- Section 1.8: Law, Security,
Trust and Confidence
E-Arbitration-T©: An Alternative
Dispute Resolution for SMEs
J. Gouimenou
Architecture and Security Issues of a
Signature Server
B. Crispo, S. Sheye
A Service Platform for On-line Dispute
Resolution
D. Mitzman, R. Gagliardi, P. Skehan
Time Stamping in E-Commerce
P. Sklavos, A. Kaliontzoglou, D. Polemi, T. Karantjias, A. Mitrakas
Private Copies and Rights Management
Issues: the SDMI-solution (and Other Techniques) as Deus Ex Machina?
K. Bodard
Supporting Small Businesses to Deal with
Legal Issues in E-Commerce
Y. Duan, R. Mullins, R. Brownsword
- The
Digisec Project - The Adventures of the Digital Signature in
Italy
F. Bonizzi
Development of the Secure MultiMediaCard
with WIM Function
T. Tsunehiro, H. Ishihara, H. Mano
SEVA: A Framework to Dynamically Set
Up and Run a Secure Extranet
P. Vannel and Y. Roudier
A Monitoring/Auditing Mechanism for SSL/TLS
Secure Connections
C. Kavadias, K.A. Koutsopoulos, V. Kollias, G. Stassinopoulos
Electronic Contracting in the Construction
Industry
M. Merz, G. Tesei, G. Tunzi, T. Hassan
eLEGAL: Dismantling the Legal Barriers
to ICT Up-Take in Virtual Enterprises
T. Hassan, C. Carter, C. Seddon, M. Mangini
Virtual Enterprise Legal Issue Taxonomy
C. Van Schoubroeck, H. Cousy, D. Droshout, B. Windey
Conceptual Framework for Virtual Enterprise
in Construction
J. Hyvärinen, M. Hannus, C. Carter, J. Puttonen, P. Välikangas
Open Contracting TransActions in the
New Economy (OCTANE Project)
N.-H. Kühne, M. Jungemann-Dorner, T. Lam
E-Arbitration-T©:
An Alternative Dispute Resolution for SMEs
Jacques GOUIMENOU
TIGA Technologies, 21 Avenue des Genottes. BP 8123, F-95806 Cergy
Cedex (France)
This paper describes how: -
the E-Arbitration-TO project will analyse, define, pilot and
validate the ADR (Alternative Dispute Resolution) technological
requirements; - to establish the international legal framework,
the project needs to analyse existing solutions; - to implement
its technological objectives, the project will define the initial
framework for the E-Arbitration Tribunal using Multi-Agent Systems
communication protocols for maintaining the relationship, security
and transparency between all parties to the process (appointing
authority, claimants, respondents, and arbitrators); - to define
the users' interactive interfaces and components for all stages
of the process (asserting, documenting, arbitrating and resolving);
- to define a very large exploitation and dissemination strategy
towards traditional arbitration bodies, world trade centres and
internet-generation arbitration tribunals; - to demonstrate worldwide
the effectiveness of the E-Arbitration TO project in full scale
deployment using modelling and simulation techniques and a software.
Top
of Page
Architecture
and Security Issues of a Signature Server
Bruno CRISPO(1) and
Simeon SHEYE(2)
(1) Cryptomathic Italia SpA - Corso Svizzera 185, 10149 Torino,
Italia
(2) Cqptomathic A/S - Kannikegade 14,3 DK-8000 Aarhus, Denmark
Geographically distributed
organisations face the challenge of providing to their employees
the ability to digitally sign transactions independently from
which location and which capabilities have the terminal they
use to generate the signature. A number of requirements have
to be satisfied before this is achieved. The purpose of this
paper is to address this problem and describe a centralised signature
server as possible solution focussing on its security aspects.
The server maintains a database over individual signature keys.
Given proper identification, the signature server can be requested
to sign a document or a transaction on behalf of the person whose
signature key it stores. The advantage of a signature server
is high security, mobility (signature can be generated from any
terminal), control and independent logging of the use of the
signature. Moreover, a centralised server may facilitate the
enforcement of complex security policies very difficult to implement
otherwise.
Top
of Page
A
Service Platform for On-line Dispute Resolution
David MITZMAN(1), Roberto
GAGLIARDI(2) and Paul SKEHAN(3)
(1) InfoCamere, Corso Stati Uniti, 14; 3.5127 Padua, Italy
(2) Consorzio Pisa Ricerche-Centro META, Corso Italia 116; 56125
Pisa, Italy
(3) Eurochambres, Rue Archimede, 5/3; B1000 Brussels, Belgium
The OnlineConfidence Project
is establishing an innovative, on-line dispute resolution (ODR)
service giving both consumers and businesses access to a practical,
out-of-court redress procedure which fully respects the principles
of impartiality, transparency, effectiveness and fairness set
out in a recent EC Recommendation. The service will be delivered
by a federated system of ODR agencies operating within the network
of 1300 Chambers of Commerce associated with Eurochambres, as
well as through partnerships with other non-Chamber initiatives
in Europe and overseas. The supporting IT system will address
the needs of a collaborating community of global ODR service
providers. Core services include rapid direct negotiation facilities
and a full, workflow-enabled mediation procedure with virtual
meeting capabilities and other collaborative tools. A high degree
of interoperability of system components will be achieved through
new, ODR-specific data interchange standards based on XML.
Top
of Page
Time
Stamping in E-Commerce
Panagiotis SKLAVO(1),
Alexandros KALIONTZOGLOU(1), Despina POLEMI(2), Thanos
KARANTJIAS(2), Andreas MITRAKAS(3)
(1) Expertnet S.A., 244 Kifisias & 1 Ahilleos St, Halandri,
Athens, Greece 155 61,
(2) Institute of Communications and Computer Systems, Herroon
Polytechniou 9, Zografou,
Athens, Greece 157 73
(3) GlobalSign NV/SA, Chausstee de Haecht 1426, B-1130 Brussels
Time Stamping is a security
service that can provide time related non-repudiation to electronic
transactions by using digital signatures. Traditional time stamping
protocols involve the stamping of e-documents by a trusted authority
at some time after their creation. Thus the owner of the e-document
can provide evidence of existence and possession after that particular
time. Existing Time Stamping (TS) products provide solutions
based on client/server implementations of the IETF time stamping
protocol draft not allowing TS to be applied on a document bearing
the signatures of the two transacting parties, a mjor requirement
for secure e-commerce applications. This paper addresses this
problem presenting results from the ongoing ISIS project TSEC.
Top
of Page
Private
Copies and Rights Management Issues: the SDMI-solution (and Other
Techniques) as Deus Ex Machina?
Katia BODARD
Vrije Universiteit Brussel, Faculty of Law, Department for Development
of Law, Comparative Law and European Law, Centre for Interaction
Law & Technology
Pleinlaan 2, 1050 Brussels, Belgium
New technologies on the Internet
like P2P tile sharing have questioned the effectiveness of legal
rules, especially concerning copyright. The latter have been
challenged in various cases. What the Napster, MP3.com and DVD
cases all show is the panic and the seemingly inability of classic
intermediaries to embrace the new technology in time. To preserve
their rights, technical solutions have been worked out in the
form of watermarks, fingerprints and other techniques. Are these
techniques the key to rights management problems? Are other solutions
preferable as well? In other words how should copyrights be secured?
Top
of Page
Supporting
Small Businesses to Deal with Legal Issues in E-Commerce
Yanqing DUAN(1), Roisin
MULLINS(1), Roger BROWNSWORD(2)
(1) Luton Business School, University of Luton, Luton LU1 3JU,
UK
(2) Department of Law, University of Sheffeld, UK
Surveys and focus groups were
conducted to investigate small business managers' views on the
legal issues in the use of the Internet and e-commerce. The study
focuses on the managers' perceptions on the importance of legal
issues in adopting and managing e-commerce, their current level
of knowledge on basic law and legal issues involved in e-commerce,
and small business needs on the provision of education and professional
advice on legal issues. The surveys and focus groups highlighted
the managers' strong perception on the importance of legal issues
and detected a very low level of legal awareness among small
business managers. As a result of these findings, a framework
for an on-line intelligent legal support system is proposed.
Top
of Page
The
Digisec Project - The Adventures of the Digital Signature in
Italy
Fiorella BONIZZI
InfoCamere, via G.B. Morgagni 30H, 00161 Roma, Italy
The DIGISEC project represents
the trial phase of a wider project aiming at a massive introduction
of the digital signature in the administrative process of the
Business Register in Italy. A parallel objective of the project
is also that of address the use of the digital signature in wider
contexts of e-commerce transactions, for instance, and not only
in the administrative process of a public administration. This
report illustrates the reasons (mainly legislative, but also
technological, logistic, organisational and, in a word, cultural)
that induced a deep change in the development of the project,
although the main objectives, that is the monitoring of the behaviour
of a large sample (100,000) of end users, are maintained.
Top
of Page
Development
of the Secure MultiMediaCard with WIM Function
Takashi TSUNEHIRO(1)
, Haruji ISHIHARA(2) and Hiroyuki MANO(1)
(1) 292 Yoshida-cho, Totsuka-ku, Yokohama, 244-0817 Japan
(2) Nippon Bldg. 6-2, Otemachi, 2-chome, Chiyoda-ky Tokyo 100-0004
Japan
Valuable digital contents like
the music data are beginning to be distributed via network. And
it becomes very important to protect digital contents with copyright
protection technologies. In Nov. 2000, the first digital music
distribution using the mobile phone started in Japan. In this
service, the distributor adopted the "Keitaide-Music"
system and the Hitachi Content Protection Secure MultiMediaCard
as the storage media. This card has the security functions based
on the PKI (Public Key Infrastructure) technologies. Now, the
next generation Secure MultiMediaCard for general usage is going
to be developed. This Generic Secure MultiMediaCard will have
the WIM (WAP Identity Module) functions defined in WAP forum.
This card contains the same functions as the "smart card".
So, a user will download the digital content to his/her card
and pay its fee with the same card. The 3G mobile phone with
the Generic Secure MultiMediaCard may become the necessary tool
for the mobile commerce.
Top
of Page
SEVA:
A Framework to Dynamically Set Up and Run a Secure Extranet
Pierre VANNEZL(1) and
Yves ROUDlER(2)
(1) Gemplus Labs, Parc d'activites de Gemenos, B.P.100, 13881
Gemenos CEDEX, France
(2) Institut Eureecom, 2229 route des Cretes, B.P. 193, 06904
Sophia-Antipolis, France
An extranet lets an organisation
share part of its information system (e.g. documents, services,
computers.. .etc.) securely over the Internet. In-house data
is available to suppliers, customers, or external partners. Security
is critical, but it must not stand in the way efficient business
practices. Exchanges should comply with an established security
policy, but there are no widely-accepted solutions to accomplish
this. The SEVA framework deals with these issues and this paper
describes the SEVA architecture. A typical scenario of operation
of a SEVA extranet is provided in this paper.
Top
of Page
A
Monitoring/Auditing Mechanism for SSL/TLS Secure Connections
(1) National Technical
University of Athens (NTUA); Dept. of Electrical & Computer
Eng. 9, Heroon Polytechniou Str., 157 73, Zographou, Athens,
GREECE
(2) TELETEL S.A; 124, Kifisias Avenue, Athens, GREECE
This paper analyses the SSL/TLS
procedures and defines the functionality of a monitoring/auditing
entity running in parallel with the protocol, which is decoding,
checking the certificate and permitting session establishment
based on the decoded certificate information, the network addresses
of the endpoints and a predefined access list. Finally, this
paper discusses how such a facility can be used for detection
of compromised private keys.
Top
of Page
Electronic
Contracting in the Construction Industry
Michael Merz(1), Gino TESEI(1), Giuseppe TANZI(1), Tarek HASSAN(2)
(1) Ponton Group AG, Stresemannstr. 163, 22769 Hamburg, Germany
(2) Department of Civil and Building Engineering, Loughborough
University, Loughborough, Leicestershire, LE11 3TU, UK
The advances in information
and communication technologies (ICT) are giving rise to new types
of inter-networked organisations. These 'Smart" organisations
are virtual in concept, highly flexible, and rely on network
technologies. Typical examples of such virtual enterprises are
those formed to execute construction projects and generally large
scale engineering projects. eLEGAL (IST-1999-20570) is an RTD
(Research in Technical Developments) project within the Information
Society Technologies (IST) programme of the European Commission.
eLEGAL concentrates on automating contracting processes related
to the use of ICT in the European construction industry. The
main aim of eLEGAL is to define a framework for specifying legal
conditions and contracts to enable a legally admissible (exclusive)
use of ICT in project business. This paper will concentrate on
the technological basis upon which eLEGAL service and software
components are built. For the eLEGAL software development, we
differentiate three separate layers of the software. At the lowest
layer, collaboration services provide concurrency control to
keep contract data consistent. At an intermediate level, a generic
contracting service uses the collaboration software for the specific
purpose of contract negotiation, while the highest layer provides
rules that allow to validate contracts.
Top
of Page
eLEGAL:
Dismantling the Legal Barriers to ICT Up-Take in Virtual Enterprises
Tarek HASSAN(1), Chris CARTER(1), Clive SEDDON(2), Mauro MANGINI(3)
(1) Loughborough University, Loughborough, Leicestershire, LE11
3TU, UK
(2) Masons, 30 Aylesbury Street, London EC1R 0ER, UK
(3) Geodeco S.p.A, Via Pontiroli 18 / 5,16031 Bogliasco (Genoa),
Italy
Advances in information and
communication technologies (ICTs) are increasingly leading to
"virtual organisations" being formed, i.e. to execute
construction projects. Legal issues are threatening to inhibit
their growth and prosperity, including a lack of contractual
support for electronic information and documentation. The eLEGAL
project (IST-1999-20570) is undertaking research in this area,
aiming to define a framework for specifying legal conditions
and contracts to enable a legally admissible use of ICT in project
business. In this way, all parties involved in the VEs, including
SMEs, will be confident that there is a legal framework regulating
their new ways of working leading to more trust and hence, improved
business relationships. This paper describes the eLEGAL project
and presents initial findings from a review of legal contracts
and clauses related to the use of ICTs. The eLEGAL approach to
dismantling the barriers to ICT up-take is then introduced.
Top
of Page
Virtual
Enterprise Legal Issue Taxonomy
Caroline VAN SCHOUBROECK, Herman COUSY, Dimitri DROSHOUT, Bart
WINDEY
K.U.Leuven University, Law School, Department of Commercial Law
and Insurance Law, Collegium Falconis, Tiensestraat 41, 3000
Leuven, Belgium,
This paper describes the development
and the structure of the "Virtual Enterprise Legal Issue
Taxonomy". First the Taxonomy will be situated in the framework
of the ALIVE-project. Next the objectives and the structure of
the Taxonomy will be clarified. Then, the three branches of the
actual Taxonomy will be explained. The first branch holds a description
of the features of the VE, from both a business and a legal point
of view. The main part of the paper gives a general overview
of the second and third branches of the Taxonomy. The second
branch of the taxonomy is situated at a rather basic level and
will resemble most to a common dictionary. At that level, the
sequence of the topics is mainly alphabetical, because at random.
The third branch lifts up the prior classification of legal issues
to a higher level, by classifying those issues on the basis of
different angles by which the VE can be looked upon. In conclusion,
some dilemmas and questions will be raised.
Top
of Page
Conceptual
Framework for Virtual Enterprise in Construction
Juha HYVARINEN(1), Matti HANNUS(1), Chris CARTER(2), Jari PUTTONEN(3)
and Pekka VliLIKANGAS(3)
(1) VTT Building and Transport P.O.Box 1801, FIN-02044 VTT, Finland
(2) Loughborough University, Loughborough, Leicestershire, LE11
3TU, UK,
(3) Forturn Engineering Ltd, P.O. Box 10, FIN - 000 48 FORTUM,
Finland,
This paper will discuss the
development of a framework for the concepts related to project
based Virtual Enterprises/Smart Organisations, which are typical
especially in construction projects. In the ongoing European
project eLEGAL (Specifying Legal Terms of Contract in ICT Environment,
IST-1999-20570) fundamental concepts and their semantics have
been collected, based on a state of the art study of Virtual
Enterprise contractual practices and related ICT support. The
resulting framework for Virtual Enterprise is published as a
glossary of terms and a formal information model. The development
of this conceptual framework is expected to contribute to the
general understanding between the experts in legal, construction
technology and ICT issues and to provide a basis of a roadmap
for further research.
Top
of Page
Open
Contracting TransActions in the New Economy (OCTANE Project)
Nils-Henrik KUHNE(1), Monika JUNGEMANN-DORNER(1), Tony LAM(2)
(1) ComNetMedia AG, Emil-Figge-Strasse 86, D-44227 Dortmund,
Germany,
(2) NetUnion Sarl, Avenue Louis Ruchonnet 57, CH-1003 Lausanne,
Switzerland,
OCTANE is a Key Action II Trial
that establishes secure and web-based tools for electronic contracting.
The project responds to a large variety of different contracting
scenarios and user requirements in business-to-business and business-to-administration
with a set of advanced technology components and service concepts,
supporting dynamic networked organisations in a broad sense.
Top
of Page |