Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Object Retrieval and Access Management in Electronic Commerce



S A. Wakid, John Barkley, Mark Skall


Electronic commerce over the Internet is now tens of billions of dollars per year and growing. This article describes how objects used in EC can be located and protected from unauthorized access. It discusses the three kinds of EC: customer interactions with a business, business interactions with other businesses, and interactions within a business. It characterizes the object retrieval and access management required to support the types of EC. It describes how metadata expressed in XML can be used to locate objects for retrieval and how a public key infrastructure along with role-based access control can be used to implement the distributed authentication and access control necessary to support complex access policies. In addition, the article describes activities within the Information Technology Laboratory at the National Institute of Standards and Technology which contribute to the development of related standards and tests.
IEEE Communications Magazine


access control, electronic commerce, Internet, object retrieval, RBAC, Role-Based Access Control, World Wide Web, XML


Wakid, S. , Barkley, J. and Skall, M. (1999), Object Retrieval and Access Management in Electronic Commerce, IEEE Communications Magazine, [online],, (Accessed June 16, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 31, 1999, Updated October 12, 2021