Order-preserving minimal perfect hash functions and information retrieval
ACM Transactions on Information Systems (TOIS) - Special issue on research and development in information retrieval
Practical minimal perfect hash functions for large databases
Communications of the ACM
A faster algorithm for constructing minimal perfect hash functions
SIGIR '92 Proceedings of the 15th annual international ACM SIGIR conference on Research and development in information retrieval
An optimal algorithm for generating minimal perfect hash functions
Information Processing Letters
Communication-efficient anonymous group identification
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Anonymous authentication with subset queries (extended abstract)
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Unlinkable serial transactions: protocols and applications
ACM Transactions on Information and System Security (TISSEC)
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proceedings of the twentieth annual ACM symposium on Principles of distributed computing
Flexible authentication of XML documents
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Design and Security Analysis of Anonymous Group Identification Protocols
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
A secure and private system for subscription-based remote services
ACM Transactions on Information and System Security (TISSEC)
Succinct specifications of portable document access policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Software license management with smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Group signatures: better efficiency and new theoretical aspects
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
| Hi-index | 0.00 |
We explore the problem of portable and flexible privacy preserving access rights that permit access to a large collection of digital goods. Privacy-preserving access control means that the service provider can neither learn what access rights a customer has nor link a request to access an item to a particular customer, thus maintaining privacy of both customer activity and customer access rights. Flexible access rights allow a customer to choose a subset of items or groups of items from the repository, obtain access to and be charged only for the items selected. And portability of access rights means that the rights themselves can be stored on small devices of limited storage space and computational capabilities such as smartcards or sensors, and therefore the rights must be enforced using the limited resources available. In this paper, we present and compare two schemes that address the problem of such access rights. We show that much can be achieved if one allows for even a negligible amount of false positives – items that were not requested by the customer, but inadvertently were included in the customer access right representation due to constrained space resources. But minimizing false positives is one of many other desiderata that include protection against sharing of false positives information by unscrupulous users, providing the users with transaction untraceability and unlinkability, and forward compatibility of the scheme. Our first scheme does not place any constraints on the amount of space available on the limited-capacity storage device, and searches for the best representation that meets the requirements. The second scheme, on the other hand, has (modest) requirements on the storage space available, but guarantees a low rate of false positives: with O(mc) storage space available on the smartcard (where m is the number of items or groups of items included in the subscription and c is a selectable parameter), it achieves a rate of false positives of m −c .