Trust, Privacy and Security in E-Business: Requirements and Solutions

  • Sokratis K. Katsikas
  • Javier Lopez
  • Günther Pernul
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3746)


An important aspect of e-business is the area of e-commerce. One of the most severe restraining factors for the proliferation of e-commerce, is the lack of trust between customers and sellers, consumer privacy concerns and the lack of security measures required to assure both businesses and customers that their business relationship and transactions will be carried out in privacy, correctly, and timely. This paper considers trust privacy and security issues in e-commerce applications and discusses methods and technologies that can be used to fulfil the pertinent requirements.


Security Requirement Trust Management Attribute Certificate Open System Interconnection IEEE Intelligent System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Forrester Research. Post-web retail (September 1999),
  2. 2.
    US Census Bureau,
  3. 3.
    Bhargava, B., Lilien, L., Winslett, M.: Pervasive Trust. IEEE Intelligent Systems, 74–77 (September 2004)Google Scholar
  4. 4.
    Kini, A., Choobineh, J.: Trust in Electronic Commerce: Definition and Theoretical Considerations. HICSS (4), 51–61 (1998)Google Scholar
  5. 5.
    Grandison, T., Sloman, M.: A Survey of Trust in Internet Applications. IEEE Communications Surveys & Tutorials (2000)Google Scholar
  6. 6.
    ITU-T Recommendation X.509, Information Technology - Open systems interconnection - The Directory: Authentication Framework (June 1997) Google Scholar
  7. 7.
    ITU-T Recommendation X.509, Information Technology - Open systems interconnection - The Directory: Public-key and attribute certificate frameworks (March 2000) Google Scholar
  8. 8.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: IEEE Symposium on Security and Privacy, pp. 164–173 (1996)Google Scholar
  9. 9.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The KeyNote Trust-Management System Version 2. RFC 2704 (1999)Google Scholar
  10. 10.
    Dillon, T., Chang, E., Khadeer, F.: Managing the Dynamic Nature of Trust. IEEE Intelligent Systems, 79–82 (September 2004)Google Scholar
  11. 11.
    Clarke, R.: Internet Privacy Concerns Confirm the Case for Intervention. Comm. of the ACM. 42(2) (1999)Google Scholar
  12. 12.
    Chung, W., Paynter, J.: Privacy Issues on the Internet. In: Proc of the 35th Hawaii Int. Conf. on System Sciences, Janauray (2002)Google Scholar
  13. 13.
    Brown, M., Muchira, R.: Investigating the relationship between Internet Privacy Concerns and Online Purchasing Behaviour. Journal of Electronic Commerce Research 5(1) (2004)Google Scholar
  14. 14.
    Araujo, I.: Privacy Mechanisms supporting the building of trust in e-commerce. In: Proc. IEEE International Workshop on Privacy Data Management, Tokyo, Japan (April 2005)Google Scholar
  15. 15.
    Reiter, M.K., Rubin, A.D.: Anonymous web transaction with Crowds. Comm. of the ACM 42(2) (1999)Google Scholar
  16. 16.
    Chaum, D.L.: Untraceable electronic mail, return address, and digital pseudonyms. Comm. of the ACM. 24(2) (1981)Google Scholar
  17. 17.
    Lopez, J., Oppliger, R., Pernul, G.: Authentication and Authorization Infrastructures (AAIs): A Comparative Survey. Computers & Security Journal 23 (2004)Google Scholar
  18. 18.
    Kiountouzis, E.: Approaches to the security of information systems. In: Katsikas, S., Gritzalis, D., Gritzalis, S. (eds.) Information Systems Security, New Technologies Publications, Athens, Greece (2004) (In Greek)Google Scholar
  19. 19.
    Winograd, T., Flores, F.: Understanding Computers and Cognition. Addison-Wesley, Reading (1997)Google Scholar
  20. 20.
    Denning, P.J.: Electronic Commerce. In: Denning, D.E., Denning, P.J. (eds.) Internet Besieged. Addison-Wesley & ACM Press (1998)Google Scholar
  21. 21.
    Pernul, G., Rohm, A., Herrmann, G.: Trust for Electronic Commerce Transactions. In: Eder, J., Rozman, I., Welzer, T. (eds.) ADBIS 1999. LNCS, vol. 1691, p. 1. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  22. 22.
    Burnett, R.: Legal aspects of e-commerce. Computing & Control Engineering Journal (2001)Google Scholar
  23. 23.
    Turban, E.: Electronic Commerce A Managerial Perspective. Prentice-Hall, Englewood Cliffs (2004)Google Scholar
  24. 24.
  25. 25.
  26. 26.
    Arsenault, A., Turner, S.: IETF PKIX WG, Internet draft, Internet X.509 Public Key Infrastructure PKIX Roadmap (March 10, 2000)Google Scholar
  27. 27.
    Lekkas, D., Katsikas, S.K., Spinellis, D.D., Gladychev, P., Patel, A.: User Requirements of Trusted Third Parties in Europe. In: Proceedings, User identification and Privacy Protection Joint IFIP WG 8.5 and WG 9.6 Working Conference, pp. 229–242 (1999)Google Scholar
  28. 28.
    Gritzalis, S., Katsikas, S.K., Lekkas, D., Moulinos, K., Polydorou, E.: Securing the electronic market: The KEYSTONE Public Key Infrastructure Architecture. Computers and Security 19(8), 731–746 (2000)CrossRefGoogle Scholar
  29. 29.
    Katsikas, S.K., Gritzalis, S.A.: A Best Practice Guide for Secure Electronic Commerce. Upgrade III(6) (December 2002); Also in Novatica Journal of the Associacion de Tecnicos de Informatica Also in Tecnoteca Online of ALSI,,,
  30. 30.
    Katsikas, S.K., López, J., Pernul, G. (eds.): Trust and Privacy in Digital Business, First International Conference, TrustBus 2004. LNCS, vol. 3184, pp. 162–171. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  31. 31.
    Katsikas, S.K., López, J., Pernul, G. (eds.): Trust, Privacy and Security in Digital Business, Second International Conference, TrustBus 2005. LNCS, vol. 3592. Springer, Heidelberg (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Sokratis K. Katsikas
    • 1
  • Javier Lopez
    • 2
  • Günther Pernul
    • 3
  1. 1.Dept. of Information & Communication Systems EngineeringUniversity of the AegeanGreece
  2. 2.Dept. of Languages and Computation SciencesUniversity of MalagaSpain
  3. 3.Dept. of Management Information SystemsUniversity of RegensburgGermany

Personalised recommendations