A card requirements language enabling privacy-preserving access control

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn , Issue , 2010, Pages 119-128

  Camenisch, Jan ^a   Mödersheim, Sebastian ^a   Neven, Gregory ^a   Preiss, Franz Stefan ^a   Sommer, Dieter ^a  

^a IBM RESEARCH ZURICH   (Switzerland)

Author keywords

Access control; Anonymous credentials; Digital credentials; Policy languages; Privacy

Indexed keywords

ANONYMOUS CREDENTIAL; ANONYMOUS CREDENTIAL SYSTEMS; CONCRETE TECHNOLOGY; DIGITAL CREDENTIALS; DISTRIBUTED SYSTEMS; ONLINE RESOURCES; PERSONAL DATA; POLICY LANGUAGE; POLICY LANGUAGES; PRIVACY PRESERVING; PROBLEM OF PRIVACY; TECHNOLOGY ADOPTION;

DATA PRIVACY; LINGUISTICS; ONLINE SYSTEMS; QUERY LANGUAGES; SECURITY SYSTEMS; TECHNOLOGY;

ACCESS CONTROL;

EID: 77954923296     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1809842.1809863     Document Type: Conference Paper

References (39)

1. A. W. Appel and E. W. Felten. Proof-carrying authentication. ACM CCS 1999.
2. C. A. Ardagna, J. Camenisch, M. Kohlweiss, R. Leenes, G. Neven, B. Priem, P. Samarati, D. Sommer, and M. Verdicchio. Exploiting cryptography for privacy-enhanced access control. J. of Comput. Secur., 18(1), 2010.
3. C. A. Ardagna, M. Cremonini, S. De Capitani di Vimercati, and P. Samarati. A privacy-aware access control system. J. Comput. Secur., 16(4), 2008.
4. IBM Research. Enterprise Privacy Authorization Language (EPAL), 2006.
5. N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. IEEE J. Sel. Areas Commun., 18(4), 2000.
6. M. Backes, J. Camenisch, and D. Sommer. Anonymous yet accountable access control. ACM WPES 2005.
7. M. Becker, C. Fournet, and A. Gordon. Design and semantics of a decentralized authorization language. IEEE CSF 2007.
8. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The role of trust management in distributed systems security. Secure Internet Programming: Issues in Distributed and Mobile Object Systems, 1998.
9. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. IEEE S&P 1996.
10. P. Bonatti and P. Samarati. A unified framework for regulating access and information release on the web. J. Comput. Secur., 10(3), 2002.
11. K. D. Bowers, L. Bauer, D. Garg, F. Pfenning, and M. K. Reiter. Consumable credentials in linear-logic-based access-control systems. NDSS 2007.
12. S. Brands. Rethinking Public Key Infrastructure and Digital Certificates-Building in Privacy. PhD thesis, Eindhoven Institute of Technology, 1999.
13. E. F. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. ACM CCS 2004.
14. J. Camenisch and I. Damga°rd. Verifiable encryption, group encryption, and their applications to separable group signatures and signature sharing schemes. ASIACRYPT 2000.
15. J. Camenisch, S. Hohenberger, M. Kohlweiss, A. Lysyanskaya, and M. Meyerovich. How to win the clonewars: Efficient periodic n-times anonymous authentication. ACM CCS 2006.
16. J. Camenisch, S. Mödersheim, G. Neven, F.S. Preiss, and D. Sommer. A Language Enabling Privacy-Preserving Access Control. Technical report RZ 3762, IBM Research Zurich, 2009.
17. J. Camenisch and A. Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. EUROCRYPT 2001.
18. J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. CRYPTO 2003.
19. J. Camenisch and E. Van Herreweghen. Design and implementation of the idemix anonymous credential system. ACM CCS 2002.
20. D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Commun. ACM, 28(10), 1985.
21. Credentica. U-Prove SDK overview: A Credentica white paper, 2007.
22. D. Ferraiolo and R. Kuhn. Role-based access control. NIST-NCSC 1992.
23. D. Garg, L. Bauer, K. D. Bowers, F. Pfenning, and M. K. Reiter. A linear logic of authorization and knowledge. ESORICS 2006.
24. S. Gevers and B. De Decker. Automating privacy friendly information disclosure. Technical Report CW441, K.U. Leuven, 2006.
25. Y. Gurevich and I. Neeman. DKAL: Distributed-knowledge authorization language. IEEE CSF 2008.
26. D. Hardt, J. Bufu, and J. Hoyt. OpenID attribute exchange 1.0, 2007.
27. J. Li, N. Li, and W. Winsborough. Automated trust negotiation using cryptographic credentials. ACM CCS 2005.
28. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation logic: A logic-based approach to distributed authorization. ACM TISSEC, 6(1), 2003.
29. Microsoft. Microsoft's vision for an identity metasystem. Whitepaper, http://msdn.microsoft.com/en-us/library/ms996422.aspx, 2005.
30. S. Mödersheim and D. Sommer. A formal model of identity mixer. Technical report RZ 3749, IBM Research Zurich, 2009.
31. B. C. Neuman and T. Ts'o. Kerberos: An authentication service for computer networks. IEEE Commun., 32(9), 1994.
32. OASIS. Assertions and protocols for the OASIS security assertion markup language (SAML) v2.0, 2005.
33. OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0, 2005.
34. OpenID authentication 2.0, 2007.
35. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Comput., 29(2), 1996.
36. W3C. The platform for privacy preferences (P3P), 2006.
37. L. Wang, D. Wijesekera, and S. Jajodia. A logic-based framework for attribute based access control. ACM FMSE 2004.
38. W. Winsborough, K. Seamons, and V. Jones. Automated trust negotiation. DISCEX 2000.
39. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. IETF RFC 5280, 2008.