Inter-domain authorization and delegation for business-to-business e-commerce

Security exposures are viewed as a major impediment to the growth of electronic commerce over Internet. The main requirement of inter-enterprise communications is the verification of the role granted by a company to each individual instead of the authentication of individuals based on their universal names as provided by X509 digital ID?s. We depict in this paper an original mechanism for role-based authorization in inter-enterprise business communications. This mechanism is based on a secure extension of X509 ID certificates using SPKI authorization certificates. The mechanism was transparently integrated into existing application and network security packages. This platform was developed as part of an R&D project supported by the TEN TELECOM program of the European Commission.