1

Towards Decentralized and Secure

Electronic Marketplace

Yingying Chen, Naftaly Minsky,Constantin Serban, and Wenxuan

Zhang

Dept of Computer ScienceRutgers University

May 6, 2005

2

Outline

On the nature of marketplaces, and their conventional electronic realization.

Decentralized Electronic Marketplace (DEM), and its implementation via LGI.

A marketplace for Airline Ticket – An Example

Related Work Conclusion

3

Market Place Essentials

A venue is required for buyers and sellers to find each other and conduct trading of merchandise.

A degree of trust between buyers and sellers is required.

4

Electronic vs. Traditional Marketplaces

Traditional marketplace (e.g. Farmers Market, Shopping Mall):

The venue of trading is physical and characterized by geographic proximity.

The trust is generated by traditional societal means—such as familiarity, local laws, local customs, and local police.

Electronic marketplace: No geographic proximity, thus no human interaction, and

no common customs and laws. The question is: how to regain the necessary trust among

the trading parties?

5

Conventional Approach to E-Market

Trust is established via a central mediator that enforces a set of rules and maintains reputation.

Example: ebay.com, pricingcentral.com/ford Limitations:

Very expensive to establish, if the marketplace is to be scalable and reliable.

The rules of trading are usually implicit in the code of the mediator, and thus quite obscure.

6

The Proposed

Decentralized Electronic Marketplace(DEM)

Based on Law Governed Interaction (LGI)---a decentralized coordination & access control mechanism.

Interaction between buyers and sellers does not involve any central mediator.

All participants in the marketplace operate via their private controllers, all carrying the same “law of the market”, L.

The marketplace is defined by its law.

7

Controller

Agent

Buyers Sellers

Auditor

Airlines

Certification Authority

BanksBanks

Banks

Law

Airline Ticket Marketplace (overview)

L

L

L

L

L

L

L

L

LLL

L L

L

8

Some Trust Requirements

Airline tickets cannot be forged. Credit card submitted to a seller can be

used only for the specified payment. Money back guarantee would be

honored. One cannot lie about his/her own

reputation.

9buyer

b

L

seller

s

L

airline

al

L

Implementation of DEM

controller

agent

buy

ba

bank

L

credit card check req

credit card check resp

t

distributeticket

t

t

t

t

sell

10

Implementation of DEM(Trading Law, Cont.)

URL location of the law: Java law:

www.cs.rutgers.edu/moses/examples/marketplace/trade.java1

Prolog law:

www.cs.rutgers.edu/moses/examples/marketplace/trade.law

11

Implementation of DEM(Performance Evaluation)

Overhead added by a pair of controllers: Depend on the complexity of the law: 20 –

200 µs Negligible over WAN Acceptable over LAN

12

Deployment(Using Distributed TCB)

II

I

I

IIx y

Controller Service

adopt(L, name) adopt(L, name)

adopt(…)

adopt(…)

m’ m’’L

m ==> yL

Implemented by Moses Middleware

13

Related Work

European SEMPER project [Wainder, M. et.al. 1996-2000]

Proposed a secure electronic marketplace for Europe Basic trust assumption has been that each user trusts

his or her own machine, but not the machine of the partner.

Had no continuation after the project has been completed in 2000.

Distributed Digital Commerce [Schemees, M. 2003] Discussed the benefits of decentralized market for

digital goods. Studied the processes involved in digital trading and

their implementation using P2P communication Proposed no mechanism for achieving the trust and

security in the marketplace.

14

Conclusion Proposed the concept of DEM (Decentralized

Electronic Marketplace) Completely decentralized, fully scalable, and lightweight. Security and trust are provided by a single, unifying law

that governs all the transactions made through the marketplace – in some analogy to the laws that govern the traditional marketplaces.

Proof of concept provided by an implementation of the airline tickets marketplace

Implemented in both Java and Prolog trading law Demo will be available on the web site of LGI release

Realization of DEM needs a widely deployed commercial controller service, to act as a distributed trusted computing base (DTCB).

15

Thanks !&

Questions ?

The End