Design of a Security Protocol for Online Tender Management

Abstract

Online Tender Management is the carrying out of the tendering process using electronic means. It enables suppliers in different geographic locations to be notified of an opportunity, to express an interest, to download tender documents and to submit a response. This promotes competition for the tender, and provides a process that is efficient for both the customers and suppliers and a selection process that is transparent to bidders. Online tender management solutions are developed in the absence of the ability to authenticate people by sight. This immediately creates problems with authenticity and integrity of electronic transactions as trust has been compromised. Improper use of electronic communication systems could also increase the possibility of leaking of tender information. So the security mechanisms have to be carefully integrated into the system to provide desirable security services such as time stamping, digital signature and encryption/decryption for the contract processes involved in an online tender management system. This research focuses on developing security protocol for online tender management system that ensures that it meet the security challenges such as authenticity, integrity, confidentiality and non-repudiation, face by such systems. It involves developing methodologies for establishing security requirements, constructing security protocols and security verification.