Anonymity analysis in credentials-based systems: A formal framework
نویسندگان
چکیده
Anonymity has been formalized and some metrics have been defined in the scope of anonymizing communication channels. In this paper, such formalization has been extended to cope with anonymity in those scenarios where users must anonymously prove that they own certain privileges to perform remote transactions. In these types of scenarios, the authorization policy states the privileges required to perform a given remote transaction. The paper presents a framework to analyze the actual degree of anonymity reached in a given transaction and allows its comparison with an ideal anonymity degree as defined by the authorization policy, providing a tool to model, design and analyze anonymous systems in different scenarios.
منابع مشابه
Formal Analysis of a TTP-Free Blacklistable Anonymous Credentials System (Full Version)
This paper firstly introduces a novel security definition for BLAC-like schemes (BLAC represents TTP-free BLacklist-able Anonymous Credentials) in the symbolic model using applied pi calculus, which is suitable for automated reasoning via a certain formal analysis tool. We model the definitions of some common security properties: authenticity, non-framebility, mis-authentication resistance and ...
متن کاملAn EÆcient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
A credential system is a system in which users can obtain credentials from organizations and demonstrate possession of these credentials. Such a system is anonymous when transactions carried out by the same user cannot be linked. An anonymous credential system is of signi cant practical relevance because it is the best means of providing privacy for users. In this paper we propose a practical a...
متن کاملA Methodology for Anonymity Control in Electronic Services Using Credentials
The organization of all kinds of personal and business affairs is being digitized. At the same time, the Internet is gaining importance as a basic communication mechanism, which opens up a lot of these digitized processes to outsiders. The correct operation of these applications is fundamental and security/control is more than ever a crucial concern. Yet today, the identity and on-line behavior...
متن کاملAn Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
A credential system is a system in which users can obtain credentials from organizations and demonstrate possession of these credentials. Such a system is anonymous when transactions carried out by the same user cannot be linked. An anonymous credential system is of significant practical relevance because it is the best means of providing privacy for users. In this paper we propose a practical ...
متن کاملTrustworthy Identification in a Privacy Driven Virtual World
The identity management of any entity in general and users in particular on the Internet is a formidable problem. This article presents an anonymity-privacy model that draws a clear dividing line between private information and identifying information of a given entity. The other contribution of this article is the abstraction of myriad forms of identity management systems (into three models) u...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Standards & Interfaces
دوره 30 شماره
صفحات -
تاریخ انتشار 2008