Investigating Anonymity in Group Based Anonymous Authentication

Slamanig, Daniel; Stingl, Christian

doi:10.1007/978-3-642-03315-5_20

Cited by 5 publications

(3 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thereby, the ring R a citizen should use could be fixed by some party, e.g., the SRA, or could be assembled on the fly by the citizen (Persiano and Visconti, 2000;Lindell) and be of a size such that it provides the desired level of anonymity. We, however, note that if citizens assemble the rings on the fly, the choice of the ring has to be done with care (Slamanig and Stingl, 2008). For example, randomly sampling two distinct rings R and R' which both include C i and presented along with the same I' will almost certainly identify C i uniquely.…”

Section: 1mentioning

confidence: 99%

Design strategies for a privacy-friendly Austrian eID system in the public cloud

Zwattendorfer

Slamanig

2015

Computers & Security

Self Cite

View full text Add to dashboard Cite

Section: 1mentioning

confidence: 99%

Design strategies for a privacy-friendly Austrian eID system in the public cloud

Zwattendorfer

Slamanig

2015

Computers & Security

Self Cite

View full text Add to dashboard Cite

“…In contrast to conventional authentication methods, which establish a unique identification of the authenticating user, anonymous authentication enables users to authenticate without disclosing their own identity to the verifying party. There are many different techniques for anonymous authentication in the literature [24,25,26,27]. In general, a user in an anonymous authentication protocol is able to prove membership of a group of authorized users to a verifier (the health record), whereas the verifier does not obtain any information on the actual identity of the authenticating user.…”

Section: Anonymous Authenticationmentioning

confidence: 99%

“…In general, a user in an anonymous authentication protocol is able to prove membership of a group of authorized users to a verifier (the health record), whereas the verifier does not obtain any information on the actual identity of the authenticating user. Using the aforementioned public-key infrastructure, anonymous authentication from public-key encryption as proposed in [27] can be employed efficiently with moderate implementation effort. Loosely spoken, this can be realized as a parallelization of a challenge-response protocol based on public-key encryption.…”

Section: Anonymous Authenticationmentioning

confidence: 99%

Health Records and the Cloud Computing Paradigm from a Privacy Perspective

Stingl¹,

Slamanig²

2011

Journal of Healthcare Engineering

View full text Add to dashboard Cite

With the advent of cloud computing, the realization of highly available electronic health records providing location-independent access seems to be very promising. However, cloud computing raises major security issues that need to be addressed particularly within the health care domain. The protection of the privacy of individuals often seems to be left on the sidelines. For instance, common protection against malicious insiders, i.e., non-disclosure agreements, is purely organizational. Clearly, such measures cannot prevent misuses but can at least discourage it. In this paper, we present an approach to storing highly sensitive health data in the cloud whereas the protection of patient's privacy is exclusively based on technical measures, so that users and providers of health records do not need to trust the cloud provider with privacy related issues. Our technical measures comprise anonymous communication and authentication, anonymous yet authorized transactions and pseudonymization of databases.

show abstract