This special issue comprises of twelve selected papers from the International Symposium on Electronic Commerce Security (ISECS 2009), Nanchang, China, 22-24 May 2009. The conference received 1050 paper submissions from 19 countries and regions, of which 487 were selected for presentation after a rigorous review process. From these 487 research papers, through two rounds of reviewing, the guest editors selected twelve as the best papers on the Computers track of the Conference. The candidates of the Special Issue are all the authors, whose papers have been accepted and presented at the ISECS 2009 and WISA 2009, with the contents not been published elsewhere before.

The ISECS 2009 and WISA 2009 are sponsored by Nanchang HangKong University, China, Peoples' Friendship University of Russia, Nanchang University (China), Jiangxi Normal University (China), Wuhan University (China), National Chung Hsing University (Taiwan), Institute of Software, Chinese Academy of Sciences, Sichuan University (China), and Jiaxing University (China). Technical Co-Sponsors of the conference are IEEE, IEEE Computer Society, and IEEE Computer Society Technical Committee on E-Commerce.

“A framework for an ontology-based e-commerce product information retrieval system”, by Liyi Zhang, Mingzhu Zhu and Wei Huang, proposes a framework for an ontology-based e-commerce product information retrieval system, and proposes an ontology-based adaptation of the classical Vector Space Model with the consideration of the weight of product attribute. Based on the framework, a product information retrieval system which is intended to search the product information in B2C environment is developed. The main objective of this system is to facilitate users to search the object product when they carry out e-commerce activities.

“Provably Secure Certificate-based Proxy Signature Schemes”, by Jiguo Li, Lizhong Xu, Yichen Zhang, proposes two certificate-based proxy signature schemes, which are shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie- Hellman assumption in the random oracle model. Compared with the certificate-based proxy signature scheme in CT-RSA 2004, one of our schemes enjoys the same signature length and computation cost, another one requires a little more computation and communication cost.

“Research of intelligent rule-base based on multilayer intrusion detection”, by Sun Zhixin, Jiao Lin, proposes a method to establish a rulebase based on multilayer intrusion detection. This rulebase contains two parts: the rulebase based on IP layer intrusion detection and the rulebase based on application layer intrusion detection. The former adopts a mixed quadratic network statistical model to test network traffic which has performances of dynamic principle and low False Positive Probability (FPP) and low False Negative Probability (FNP), and the rulebase is established using the twice-aggregation method.

“Analysis of Attack Actions for E-Commerce Based on Stochastic Game Nets Model”, by Yuanzhuo Wang, Chuang Lin, Kun Meng, proposes a novel modeling method, Stochastic Game Nets (SGN) and use it to model and analyze the attack actions in electronic commerce (e-commerce). The model could inherit the efficient and flexible modeling approach of Stochastic Petri Nets, and also make well use of the game-theoretical framework from Stochastic Game theory.

“Axiomatic Systems for the Bisimilarity on Finite Fair Ambient Processes”, by Han Zhu, proposes an axiom system for the bisimilarity on finite Fair Ambient processes. In order to obtain normal forms of finite processes, the author extended the syntax of Fair Ambient to put the nested ambient structure into prefixes. Upon our axiom system, if two finite Fair Ambient processes are equivalent can be effectively checked.

“Parallel Processing of Sequential Media Algorithms on Heterogeneous Multi-Processor System-on- Chip”, by Peng Zhao, Dawei Wang, Ming Yan and Sikun Li, proposes a new approach that parallelizes sequential media algorithms on heterogeneous MPSoC using program transformation and application-to-architecture mapping techniques. Data locality and communication cost are optimized during the parallel processing.

“A stochastic approach to predicting performance of web service composition” by Yuxiang Dong, Yunni Xia, Qingsheng Zhu and Ruilong Yang, proposes an analytical approach to predict the performance of web service composition built on BPEL. The approach first translates web service composition specification into Stochastic Petri Nets. From the SPN model and its corresponding continuous-time Markov chain, the authors derive the analytical performance estimates of process- completion-time.

“Towards Compliance and Accountability: a Framework for Privacy Online”, by Huanchun Peng ,Jun Gu and Xiaojun Ye, proposes a comprehensive architectural framework that supports the whole PII life cycle privacy management. And identify the relevant technical and nontechnical components required to support this framework. The relationship and interaction between these components are also discussed.

“Research on On-card Bytecode Verifier for Java Cards”, by Tongyang Wang, Pengfei Yu, Jun-jun Wu and Xin-long Ma, proposes a verifier that utilizes the logical flow graph based cache policy and an improved non stressing type coding method, for the bytecode verification on the Java card, which remarkably reduces the use of the memory by the scheduling algorithm of the bytecode verifier.

“A Time and Mutable Attribute-Based Access Control Model”, by Yang Ran, Lin Chuang and Feng Fujun, proposes a new access control model named TMAAC. The TMAAC model mainly introduces extensions in time and mutable attribute compared with traditional access control. All authorizations in the model only can exist in a period of time. User access behavior must conform to the time pattern and can not exceed the maximum amount of permission. The discussion about authorization administration and access decision functions solve the problems in implementation.

“Formal model and analysis of sliding window protocol based on NuSMV”, by Yefei Zhao,YANG Zong-yuan, Jinkui Xie and Qiang Liu, proposes the respective formal model of sliding window protocol under three conditions, as well as Kripke structure semantics of the protocol. The key properties of system, such as data integrity, liveliness and information consistency, are automatically validated.

“China's E-business Model Innovation Analysis”, by ZHOU Qihai, LI Yujun, PUBU Zhuma, LIN Xun, proposes an important and interesting topic about an analysis of China's e-business model innovation.

We are particularly grateful to Guangnan Ni, Chin-Chen Chang, Jen-Yao Chung, Ben M. Chen, and Dongfen Yuan for accepting our invitation to deliver invited talks at this year’s conference. We wish to thank the Nanchang HangKong University, China for providing the venue to host the conference. In particular, we would like to acknowledge School of Computing, Nanchang HangKong University, China, who has worked throughout the year in preparation for this conference. We would like to take this opportunity to thank the authors for the efforts they put in the preparation of the manuscripts and for their valuable contributions. We wish to express our deepest gratitude to the program committee members for their help in selecting papers for this issue and especially the referees of the extended versions of the selected papers for their thorough reviews under a tight time schedule. Last, but not least, our thanks go to the Editorial Board of the Journal of Computers for the exceptional effort they did throughout this process.

In closing, we sincerely hope that you will enjoy reading this special issue.