Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Proceedings of the 7th ACM conference on Computer and communications security
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
ACM SIGMOD Record
Minimal information disclosure with efficiently verifiable credentials
Proceedings of the 4th ACM workshop on Digital identity management
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Healthcom'09 Proceedings of the 11th international conference on e-Health networking, applications and services
Towards a mechanism for incentivating privacy
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Hi-index | 0.00 |
The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.