Compact and Anonymous Role-Based Authorization Chain

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Compact and Anonymous Role-Based Authorization Chain

Full text

Pdf (210 KB)

Source

ACM Transactions on Information and System Security (TISSEC) archive
Volume 12 , Issue 3 (January 2009) table of contents

Article No. 15

Year of Publication: 2009

ISSN:1094-9224

Authors

Danfeng Yao	Rutgers University
Roberto Tamassia	Brown University

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 36, Downloads (12 Months): 338, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1455526.1455528 What is a DOI?

ABSTRACT

We introduce a decentralized delegation model called anonymous role-based cascaded delegation. In this model, a delegator can issue authorizations on behalf of her role without revealing her identity. This type of delegation protects the sensitive membership information of a delegator and hides the internal structure of an organization. To provide an efficient storage and transmission mechanism for credentials used in anonymous role-based cascaded delegation, we present a new digital signature scheme that supports both signer anonymity and signature aggregation. Our scheme has compact role signatures that make it especially suitable for ubiquitous computing environments, where users may have mobile computing devices with narrow communication bandwidth and small storage units.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Andrew W. Appel , Edward W. Felten, Proof-carrying authentication, Proceedings of the 6th ACM conference on Computer and communications security, p.52-62, November 01-04, 1999, Kent Ridge Digital Labs, Singapore [doi>10.1145/319709.319718]
	2	Aringhieri, R., Damiani, E., De Capitani di Vimercati, S., and Samarati, P. 2005. Assessing efficiency of trust management in peer-to-peer systems. In Proceedings of the 1st International Workshop on Collaborative Peer-to-Peer Information Systems (COPS’05).
	3	Giuseppe Ateniese , Jan Camenisch , Marc Joye , Gene Tsudik, A Practical and Provably Secure Coalition-Resistant Group Signature Scheme, Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, p.255-270, August 20-24, 2000
	4	Tuomas Aura, Distributed access-rights management with delegation certificates, Secure Internet programming: security issues for mobile and distributed objects, Springer-Verlag, London, 2001
	5	Dirk Balfanz , Glenn Durfee , Narendar Shankar , Diana Smetters , Jessica Staddon , Hao-Chi Wong, Secret Handshakes from Pairing-Based Key Agreements, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.180, May 11-14, 2003
	6	Paulo S. L. M. Barreto , Hae Yong Kim , Ben Lynn , Michael Scott, Efficient Algorithms for Pairing-Based Cryptosystems, Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.354-368, August 18-22, 2002
	7	Bellare, M., Micciancio, D., and Warinschi, B. 2003. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’03). Lecture Notes in Computer Science, vol. 2656. 614--629.
	8	Mihir Bellare , Phillip Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.62-73, November 03-05, 1993, Fairfax, Virginia, United States [doi>10.1145/168588.168596]
	9	Matt Blaze , Joan Feigenbaum , Angelos D. Keromytis, KeyNote: Trust Management for Public-Key Infrastructures (Position Paper), Proceedings of the 6th International Workshop on Security Protocols, p.59-63, April 15-17, 1998
	10	Boneh, D., Boyen, X., and Shacham, H. 2004. Short group signatures. In Proceedings of the Annual International Cryptology Conference (CRYPTO’04). Lecture Notes in Computer Science.
	11	Dan Boneh , Matthew K. Franklin, Identity-Based Encryption from the Weil Pairing, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213-229, August 19-23, 2001
	12	Dan Boneh , Matthew K. Franklin, Identity-Based Encryption from the Weil Pairing, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213-229, August 19-23, 2001
	13	Boneh, D., Gentry, C., Lynn, B., and Shacham, H. 2003. Aggregate and verifiably encrypted signatures from bilinear maps. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’03). 416--432.
	14	Boneh, D., Gentry, C., and Waters, B. 2005. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proceedings of the Annual International Cryptology Conference (CRYPTO’05).
	15	Dan Boneh , Ben Lynn , Hovav Shacham, Short Signatures from the Weil Pairing, Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, p.514-532, December 09-13, 2001
	16	Robert W. Bradshaw , Jason E. Holt , Kent E. Seamons, Concealing complex policies with hidden credentials, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030104]
	17	Jan Camenisch , Anna Lysyanskaya, An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.93-118, May 06-10, 2001
	18	Jan Camenisch , Anna Lysyanskaya, Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials, Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.61-76, August 18-22, 2002
	19	Camenisch, J. and Lysyanskaya, A. 2004. Signature schemes and anonymous credentials from bilinear maps. In Proceedings of the Annual International Cryptology Conference (CRYPTO’04).
	20	Jan Camenisch , Markus Stadler, Efficient Group Signature Schemes for Large Groups (Extended Abstract), Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.410-424, August 17-21, 1997
	21	Jan Camenisch , Els Van Herreweghen, Design and implementation of the idemix anonymous credential system, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA [doi>10.1145/586110.586114]
	22	Chase, M. and Lysyanskaya, A. 2006. On signatures of knowledge. In Proceedings of the Annual International Cryptology Conference (CRYPTO’06). Lecture Notes in Computer Science, vol. 4117. Springer, 78--96.
	23	David Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, v.28 n.10, p.1030-1044, Oct. 1985 [doi>10.1145/4372.4373]
	24	David Chaum , Jan-Hendrik Evertse, A secure and privacy-protecting protocol for transmitting personal information between organizations, Proceedings on Advances in cryptology---CRYPTO '86, p.118-167, January 1987, Santa Barbara, California, United States
	25	Chaum, D. and van Heijst, E. 1991. Group signatures. In Advances in Cryptology (EUROCRYPT’91). Springer-Verlag, 257--265.
	26	Chen, X., Zhang, F., and Kim, K. 2003. A new ID-based group signature scheme from bilinear pairings. In Proceedings of the International Workshop on Information Security Applications (WISA’03). K. Chae and M. Yung eds. Lecture Notes in Computer Science, vol. 2908. Springer, 585--592.
	27	Dwaine Clarke , Jean-Emile Elien , Carl Ellison , Matt Fredette , Alexander Morcos , Ronald L. Rivest, Certificate chain discovery in SPKI?SDSI, Journal of Computer Security, v.9 n.4, p.285-322, January 2001
	28	Clifford Cocks, An Identity Based Encryption Scheme Based on Quadratic Residues, Proceedings of the 8th IMA International Conference on Cryptography and Coding, p.360-363, December 17-19, 2001
	29	Ferraiolo, D. and Kuhn, R. 1992. Role-based access control. In Proceedings of the 15th National Computer Security Conference (NCSC’92).
	30	Keith Frikken , Mikhail Atallah , Jiangtao Li, Hidden access control policies with hidden credentials, Proceedings of the 2004 ACM workshop on Privacy in the electronic society, October 28-28, 2004, Washington DC, USA [doi>10.1145/1029179.1029186]
	31	Frikken, K. B., Li, J., and Atallah, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS’06).
	32	Goodrich, M. T., Shin, M., Tamassia, R., and Winsborough, W. H. 2003. Authenticated dictionaries for fresh attribute credentials. In Proceedings of the Trust Management Conference (TRUST’03). Lecture Notes in Computer Science, vol. 2692. Springer, 332--347.
	33	Jason E. Holt , Robert W. Bradshaw , Kent E. Seamons , Hilarie Orman, Hidden Credentials, Proceedings of the 2003 ACM workshop on Privacy in the electronic society, October 30, 2003, Washington, DC [doi>10.1145/1005140.1005142]
	34	Ari Juels, Trustee Tokens: Simple and Practical Anonymous Digital Coin Tracing, Proceedings of the Third International Conference on Financial Cryptography, p.29-45, February 01, 1999
	35	Ninghui Li , Benjamin N. Grosof , Joan Feigenbaum, Delegation logic: A logic-based approach to distributed authorization, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.128-171, February 2003 [doi>10.1145/605434.605438]
	36	Ninghui Li , John C. Mitchell , William H. Winsborough, Design of a Role-Based Trust-Management Framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.114, May 12-15, 2002
	37	Ninghui Li , William H. Winsborough , John C. Mitchell, Distributed credential chain discovery in trust management, Journal of Computer Security, v.11 n.1, p.35-86, February 2003
	38	Lysyanskaya, A., Micali, S., Reyzin, L., and Shacham, H. 2004. Sequential aggregate signatures from trapdoor permutations. In Proceedings of Advances in Cryptology (EUROCRYPT’04). Lecture Notes in Computer Science, vol. 3027. Springer-Verlag, 74--90.
	39	Moni Naor , Kobbi Nissim, Certificate revocation and certificate update, Proceedings of the 7th conference on USENIX Security Symposium, p.17-17, January 26-29, 1998, San Antonio, Texas
	40	Tatsuaki Okamoto , David Pointcheval, The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes, Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography, p.104-118, February 13-15, 2001
	41	Sangmi Lee Pallickara , Beth Plale , Liang Fang , Dennis Gannon, End-to-End Trustworthy Data Access in Data-Oriented Scientific Computing, Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid, p.395-400, May 16-19, 2006 [doi>10.1109/CCGRID.2006.41]
	42	Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993 [doi>10.1109/2.241422]
	43	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996 [doi>10.1109/2.485845]
	44	Adi Shamir, Identity-based cryptosystems and signature schemes, Proceedings of CRYPTO 84 on Advances in cryptology, p.47-53, August 1985, Santa Barbara, California, United States
	45	Roberto Tamassia , Danfeng Yao , William H. Winsborough, Role-based cascaded delegation, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA [doi>10.1145/990036.990061]
	46	Winsborough, W. and Li, N. 2004. Safety in automated trust negotiation. In Proceedings of the IEEE Symposium on Security and Privacy (SP’04). IEEE Press, 147--160.
	47	Yao, D. 2008. An ad hoc trust inference model for flexible and controlled information sharing. In Proceedings of the International Conference on Securiy and Management (SAM’08). 555--561.
	48	Danfeng Yao , Nelly Fazio , Yevgeniy Dodis , Anna Lysyanskaya, ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030130]
	49	Yao, D. and Tamassia, R. 2006. Cascaded authorization with anonymous-signer aggregate signatures. In Proceedings of the IEEE Systems, Man and Cybernetics Information Assurance Workshop (IAW’06). 84--91.
	50	Danfeng Yao , Roberto Tamassia , Seth Proctor, On Improving the Performance of Role-Based Cascaded Delegation in Ubiquitous Computing, Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, p.157-170, September 05-09, 2005 [doi>10.1109/SECURECOMM.2005.28]
	51	Ting Yu , Xiaosong Ma , Marianne Winslett, PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet, Proceedings of the 7th ACM conference on Computer and communications security, p.210-219, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.352633]