This paper focus on two security services for internet applications: authorization and anonymity. Traditional authorization solutions are not very helpful for many of the Internet applications; however, attribute certificates proposed by ITU-T seems to be well suited and provide adequate solution. On the other hand, special attention is paid to the fact that many of the operations and transactions that are part of Internet applications can be easily recorded and collected. Consequently, anonymity has become a desirable feature to be added in many cases. In this work we propose a solution to enhance the X.509 attribute certificate in such a way that it becomes a conditionally anonymous attribute certificate. Moreover, we present a protocol to obtain such certificates in a way that respects users' anonymity by using a fair blind signature scheme. We also show how to use such certificates and describe a few cases where problems could arise, identifying some open problems.
%0 Conference Paper
%1 BenLoMoTr_2004
%A Benjumea, Vicente
%A Lopez, Javier
%A Montenegro, José A.
%A Troya, José M.
%B Public Key Cryptography
%D 2004
%E Bao, Feng
%E Deng, Robert H.
%E Zhou, Jianying
%I Springer
%K ac anonymity attribute_certificates pki pmi privacy privilige_management_infrastructure x.509
%P 402-415
%T A First Approach to Provide Anonymity in Attribute Certificates.
%U http://www.springerlink.com/content/72n6fna7tmertac6/
%V 2947
%X This paper focus on two security services for internet applications: authorization and anonymity. Traditional authorization solutions are not very helpful for many of the Internet applications; however, attribute certificates proposed by ITU-T seems to be well suited and provide adequate solution. On the other hand, special attention is paid to the fact that many of the operations and transactions that are part of Internet applications can be easily recorded and collected. Consequently, anonymity has become a desirable feature to be added in many cases. In this work we propose a solution to enhance the X.509 attribute certificate in such a way that it becomes a conditionally anonymous attribute certificate. Moreover, we present a protocol to obtain such certificates in a way that respects users' anonymity by using a fair blind signature scheme. We also show how to use such certificates and describe a few cases where problems could arise, identifying some open problems.
%@ 3-540-21018-0
@inproceedings{BenLoMoTr_2004,
abstract = {This paper focus on two security services for internet applications: authorization and anonymity. Traditional authorization solutions are not very helpful for many of the Internet applications; however, attribute certificates proposed by ITU-T seems to be well suited and provide adequate solution. On the other hand, special attention is paid to the fact that many of the operations and transactions that are part of Internet applications can be easily recorded and collected. Consequently, anonymity has become a desirable feature to be added in many cases. In this work we propose a solution to enhance the X.509 attribute certificate in such a way that it becomes a conditionally anonymous attribute certificate. Moreover, we present a protocol to obtain such certificates in a way that respects users' anonymity by using a fair blind signature scheme. We also show how to use such certificates and describe a few cases where problems could arise, identifying some open problems.},
added-at = {2008-07-17T17:52:24.000+0200},
author = {Benjumea, Vicente and Lopez, Javier and Montenegro, José A. and Troya, José M.},
biburl = {https://www.bibsonomy.org/bibtex/28be2d664a3d4fdd68496c18963e8a047/dawinci},
booktitle = {Public Key Cryptography},
editor = {Bao, Feng and Deng, Robert H. and Zhou, Jianying},
interhash = {08c549d26451aea03fb5bbfd76693426},
intrahash = {8be2d664a3d4fdd68496c18963e8a047},
isbn = {3-540-21018-0},
keywords = {ac anonymity attribute_certificates pki pmi privacy privilige_management_infrastructure x.509},
pages = {402-415},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
timestamp = {2008-07-17T17:52:25.000+0200},
title = {A First Approach to Provide Anonymity in Attribute Certificates.},
url = {http://www.springerlink.com/content/72n6fna7tmertac6/},
volume = 2947,
year = 2004
}