Compact and anonymous role-based authorization chain

ACM Transactions on Information and System Security

Volumn 12, Issue 3, 2009, Pages

  Yao, Danfeng ^a,c   Tamassia, Roberto ^b,d  

^a RUTGERS UNIVERSITY   (United States)

^b BROWN UNIVERSITY   (United States)

^c RUTGERS UNIVERSITY   (United States)

^d Brown Univerity   (United States)

Author keywords

Aggregate signature; Anonymity; Delegation

Indexed keywords

AGGREGATE SIGNATURE; ANONYMITY; COMMUNICATION BANDWIDTHS; COMPACT ROLES; DELEGATION; DELEGATOR; DIGITAL SIGNATURE SCHEMES; INTERNAL STRUCTURES; MEMBERSHIP INFORMATIONS; MOBILE COMPUTING DEVICES; ROLE-BASED; STORAGE UNITS; TRANSMISSION MECHANISMS; UBIQUITOUS COMPUTING ENVIRONMENTS;

AGGREGATES; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS;

UBIQUITOUS COMPUTING;

EID: 60349114116     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/1455526.1455528     Document Type: Article

References (51)

1. APPEL, A. W. AND FELTEN, E. W. 1999. Proof-carrying authentication. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'99). 52-62.
2. ARINGHIEEI, R., DAMIANI, E., DE CAPITANI dI VIMERCATI, S., AND SAMAEATI, P. 2005. Assessing efficiency of trust management in peer-to-peer systems. In Proceedings of the 1st International Workshop on Collaborative Peer-to-Peer Information Systems (COPS'05).
3. ATENIESE, G., CAMENISCH, J., JOYE, M., AND TSUDIK, G. 2000. A practical and provably secure coalition-resistant group signature scheme. In Proceedings of the Annual International Cryptology Conference (CRYPTO'00). Lecture Notes in Computer Science, vol. 1880. Springer Verlag, 255-270.
4. AUEA, T. 1999. Distributed access-rights management with delegation certificates. In Secure Internet Programming-Security Issues for Distributed and Mobile Objects. Lecture Notes in Computer Science, vol. 1603. Springer, 211-235.
5. BALFANZ, D., DURFEE, G., SHANKAR, N., SMETTERS, D., STADDON, J., AND WONG, H. 2003. Secret handshakes from pairing-based key agreements. In Proceedings of the IEEE Symposium on Security and Privacy (SP'03). IEEE Press. 180-196.
6. BAEEETO, P. S., KIM, H. Y., LYNN, B., AND SCOTT, M. 2002. Efficient algorithms for pairingbased cryptosystems. In Proceedings of the Annual International Cryptology Conference (CRYPTO'02). Lecture Notes in Computer Science, vol. 2442. Springer-Verlag, 354-368.
7. BELLAEE, M., MICCIANCIO, D., AND WARINSCHI, B. 2003. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'03). Lecture Notes in Computer Science, vol. 2656. 614-629.
8. BELLARE, M. AND ROGAWAY, P. 1993. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS'93). 62-73.
9. BLAZE, M., FEIGENBAUM, J., AND KEROMYTIS, A. D. 1998. KeyNote: Trust management for public-key infrastructures. In Proceedings of the Security Protocols International Workshop.
10. BONEH, D., BOYEN, X., AND SHACHAM, H. 2004. Short group signatures. In Proceedings of the Annual International Cryptology Conference (CRYPTO'04). Lecture Notes in Computer Science.
11. BONEH, D. AND FRANKLIN, M. 2001a. Identity-based encryption from the Weil pairing. In Proceedings of the Annual International Cryptology Conference (CRYPTO'01). Lecture Notes in Computer Science, vol. 2139. Springer, 213-229.
12. BONEH, D. AND FRANKLIN, M. K. 2001b. Identity-based encryption from the Weil pairing. In Proceedings of the Annual International Cryptology Conference (CRYPTO'01). Lecture Notes in Computer Science, vol. 2139. Springer, 213-229.
13. BONEH, D., GENTEY, C., LYNN, B., AND SHACHAM, H. 2003. Aggregate and verifiably encrypted signatures from bilinear maps. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'03). 416-432.
14. BONEH, D., GENTEY, C., AND WATERS, B. 2005. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proceedings of the Annual International Cryptology Conference (CRYPTO'05).
15. BONEH, D., LYNN, B., AND SHACHAM, H. 2001. Short signatures from the Weil pairing. In Advances in Cryptology (ASIACRYPT'01). Lecture Notes in Computer Science, vol. 2248. Springer-Verlag, 514-523.
16. BRADSHAW, R., HOLT, J., AND SEAMONS, K. 2004. Concealing complex policies with hidden credentials. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS'04).
17. CAMENISCH, J. AND LYSYANSKAYA, A. 2001. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'01), B. Pfitzmann, ed. Lecture Notes in Computer Science, vol. 2045. Springer Verlag, 93-118.
18. CAMENISCH, J. AND LYSYANSKAYA, A. 2002. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Proceedings of the Annual International Cryptology Conference (CRYPTO'02). Lecture Notes in Computer Science, vol. 2442. 61-76.
19. CAMENISCH, J. AND LYSYANSKAYA, A. 2004. Signature schemes and anonymous credentials from bilinear maps. In Proceedings of the Annual International Cryptology Conference (CRYPTO'04).
20. CAMENISCH, J. AND STADLER, M. 1997. Efficient group signature schemes for large groups. In Proceedings of the Annual International Cryptology Conference (CRYPTO'97). Lecture Notes in Computer Science, vol. 1296. Springer-Verlag, 410-424.
21. CAMENISCH, J. AND VAN HERREWEGHEN, E. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02). 21-30.
22. CHASE, M. AND LYSYANSKAYA, A. 2006. On signatures of knowledge. In Proceedings of the Annual International Cryptology Conference (CRYPTO'06). Lecture Notes in Computer Science, vol. 4117. Springer, 78-96.
23. CHAUM, D. 1985. Security without identification: Transaction systems to make big brother obsolete. Comm. ACM 28, 10, 1030-1044.
24. CHAUM, D. AND EVERTSE, J.-H. 1987. A secure and privacy-protecting protocol for transmitting personal information between organizations. In Proceedings of the Annual International Cryptology Conference (CRYPTO'86). 118-167.
25. CHAUM, D. AND VAN HEIJST, E. 1991. Group signatures. In Advances in Cryptology (EUROCRYPT'91). Springer-Verlag, 257-265.
26. CHEN, X., ZHANG, F., AND KIM, K. 2003. A new ID-based group signature scheme from bilinear pairings. In Proceedings of the International Workshop on Information Security Applications (WISA'03). K. Chae and M. Yung eds. Lecture Notes in Computer Science, vol. 2908. Springer, 585-592.
27. CLARKE, D., ELIEN, J.-E., ELLISON, C, FREDETTE, M., MORCOS, A., AND RIVEST, R. L. 2001. Certificate chain discovery in SPKI/SDSI. J. Comput. Secur. 9, 4, 285-322.
28. COCKS, C. 2001. An identity based encryption scheme based on quadratic residues. In Proceedings of the 8th International Conference on Cryptography and Coding (IMA'01). Vol. 2260. Springer, 360-363.
29. FERRAIOLO, D. AND KUHN, R. 1992. Role-based access control. In Proceedings of the 15th National Computer Security Conference (NCSC'92).
30. FRIKKEN, K. B., ATALLAH, M. J., AND LI, J. 2004. Hidden access control policies with hidden credentials. In Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society (WPES'04).
31. FRIKKEN, K. B., LI, J., AND ATALLAH, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS'06).
32. GOODEICH, M. T., SHIN, M., TAMASSIA, R., AND WINSBOEOUGH, W. H. 2003. Authenticated dictionaries for fresh attribute credentials. In Proceedings of the Trust Management Conference (TRUST03). Lecture Notes in Computer Science, vol. 2692. Springer, 332-347.
33. HOLT, J. E., BRADSHAW, R. W., SEAMONS, K. E., AND ORMAN, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society (WPES'03).
34. JUELS, A. 1999. Trustee tokens: Simple and practical tracing of anonymous digital cash. In Proceedings of the 3rd International Conference on Financial Cryptography (FC'99). Lecture Notes in Computer Science, vol. 1648. Springer-Verlag, 33-43.
35. LI, N., GROSOF, B. N., AND FEIGENBAUM, J. 2003. Delegation Logic: A logic-based approach to distributed authorization. ACM Trans. Inform. Syst. Secur. 6, 1, 128-171.
36. LI, N., MITCHELL, J. C., AND WINSBOROUGH, W. H. 2002. Design of a role-based trustmanagement framework. In Proceedings of the IEEE Symposium on Security and Privacy (SP'02). 114-130.
37. LI, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. 2003. Distributed credential chain discovery in trust management. J. Comput. Secur. 11, 1, 35-86.
38. LYSYANSKAYA, A., MICALI, S., REYZIN, L., AND SHACHAM, H. 2004. Sequential aggregate signatures from trapdoor permutations. In Proceedings of Advances in Cryptology (EUROCRYPT'04). Lecture Notes in Computer Science, vol. 3027. Springer-Verlag, 74-90.
39. NAOR, M. AND NISSIM, K. 1998. Certificate revocation and certificate update. In Proceedings of the 7th USENIX Security Symposium (SECURITY'98). 217-228.
40. OKAMOTO, T. AND POINTCHEVAL, D. 2001. The gap-problems: A new class of problems for the security of cryptographic schemes. In Proceedings of the International Conference on Theory and Public-Key Cryptography (PKC'01). Lecture Notes in Computer Science, vol. 1992. Springer-Verlag, 104-118.
41. PALLICKAEA, S. L., PLALE, B., FANG, L., AND GANNON, D. 2006. End-to-end trustworthy data access in data-oriented scientific computing. In Proceedings of the 6th IEEE International Symposium on Cluster Computing and the Grid (CCGrid'06). 395-400.
42. SANDHU, R. S. 1993. Lattice-based access control models. IEEE Comput. 26, 11, 9-19.
43. SANDHU, R. S., COYNE, E. J., FEINSTEIN, H. L., AND YOUMAN, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2, 38-47.
44. SHAMIR, A. 1984. Identity-based cryptosystems and signature schemes. In Proceedings of the Annual International Cryptology Conference (CRYPTO'84). Lecture Notes in Computer Science, vol. 196. Springer, 47-53.
45. TAMASSIA, R., YAO, D., AND WINSBOROUGH, W. H. 2004. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT'04). ACM Press, 146-155.
46. WINSBOROUGH, W. AND LI, N. 2004. Safety in automated trust negotiation. In Proceedings of the IEEE Symposium on Security and Privacy (SP'04). IEEE Press, 147-160.
47. YAO, D. 2008. An ad hoc trust inference model for flexible and controlled information sharing. In Proceedings of the International Conference on Securiy and Management (SAM'08). 555-561.
48. YAO, D., FAZIO, N., DODIS, Y., AND LYSYANSKAYA, A. 2004. ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'04). ACM Press, 354-363.
49. YAO, D. AND TAMASSIA, R. 2006. Cascaded authorization with anonymous-signer aggregate signatures. In Proceedings of the IEEE Systems, Man and Cybernetics Information Assurance Workshop (IAW'06). 84-91.
50. YAO, D., TAMASSIA, R., AND PROCTOR, S. 2005. On improving the performance of role-based cascaded delegation in ubiquitous computing. In Proceedings of the IEEE / Create Net Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm'05). IEEE Press, 157-168.
51. YU, T., MA, X., AND WINSLETT, M. 2000. PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'00). 210-219.