Abstract
To safeguard the interests of transacting parties, non-repudiation mechanisms need to assure fairness and timeliness. The non-repudiation service currently implemented usually does not consider the requirement of fairness and the fair non-repudiation protocols to date can not be suitably applied in real environment due to its complex interaction. This paper discusses the transaction-oriented non-repudiation requirement for Web services transaction, analyzes the constraints of the traditional model for the available fair non-repudiation protocols and designs a new Online-TTP fair non-repudiation protocol. The new protocol provides a fair non-repudiation solution to secure Web services transactions and can be embedded into a single Web service call. The protocol adopts evidence chained to decreasing the overhead of evidence verification and management and alleviates the overhead of certificate revocation checking and time-stamp generation for signatures. The protocol has strong fairness, timeliness, efficiency and practicability.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Austin D, Barbin A, Ferris C, et al. Web Service Architecture Requirements, W3C[EB/OL]. [2010-02-15]. http://www.w3.org/TR/2004/NOTE-wsa-reqs-20040211.
Kremer S, Markowitch O, Zhou J. An intensive survey of fair non-repudiation protocols[J]. Computer Communications, 2002, 25(17): 1606–1621.
Kremer S, Markowitch O, Zhou J. An intensive survey of fair non-repudiation protocols[J]. Computer Communications, 2002, 25(17): 1606–1621.
Onieva J A, Zhou Jianying, Lopez J. Multiparty non-repudiation: A survey[J]. IEEE Communications Magazine, 2008, 46(4): 102–107.
Zhou J. Non-Repudiation in Electronic Commerce[C]// Computer Security Series. London: Artech House, 2001.
Nadalin A, Kaler C, Phillip Hallam-Baker. OASIS Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)[EB/OL].http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf.
Eric L, Gravengaard. Web services security: Non-repudiation proposal draft[EB/OL]. [2010-02-15]. http://schemas.reactivity.com/2003/04/web-services-non-repudiation-05.pdf.
Robinson P, Cook N, Shrivastava S. Implementing Fair Non-repudiable Interactions with Web Services[R]. Tyne: School of Computing Science, Univ Newcastle, 2005.
Zhou J, Gollmann D. A fair non-repudiation protocol[C]// IEEE Symposium on Security and Privacy, Research in Security and Privacy. Oakland, CA: IEEE Computer Security Press, 1996: 55–61.
Kremer S, Markowitch O. Optimistic non-repudiable information exchange[C]// 21st Symp on Information Theory in the Benelux, Werkgemeenschap Informatieen Communicatietheori. Enschede (NL): Wassenaar Press, 2000: 139–146.
You C, Zhou J, Lam K. On the efficient implementation of fair non-repudiation[J]. Computer Communication Review 1998, 28(5): 50–60.
David B, Hugo H, Francis M C, et al. Web service architecture[EB/OL]. [2010-02-15]. http://www.w3c.org/TR/ws-arch/. 2004.
Naor M, Nissim K. Certificate revocation and certificate update[C]// Proceedings of the 7th USENIX Security Symposium. Texas: USENIX Association, 1998: 217–228.
Haber S, Stornetta W S. How to time-stamp a digital document[J]. Journal of Cryptology, 1991, 3(2): 99–111.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National High Technology Research and Development Program of China (863 Program) (2006AA01Z405)
Biography: SU Ruidan, male, Ph.D. candidate, research direction: networks and information security.
Rights and permissions
About this article
Cite this article
Su, R., Fu, S. & Zhou, L. Fair non-repudiation for web services transactions. Wuhan Univ. J. Nat. Sci. 15, 385–392 (2010). https://doi.org/10.1007/s11859-010-0671-1
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11859-010-0671-1