Doing some electronic business on the Internet is already an easy task today. As is cheating and snooping. Several reasons contribute to this insecurity: The Internet does not offer much security
per-se. Eavesdropping and acting under false identity is simple. Popular PC operating systems offer little or no security against viri or other malicious software. At the same time, user
awareness for security risks is threateningly low.
A few specific security tools are in wide use, and several projects have been aiming at more comprehensive security for electronic commerce. Still there are a lot of important open issues. This
article reviews these open issues in a structured way. It is based on experience with the European R&D project SEMPER,, but it is not a presentation of the project results beyond some useful concrete
background for the more general open issues.
By: Michael Waidner
Published in: RZ3070 in 1998
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .