SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions

Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol....

Full description

Bibliographic Details
Main Author: Kovan, Gerry
Language:en
Published: University of Waterloo 2006
Subjects:
SSL
Online Access:http://hdl.handle.net/10012/1079
id ndltd-LACETR-oai-collectionscanada.gc.ca-OWTU.10012-1079
record_format oai_dc
spelling ndltd-LACETR-oai-collectionscanada.gc.ca-OWTU.10012-10792014-06-18T03:51:11Z SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. 2006-08-22T14:22:42Z 2006-08-22T14:22:42Z 2005 2005 Thesis or Dissertation http://hdl.handle.net/10012/1079 en Copyright: 2005, Kovan, Gerry. All rights reserved. University of Waterloo
collection NDLTD
language en
sources NDLTD
topic Computer Science
Secure Payment Protocol
Internet Commerce
Public Key Cryptography
SSL
Digital Signatures
spellingShingle Computer Science
Secure Payment Protocol
Internet Commerce
Public Key Cryptography
SSL
Digital Signatures
Kovan, Gerry
SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
description Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services.
author Kovan, Gerry
author_facet Kovan, Gerry
author_sort Kovan, Gerry
title SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
title_short SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
title_full SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
title_fullStr SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
title_full_unstemmed SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions
title_sort spp secure payment protocol: protocol analysis, implementation and extensions
publisher University of Waterloo
publishDate 2006
url http://hdl.handle.net/10012/1079
work_keys_str_mv AT kovangerry sppsecurepaymentprotocolprotocolanalysisimplementationandextensions
_version_ 1716669943426056192