by Michael Waidner
Backed by the European Commission, a consortium of 20 partners from European industry and academia has embarked on a research project to develop the fundamentals for secure electronic commerce. The goal of the 9 million ECU project, SEMPER (Secure Electronic Marketplace for Europe), is to provide the first open and comprehensive solutions for secure commerce over the Internet and other public information networks.
A wide range of businesses are rapidly moving to explore the huge potential of networked information systems, especially with the Internet-based WWW (World-Wide Web). The Internet, which already connects more than 3 million computers and a substantially larger number of users, is growing at a breathtaking pace with thousands of newcomers every day.
Although the Internet has its roots in academia and is still dominated by free-of-charge information, dramatic changes are expected in the near future. For instance, the WWW will be used for a wide variety of electronic commerce such as on-line trade or delivery of advanced multimedia information services. The evolution of broadband networks and "information highways" will intensify this trend.
The need for secure transactions in this new business environment, which involves networks available to the general public, has triggered a number of related efforts. These initial developments are based almost exclusively in the US and most of them are limited to proprietary, or otherwise closed solutions, involving only electronic payment issues. In contrast, SEMPER is directed towards a comprehensive solution for secure electronic commerce, considering legal, commercial, social, and technical requirements as well as different options for an electronic marketplace.
Consistent with its broader goals, the SEMPER project will be managed by an interdisciplinary team of experts from the academic, industrial and general business environment in Europe. The team includes representatives of the social sciences, finance, retail, publishing, as well as in information and telecommunication technology.
The first of the three one-year phases will address a coherent security model and a generic, open security architecture for the electronic marketplace. This architecture will be independent of specific hardware, software, or network architectures. The most fundamental electronic commerce services, such as secure offering, order, payment and information delivery, will also be integrated in the first phase.
Subsequent phases will concentrate on more advanced services. These will include fair exchange of documents, credentials, advanced document processing, notary services and multimedia-specific security services, such as protection of intellectual property rights. Multi-party security and protection of user's privacy will receive prime attention. SEMPER will use and integrate existing architectures, tools, and services where appropriate.
Early trials will be provided for WWW, and subsequent tests performed on ATM-based broadband networks to demonstrate the broad applicability of SEMPER's architecture and services.
The SEMPER project is part of the Advanced Communication Technologies and Services (ACTS) research programme established by the European Commission Directorate General XIII for 1994-1998. ACTS is the follow-on programme for Research on Advanced Communications in Europe (RACE) 1987- 1994. The project will establish a Special Interest Group for Secure Electronic Commerce (SIGSEC) which will make results available to all interested parties, including standardisation bodies, and will co-ordinate related projects, in particular those funded by the European Commission.
IBM's Zurich Research Laboratory will provide the technical leadership for the SEMPER project, and IBM France will act as co-ordinator. The other members of the consortium are:
Banksys (B), Banque Generale du Luxembourg (L) and Telekurs (CH) are associated with SEMPER.