Relying Party Credentials Framework
نویسندگان
چکیده
We present architecture for e-business applications that receive requests from a party over the Net, to allow the applications to make decisions relying on the credentials of the requesting party. Relying party applications will be provided with uniform interface to the credentials of the requesting party. This will allow use of simple, widely available credentials as well as more advanced credentials such as public key certificates, attribute certificates and `Negative` credentials such as certificate revocation lists (CRL). The core of the architecture is a Credential Manager who will provide all credential management functions, including collection of credentials, providing uniform interface to credentials, and extracting semantics relevant to the relying party’s applications.
منابع مشابه
Anonymous Credential Schemes with Encrypted Attributes
In anonymous credential schemes, users obtain credentials on certain attributes from an issuer, and later show these credentials to a relying party anonymously and without fully disclosing the attributes. In this paper, we introduce the notion of (anonymous) credential schemes with encrypted attributes, in which issuers certify credentials on encrypted attributes to users. These schemes allow f...
متن کاملA Flexible Framework for Secret Handshakes or: How to Achieve Multi-Party Interactive Anonymous Mutual Authentication
In the society increasingly concerned with the erosion of privacy, privacy-preserving techniques are becoming very important. Secret handshakes offer anonymous and unobservable authentication and serve as an important tool in the arsenal of privacy-preserving techniques. Relevant prior research focused on 2-party secret handshakes with one-time credentials, whereby two parties establish a secur...
متن کاملA Flexible Framework for Secret Handshakes
In the society increasingly concerned with the erosion of privacy, privacy-preserving techniques are becoming very important. This motivates research in cryptographic techniques offering built-in privacy. A secret handshake is a protocol whereby participants establish a secure, anonymous and unobservable communication channel only if they are members of the same group. This type of “private” au...
متن کاملAnonymous k -Show Credentials
Privacy-preserving digital credentials are cryptographic tools that allow a user to prove a predicate about his/her identity or qualifications, without the verifying party learning additional information beyond the status of that predicate. The Identity Mixer (Idemix) [CL01] is a framework providing such credentials. In Idemix, we can distinguish two types of credentials: (1) one-time show cred...
متن کاملSecure Hardware-based Distributed Authorisation Underpinning a Web Service Framework
This paper presents a distributed authorisation model suitable for use in a web service framework where multiple parties are involved in performing a particular transaction. The authorisation model uses a third party authorisation service that checks users or services’ credentials against a set of authorisation policies. A traditional service provision model does not scale well for such transac...
متن کامل