Privacy-Preserving Credentials Upon Trusted Computing Augmented Servers
نویسندگان
چکیده
Credentials are an indispensable means for service access control in electronic commerce. However, regular credentials such as X.509 certificates and SPKI/SDSI certificates do not address user privacy at all, while anonymous credentials that protect user privacy are complex and have compatibility problems with existing PKIs. In this paper we propose privacy-preserving credentials, a concept between regular credentials and anonymous credentials. The privacy-preserving credentials enjoy the advantageous features of both regular credentials and anonymous credentials, and strike a balance between user anonymity and system complexity. We achieve this by employing computer servers equipped with TPMs (Trusted Platform Modules). We present a detailed construction for ElGamal encryption credentials. We also present XMLbased specification for the privacy-preserving credentials.
منابع مشابه
An Architecture for Privacy Preserving Collaborative Filtering for Web 2.0 Applications
Collaborative Filtering (CF) is a method to perform Automated Recommendations based upon the assumption that users who had similar interests in past, will have similar interests in future too. Popularity of e-commerce portals such as Amazon and Ebay and Web 2.0 applications such as YouTube and Flickr is resulting in private user data being stored in central servers. This has given rise to a num...
متن کاملAn Approach to Identity Management in Clouds without Trusted Third Parties
The management of sensitive data, including identity management (IDM), is an important problem in cloud computing, fundamental for authentication and fine-grained service access control. Our goal is creating an efficient and robust IDM solution that addresses critical issues in cloud computing. The proposed IDM scheme does not rely on trusted third parties (TTPs) or trusted dealers. The scheme ...
متن کاملClient-Side Biometric Verification Based on Trusted Computing
Traditionally, a user requires substantial trust in a workstation for correctly handling her credentials (e.g. password/login). Unfortunately, malware and compromised software makes them unsuitable for secure credential management. Credentials are easily stolen and the user cannot trust what is being displayed on her workstation, obstructing informed consent. This paper presents a new solution ...
متن کاملPrivacy-preserving identities for a safer, more trusted internet
The problem Business and government services are increasingly being migrated online to improve convenience and reduce the cost of conducting these services in person. Migrating high-value transactions online require, however, high-level of identity assurance. The challenge is to create a system offering the richness of real-world credentials we carry in our pockets, while preserving the same le...
متن کاملSecurity Limitations of Using Secret Sharing for Data Outsourcing
Three recently proposed schemes use secret sharing to support privacy-preserving data outsourcing. Each secret in the database is split into n shares, which are distributed to independent data servers. A trusted client can use any k shares to reconstruct the secret. These schemes claim to offer security even when k or more servers collude, as long as certain information such as the finite field...
متن کامل