1 towards decentralized and secure electronic marketplace yingying chen, naftaly minsky, constantin...
TRANSCRIPT
1
Towards Decentralized and Secure
Electronic Marketplace
Yingying Chen, Naftaly Minsky,Constantin Serban, and Wenxuan
Zhang
Dept of Computer ScienceRutgers University
May 6, 2005
2
Outline
On the nature of marketplaces, and their conventional electronic realization.
Decentralized Electronic Marketplace (DEM), and its implementation via LGI.
A marketplace for Airline Ticket – An Example
Related Work Conclusion
3
Market Place Essentials
A venue is required for buyers and sellers to find each other and conduct trading of merchandise.
A degree of trust between buyers and sellers is required.
4
Electronic vs. Traditional Marketplaces
Traditional marketplace (e.g. Farmers Market, Shopping Mall):
The venue of trading is physical and characterized by geographic proximity.
The trust is generated by traditional societal means—such as familiarity, local laws, local customs, and local police.
Electronic marketplace: No geographic proximity, thus no human interaction, and
no common customs and laws. The question is: how to regain the necessary trust among
the trading parties?
5
Conventional Approach to E-Market
Trust is established via a central mediator that enforces a set of rules and maintains reputation.
Example: ebay.com, pricingcentral.com/ford Limitations:
Very expensive to establish, if the marketplace is to be scalable and reliable.
The rules of trading are usually implicit in the code of the mediator, and thus quite obscure.
6
The Proposed
Decentralized Electronic Marketplace(DEM)
Based on Law Governed Interaction (LGI)---a decentralized coordination & access control mechanism.
Interaction between buyers and sellers does not involve any central mediator.
All participants in the marketplace operate via their private controllers, all carrying the same “law of the market”, L.
The marketplace is defined by its law.
7
Controller
Agent
Buyers Sellers
Auditor
Airlines
Certification Authority
BanksBanks
Banks
Law
Airline Ticket Marketplace (overview)
L
L
L
L
L
L
L
L
LLL
L L
L
8
Some Trust Requirements
Airline tickets cannot be forged. Credit card submitted to a seller can be
used only for the specified payment. Money back guarantee would be
honored. One cannot lie about his/her own
reputation.
9buyer
b
L
seller
s
L
airline
al
L
Implementation of DEM
controller
agent
buy
ba
bank
L
credit card check req
credit card check resp
t
distributeticket
t
t
t
t
sell
10
Implementation of DEM(Trading Law, Cont.)
URL location of the law: Java law:
www.cs.rutgers.edu/moses/examples/marketplace/trade.java1
Prolog law:
www.cs.rutgers.edu/moses/examples/marketplace/trade.law
11
Implementation of DEM(Performance Evaluation)
Overhead added by a pair of controllers: Depend on the complexity of the law: 20 –
200 µs Negligible over WAN Acceptable over LAN
12
Deployment(Using Distributed TCB)
II
I
I
IIx y
Controller Service
adopt(L, name) adopt(L, name)
adopt(…)
adopt(…)
m’ m’’L
m ==> yL
Implemented by Moses Middleware
13
Related Work
European SEMPER project [Wainder, M. et.al. 1996-2000]
Proposed a secure electronic marketplace for Europe Basic trust assumption has been that each user trusts
his or her own machine, but not the machine of the partner.
Had no continuation after the project has been completed in 2000.
Distributed Digital Commerce [Schemees, M. 2003] Discussed the benefits of decentralized market for
digital goods. Studied the processes involved in digital trading and
their implementation using P2P communication Proposed no mechanism for achieving the trust and
security in the marketplace.
14
Conclusion Proposed the concept of DEM (Decentralized
Electronic Marketplace) Completely decentralized, fully scalable, and lightweight. Security and trust are provided by a single, unifying law
that governs all the transactions made through the marketplace – in some analogy to the laws that govern the traditional marketplaces.
Proof of concept provided by an implementation of the airline tickets marketplace
Implemented in both Java and Prolog trading law Demo will be available on the web site of LGI release
Realization of DEM needs a widely deployed commercial controller service, to act as a distributed trusted computing base (DTCB).
15
Thanks !&
Questions ?
The End