Enabling privacy-preserving credential-based access control with XACML and SAML

Proceedings - 10th IEEE International Conference on Computer and Information Technology, CIT-2010, 7th IEEE International Conference on Embedded Software and Systems, ICESS-2010, ScalCom-2010

Volumn , Issue , 2010, Pages 1090-1095

  Ardagna, Claudio A ^a   De Capitani Di Vimercati, Sabrina ^a   Neven, Gregory ^b   Paraboschi, Stefano ^c   Preiss, Franz Stefan ^b   Samarati, Pierangela ^a   Verdicchio, Mario ^c  

^a UNIVERSITY OF MILAN   (Italy)

^b IBM RESEARCH ZURICH   (Switzerland)

^c UNIVERSITY OF BERGAMO   (Italy)

Author keywords

Access control; Anonymous credentials; Privacy; XACML

Indexed keywords

DATA PRIVACY; EMBEDDED SOFTWARE; EMBEDDED SYSTEMS;

ANONYMOUS CREDENTIAL; CREDENTIAL BASED ACCESS CONTROL; CREDENTIAL-BASED; CREDENTIAL-BASED APPROACH; INDUSTRY STANDARDS; LANGUAGE EXTENSIONS; PRIVACY PRESERVING; XACML;

ACCESS CONTROL;

EID: 78249253959     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CIT.2010.199     Document Type: Conference Paper

References (14)

1. P. Bonatti and P. Samarati, "A unified framework for regulating access and information release on the web," JCS, vol. 10, no. 3, 2002.
2. J. Li, N. Li, and W. Winsborough, "Automated trust negotiation using cryptographic credentials," in ACM CCS 2005.
3. C. A. Ardagna, J. Camenisch, M. Kohlweiss, R. Leenes, G. Neven, B. Priem, P. Samarati, D. Sommer, and M. Verdicchio, "Exploiting cryptography for privacy-enhanced access control," JCS, vol. 18, no. 1, 2010.
4. C. A. Ardagna, S. De Capitani di Vimercati, S. Paraboschi, E. Pedrini, P. Samarati, and M. Verdicchio, "Expressive and deployable access control in open web service applications," IEEE Transaction on Services Computing, 2010, to appear.
5. J. Camenisch, S. Moedersheim, G. Neven, F.-S. Preiss, and D. Sommer," A card requirements language enabling privacypreserving access control," in ACM SACMAT 2010, to appear.
6. D. Chaum, "Security without identification: Transaction systems to make big brother obsolete," CACM, vol. 28, no. 10, 1985.
7. S. Brands, "Rethinking public key infrastructure and digital certificates- building in privacy," Ph.D. dissertation, Eindhoven Institute of Technology, The Netherlands, 1999.
8. J. Camenisch and A. Lysyanskaya, "An efficient system for non-transferable anonymous credentials with optional anonymity revocation," in EUROCRYPT 2001, ser. LNCS, vol. 2045. Springer, 2001.
9. S. Jajodia, P. Samarati, M. Sapino, and V. Subrahmanian, "Flexible support for multiple access control policies," ACM TODS, vol. 26, no. 2, 2001.
10. M. Winslett, N. Ching, V. Jones, and I. Slepchin, "Assuring security and privacy for digital library transactions on the web: Client and server security policies," in ADL 1997.
11. OASIS, "eXtensible Access Control Markup Language (XACML) Version 3.0," 2009.
12. J. Camenisch and V. Shoup, "Practical verifiable encryption and decryption of discrete logarithms," in CRYPTO 2003, ser. LNCS, vol. 2729. Springer, 2003.
13. W3C, "OWL 2 Web Ontology Language," 2007.
14. OASIS, "SAML 2.0 profile of XACML v2.0," 2005.