Role-Based Access Control Models
Computer
Establishing online trust through a community responsiblity system
Decision Support Systems
Location Privacy in Pervasive Computing
IEEE Pervasive Computing
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
A Simplified Approach to Threshold and Proactive RSA
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
An Artificial Intelligence Perspective on Autonomic Computing Policies
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Managing the Policies of Non-Technical Users in a Dynamic World
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Awarded Best Student Paper! - Pond: The OceanStore Prototype
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Anonymous yet accountable access control
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Using Trust for Secure Collaboration in Uncertain Environments
IEEE Pervasive Computing
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Moving on from weiser's vision of calm computing: engaging ubicomp experiences
UbiComp'06 Proceedings of the 8th international conference on Ubiquitous Computing
Hi-index | 0.00 |
In this paper, we outline an approach to the identification of entities for access control that is based on the membership of groups, rather than individuals. By using group membership as a level of indirection between the individual and the system, we can increase privacy and provide incentives for better behaviour. Privacy comes from the use of pseudonyms generated within the group and which can be authenticated as belonging to the group. The incentives for better behaviour come from the continuous nature of groups - members may come and go, but the group lives on, and groups are organised so as to ensure group-longevity, and prevent actions which may harm the group's reputation. We present a novel pseudonym generation mechanism suitable for use in groups without a centralised administration. Finally, we argue that the use of group membership as the basis for formulating policies on interaction is more efficient for disconnected operation, facilitating proxies and the efficient storage of revoked membership and distrusted organisations within bloom filters for small memory footprints.