Minimal credential disclosure in trust negotiations

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Minimal credential disclosure in trust negotiations

Full text

Pdf (604 KB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 4th ACM workshop on Digital identity management table of contents

Alexandria, Virginia, USA

SESSION: Discovery and negotiation table of contents

Pages 89-96

Year of Publication: 2008

ISBN:978-1-60558-294-8

Authors

Federica Paci	Purdue University, West Lafayette, IN, USA
David Bauer	Georgia Institute of Technology, Atlanta, GA, USA
Elisa Bertino	Purdue University, West Lafayette, IN, USA
Douglas M. Blough	Georgia Institute of Technology, West Lafayette, IN, USA
Anna Squicciarini	The Pennsylvania State University, University Park, PA, USA

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 10, Downloads (12 Months): 145, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1456424.1456439 What is a DOI?

ABSTRACT

The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	David Bauer , Douglas M. Blough , David Cash, Minimal information disclosure with efficiently verifiable credentials, Proceedings of the 4th ACM workshop on Digital identity management, October 31-31, 2008, Alexandria, Virginia, USA [doi>10.1145/1456424.1456428]
	2	Trust-X: A Peer-to-Peer Framework for Trust Establishment, IEEE Transactions on Knowledge and Data Engineering, v.16 n.7, p.827-842, July 2004 [doi>10.1109/TKDE.2004.1318565]
	3	S. Brands, Credentica -- u-prove sdk, 2007.
	4	Jan Camenisch , Els Van Herreweghen, Design and implementation of the idemix anonymous credential system, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA [doi>10.1145/586110.586114]
	5	David Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, v.28 n.10, p.1030-1044, Oct. 1985 [doi>10.1145/4372.4373]
	6	Namyoun Choi , Il-Yeol Song , Hyoil Han, A survey on ontology mapping, ACM SIGMOD Record, v.35 n.3, p.34-41, September 2006 [doi>10.1145/1168092.1168097]
	7	R.D. Jarvis, Selective Disclosure of Credential Content during Trust Negotiation, Master of Science Thesis, Brigham Young University, Provo, Utah, April 2003.
	8	Amir Herzberg , Yosi Mass , Joris Michaeli , Yiftach Ravid , Dalit Naor, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.2, May 14-17, 2000
	9	A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. E. Seamons, B. Smith, Advanced Client/Server Authentication in TLS, In Proceedings of Network and Distributed System Security Symposium, San Diego, CA, February 2002.
	10	Jason E. Holt , Robert W. Bradshaw , Kent E. Seamons , Hilarie Orman, Hidden Credentials, Proceedings of the 2003 ACM workshop on Privacy in the electronic society, October 30, 2003, Washington, DC [doi>10.1145/1005140.1005142]
	11	Robert Johnson , David Molnar , Dawn Xiaodong Song , David Wagner, Homomorphic Signature Schemes, Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology, p.244-262, February 18-22, 2002
	12	Adam J. Lee , Marianne Winslett , Jim Basney , Von Welch, Traust: a trust negotiation-based authorization service for open systems, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA [doi>10.1145/1133058.1133066]
	13	Ninghui Li , Wenliang Du , Dan Boneh, Oblivious signature-based envelope, Proceedings of the twenty-second annual symposium on Principles of distributed computing, p.182-189, July 13-16, 2003, Boston, Massachusetts [doi>10.1145/872035.872061]
	14	J. Li and N. Li, Oacerts: Oblivious attribute certificates. In John Ioannidis, Angelos D. Keromytis, and Moti Yung, editors, ACNS, volume 3531 of Lecture Notes in Computer Science, pp. 301--317, 2005.
	15	Ralph C. Merkle, A Digital Signature Based on a Conventional Encryption Function, A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology, p.369-378, August 16-20, 1987
	16	Pino Persiano , Ivan Visconti, User privacy issues regarding certificates and the TLS protocol: the design and implementation of the SPSL protocol, Proceedings of the 7th ACM conference on Computer and communications security, p.53-62, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.352609]
	17	K. E. Seamons, M. Winslett and T. Yu, Limiting the disclosure of Access Control Policies during Automated Trust Negotiation, In Proceedings of Network and Distributed System Security Simposium, San Diego, CA, February 2001.
	18	Marianne Winslett , Ting Yu , Kent E. Seamons , Adam Hess , Jared Jacobson , Ryan Jarvis , Bryan Smith , Lina Yu, Negotiating Trust on the Web, IEEE Internet Computing, v.6 n.6, p.30-37, November 2002 [doi>10.1109/MIC.2002.1067734]
	19	W. H. Winsborough, K. E. Seamons, V. Jones, Automated Trust Negotiation, DARPA Information Survivability Conference and Exposition, Volume I, pp. 88--102, IEEE Press, January 2000.
	20	William H. Winsborough , Ninghui Li, Protecting sensitive attributes in automated trust negotiation, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.41-51, November 21-21, 2002, Washington, DC [doi>10.1145/644527.644532]
	21	W. H. Winsborough and N. Li, Safety in Automated Trust Negotiation, IEEE Symposium on Security and Privacy, Oakland, CA, May 2004.
	22	WordNet, http://wordnet.princeton.edu/.
	23	Ting Yu , Marianne Winslett, A Unified Scheme for Resource Protection in Automated Trust Negotiation, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.110, May 11-14, 2003
	24	Ting Yu , Marianne Winslett , Kent E. Seamons, Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.1-42, February 2003 [doi>10.1145/605434.605435]