Today software piracy is a major concern to electronic commerce since a digitized product such as software is vulnerable to redistribution and unauthorized use. This paper presents an enhanced electronic software distribution and software protection model. Authentication scheme of the proposed model is based on zero-knowledge (ZK) proof which requires limited computation. The proposed model considers post installation security using authentication agent. It prevents software piracy and illegal copy. It also provides secure and efficient software live-update mechanism based on traitor tracing scheme. Even if software or personal key is copied illegally, a merchant can trace back to its original owner from the electronic license and personal key. The proposed model provides security and reasonable performance and safety.

Decentralized XML databases are often used in Electronic Commerce (EC) business models such as e-brokers on the Web. To flexibly model such applications, we need a modeling language for EC business processes. To this end, we have adopted a query language approach and have designed a query language, called XBML, for decentralized XML databases used in EC businesses. In this paper, we explain and validate the functionality of XBML by specifying e-broker business models and describe the implementation of the XBML server, focusing on the distributed query processing.

We propose a software architecture for one-stop services of electronic commerce (EC). Users currently have trouble using multiple EC services because they are provided independently. Therefore a mediator that combines EC services and provides one-stop services to users would be useful. Service matching and service collaboration are important issues in the mediator because they are the main difficulties for users. The proposed architecture provides solutions to these issues. Multiple service assignment provides suitable combinations of EC services, flow division enables efficient execution of the combined EC services, and dynamic alternative service assignment enables flexible failure avoidance during the execution of combined services. These features make the proposed architecture a suitable mediator for EC services.

Personal identity verification has a great variety of applications including access to computer terminals, buildings, credit card verification as well as EC. Algorithms for personal identity verification can be roughly classified into four categories depending on static/dynamic and biometric/physical or knowledge based. Finger prints, iris, retina, DNA, face, blood vessels, for instance, are static and biometric. Algorithms which are biometric and dynamic include lip movements, body movements and on-line signatures. Schemes which use passwords are static and knowledge based, whereas methods using magnetic cards and IC cards are physical. Each scheme naturally has its own advantages and disadvantages. A new algorithm is proposed for pen-input on-line signature verification incorporating pen-position, pen-pressure and pen-inclinations trajectories. A preliminary experiment is performed on a data base consisting of 293 genuine writings and 540 forgery writings, from 8 individuals. Average correct verification rate was 97.6% whereas average forgery refection rate was 98.7%. Since no fine tuning was done, this preliminary result looks very promising.

In a mobile computing environment, the characteristics of wireless communication and host mobility are important considerations in providing an efficient payment service. Currently, most payment systems were not intended for use in a mobile environment, and as such they inherently possess some inefficient properties. In this paper, we propose a new micropayment system (AMPS), designed for use in a mobile computing environment. AMPS reduces the computational load of mobile hosts by directing operations normally performed by the client to the static portion of the network. With AMPS, a client's request for goods goes to a TTP server, called the AMPS server, using only one message. The client can also be disconnected while the AMPS server deals with the merchant, reducing communication costs and power consumption. User privacy is protected by hiding the details of the payment to the AMPS server. The AMPS server can also provide client anonymity to merchants. Another advantage of AMPS is the provision of transaction atomicity by checking goods and money before forwarding to clients or merchants, and preserving all necessary information for any possible future disputes.

This paper proposes a framework for building a customized comparison-shopping system in which the users are allowed to add their own shopping stores dynamically. In this framework, a shopping agent is implemented with a robust inductive learning method that automatically constructs wrappers for semi-structured online stores. During learning, strong biases assumed in many existing systems are weakened so that the real stores with reasonably complex document structures can be handled.