skip to main content
10.1145/1947940.1948056acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicccsConference Proceedingsconference-collections
research-article

An aspect oriented model of efficient and secure card-based payment system

Published: 12 February 2011 Publication History

Abstract

We propose an aspect oriented model of a secure online credit card payment system based on Efficient and Secure Card-based Payment System (ESCPS). The basic idea behind this work is to present a design that addresses the possible attack aspects and the attack detection aspect which are woven inside ESCPS. The design clearly shows how the protocol behaves when the application is under man-in-the middle attack during the purchase phase of the protocol. We then analyze our design by using Alloy Analyzer to automatically verify the security aspect at the Merchant Financial Institution. The results produce no counter example for a reasonably large scope of model elements.

References

[1]
Aldawud, O., Elrad, T. and Bader, A. 2001. A UML profile for aspect oriented modeling. In Proceedings of the OOPSLA 2001 workshop on AOP, USA.
[2]
Alloy Analyzer. Available from http://alloy.mit.edu.
[3]
American National Standard X9.59-2006, Electronic Commerce for the financial Services Industry: Account Based Secure Payment Objects, May 24, 2006.
[4]
Cheong, C. P., Fong, S. and Lei, P. 2007. On designing an efficient and secure card-based payment system based on ANSI X9.59-2006. In Proceedings of the IEEE International workshop on Anti-counterfieting, Security and Identification.
[5]
Cheong, C. P., Fong, S. and Lei, P. 2007. Efficient and secure card-based payment system based on ANSI X9.59-2006, in: 9th IEEE International Conference on E-Commerce Technology and 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services.
[6]
Georg, G., Ray, I., Anastasakis, K., Bordbar, B., Toahchoodee and M., Houmb, S. H. 2009. An aspect-oriented methodology for designing secure applications, Information and Software Technology, Volume 51. 846--864.
[7]
Hussein, M. and Zulkernine, M. 2006. UMLintr: A UML profile for specifying intrusions. In Proceedings of the 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems, Germany. 279--286.
[8]
Jackson, D. 2006. Software Abstractions: Logic, Language and Analysis, The MIT Press, London England, first ed.
[9]
Zhu, Z. J., and Zulkernine, M. 2009. A model-based aspect-oriented framework for building intrusion-aware software systems, Information and Software Technology, Volume 51. 865--875.

Cited By

View all
  • (2012)Modelling of Secure Data Transmission over a Multichannel Wireless Network in AlloyProceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2012.207(785-792)Online publication date: 25-Jun-2012

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICCCS '11: Proceedings of the 2011 International Conference on Communication, Computing & Security
February 2011
656 pages
ISBN:9781450304641
DOI:10.1145/1947940
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 February 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. alloy analyzer
  2. aspect oriented modeling
  3. credit card
  4. e-commerce

Qualifiers

  • Research-article

Conference

ICCCS '11

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2012)Modelling of Secure Data Transmission over a Multichannel Wireless Network in AlloyProceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2012.207(785-792)Online publication date: 25-Jun-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media