efficient e-commerce architectures - home page

8/14/2019 Efficient E-Commerce Architectures - Home Page

1/3

ent E-Commerce Architectures - Home Page http://www.itl.nist.gov/div895/c

7/7/2003 1

Welcome to the Efficient E-Commerce Architectures Project

Economical Trust and Assurance for E-Commerce

Electronic commerce (e-commerce) is a broad, interdisciplinary field addressing the

automation of business transactions. E-commerce improves the efficiency of current

business practices and fosters new, productive approaches. Several observations can be

made:

Initial successes in e-commerce have occurred among large organizations that built

complex, closed-membership systems. However, open, interoperable e-commerce is

equally important, since half of the US economy is conducted by small businesses that

cannot afford expensive services. Increasingly, e-commerce involves globally spanning, public network access via the

World Wide Web. Web economies and flexibilities are hard to ignore. For example,

customer-to-customer Web auctions could not exist without Internets powerful

aggregating of parties across great distances and populations.

Trust is fundamental in pursuing commercial objectives on the Internet.

Web-based assurance should dispel wariness among trading parties who do not know eachother. We thus have participated with the Financial Systems Technology Consortium

(www.fstc.org) in its FAST (Financial Agent Secure Transaction) project. FAST addresses

e-commerce participants with concerns about

Valid identities for other Web parties.

Characteristics being claimed, promised or contracted for (examples are payment

guarantee, shipping reliability or rights of product use).

Privacy for personal data and business marketing information.

A 186-page Phase I FAST report is complete and will be available to the public in early

2001. A sketch of the FAST approach appears below.

FAST: An Inexpensive Trust Framework

In an increasingly global and profitable electronic marketplace, business deals will be possible among those


2/3


7/7/2003 1

who have no common basis for trust. Parties never actually meet. No one knows directly who the others are,

nor exactly what reputation each has. (An important attribute of a party might be sufficient balance,

authority to commit a company to a transaction or offerers true Web address(URL).) This problem of

identity and verification of attributes is not new: letters of introduction and of credit are conventional

instruments for this. However, the timeframe for authentication must be shortened for e-commerce.

Authentication is now needed in seconds. The advent of electronic networks makes possible trust

frameworks that are faster, more comprehensive and more secure than paper documents.

Although individuals, merchants and other business entities may have no convenient way to authenticate eachother, almost all have relationships with banks, credit unions and other agents of trust. These agents and

institutions could provide authentication services on behalf of the their customers to establish commercial

trust with more distant partners. The agents of trust link together via a closed electronic link trust (depicted

below). Business parties 1 and 2 correspond via open Internet service. Each party has a secure link to an

agent. This link may be sophisticated (encryption) or plain (browser with password). In any case, party 1

asks agent 1 to confirm to party 2 (via agent 2, whom party 1 is unaware) something that party 1 cannot

establish alone. The customer can remain anonymous (as can the merchant, but most want their name

known).

Publications

Contacts

High Performance Systems and Services Division

"Created on":02/01/00 - "Last modified":02/01/00 - Contact: [email protected]


3/3


7/7/2003 1

efficient e-commerce architectures - home page

Documents