negotiation

User Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

WalletController

UI Customer Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

VendorController

UI

User Wallet Vendor Wallet

Page 13: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

13

Wallet Interaction Model

Open SessionInstrument Class NegotiationProtocol NegotiationProtocol SelectionInstrument SelectionTransaction ExecutionTransaction ExecutionClose Session

Open Session

Instrument ClassNegotiation

ProtocolNegotiation

ProtocolSelection

InstrumentSelection

CloseSession

TransactionExecution

Page 14: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

14

Transaction Execution

User Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

WalletController

UI Customer Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

VendorController

UI

User Wallet Vendor Wallet

Page 15: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

15

Transaction Execution

subscribe(EXECUTE_TRANSACTION)

VendorApplication

SETProtocol

checkPrivileges (inv, Citibank Mastercard, PAY)

OK

WalletController

Vendor Wallet

executeTransaction(inv,Citibank Mastercard,PAY)

UserApplication

WalletController

User ProfileManager

SETProtocol

doOperation(PAY,Citibank Mastercard,PAY)

EXECUTE TRANSACTION SETProtocol2KP PAY

doOperation(PAY,Citibank Mastercard,PAY)

OK

notify (EXECUTE_TRANSACTION)

End-User Wallet

Page 16: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

16

Transaction Execution

Page 17: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

17

Trade-offs / Issues

Where to put what functionality?

User Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

WalletController

UserInterface

ClientAPI

UserInterfaceAPI

Instrument Instances

Protocols

Page 18: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

18

Trade-offs / Issues

User Interaction number of steps vs.

likelihood of an error

Open Session

Instrument ClassNegotiation

ProtocolNegotiation

ProtocolSelection

InstrumentSelection

CloseSession

TransactionExecution

Page 19: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

19

Trade-offs / Issues

Security vs. Customization i.e., User Interface & UI API

User Profile Manager

Instrument Manager

Protocol Manager

Communication Manager

WalletController

UserInterface

ClientAPI

UserInterfaceAPI

Instrument Instances

Protocols

Page 20: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

20

Implementation &Future Work

Implementation C++ (PalmOS) Java (Windows) PonyCash

Future Work Populate the wallet Experiment with other devices/environments

(i.e. smart cards, mobile phones, web, etc.) Abstract Data Manager

Page 21: 1 SWAPEROO Neil Daswani, Dan Boneh, Hector Garcia-Molina, Steven Ketchpel, Andreas Paepcke Stanford University A Simple Wallet Architecture for Payments,

21

Summary / Contributions

Desirable wallet properties: extensibile, symmetric, non-web-centric, client-driven

Defined wallet interaction model

Clean APIs for wallet and its components

Prototype Implementation in Java & C++(available at http://www-db.stanford.edu/~daswani/wallets/)


Dan Boneh Stream ciphers PRG Security Defs Online Cryptography Course Dan Boneh

Tutorial on Identity-Based Cryptographyabhij/download/doc/IBC-handout.pdfIdentity-Based Signatures (IBS) Security Models Security Proof Boneh Boyen Encryption Boneh Franklin IBE Set-up

Dan Boneh Stream ciphers Pseudorandom Generators Online Cryptography Course Dan Boneh

Online Advertising Fraud - Neil Daswani

Dan Boneh Web Security: Session Management CS155

Dan Boneh Authenticated Encryption Active attacks on CPA-secure encryption Online Cryptography Course Dan Boneh

Dan Boneh Intro. Number Theory Notation Online Cryptography Course Dan Boneh

Computer Security - Sharifsharif.edu/~kharrazi/courses/40442-952/01-intro.pdfDan Boneh The computer security problem ... IP address and bandwidth stealing ... Dan Boneh Types of data

Dan Boneh Basic key exchange Trusted 3 rd parties Online Cryptography Course Dan Boneh

Boneh Olam - Jewish Home Familyjewishhomefamily.org/docs/Boneh Brochure 2k19 FINAL.pdf · Marvin Eiseman Dr. Sandra Gold Steven Morey Greenberg + Jean Hallowell Dr. Michael J. Harris

Lending and Borrowing Instructors: Dan Boneh, Arthur

Eran Tromer Slides credit: Dan Boneh, Yuval Ishai

Flipped Classroom - Cryptography I - Dan Boneh

Location: KOLKATA - ipindia.nic.in€¦ · KEVENTER AGRO LIMITED DASWANI & DASWANI.---- 01/09/2014 15:11:23 58 2166450 19 08/10/2014 Morning (10.30 am to 1.00 pm) LALIT CHANDAK ASHOKA

Dan Boneh Introduction History Online Cryptography Course Dan Boneh

DeFi Security Instructors: Dan Boneh, Arthur Gervais

Dan Boneh Introduction What is cryptography? Online Cryptography Course Dan Boneh

The Boneh-Franklin IBE. Simplified Boneh-Franklin IBE 2

Dan Boneh Stream ciphers Attacks on OTP and stream ciphers Online Cryptography Course Dan Boneh

Mayank Daswani Jan Leike May 19, 2015 arXiv:1505.04497v1 ... · Mayank Daswani yJan Leike May 19, 2015 Abstract What is happiness for reinforcement learning agents? We seek a for-mal

Restituo rosie daswani

The One Time Pad - Stanford Universitydabo/courses/OnlineCrypto/slides/02... · Dan Boneh Stream ciphers The One Time Pad Online Cryptography Course Dan Boneh . Dan Boneh Symmetric

The RSA Cryptosystem Dan Boneh Stanford University

University of Chicago Library Elizabeth H. Paepcke …4 Descriptive Summary Identifier ICU.SPCL.EHPAEPCKE Title Paepcke, Elizabeth H. Papers Date 1889-1994 Size 151 linear feet (255

Dan Boneh Isolation The confinement principle CS155: Computer Security

Boneh -Franklin Identity Based Encryption Scheme

Dan Boneh Introduction Course Overview Online Cryptography Course Dan Boneh

Instructor: Dan Boneh, Arthur Gervais, Andrew Miller

By Oren H. Boneh Doctor of Philosophy Music

Dan Boneh CS155 Computer Security. Dan Boneh The computer security problem Two factors: Lots of buggy software (and gullible users) Money can be made

Protecting the World from Cybercrime Neil Daswani August 27, 2008

(in-)Dividual Pentecostals in Ghana - Daswani

TLA HEARING BOARD€¦ · spr group holdings pvt. ltd., kris & kollath 44 2034751 30 3/7/2016 morning (10.30 am to 1.00 pm) godawari roller flour mills private limited daswani & daswani

Dan Boneh Odds and ends Tweakable encryption Online Cryptography Course Dan Boneh

Mor Naaman, Yee Jiun Song, Andreas Paepcke, Hector Garcia-Molina