SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol....
Main Author: | |
---|---|
Language: | en |
Published: |
University of Waterloo
2006
|
Subjects: | |
Online Access: | http://hdl.handle.net/10012/1079 |
id |
ndltd-LACETR-oai-collectionscanada.gc.ca-OWTU.10012-1079 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-LACETR-oai-collectionscanada.gc.ca-OWTU.10012-10792014-06-18T03:51:11Z SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. 2006-08-22T14:22:42Z 2006-08-22T14:22:42Z 2005 2005 Thesis or Dissertation http://hdl.handle.net/10012/1079 en Copyright: 2005, Kovan, Gerry. All rights reserved. University of Waterloo |
collection |
NDLTD |
language |
en |
sources |
NDLTD |
topic |
Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures |
spellingShingle |
Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures Kovan, Gerry SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
description |
Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol.
This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security.
This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented.
Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. |
author |
Kovan, Gerry |
author_facet |
Kovan, Gerry |
author_sort |
Kovan, Gerry |
title |
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
title_short |
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
title_full |
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
title_fullStr |
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
title_full_unstemmed |
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions |
title_sort |
spp secure payment protocol: protocol analysis, implementation and extensions |
publisher |
University of Waterloo |
publishDate |
2006 |
url |
http://hdl.handle.net/10012/1079 |
work_keys_str_mv |
AT kovangerry sppsecurepaymentprotocolprotocolanalysisimplementationandextensions |
_version_ |
1716669943426056192 |