Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
A secure and privacy-protecting protocol for transmitting personal information between organizations
Proceedings on Advances in cryptology---CRYPTO '86
How to prove all NP-statements in zero-knowledge, and a methodology of cryptographic protocol design
Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
IEEE ADL '97 Proceedings of the IEEE international forum on Research and technology advances in digital libraries
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Web Privacy with P3p
Restrictive blinding of secret-key certificates
Restrictive blinding of secret-key certificates
Signature schemes and applications to cryptographic protocol design
Signature schemes and applications to cryptographic protocol design
Proceedings of the 11th ACM conference on Computer and communications security
Sociotechnical Architecture for Online Privacy
IEEE Security and Privacy
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Anonymous yet accountable access control
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Managing privacy preferences for federated identity management
Proceedings of the 2005 workshop on Digital identity management
Perspectives on `personal identity'
BT Technology Journal
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
How to win the clonewars: efficient periodic n-times anonymous authentication
Proceedings of the 13th ACM conference on Computer and communications security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Profiling the European Citizen: Cross-Disciplinary Perspectives
Profiling the European Citizen: Cross-Disciplinary Perspectives
The Seven Flaws of Identity Management: Usability and Security Challenges
IEEE Security and Privacy
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Dynamic k-times anonymous authentication
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Towards privacy-enhanced authorization policies and languages
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Unclonable group identification
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Optimistic fair exchange of digital signatures
IEEE Journal on Selected Areas in Communications
A card requirements language enabling privacy-preserving access control
Proceedings of the 15th ACM symposium on Access control models and technologies
Portable secure identity management for software engineering
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Anonymous authentication with TLS and DAA
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Lightweight anonymous authentication with TLS and DAA for embedded mobile devices
ISC'10 Proceedings of the 13th international conference on Information security
A secret sharing based privacy enforcement mechanism for untrusted social networking operators
MiFor '11 Proceedings of the 3rd international ACM workshop on Multimedia in forensics and intelligence
A contextual privacy-aware access control model for network monitoring workflows: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Using personal portfolios to manage customer data
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A workflow checking approach for inherent privacy awareness in network monitoring
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
A privacy-aware access control model for distributed network monitoring
Computers and Electrical Engineering
| Hi-index | 0.00 |
We conduct more and more of our daily interactions over electronic media. The EC-funded project PRIME (Privacy and Identity Management for Europe) envisions that individuals will be able to interact in this information society in a secure and safe way while retaining control of their privacy. The project had set out to prove that existing privacy-enhancing technologies allow for the construction of a user-controlled identity management system that comes surprisingly close to this vision. This paper describes two key elements of the PRIME identity management systems: anonymous credentials and policy languages that fully exploit the advanced functionality offered by anonymous credentials. These two key elements enable the users to carry out transactions, e.g., over the Internet, revealing only the strictly necessary personal information. Apart from presenting for the first time these two key results, this paper also motivates the need for privacy enhancing identity management, gives concrete requirements for such a system and then describes the key principles of the PRIME identity management solution.