论文信息 - Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project - 字舞流文

Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project

We conduct more and more of our daily interactions over electronic media. The EC-funded project PRIME (Privacy and Identity Management for Europe) envisions that individuals will be able to interact in this information society in a secure and safe way while retaining control of their privacy. The project had set out to prove that existing privacy-enhancing technologies allow for the construction of a user-controlled identity management system that comes surprisingly close to this vision. This paper describes two key elements of the PRIME identity management systems: anonymous credentials and policy languages that fully exploit the advanced functionality offered by anonymous credentials. These two key elements enable the users to carry out transactions, e.g., over the Internet, revealing only the strictly necessary personal information. Apart from presenting for the first time these two key results, this paper also motivates the need for privacy enhancing identity management, gives concrete requirements for such a system and then describes the key principles of the PRIME identity management solution.

Pierangela Samarati | Jan Camenisch | Gregory Neven | Markulf Kohlweiss | Mario Verdicchio | Claudio Agostino Ardagna | Dieter Sommer | Ronald E. Leenes | Bart Priem | J. Camenisch | P. Samarati | R. Leenes | Markulf Kohlweiss | D. Sommer | G. Neven | C. Ardagna | Mario Verdicchio | B. Priem | Dieter Sommer

[1] Marianne Winslett,et al. A unified scheme for resource protection in automated trust negotiation , 2003, 2003 Symposium on Security and Privacy, 2003..

[2] Jan Camenisch,et al. Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[3] G. G. Stokes. "J." , 1890, The New Yale Book of Quotations.

[4] Marianne Winslett,et al. PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet , 2000, CCS.

[5] Jan Camenisch,et al. Compact E-Cash , 2005, EUROCRYPT.

[6] Sushil Jajodia,et al. Provisions and Obligations in Policy Management and Security Applications , 2002, VLDB.

[7] Marco Casassa Mont,et al. On Parametric Obligation Policies: Enabling Privacy-Aware Information Lifecycle Management in Enterprises , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[8] Rachna Dhamija,et al. The Seven Flaws of Identity Management: Usability and Security Challenges , 2008, IEEE Security & Privacy.

[9] Silvio Micali,et al. A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[10] John Leubsdorf,et al. Privacy and Freedom , 1968 .

[11] E. Goffman. The Presentation of Self in Everyday Life , 1959 .

[12] Marianne Winslett,et al. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[13] Ernesto Damiani,et al. Towards Privacy-Enhanced Authorization Policies and Languages , 2005, DBSec.

[14] Ivan Damgård,et al. Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[15] Marianne Winslett,et al. Interoperable strategies in automated trust negotiation , 2001, CCS '01.

[16] Marianne Winslett,et al. No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web , 2004, ESWS.

[17] Jan Camenisch,et al. Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[18] Ernesto Damiani,et al. Supporting location-based conditions in access control policies , 2006, ASIACCS '06.

[19] Lorrie Faith Cranor,et al. Web Privacy with P3p , 2002 .

[20] Deborah G. Johnson,et al. Data Retention and the Panoptic Society: The Social Benefits of Forgetfulness , 2002, Inf. Soc..

[21] Paul Ashley,et al. E-P3P privacy policies and privacy authorization , 2002, WPES '02.

[22] N. Asokan,et al. Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[23] Jan Camenisch,et al. Anonymous yet accountable access control , 2005, WPES '05.

[24] Jan Camenisch,et al. A Signature Scheme with Efficient Protocols , 2002, SCN.

[25] Kent E. Seamons,et al. Mobile Trust Negotiation - Authentication and Authorization in Dynamic Mobile Networks , 2004, Communications and Multimedia Security.

[26] Li Zhou,et al. Adaptive trust negotiation and access control , 2005, SACMAT '05.

[27] Serge Gutwirth,et al. Profiling the European Citizen, Cross-Disciplinary Perspectives , 2008 .

[28] Gail-Joon Ahn,et al. Managing privacy preferences for federated identity management , 2005, DIM '05.

[29] Ninghui Li,et al. Beyond proof-of-compliance: security analysis in trust management , 2005, JACM.

[30] Jan Camenisch,et al. How to win the clonewars: efficient periodic n-times anonymous authentication , 2006, CCS '06.

[31] Peter Bodorik,et al. Sociotechnical architecture for online privacy , 2005, IEEE Security & Privacy Magazine.

[32] Reihaneh Safavi-Naini,et al. Dynamic k-Times Anonymous Authentication , 2005, ACNS.

[33] Marianne Winslett,et al. Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation , 2001, NDSS.

[34] Tal Zarsky. Desperately Seeking Solutions: Using Implementation-Based Solutions for the Troubles of Information Privacy in the Age of Data Mining and the Internet Society , 2004 .

[35] Kazue Sako,et al. Verifiable Encryption , 2005, Encyclopedia of Cryptography and Security.

[36] Charles D. Raab. Perspectives on ‘personal identity’ , 2005 .

[37] Roger Clarke,et al. The Digital Persona and Its Application to Data Surveillance , 1994, Inf. Soc..

[38] Ivan Damgård,et al. Unclonable Group Identification , 2006, IACR Cryptol. ePrint Arch..

[39] David Chaum,et al. A Secure and Privacy-protecting Protocol for Transmitting Personal Information Between Organizations , 1986, CRYPTO.

[40] Stefan Brands,et al. Restrictive Blinding of Secret-Key Certificates , 1995, EUROCRYPT.

[41] David Chaum,et al. Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[42] Silvio Micali,et al. How to Prove all NP-Statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design , 1986, CRYPTO.

[43] Herbert Burkert,et al. Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[44] Stefan A. Brands,et al. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[45] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[46] Jan Camenisch,et al. Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[47] Ninghui Li,et al. Automated trust negotiation using cryptographic credentials , 2005, CCS '05.

[49] Ting Yu,et al. Preventing attribute information leakage in automated trust negotiation , 2005, CCS '05.

[50] Jin H. Im,et al. Privacy , 2002, Encyclopedia of Information Systems.

[51] O. Gandy,et al. Cultural Rights: Technology, Legality and Personality.@@@The Panoptic Sort: A Political Economy of Personal Information. , 1993 .

[52] Ivan Damgård,et al. Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals , 1988, CRYPTO.

[53] Sabrina De Capitani di Vimercati,et al. A privacy-aware access control system , 2008, J. Comput. Secur..

[54] Andrew S. Patrick,et al. From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interactions , 2003, Privacy Enhancing Technologies.

[55] Anna Lysyanskaya,et al. Signature schemes and applications to cryptographic protocol design , 2002 .

[56] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[57] Ernest F. Brickell,et al. Direct anonymous attestation , 2004, CCS '04.

[58] Kazue Sako,et al. k-Times Anonymous Authentication (Extended Abstract) , 2004, ASIACRYPT.

[59] Marc Langheinrich,et al. The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[60] Marianne Winslett,et al. Internet Credential Acceptance Policies , 1997, APPIA-GULP-PRODE.

[61] Marianne Winslett,et al. Assuring security and privacy for digital library transactions on the Web: client and server security policies , 1997, Proceedings of ADL '97 Forum on Research and Technology. Advances in Digital Libraries.

[62] Hannes Federrath,et al. Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[63] Joseph Gray Jackson,et al. Privacy and Freedom , 1968 .

[64] Jan Camenisch,et al. An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[65] J. Rachels. Why privacy is important , 1985 .

[66] Tal Z. Zarsky. "MINE YOUR OWN BUSINESS!": MAKING THE CASE FOR THE IMPLICATIONS OF THE DATA MINING OF PERSONAL INFORMATION IN THE FORUM OF PUBLIC OPINION , 2003 .

[67] Felix Stalder,et al. The Failure of Privacy Enhancing Technologies (PETs) and the Voiding of Privacy , 2002 .

[68] Robert M. Deiters. Organization for Economic Co-Operation and Development (OECD). , 1968 .

[69] Pierangela Samarati,et al. A Uniform Framework for Regulating Service Access and Information Release on the Web , 2002, J. Comput. Secur..

[70] Jan Zibuschka,et al. Requirements for privacy enhancing tools , 2008 .