A randomized protocol for signing contracts
Communications of the ACM
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Non-interactive oblivious transfer and applications
CRYPTO '89 Proceedings on Advances in cryptology
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Efficient oblivious transfer protocols
SODA '01 Proceedings of the twelfth annual ACM-SIAM symposium on Discrete algorithms
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Universally composable two-party and multi-party secure computation
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
The Design of Rijndael
IEEE Internet Computing
Distributed credential chain discovery in trust management
Journal of Computer Security
Universal circuits (Preliminary Report)
STOC '76 Proceedings of the eighth annual ACM symposium on Theory of computing
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Secret Handshakes from Pairing-Based Key Agreements
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Cryptography and cryptographic protocols
Distributed Computing - Papers in celebration of the 20th anniversary of PODC
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Concealing complex policies with hidden credentials
Proceedings of the 11th ACM conference on Computer and communications security
Fairplay—a secure two-party computation system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Policy decomposition for collaborative access control
Proceedings of the 13th ACM symposium on Access control models and technologies
Preserving confidentiality of security policies in data outsourcing
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
PBES: a policy based encryption system with application to data sharing in the power grid
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
Practical Secure Evaluation of Semi-private Functions
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Oblivious enforcement of hidden information release policies
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Universally-composable two-party computation in two rounds
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Privacy-preserving trust verification
Proceedings of the 15th ACM symposium on Access control models and technologies
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Fine-grained disclosure of access policies
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Oblivious transfer with hidden access control policies
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Privacy enhanced access control by means of policy blinding
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Enabling privacy-preserving semantic presence in instant messaging systems
CONTEXT'11 Proceedings of the 7th international and interdisciplinary conference on Modeling and using context
Eyeing your exposure: quantifying and controlling information sharing for improved privacy
Proceedings of the Seventh Symposium on Usable Privacy and Security
Efficient oblivious transfers with access control
Computers & Mathematics with Applications
Mitigating the malicious trust expansion in social network service
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Anonymity in attribute-based group signatures
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Computers and Electrical Engineering
Fine-grained access control for cloud computing
International Journal of Grid and Utility Computing
Hi-index | 14.98 |
In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) of the requester, via digital credentials: Access is granted if Alice's credentials satisfy Bob's access policy. The literature contains many scenarios in which it is desirable to carry out such trust negotiations in a privacy-preserving manner, i.e., so as minimize the disclosure of credentials and/or of access policies. Elegant solutions were proposed for achieving various degrees of privacy-preservation through minimal disclosure. In this paper, we present protocols that protect both sensitive credentials and sensitive policies. That is, Alice gets the resource only if she satisfies the policy, Bob does not learn anything about Alice's credentials (not even whether Alice got access), and Alice learns neither Bob's policy structure nor which credentials caused her to gain access. Our protocols are efficient in terms of communication and in rounds of interaction.