Journal of the ACM (JACM)
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Proceedings of the 11th ACM conference on Computer and communications security
Design and Semantics of a Decentralized Authorization Language
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
AURA: a programming language for authorization and audit
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
Pseudo Trust: Zero-Knowledge Authentication in Anonymous P2Ps
IEEE Transactions on Parallel and Distributed Systems
Randomizable Proofs and Delegatable Anonymous Credentials
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Distributed programming with distributed authorization
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
PCAL: language support for proof-carrying authorization systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Device-enabled authorization in the grey system
ISC'05 Proceedings of the 8th international conference on Information Security
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
Proof-carrying authorization (PCA) is one of the most popular approaches for the enforcement of access control policies. In a nutshell, the idea is to formalize a policy as a set of logical rules and to let the requester construct a formal proof showing that she has permissions to access the desired resource according to the provider's policy. This policy may depend on logical formulas that are assumed by other principals in the system. The validity of these formulas is witnessed by digital signatures. The usage of digital signatures, however, has a serious drawback, i.e., sensitive data are leaked to the verifier, which severely limits the applicability of PCA. In this paper, we introduce the notion of privacy-aware proof-carrying authorization, an extension of PCA based on a powerful combination of digital signatures and zero-knowledge proofs of knowledge of such signatures. The former are used to witness the validity of logical formulas, the latter to selectively hide sensitive data. Our framework supports a variety of privacy properties, such as data secrecy and user anonymity. We conducted an experimental evaluation to demonstrate the feasibility of our approach.