A proposal of an anonymous authentication method for flat-rate service

When the Web services are used, there is a case that they need not identify who is the user if the user is the regular user. In this paper, we propose the method that the service based on authority can be used by public-key certificate and attribute certificate without identifying. As a result, the user can take the services though the user with a regular authority is not identified by the service server. Moreover, the service server confirms user is a regular user, and can provide the services without identifying the user. Our method makes it possible to protect the user's usage information.

[1]  Hiroshi G. Okuno,et al.  Privacy-enhanced SPKI access control on PKIX and its application to Web server , 2003, 17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003..

[2]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[3]  Hiroshi G. Okuno,et al.  A privacy-enhanced access control , 2001 .

[4]  Reihaneh Safavi-Naini,et al.  Dynamic k-Times Anonymous Authentication , 2005, ACNS.

[5]  Ravi S. Sandhu,et al.  Binding identities and attributes using digitally signed certificates , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[6]  Toru Nakanishi,et al.  Anonymous Statistical Survey of Attributes , 2001, ACISP.

[7]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[8]  José M. Troya,et al.  A First Approach to Provide Anonymity in Attribute Certificates , 2004, Public Key Cryptography.