2nd USENIX Workshop on Electronic Commerce

[Diane DeMartini]

=========================================================================
2nd USENIX Workshop on Electronic Commerce
November 18-21, 1996
Claremont Resort and Conference Center
Oakland, California
=========================================================================
Sponsored by the USENIX Association
Co-sponsored by the Fisher Center for Information Technology
Management, UC Berkeley, and the School of Information Management
and Systems, UC Berkeley
=========================================================================

Dear Colleague:

If you are working in electronic commerce, you know how much has
happened since our first workshop 16 months ago. There are now a variety
of commerce service providers up and running, the Visa/Mastercard Secure
Electronic Transaction standard is rapidly evolving, smartcard/electronic
wallet experiments are being tried in many places throughout the world, and
new online merchants are popping up daily.

To brief you on all of these activities and other advancements, we have
assembled a program of first rate technical papers, invited talks, panel
sessions, and tutorials. As you will see, our program features an
exceptional range of topics, and you will have many opportunities for
interaction, discussion, and joint exploration of the frontiers of electronic
commerce.

We are pleased this year to offer the program at the Claremont Hotel in the
beautiful setting of the hills of Berkeley and North Oakland. We are
particularly happy to have the UC Berkeley School of Information
Management and Systems as a cosponsor of this workshop, and we will
have events on the UC Berkeley campus.

This is a super-hot field, and whether you are a practitioner, researcher,
potential merchant, financial service provider, or just trying to understand
the scope of the field of electronic commerce, I am certain that this
workshop will be useful to you.

I look forward to seeing you in November!

Regards,

Doug Tygar
Carnegie Mellon University
Program Chair

----------------------------------------------------------------------------
WORKSHOP ORGANIZERS

Program Chair - Doug Tygar, Carnegie Mellon University

Program Committee -
Ross Anderson, Cambridge University
Nathaniel Borenstein, First Virtual Holdings, Inc.
Stefan Brands, CWI
Daniel Geer, Open Market, Inc.
Mark Manasse, Digital Equipment Corporation
Clifford Neuman, University of Southern California
Hal Varian, University of California, Berkeley
Bennet Yee, University of California, San Diego

PROGRAM AT A GLANCE

Sunday, November 17
On-Site Registration 6:00 pm - 9:00 pm
Welcome Reception 6:00 pm - 9:00 pm

Monday, November 18
On-Site Registration 7:30 am - 5:00 pm
Tutorial Program 9:00 am - 5:00 pm

Tuesday, November 19
On-Site Registration 7:30 am - 5:00 pm
Introduction & Welcome 8:20 am - 8:30 am
Technical Program 8:30 am - 5:45 pm
Reception & Tour of Fisher Center 6:00 pm - 8:30 pm
(Shuttle service provided)
Birds-of-a-Feather Sessions 9:00 pm -11:00 pm

Wednesday, November 20
On-Site Registration 7:30 am - 5:00 pm
Technical Program 8:30 am - 6:00 pm
Hosted Luncheon with Speaker 11:45 pm - 2:00 pm
Birds-of-a-Feather Sessions 9:00 pm -11:00 pm

Thursday, November 21
Technical Program 9:00 am - 11:45 am

USENIX
Since 1975, the USENIX Association has provided a forum where the
community of engineers, scientists, and technicians working on the
cutting edge of the computing world come together to communicate the
results of innovation and research in UNIX and modern open systems.
USENIX is well known for its technical conferences, tutorial programs,
and the wide variety of publications it has sponsored over the years.

USENIX is the original, not-for-profit membership organization for
individuals and institutions interested in UNIX and related technologies.
Evolving with technology, USENIX has broadened its activities to include
open systems and the globally interconnected and interoperable computing
environment.

The USENIX Association and its members are dedicated to:
* problem-solving with a practical bias,
* fostering innovation and research that works,
* rapidly communicating the results of both research and
innovation, and
* providing a neutral forum for the exercise of critical thought
and the airing of technical issues.

SAGE, the System Administrators Guild, a Special Technical Group within
the USENIX Association, is dedicated to the recognition and advancement
of system administration as a profession.

USENIX Supporting Members:
ANDATACO
Apunix Computer Services
Crosswind Technologies, Inc.
Frame Technology Corporation
ISG Technologies
Matsushita Corporation
Motorola Research and Development
Open Market, Inc.
Shiva Corporation
Sybase, Inc.
Tandem Computers, Inc.
UUNET Technologies, Inc.

SAGE Supporting Members:
Bluestone, Inc.
Enterprise Systems Management Corporation
Great Circle Associates
Pencom Systems Administration/PSA
Southwestern Bell Telephone
Taos Mountain

The Fisher Center for Information Technology and Management

Established in 1994, the Fisher Center for Information Technology and
Management concentrates on critical information technology management
issues facing industry, government, academia, and the international research
community. Led by UC Berkeley Haas School of Business faculty and an
advisory board of representatives from companies at the forefront of
information management, the Fisher Center is the first US research center
to address the full range of business issues related to the information
superhighway and the emerging global information infrastructure. The
Center's URL is http://haas.berkeley.edu/~citm/.

GENERAL INFORMATION

Student Stipends Available
The USENIX student stipend program covers travel, living expenses, and
registration fees to enable full-time students to attend USENIX meetings.
Detailed information about applying for a stipend is available at the
USENIX Web site: http://www.usenix.org, by reading comp.org.usenix
or send email to stud...@usenix.org

Workshop Proceedings
One copy of the proceedings is included with your Technical Sessions
registration fee. To order additional copies, contact the USENIX
Association at 510.528.8649, or send email to: off...@usenix.org

Birds-Of-A-Feather Sessions (BoFs) - Tuesday & Wednesday evenings
Do you have a topic that you'd like to discuss with others? Our Birds-of-a-
Feather Sessions may be perfect for you. BoFs are very interactive and
informal gatherings of attendees interested in a particular topic. Schedule
your BoF in advance by telephoning the USENIX Conference Office at
714.588.8649, or send email to: confe...@usenix.org

Reception and Tour of the Fisher Center - Tuesday, 6:00 pm - 8:30 pm
The Fisher Center of Information Technology Management and the School
of Information Management & Systems at UC Berkeley will host a reception
and tour of its facilities. Shuttle service will be provided to and
from the hotel.

Hosted Luncheon - Wednesday, 11:45 pm - 2:00 pm
The USENIX Association will be hosting a luncheon for all technical
sessions attendees. Come join us for an appetizing lunch and listen to our
guest speaker, Pamela Samuelson from the University of California,
Berkeley.

For more workshop information, please contact:
USENIX Conference Office
22672 Lambert St., Suite 613
Lake Forest, CA 92630

Phone: 714.588.8649
Fax: 714.588.9706
Email: confe...@usenix.org
Web: http://www.usenix.org

Office Hours: 8:30 am - 5:00 pm Pacific Time

*****************************************************************************
TUTORIAL PROGRAM
Monday, November 18, 1996

Stay on top of the latest technology. Register now for tutorials.

Technology is changing more rapidly than ever before. Whether you are a
programmer, developer, or system administrator, you are expected to stay
on top of the latest improvements and do your job. Sign up for tutorials
and you'll get an immediate payoff from gaining command of the newest
developments and putting them to work in your organization.

USENIX tutorials aim to deliver the critical information you need. Taught
by hands-on experts, tutorials are practical, intensive, and essential to your
professional development.

Tutorial fees include:
* Admission to the tutorials you select
* Lunch
* Printed and bound tutorial materials from your sessions

Continuing Education Units (CEUs)
USENIX provides CEUs for a small administrative fee. Established by the
International Association for Continuing Education and Training, the CEU
is a nationally recognized standard unit of measure for continuing education
and training, and is used by thousands of organizations across the United
States.

Completion of one full day of the tutorial program qualifies for 0.6 CEUs.
You can request CEU credit by checking the appropriate box on the
registration form. USENIX provides a certificate and maintains transcripts
for each attendee who chooses CEU credits. CEUs are not the same as
college credits. Consult your employer or school to determine their
applicability.
*****************************************************************************

Monday, November 18, 9:00 am - 5:00 pm

M1am (half day: 9:00 am - 12:30 pm)
Getting Paid on the Internet
Clifford Neuman, University of Southern California

Who Should Attend: If you sell information, services, and other
products over the Internet, work for a financial institution, or are a
software developer, you will benefit by attending this course.

What You Will Learn:
* A better understanding about how to receive payment for services and
products sold over the Internet.
* The role of financial institutions can play in network commerce.
* The steps to design protocols and software to take advantage of network
payment systems.

Getting paid on the Internet is one of the most complex challenges facing
companies who want to do business electronically.

You will learn about several alternatives for payment on the Internet
including secure presentation of credit card numbers, electronic currency,
and credit-debit systems, and the situations for which each is best suited.
The predominant examples of each approach will be described. You will
find out about security issues and fraud prevention, and the security of
different payment systems.

Learn how funds flow through the system for each model, the role of banks
and other financial intermediaries, who incurs risk from fraud and failure to
pay, and which parties need to be trusted. Transaction charges and means
of profit for financial intermediaries will also be covered.

You will find out the steps needed for integration of these payment systems
with network applications, including the changes needed to Web servers
and Web browsers, evolving standards, and approaches to integration with
other network applications. The need for more standardization at the
application/payment service interface will be discussed.

Dr. Clifford Neuman, a scientist and faculty member at the Information
Sciences Institute of the University of Southern California, is one of the
principal designers of the Kerberosª authentication system. Recent work
includes development of the security infrastructure supporting authorization
and accounting. Dr. Neuman leads the design of the NetCheque and
NetCash ¨ electronic payment systems.

M2am (half day: 9:00 am - 12:30 pm)
Electronic Payments and Commerce Applications
Taher ElGamal, Netscape Communications Corporation

Who Should Attend: Technical professionals who need the latest
information on the advances in electronic payments and commerce
applications on the Internet.

What You Will Learn: State-of-the-art techniques and protocols; details
of protocols used and proposed for supporting commerce applications on
the Web.

Topics include:
* Basic technology review: RSA, DSA, RC4, SSL
* Credit card processing protocols the SET protocol and its variants
* Debit card: how to use SET for debit cards
* Protocols for electronic cash and electronic accounts
* Micro transactions and aggregation protocols
* Protocols for electronic checks and variants

Some proposals for protocols supporting banking applications will also be
described, including home banking type applications and automated bill
presentment and payment. In particular, the use of cryptographic techniques
will be outlined throughout the class.

Taher ElGamal is the chief scientist at Netscape Communications where he
is involved in security, electronic commerce, and other Internet
applications. His doctoral thesis included the "ElGamal"
public key cryptosystem and digital signature algorithm that produced
several industry standards and commercial products. He has produced
cryptographic toolkits used by many application developers for encryption
and authentication applications.

M3am (half day: 9:00 am - 12:30 pm)
Secure Java Programming: Fundamentals
Marianne Mueller and David Brownell, JavaSoft

Who Should Attend: Java developers who want to learn more about
how Java security works.

What You Will Learn: The basics of Java security and the default
applet security policy, including:

* How to construct an applet, including step by step examples of a
commerce related applet (e.g., shopping cart), and an overview of the
applet API.

* How to write applets that do useful things within the confines of the
applet security policy, including:
-- A description of the default applet security policy
-- Using the applet's host server to store persistent information
-- How to take advantage of HotJava's more configurable security
environment (e.g., read & write file ACLs)
-- How to send a CGI request from an applet
-- How to send a servlet request from an applet ("servlet" is a JavaSoft
proposal for server side extension -- the servlet API can be thought
of as a replacement for the CGI API).
-- Configuring your web environment so that a browser behind a
firewall can do DNS name resolution of machines outside the firewall

* Overview of Secure Java Platform
-- Language features: private, protected, namespace partioning,
memory management and garbage collection, arrays, strings, lack of
preprocessor. Learn how to take advantage of these language
features to write secure Java applets and applications.
-- Verifier features: Description of what the verifier does for you.
* Learn how to use the bytecode verifier with your standalone Java
application.
-- Security Manager: How you might design and implement a security
manager for a Java standalone application.
* How to get accurate and up-to-date info on Java security bugs

Marianne Mueller and David Brownell are staff engineers at JavaSoft.
Before working on Java security Marianne worked on floating point,
compiler optimizations, and tools for multithreaded programming. She
works on Java security, especially in the context of Jeeves, the Java web
server.

M4pm (half day: 1:30 pm - 5:00 pm)
Secure Java Programming: Enhancements
Marianne Mueller and David Brownell, JavaSoft

Who Should Attend: Java developers familiar with the fundamentals of
the Java security model who want to learn more about recent enhancements
to the Java security toolset.

What You Will Learn: New features in Java such as Java code signing
and Java APIs for access control lists and certificate management. Topics
will include:

* How to create signed applets and signed servlets
-- How to create a JAR file. The JAR file is a "Java Archive" file, and it
can contain class files, gif, jpeg, html, etc.
-- How to generate a key pair, to use for signing
-- How to register your public key with a public key distribution center
-- How to sign the JAR file using a standalone Java signing tool
-- How to distribute the signed JAR file (== how to distribute the signed
applet or signed servlet)
-- How to use the Java Access Control List package (java.security.ACL)
-- How to associate limited capabilities with a signed servlet
-- How to administer the Java web server so that it only accepts code signed
by a set of trusted signatures
-- How to administer the Java web server so that it grants limited
capabilities to trusted code

* X509 Certificate Management in Java

Marianne Mueller and David Brownell are staff engineers at JavaSoft.
Before working on Java security, Marianne worked on floating point,
compiler optimizations, and tools for multithreaded programming. She
works on Java security, especially in the context of Jeeves, the Java web
server.

M5pm (half day: 1:30 pm - 5:00 pm)
The Law of Electronic Commerce - Contracts, Records, and Privacy
Benjamin Wright, Attorney and Author

Who Should Attend: Online and IS professionals, security managers,
EDI and Intranet managers, purchasing managers, lawyers, accountants,
and auditors with a general understanding of business transactions.

What You Will Learn: The application of common sense legal
principles to electronic commerce.

Do you have to know about the law as it applies to electronic commerce?
The application of existing laws as applied to electronic commerce is a
relatively new field that many computing professionals are required to
understand.

You will gain a broad overview of the legal and recordkeeping issues from a
lawyer's perspective, placing legal issues in a conceptual framework. You
will learn in detail the issues of electronic contract formation, electronic
signatures, computer evidence and privacy, establishing trust in cyberspace,
trading partner agreements, and network service provider agreements. You
will hear a thorough discussion of EC records, particularly those created
for state and federal tax purposes, and the role of third party recordkeepers.
There will be ample time for questions and dialog.

Specific topics include:
- An electronic contract lawsuit in the drug industry
- Admission of email evidence in a famous lawsuit
- Different business models for establishing trust
- The Model EDI Trading Partner Agreement
- Digital signature legislation in Utah, California and Florida
- Digital signature guidelines from the American Bar Association
- An IRS regulation on the recording of electronic transactions
- A model policy for recording electronic messages for tax purposes
- Model for third-party recordkeeper

Benjamin Wright is the author of The Law of Electronic Commerce: EDI, E-
mail and Internet He is also editor of EDI Forum, a quarterly journal
covering technology, business, legal and security issues in electronic
commerce. A graduate of Georgetown University Law School, Mr. Wright
is an attorney practicing electronic commercial law from Dallas, Texas. Mr
Wright will also be giving an Invited Talk on Tuesday.

M6pm (half day: 1:30 pm - 5:00 pm)
Breaking into the Web (Pun Intended)
Daniel Geer, Open Market, Inc.

Who Should Attend: Those running an Internet site who need to
understand the tradeoffs in making it secure or how the Internet is likely to
be secured.

What You Will Learn: Threat models, both technical and social
engineering, and countermeasures; tools to make plans that will work and
will convince management that they work.

Are you really doing business on the Internet by now? Were you blocked
from doing so by security issues, real or imagined? Are you the only one
worried and no one is listening?

Simple math says that the growth rate of the Internet means the skill level of
the average Internet user is going down fast. Simple avarice says that there
is a lot of money to made (or saved) by converting much of today's
commerce to an electronic one. Simple deviousness says that the
combination of a rising flux of money and a decreasing skill level are an
irresistible target. Simple engineering says that the optimal solution is not
one-size-fits-all, and it is on that that we will focus.

You will find out about threat models, both technical and social engineering,
and countermeasures. You will walk away with the tools to make plans that
will work and will convince management that they work. Luckily, we have
some good counterexamples to work from.

Daniel E. Geer, Jr. is director of engineering at Open Market, Inc., a leader
in electronic commerce technology. Formerly he was chief scientist, vice
president of technology and managing director of security consulting
services for OpenVision Technologies. He earned a doctor of science in
biostatistics from Harvard University.

****************************************************************************

TECHNICAL PROGRAM
Tuesday through Thursday November 19-21, 1996

Tuesday, November 19, 7:30 am - 8:20 am
Continental Breakfast

8:20 am - 8:30 am
Introduction and Welcome
Doug Tygar, Carnegie Mellon University

8:30 am - 10:00 am
Session I: Hardware Tokens
Session Chair: Clifford Neuman, University of Southern California

Tamper Resistance -- a Cautionary Note
Ross Anderson, Cambridge University and Markus Kuhn,
Erlanganen/Purdue University

Token-Mediated Certification and Electronic Commerce
Daniel E. Geer, Open Market, Inc. and Donald T. Davis, SystemExperts

Smart Cards in Hostile Environments
Howard Gobioff, Carnegie Mellon University; Sean Smith,
Los Alamos National Laboratory/IBM Research;
Doug Tygar, Carnegie Mellon University; Bennet Yee, University of
California, San Diego

10:00 am - 10:15 pm Break

10:15 am - 11:45 am
Session II: Protocol Analysis
Session Chair: Ross Anderson, Cambridge University

Analysis of the SSL 3.0 Protocol
David Wagner, University of California, Berkeley and
Bruce Schneier, Counterpane Systems

Fast, Automatic Checking of Security Protocols
Darrell Kindred and Jeannette Wing, Carnegie Mellon University

Verifying Cryptographic Protocols for Electronic Commerce
Randall W. Lichota, Hughes; Grace L. Hammonds, AGCS;
Stephen H. Brackin, Arca

11:45 am - 1:30 pm Lunch - on your own

1:30 pm - 2:30 pm
Invited Talk: Legal Signatures and Proof in Electronic Commerce
Benjamin Wright, Attorney and Author -The Law of Electronic Commerce

A critical goal of electronic commerce is to create evidence of transactions so
they can later be authenticated in court. Mr. Wright will consider alternative
strategies for legally authenticating transactions, including the new Utah
Digital Signature Act and biometric signing methods. He will also describe
techniques for making reliable electronic archives.

2:30 pm - 2:45 pm Break

2:45 pm - 4:15 pm
Session III: Policy and Economics
Session Chair: Hal Varian, University of California, Berkeley

Non-transferable Characteristics and Security Deposits in a Crypto-Economy
Joseph M. Reagle, Consultant

Digital Currency and Public Networks: So What If It Is Secure, Is It Money?
John du Pre Gauntt, London School of Economics

Modeling the Risks and Costs of Digitally Signed Certificates in Electronic
Commerce
Ian Simpson, Carnegie Mellon University

4:15 pm - 4:30 pm Break

4:30 pm - 5:45 pm
Session IV: Standard Payment Interfaces
Session Chair: Bennet Yee, University of California, San Diego

Generic Payment Services: Framework and Functional Specification
Alireza Bahreman, EIT

UPAI: A Universal Payment Application Interface
Steven P. Ketchpel, Hector Garcia-Molina, Andreas Paepcke, Scott Hassan,
and Steve Cousins, Stanford University

Payment Method Negotiation Service: Framework and Programming Interface
Alireza Bahreman and Rajkuman Narayanaswamy, EIT

6:00 pm - 8:30 pm
Reception and Tour of Fisher Center, UC Berkeley - (Shuttle Service Provided)

Wednesday, November 20, 7:30 am - 8:30 am
Continental Breakfast

8:30 am - 10:00 am
Session V: Atomic transactions
Session Chair: Mark Manasse, Digital Equipment Corporation

Anonymous Atomic Transactions
Jean Camp, Sandia National Laboratory; Michael Harkavy and Doug Tygar,
Carnegie Mellon University;
Bennet Yee, University of California, San Diego

Strongboxes for Electronic Commerce
Thomas Hardjono and Jennifer Seberry, University of Wollongong

Model Checking Electronic Commerce Protocols
Nevin Heintze, Bell Labs; Doug Tygar, Jeannette Wing,
and H. C. Wong, Carnegie Mellon University

10:00 am - 10:15 pm Break

10:15 am - 11:45 pm
Session VI: Experience
Session Chair: Nathaniel Borenstein, First Virtual Holdings, Inc.

BigDog: Hierarchical Authentication, Session Control, and Authorization
for the Web
Benjamin Fried and Andrew Lowry, Morgan Stanley

Financial EDI Over the Internet: Case Study II
Arie Segev, Jaana Porra, and Malu Roldan, University of California, Berkeley

Scalable Document Fingerprinting
Nevin Heintze, Bell Labs

11:45 am - 2:00 pm Hosted Luncheon with Speaker
Designing New Rules of the Road for Electronic Commerce in Digital Information
Pamela Samuelson, University of California, Berkeley

Congress is currently considering legislative proposals to strengthen
the rights of copyright owners in cyberspace and to create a new law to
protect database developers against unauthorized extractions and reuses
of database contents. Contract lawyers are working on new rules of the
road for contracts about digital information products and services. As
attractive as the idea of adopting new rules for electronic commerce in
digital information may be, current proposals may be based on assumptions
that will not prove workable in the electronic environment.

Pamela Samuelson is a Professor of Law and of Information Management at
the University of California at Berkeley. Her principal expertise is
intellectual property law; her principal interests are in the challenges
posed by digital technologies to existing legal regimes. She is a
Contributing Editor of Communications of the ACM for which she writes a
regular "Legally Speaking" column.

2:00 pm - 3:30 pm
Session VII: Protocols
Session Chair, Daniel Geer, Open Market, Inc.

A Protocol for Secure Transactions
Douglas H. Steves, Chris Edmondson-Yurkanan and
Mohamed Gouda, University of Texas, Austin

PayTree: ``Amortized-Signature'' for Flexible MicroPayments
Charanjit Jutla and Moti Yung, IBM

A Peer-to-Peer Software Metering System
Bruce Schneier and John Kelsey, Counterpane Systems

3:30 pm - 3:45 pm Break

3:45 pm - 6:00 pm
Panel Discussion: Electronic Commerce in Practice -- What Have We Learned?
Moderator: Clifford Neuman, University of Southern California
Panelists: Nathaniel Borenstein, First Virtual Holdings, Inc.;
Marc Briceno, DigiCash;
Steve Crocker, Cybercash;
Daniel Geer, Open Market, Inc.;
Arie Segev, University of California, Berkeley;
David Van Wie, InterTrust

6:00 pm Dinner - on your own

9:00 pm - 11:00 pm
Birds-of-a-Feather Sessions

Thursday, November 21, 8:00 am - 9:00 am
Continental Breakfast

9:00 am - 10:30 am
Session VIII: Security
Session Chair: Stefan Brands, CWI

Organizing Electronic Services into Security Taxonomies
Sean Smith, Los Alamos National Laboratory/IBM Research and Paul
Pedersen, Los Alamos National Laboratory

WWW Electronic Commerce and Java Trojan Horses
Doug Tygar and Alma Whitten, Carnegie Mellon University

On Shopping Incognito
Ralf Hauser, McKinsey Consulting, Switzerland and Gene Tsudik,
University of Southern California

10:30 am - 10:45 am Break

10:45 am - 11:45 am
Session IX: Software Agents
Session Chair: Doug Tygar, Carnegie Mellon University

Market-Based Negotiation for Digital Library Services
Tracy Mullen and Michael P. Wellman, University of Michigan, Ann Arbor

Information and Interaction in MarketSpace -- Towards an Open
Agent-based Market Infrastructure
Joakim Erriksson and Niclas Finne, Telia Research;
Sverker Janson, Swedish Institute of Computer Science

HOTEL AND TRAVEL INFORMATION
====================================
Hotel Discount Reservation Deadline - Wednesday, October 16, 1996

USENIX has negotiated special rates for workshop attendees at the
Claremont Resort and Conference Center. Contact the hotel directly to
make your reservation. You must mention USENIX to get the special rate.
A one-night room deposit must be guaranteed to a major credit card. To
cancel your reservation, you must notify the hotel at least 24 hours before
your planned arrival date.

The Claremont Resort and Conference Center
Ashby and Domingo Avenue
Oakland, CA 94623-0363
Toll Free: 800.551.7266
Local Telephone: 510.843.3000
Reservation Fax: 510.549.8582

Single/Double Occupancy......................$110.00
(plus room tax, currently 11%)

Note: Requests for hotel reservations made after the deadline will be
handled on a space and rate available basis only.

Discount Airfares
Special airline discounts will be available for USENIX attendees. Please call
for details:
JNR, Inc. Toll Free 800.343.4546 (USA and Canada)
Telephone 714.476.2788

AIRPORT TO HOTEL TRANSPORTATION
========================================
From San Francisco (SFO) & Oakland International Airports

Shuttle Service - The Bayporter Express offers shuttles to and from
both Oakland Airport and SFO Airport. ADVANCED RESERVATIONS
ARE REQUIRED for Oakland pick ups and to avoid delays at SFO. Call
415.467.1800. Cost of shuttle is $12 from Oakland Airport and $13 from
SFO Airport, one way. Travel time to the hotel is approximately 30-45
minutes from Oakland and one hour from SFO. Return trips require
reservations to be made one day in advance.

Taxi service from Oakland Airport usually ranges $30 one way, and $50
from SFO.

BART - If you live in the Bay Area and will be using BART, take the
Concord Line to the Rockridge Station (one mile from the Claremont). At
the station, taxi service is available to the hotel for an approximate
cost of $5 one way.

POINTS OF INTEREST
=========================================
Telegraph Avenue - This is the heart of student Berkeley. Besides its
wonderful array of bookstores, expresso shops, and student food, you can get
a tattoo, get a body part pierced, and buy paraphernalia of all kinds.

Sproul Plaza - Berkeley's Campus is a great place to people watch, listen
to music, and mingle with students.

Entertainment - Berkeley has a lively local entertainment scene. The
Pacific Film Archives screens different films every night. A variety of night
clubs feature music ranging from jazz to alternative.

About the Hotel
The Claremont is a world-class resort located just one mile from the UC
Berkeley campus, in the hills overlooking the San Francisco Bay.
The hotel is an historic, turn-of-the-century resort, with modern
facilities that include two swimming pools, saunas, jacuzzi, tennis courts,
fitness center and a luxurious European-style health spa.

REGISTRATION INFORMATION AND FEES
=========================================

Tutorial Program Fees - November 18
Pre-registration deadline is November 1, 1996. On-site fees apply after
that date.

Tutorial Registration Fees include:
* Admission to the tutorials you select
* Printed and bound tutorials materials for selected classes
* Lunch
Note: Select one AM and one PM tutorial.

Pre-Registration Fee On-Site Fee
Tutorial Program $320 $370
CEU credit for one full day $ 15 $ 15

Technical Sessions Fees - November 19 - 21
Pre-registration deadline is November 1, 1996. On-site fees apply after
that date.

Technical Sessions Registration Fees include:
* Admission to all Technical Sessions
* Copy of Workshop Proceedings
* Lunch
* Admission to the Workshop Reception

Pre-Registration Fee On-Site Fee
Member $330 $380
(The member fee applies to current members
of USENIX, EurOpen, JUS or AUUG)
Non-Member or Renewing Member * $400 $450
Full-Time Student $ 75 $ 75
(Must provide copy of current student I.D. Card)

* To join USENIX or renew your membership, pay the non-
member technical sessions fee and check the USENIX membership box on
the registration form. $70 of your registration fee will be designated as
dues for a one year individual USENIX Association membership.

****************************************************************************
2nd USENIX Workshop on Electronic Commerce
November 18-21, 1996
Claremont Resort and Conference Center
Oakland, California
****************************************************************************

Please complete the form below and return with full payment to:

USENIX Conference Office
22672 Lambert St., Suite 613, Lake Forest, CA 92630
Phone: 714.588.8649 / Fax: 714.588.9706
Email: confe...@usenix.org
Office Hours: 8:30am - 5:00pm Pacific Time

NAME________________________________________________________________
(first) (last)

FIRST NAME FOR BADGE____________________________Member Number_______

COMPANY OR INSTITUTION______________________________________________

MAILING ADDRESS_____________________________________________________
(mail stop)
____________________________________________________________________

CITY___________________________STATE____ZIP___________COUNTRY________

TELEPHONE NO:_________________________FAX NO._________________________

NETWORK ADDRESS______________________________________________________
(one only please)
The address you provide will be used for all future USENIX
mailings unless you notify us in writing.

ATTENDEE PROFILE
Please help us serve you better. By answering the following
questions, you help us plan our activities to meet members'
needs. All information is confidential.

[ ] I do not want to be on the attendee list
[ ] I do not want my address made available for other than USENIX
mailings
[ ] I do not want USENIX to email me notices of Association activities.

What is your affiliation? [ ]academic [ ]commercial [ ]gov't [ ]R&D

What is your role in purchase decision?
1.[] final 2.[] specify 3.[] recommend 4.[] influence 5.[] no role

What is your primary job function? (check one)
1.[] system/network administrator 2.[] consultant
3.[] academic/research 4.[] developer/programmer/architect
5.[] system engineer 6.[] technical manager 7.[] student
8.[] security 9.[] webmaster

How did you first hear about this meeting:
1.[] USENIX mailing 2.[] newsgroup/bulletin board 3.[] ;login:
4.[] World Wide Web 5.[] from a colleague 6.[] magazine

What publications or newsgroups do you read on electronic commerce
technologies?_____________________________________________

=================================================================

TUTORIAL PROGRAM
Select one AM and one PM tutorial. Half day registration is not avaialble.

Monday, November 18, 1996
==========================
[ ] M1am: Getting Paid on the Internet
[ ] M2am: Electronic Payments and Commerce Applications
[ ] M3am: Secure Java Programming: Fundamentals

[ ] M4pm: Secure Java Programming: Enhancements
[ ] M5pm: The Law of Electronic Commerce - Contracts, Records, & Privacy
[ ] M6pm: Breaking into the WEB (Pun Intended)

Second Choice of first is filled:____________________________

TUTORIAL PROGRAM FEES - Monday November 18th
Tutorial Program ......................$320 $_________
CEU credit (optional)..................$ 15 $_________

Late fee applies if postmarked after
Friday, November 1, 1996.............Add $ 50 $_________

TECHNICAL SESSION FEES - Tuesday, Wednesday, & Thursday, November 19-21

Current Member Fee.....................$330 $________
(Applies to current USENIX, EurOpen, JUS
and AUUG members)

Non-Member or Renewing Member Fee*.....$400 $________
*Join or renew your USENIX membership
and attend the conference for same low price
-Check here [ ]

Late fee applies if postmarked after
Friday, November 1, 1996......Add $ 50 $_________

Full-Time Student Fee: pre-registered
or on-site......$ 75 $_________
(Students must include photocopy of current
student I.D.)

Full-time student, including USENIX membership
fee....................................$100 $_________

TOTAL ENCLOSED...................$_________

PAYMENT MUST ACCOMPANY THIS FORM.
Payment in US Dollars must accompany this form. Purchase orders,
vouchers, telephone or email registrations cannot be accepted.

[ ] Payment Enclosed (Make check payable to USENIX Conference)

CHARGE TO MY: ___VISA ___MASTERCARD ___AMERICAN EXPRESS ___DINERS CLUB

ACCOUNT NO.______________________________________ EXP. DATE___________

_______________________________________/___________________________
Print Cardholder's Name Cardholder's Signature

You may fax your registration form if paying by credit card to
USENIX Conference Office, fax: 714 588 9706. (To avoid duplicate
billing, please DO NOT mail an additional copy.)

REFUND/CANCELLATION POLICY
If you must CANCEL, all refund requests must be in writing and
postmarked no later than Friday, November 8, 1996. Cancellations cannot be
taken over the telephone. If you have registered but are unable
to attend, you may call to substitute another person in your place.

--
Diane S. DeMartini USENIX Association
di...@usenix.org 2560 Ninth Street, Suite 215
510-528-8649 Berkeley, CA 94710