A transactional-cycle approach to evidence management for dispute resolution
Pages 607 - 618
Abstract
Dispute resolution, a necessary function in electronic commerce, must rely on evidence that includes mechanisms to ensure non-repudiation of actions by the participants. In open systems comprising computer networks, this "non-repudiation service" is one type of security service defined in the ISO/IEC standards. These, as well as other literature, have defined a system framework for such a service. Evidence management is the central part. We propose a new methodology for evidence management with a model using a transactional cycle in which evidence is collected in compliance with the legal concept of chain-of-evidence. Evidence then exists as a set of relevant pieces instead of an atomic item. A case study involving credit-card-over-SSL transactions was used to demonstrate how the model works. Our aim was to present a new approach and show that evidence accountability can be better ensured.
References
[1]
{1} J.L. Abad Peiro, N. Asokan, M. Steiner, M. Waidner, Designing a generic payment service, IBM Systems Journal 37 (1), 1998, pp. 72-88.
[2]
{2} N. Asokan, E.V. Herreweghen, M. Steiner, Towards a framework for handling disputes in payment systems, in: Proceedings of the Third USENIX Workshop on Electronic Commerce, Boston, MA, September 1998, pp. 187-202.
[3]
{3} T. Coffey, P. Saidha, Non-repudiation with mandatory proof of receipt, Computer Communication Review 26 (1), 1996, pp. 617.
[4]
{4} DSTI/CP (Directorate for Science, Technology and Industry/ Committee on Consumer Policy), Report on consumer protection for payment cardholders, OECD, June 14, 2002.
[5]
{5} A.O. Freier, P. Karlton, P.C. Kocher, The SSL protocol version 3.0, Netscape Communications Corporation, November 18, 1996.
[6]
{6} ISO/IEC, ISO/IEC 10181-1, Information technology--open systems interconnection--security frameworks for open system: overview, 1996.
[7]
{7} ISO/IEC, ISO/IEC 10181-4, Information technology--open systems interconnection--security frameworks for open system: non-repudiation framework, 1997.
[8]
{8} ISO/IEC, ISO/IEC 13888-1, Information technology--security techniques--non-repudiation part 1: general, 1997.
[9]
{9} ISO/IEC, ISO/IEC 13888-2, Information technology--security techniques--non-repudiation part 2: mechanisms using symmetric techniques, 1998.
[10]
{10} ISO/IEC, ISO/IEC 13888-3, Information technology--security techniques--non-repudiation part 3: mechanisms using asymmetric techniques, 1997.
[11]
{11} T.P. Liang, H.J. Lai, Effect of store design on consumer purchases: an empirical study of on-line bookstores, Information & Management 39 (6), 2002, pp. 431-444.
[12]
{12} National Credit Card Center of R.O.C., Market report on electronic commerce, 5 April 2000, Retrieved June 30, 2000 from the world wide web: http://www.nccc.com.tw/plan/ news/newsg3.htm.
[13]
{13} B. Pfitzmann, M. Waidner, Properties of payment systems: general definition sketch and classification, IBM Research Report RZ 2823 (#90126), June 1996, pp. 1-28.
[14]
{14} C. Ranganathan, S. Ganapathy, Key dimensions of business-to-consumer web sites, Information & Management 39 (6), 2002, pp. 457-465.
[15]
{15} S. Schneider, Formal analysis of a non-repudiation protocol, in: Proceedings of 11th IEEE Computer Security Foundations Workshop, 1998, pp. 54-65.
[16]
{16} T.D. Tygar, Atomicity in electronic commerce, Mixed Media, April/May 1998, pp. 32-43.
[17]
{17} T. Welch, Computer crime investigation and computer forensics, in: M. Krause, H.F Tipton (Eds.), Handbook of Information Security Management, Auerbach, Boca Raton, Fla, 1999.
[18]
{18} C.H. You, J. Zhou, K.Y. Lam, On the efficient implementation of fair non-repudiation, Computer Communication Review 28 (5), 1998, pp. 50-60.
[19]
{19} J. Zhou, Evidence and non-repudiation, Journal of Network and Computer Applications (20:3), July 1997, pp. 267-281.
[20]
{20} J. Zhou, D. Gollmann, An efficient non-repudiation protocol, in: Proceedings of 10th IEEE Computer Security Foundations Workshop, 1997, pp. 126-132.
Index Terms
- A transactional-cycle approach to evidence management for dispute resolution
Recommendations
Accredited online dispute resolution services: creating European legal standards for ensuring fair and effective processes
The aim of this article is to consider the need for regulation within the European Union (EU) in order to close the existing gap between the need for effective and fair online dispute resolution (ODR) mechanisms in electronic commerce and their actual ...
Online Dispute Resolution: Some Implications for the Emergence of Law in Cyberspace
Online Dispute Resolution and Data ProtectionWhile courts and legislatures have been struggling to design legal rules that have authority in cyberspace, there have been a range of successful efforts in Online Dispute Resolution (ODR). Online dispute resolution uses the communication of information ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Publisher
Elsevier Science Publishers B. V.
Netherlands
Publication History
Published: 01 May 2005
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 24 Dec 2024