A comprehensive framework enabling data-minimizing authentication
Proceedings of the 7th ACM workshop on Digital identity management
Service users' requirements for tools to support effective on-line privacy and consent practices
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Access control enforcement delegation for information-centric networking architectures
Proceedings of the second edition of the ICN workshop on Information-centric networking
Access control enforcement delegation for information-centric networking architectures
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Consistency checking in privacy-aware access control
Proceedings of the 51st ACM Southeast Conference
Hi-index | 0.00 |
In this paper we describe extensions to the access control industry standards XACML and SAML to enable privacy-preserving and credential-based access control. Rather than assuming that an enforcement point knows all the requester’s attributes, our extensions allow the requester to learn which attributes have to be revealed and which conditions must be satisfied, thereby enabling to leverage the advantages of privacy-preserving technologies such as anonymous credentials. Moreover, our extensions follow a credential-based approach, i.e., attributes are regarded as being bundled together in credentials, and the policy can refer to attributes within specific credentials. In addition to defining language extensions, we also show how the XACML architecture and model of evaluating policies can be adapted to the credential-based setting, and we discuss the problems that such extensions entail.