Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Designing Secure E-Tendering Systems

  • Conference paper
Trust, Privacy, and Security in Digital Business (TrustBus 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3592))

Abstract

Security requirements for e-tendering systems have not been closely scrutinised in the literature. This paper identifies key issues to be addressed in the design of secure e-tendering systems. In particular, the issues of secure timing and record keeping are raised. This paper also classifies existing e-tendering system designs by presenting common e-tendering architectures. A new e-tendering architecture, using distributed trusted third parties is proposed which may be suitable for secure large scale operations.

This research was supported by the Construction Innovation Cooperative Research Centre project CRC2002-067-A.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. UN/CEFACT-tbg6: Electronic Tendering International Standardization - Business Requirement Specification. Technical Report ETP020 6.0, UN/CEFACT (2005), http://www.etendering-tbg6.net/doc_specification_01.html

  2. Carter, C., Hassan, T., Mangini, M., Valikangas, P., Ott, E.: User Requirements for Legal Support. Technical Report IST-1999-20570, Information Society Technology-European Community (2001), http://cic.vtt.fi/projects/elegal/public.html

  3. Du, R., Foo, E., Boyd, C., Fitzgerald, B.: Defining security services for electronic tendering. In: The Australasian Information Security Workshop (AISW 2004), vol. 32, pp. 43–52. Australian Computer Society Inc. and ACM (2004)

    Google Scholar 

  4. Du, R., Foo, E., Boyd, C., Fitzgerald, B.: Secure communication protocol for preserving e-tendering integrity. In: Fifth Asia-Pacific Industrial Engineering and Management Systems Conference (APIEMS 2004), vol. 14, pp. 16.1–16.15, Asian Pacific Industrial Engineering and Management Society (2004)

    Google Scholar 

  5. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22, 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  6. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  7. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  8. Haber, S., Stornetta, W.S.: How to time-stamp a digital document. Journal of Cryptology 3(2), 99–111 (1991)

    Article  Google Scholar 

  9. Buldas, A., Laud, P., Lipmaa, H., Villemson, J.: Time-stamping with binary linking schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 486–501. Springer, Heidelberg (1998)

    Google Scholar 

  10. The Internet Engineering Task Force: Internet x.509 public key infrastructure time stamp protocols (tsp) (rfc 3161) (2001), http://www.ietf.org/rfc/rfc3161.txt

  11. The Internet Engineering Task Force: Electronic signature formats for long term electronic signatures (rfc 3126) (2001), http://www.ietf.org/rfc/rfc3126.txt

  12. The Internet Engineering Task Force: Network time protocol (version 3) (rfc 1305) (1992), http://www.ietf.org/rfc/rfc1305.txt

  13. Casassa, M., Harrison, K., Sadler, M.: The HP time vault service: exploiting IBE for timed release of confidential information. In: Proceedings of the twelfth international conference on World Wide Web, Budapest, Hungary, pp. 160–169. ACM, New York (2003)

    Google Scholar 

  14. Commission of the European Communities ITSEC: Information technology security evaluation criteria version 1.2. (1991), http://www.ssi.gouv.fr/en/confidence/methodology.html

  15. International Standards Organisation, International Electrotechnical Commission: Standard iso/iec 15408: Evaluation criteria for information technology (1999), http://www.iso-standards-international.com/iso-5725-kit70.htm

Download references

Author information

Authors and Affiliations

  1. Information Security Institute (ISI),  

    Rong Du, Ernest Foo, Juan González Nieto & Colin Boyd

Authors
  1. Rong Du
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ernest Foo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juan González Nieto
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Colin Boyd
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Technology Education and Digital Systems, University of Piraeus, 150 Androutsou St., GR-18532, Pireaus, Greece

    Sokratis Katsikas

  2. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

  3. University of Regensburg, Universitätsstraße 31, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Du, R., Foo, E., Nieto, J.G., Boyd, C. (2005). Designing Secure E-Tendering Systems. In: Katsikas, S., López, J., Pernul, G. (eds) Trust, Privacy, and Security in Digital Business. TrustBus 2005. Lecture Notes in Computer Science, vol 3592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11537878_8

Download citation

  • DOI: https://doi.org/10.1007/11537878_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28224-2

  • Online ISBN: 978-3-540-31796-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation