A First Approach to Provide Anonymity in Attribute Certificates

Benjumea, Vicente; López, Javier; Montenegro, José Antonio; Troya, José M.

doi:10.1007/978-3-540-24632-9_29

Cited by 31 publications

(32 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An elegant solution to enhance the PMI with anonymity services is proposed in [12]. X.509 ACs are extended into anonymous attribute certificates (AAC), the link between identities and attributes being based on pseudonyms.…”

Section: Extension For Privacymentioning

confidence: 99%

See 1 more Smart Citation

Architecting Adaptable Security Infrastructures for Pervasive Networks through Components

Lacoste

2009

Communication and Networking

View full text Add to dashboard Cite

show abstract

Section: Extension For Privacymentioning

confidence: 99%

“…A TTP guarantees the secrecy of the link between real identities and pseudonyms, but may disclose the identity of the certificate holder under some particular conditions. The scheme described in [12] is based on fair-blind signatures. AACs may also be based on other types of signature schemes [11] such as group signatures [13].…”

Section: Extension For Privacymentioning

confidence: 99%

Architecting Adaptable Security Infrastructures for Pervasive Networks through Components

Lacoste

2009

Communication and Networking

View full text Add to dashboard Cite

show abstract

“…These certificates could carry authorisation information as well as certify a pseudonym. A protocol to obtain such certificates is given in [1].…”

Section: Privacymentioning

confidence: 99%

A reference model for Authentication and Authorisation Infrastructures respecting privacy and flexibility in b2c eCommerce

Schläger

Nowey

Montenegro

2006

First International Conference on Availability, Reliability and Security (ARES'06)

View full text Add to dashboard Cite

Authentication and Authorisation Infrastructures (AAIs) are gaining momentum throughout the Internet. Solutions have been proposed for various scenarios among them academia, GRID computing, company networks, and above all eCommerce applications. Products and concepts vary in architecture, security features, target group, and usability containing different strengths and weaknesses. In addition security needs have changed in communication and business processes. Security on the internet is no longer defined as only security measures for an eCommerce provider against an untrustworthy customer but also vice versa. Consequently, privacy, data canniness, and security are demands in this area.The authors define criteria for an eCommerce provider federation using an AAI with a maximum of privacy and flexibility. The criteria is derived concentrating on b2c eCommerce applications fulfilling the demands. In addition to best practices found, XACML policies and an attribute infrastructure are deployed. Among the evaluated AAIs are Shibboleth, Microsoft Passport, the Liberty Alliance Framework, and PERMIS.

show abstract

“…Despite the great scientific interest in privacy-preserving approaches, to date only a limited effort has been spent to adapt such approaches to operate with existing and widely deployed standards (see e.g. [7] for a standardbased approach relying on X.509 Attribute Certificates).…”

Section: Introductionmentioning

confidence: 99%

The SPARTA Pseudonym and Authorization System

Bianchi

Bonola

Falletta

et al. 2008

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

This paper deals with privacy-preserving (pseudonymized) access to a service resource. In such a scenario, two opposite needs seem to emerge. On one side, the service provider may want to control in first place the user accessing its resources, i.e., without being forced to delegate the management of access permissions to third parties to meet privacy requirements. On the other side, it should be technically possible to trace back the real identity of an user upon dishonest behavior, and of course this must be necessary accomplished by an external authority distinct from the provider itself. The framework described in this paper aims at coping with these two opposite needs. This is accomplished through i) a distributed thirdparty-based instrastructure devised to assign and manage pseudonym certificates, decoupled from ii) a twoparty procedure, devised to bind an authorization permission to a pseudonym certificate with no third-party involvement. The latter procedure is based on a novel blind signature approach which allows the provider to blindly verify, at registration time, that the user possesses the private key of the still undisclosed pseudonym certificate, thus avoiding transferability of the authorization permission.

show abstract

A First Approach to Provide Anonymity in Attribute Certificates

Cited by 31 publications

References 17 publications

Architecting Adaptable Security Infrastructures for Pervasive Networks through Components

Architecting Adaptable Security Infrastructures for Pervasive Networks through Components

A reference model for Authentication and Authorisation Infrastructures respecting privacy and flexibility in b2c eCommerce

The SPARTA Pseudonym and Authorization System

Contact Info

Product

Resources

About