Abstract
The contribution of this paper is a mechanism which links authentication to audit using weak identities and takes identity out of the trust management envelope. Although our protocol supports weaker versions of anonymity it is still useful even if anonymity is not required, due to the ability to reduce trust assumptions which it provides. We illustrate the protocol with an example of authorization in a role based access mechanism.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Beresnevichiene, Y.: A role and context based security model. Technical Report 558, University of Cambridge (2003)
Blaze, M., Feigenbaum, J., Ioannides, J., Keromytis, A.: The Keynote Trust Management System. Request For Comments Series (2704) (1999)
Blaze, M., Feigenbaum, J., Strauss, M.J.: Compliance checking in the policyMaker trust management system. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)
Bohm, N., Brown, I., Gladman, B.: Who Carries The Risk Of Fraud In Ecommerce. Journal of Information Law and Technology 2000(3), 173–199 (2000)
Camenisch, J., Van Herreweghen, E.: Design And Implementation Of The idemix Anonymous Credential System. In: Proceedings of the 9th ACM conference on Computer and Communications Security, pp. 21–30 (2002)
Chaum, D.: Untraceable Electronic Mail, Return Addresses And Digital Pseudonyms. Communications of the ACM 24(2), 84–90 (1981)
Crispo, B.: Delegation of Responsibility. PhD thesis, University of Cambridge (1999)
Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design Of A type III Anonymous Remailer. In: Proceedings of the 24th IEEE Symposium on Security and Privacy, pp. 2–15 (2003)
Diffie, W., Hellman, M.: New Directions In Cryptography. IEEE Transactions on Information Theory 22, 472–492 (1976)
Ferraiolo, D., Sandhu, R., Gavrilla, S., Kuhn, R., Chandramouli, R.: Proposed NIST Standard For Role Based Access Control. ACM Transactions on Information and Systems Security 4(3), 224–274
Neuman, B.C., Tso’s, T.: Kerberos: An Authentication Service For Computer Networks. IEEE Communications 32(9), 33–38
Pohlig, S., Hellman, M.: An Improved Algorithm For Computing Logarithms And Its Cryptographic Significance. IEEE Transactions on Information Theory 24, 106–110 (1978)
Popescu, B., Van Steen, M., Tanenbaum, A.: A Security Architecture for Object Based Distributed Systems. In: Proceedings of the 18th Annual Computer Security Applications Conference (2002)
Syverson, P., Goldshlag, D.: Unlinkable Serial Transactions: Protocols And Applications. ACM Transactions on Information and Systems Security 2(4), 354–389 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chowdhury, P.D., Christianson, B., Malcolm, J. (2006). Anonymous Authentication. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2004. Lecture Notes in Computer Science, vol 3957. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11861386_36
Download citation
DOI: https://doi.org/10.1007/11861386_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40925-0
Online ISBN: 978-3-540-40926-7
eBook Packages: Computer ScienceComputer Science (R0)