Issue No. 10 - October (2006 vol. 55)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2006.158
Keith Frikken , IEEE
Mikhail Atallah , IEEE
Jiangtao Li , IEEE
In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) of the requester, via digital credentials: Access is granted if Alice's credentials satisfy Bob's access policy. The literature contains many scenarios in which it is desirable to carry out such trust negotiations in a privacy-preserving manner, i.e., so as minimize the disclosure of credentials and/or of access policies. Elegant solutions were proposed for achieving various degrees of privacy-preservation through minimal disclosure. In this paper, we present protocols that protect both sensitive credentials and sensitive policies. That is, Alice gets the resource only if she satisfies the policy, Bob does not learn anything about Alice's credentials (not even whether Alice got access), and Alice learns neither Bob's policy structure nor which credentials caused her to gain access. Our protocols are efficient in terms of communication and in rounds of interaction.
Electronic commerce-security, management of computing and information systems, security and protection, authentication, access control, trust negotiation, hidden credentials, privacy.
K. Frikken, J. Li and M. Atallah, "Attribute-Based Access Control with Hidden Policies and Hidden Credentials," in IEEE Transactions on Computers, vol. 55, no. , pp. 1259-1270, 2006.