A card requirements language enabling privacy-preserving access control

Authors:
Jan Camenisch;Sebastian Mödersheim;Gregory Neven;Franz-Stefan Preiss;Dieter Sommer
Affiliations:
IBM Research Zurich, Rueschlikon, Switzerland;IBM Research Zurich, Rueschlikon, Switzerland;IBM Research Zurich, Rueschlikon, Switzerland;IBM Research Zurich, Rueschlikon, Switzerland;IBM Research Zurich, Rueschlikon, Switzerland
Venue:
Proceedings of the 15th ACM symposium on Access control models and technologies
Year:
2010

Citing 18
Cited 9

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
Role-Based Access Control Models

Computer
Proof-carrying authentication

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
A uniform framework for regulating service access and information release on the web

Journal of Computer Security
Delegation logic: A logic-based approach to distributed authorization

ACM Transactions on Information and System Security (TISSEC)
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A logic-based framework for attribute based access control

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials

Proceedings of the 12th ACM conference on Computer and communications security
Anonymous yet accountable access control

Proceedings of the 2005 ACM workshop on Privacy in the electronic society
How to win the clonewars: efficient periodic n-times anonymous authentication

Proceedings of the 13th ACM conference on Computer and communications security
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
DKAL: Distributed-Knowledge Authorization Language

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
A privacy-aware access control system

Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project

Journal of Computer Security - EU-Funded ICT Research on Trust and Security
A linear logic of authorization and knowledge

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Optimistic fair exchange of digital signatures

IEEE Journal on Selected Areas in Communications

A formal model of identity mixer

FMICS'10 Proceedings of the 15th international conference on Formal methods for industrial critical systems
A comprehensive framework enabling data-minimizing authentication

Proceedings of the 7th ACM workshop on Digital identity management
Demo: a comprehensive framework enabling data-minimizing authentication

Proceedings of the 18th ACM conference on Computer and communications security
A calculus for privacy-friendly authentication

Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Access control enforcement delegation for information-centric networking architectures

Proceedings of the second edition of the ICN workshop on Information-centric networking
Access control enforcement delegation for information-centric networking architectures

ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Information privacy?!

Computer Networks: The International Journal of Computer and Telecommunications Networking
Data-minimizing authentication goes mobile

CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
A formal approach for inspecting privacy and trust in advanced electronic services

ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We address the problem of privacy-preserving access control in distributed systems. Users commonly reveal more personal data than strictly necessary to be granted access to online resources, even though existing technologies, such as anonymous credential systems, offer functionalities that would allow for privacy-friendly authorization. An important reason for this lack of technology adoption is, as we believe, the absence of a suitable authorization language offering adequate expressiveness to address the privacy-friendly functionalities. To overcome this problem, we propose an authorization language that allows for expressing access control requirements in a privacy-preserving way. Our language is independent from concrete technology, thus it allows for specifying requirements regardless of implementation details while it is also applicable for technologies designed without privacy considerations. We see our proposal as an important step towards making access control systems privacy-preserving.