skip to main content
research-article

Compact and Anonymous Role-Based Authorization Chain

Published: 01 January 2009 Publication History

Abstract

We introduce a decentralized delegation model called anonymous role-based cascaded delegation. In this model, a delegator can issue authorizations on behalf of her role without revealing her identity. This type of delegation protects the sensitive membership information of a delegator and hides the internal structure of an organization. To provide an efficient storage and transmission mechanism for credentials used in anonymous role-based cascaded delegation, we present a new digital signature scheme that supports both signer anonymity and signature aggregation. Our scheme has compact role signatures that make it especially suitable for ubiquitous computing environments, where users may have mobile computing devices with narrow communication bandwidth and small storage units.

References

[1]
Appel, A. W. and Felten, E. W. 1999. Proof-carrying authentication. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’99). 52--62.
[2]
Aringhieri, R., Damiani, E., De Capitani di Vimercati, S., and Samarati, P. 2005. Assessing efficiency of trust management in peer-to-peer systems. In Proceedings of the 1st International Workshop on Collaborative Peer-to-Peer Information Systems (COPS’05).
[3]
Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. 2000. A practical and provably secure coalition-resistant group signature scheme. In Proceedings of the Annual International Cryptology Conference (CRYPTO’00). Lecture Notes in Computer Science, vol. 1880. Springer Verlag, 255--270.
[4]
Aura, T. 1999. Distributed access-rights management with delegation certificates. In Secure Internet Programming---Security Issues for Distributed and Mobile Objects. Lecture Notes in Computer Science, vol. 1603. Springer, 211--235.
[5]
Balfanz, D., Durfee, G., Shankar, N., Smetters, D., Staddon, J., and Wong, H. 2003. Secret handshakes from pairing-based key agreements. In Proceedings of the IEEE Symposium on Security and Privacy (SP’03). IEEE Press. 180--196.
[6]
Barreto, P. S., Kim, H. Y., Lynn, B., and Scott, M. 2002. Efficient algorithms for pairing- based cryptosystems. In Proceedings of the Annual International Cryptology Conference (CRYPTO’02). Lecture Notes in Computer Science, vol. 2442. Springer-Verlag, 354--368.
[7]
Bellare, M., Micciancio, D., and Warinschi, B. 2003. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’03). Lecture Notes in Computer Science, vol. 2656. 614--629.
[8]
Bellare, M. and Rogaway, P. 1993. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS’93). 62--73.
[9]
Blaze, M., Feigenbaum, J., and Keromytis, A. D. 1998. KeyNote: Trust management for public-key infrastructures. In Proceedings of the Security Protocols International Workshop.
[10]
Boneh, D., Boyen, X., and Shacham, H. 2004. Short group signatures. In Proceedings of the Annual International Cryptology Conference (CRYPTO’04). Lecture Notes in Computer Science.
[11]
Boneh, D. and Franklin, M. 2001a. Identity-based encryption from the Weil pairing. In Proceedings of the Annual International Cryptology Conference (CRYPTO’01). Lecture Notes in Computer Science, vol. 2139. Springer, 213--229.
[12]
Boneh, D. and Franklin, M. K. 2001b. Identity-based encryption from the Weil pairing. In Proceedings of the Annual International Cryptology Conference (CRYPTO’01). Lecture Notes in Computer Science, vol. 2139. Springer, 213--229.
[13]
Boneh, D., Gentry, C., Lynn, B., and Shacham, H. 2003. Aggregate and verifiably encrypted signatures from bilinear maps. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’03). 416--432.
[14]
Boneh, D., Gentry, C., and Waters, B. 2005. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proceedings of the Annual International Cryptology Conference (CRYPTO’05).
[15]
Boneh, D., Lynn, B., and Shacham, H. 2001. Short signatures from the Weil pairing. In Advances in Cryptology (ASIACRYPT’01). Lecture Notes in Computer Science, vol. 2248. Springer-Verlag, 514--523.
[16]
Bradshaw, R., Holt, J., and Seamons, K. 2004. Concealing complex policies with hidden credentials. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS’04).
[17]
Camenisch, J. and Lysyanskaya, A. 2001. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’01), B. Pfitzmann, ed. Lecture Notes in Computer Science, vol. 2045. Springer Verlag, 93--118.
[18]
Camenisch, J. and Lysyanskaya, A. 2002. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Proceedings of the Annual International Cryptology Conference (CRYPTO’02). Lecture Notes in Computer Science, vol. 2442. 61--76.
[19]
Camenisch, J. and Lysyanskaya, A. 2004. Signature schemes and anonymous credentials from bilinear maps. In Proceedings of the Annual International Cryptology Conference (CRYPTO’04).
[20]
Camenisch, J. and Stadler, M. 1997. Efficient group signature schemes for large groups. In Proceedings of the Annual International Cryptology Conference (CRYPTO’97). Lecture Notes in Computer Science, vol. 1296. Springer-Verlag, 410--424.
[21]
Camenisch, J. and Van Herreweghen, E. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS’02). 21--30.
[22]
Chase, M. and Lysyanskaya, A. 2006. On signatures of knowledge. In Proceedings of the Annual International Cryptology Conference (CRYPTO’06). Lecture Notes in Computer Science, vol. 4117. Springer, 78--96.
[23]
Chaum, D. 1985. Security without identification: Transaction systems to make big brother obsolete. Comm. ACM 28, 10, 1030--1044.
[24]
Chaum, D. and Evertse, J.-H. 1987. A secure and privacy-protecting protocol for transmitting personal information between organizations. In Proceedings of the Annual International Cryptology Conference (CRYPTO’86). 118--167.
[25]
Chaum, D. and van Heijst, E. 1991. Group signatures. In Advances in Cryptology (EUROCRYPT’91). Springer-Verlag, 257--265.
[26]
Chen, X., Zhang, F., and Kim, K. 2003. A new ID-based group signature scheme from bilinear pairings. In Proceedings of the International Workshop on Information Security Applications (WISA’03). K. Chae and M. Yung eds. Lecture Notes in Computer Science, vol. 2908. Springer, 585--592.
[27]
Clarke, D., Elien, J.-E., Ellison, C., Fredette, M., Morcos, A., and Rivest, R. L. 2001. Certificate chain discovery in SPKI/SDSI. J. Comput. Secur. 9, 4, 285--322.
[28]
Cocks, C. 2001. An identity based encryption scheme based on quadratic residues. In Proceedings of the 8th International Conference on Cryptography and Coding (IMA’01). Vol. 2260. Springer, 360--363.
[29]
Ferraiolo, D. and Kuhn, R. 1992. Role-based access control. In Proceedings of the 15th National Computer Security Conference (NCSC’92).
[30]
Frikken, K. B., Atallah, M. J., and Li, J. 2004. Hidden access control policies with hidden credentials. In Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society (WPES’04).
[31]
Frikken, K. B., Li, J., and Atallah, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS’06).
[32]
Goodrich, M. T., Shin, M., Tamassia, R., and Winsborough, W. H. 2003. Authenticated dictionaries for fresh attribute credentials. In Proceedings of the Trust Management Conference (TRUST’03). Lecture Notes in Computer Science, vol. 2692. Springer, 332--347.
[33]
Holt, J. E., Bradshaw, R. W., Seamons, K. E., and Orman, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society (WPES’03).
[34]
Juels, A. 1999. Trustee tokens: Simple and practical tracing of anonymous digital cash. In Proceedings of the 3rd International Conference on Financial Cryptography (FC’99). Lecture Notes in Computer Science, vol. 1648. Springer-Verlag, 33--43.
[35]
Li, N., Grosof, B. N., and Feigenbaum, J. 2003. Delegation Logic: A logic-based approach to distributed authorization. ACM Trans. Inform. Syst. Secur. 6, 1, 128--171.
[36]
Li, N., Mitchell, J. C., and Winsborough, W. H. 2002. Design of a role-based trust-management framework. In Proceedings of the IEEE Symposium on Security and Privacy (SP’02). 114--130.
[37]
Li, N., Winsborough, W. H., and Mitchell, J. C. 2003. Distributed credential chain discovery in trust management. J. Comput. Secur. 11, 1, 35--86.
[38]
Lysyanskaya, A., Micali, S., Reyzin, L., and Shacham, H. 2004. Sequential aggregate signatures from trapdoor permutations. In Proceedings of Advances in Cryptology (EUROCRYPT’04). Lecture Notes in Computer Science, vol. 3027. Springer-Verlag, 74--90.
[39]
Naor, M. and Nissim, K. 1998. Certificate revocation and certificate update. In Proceedings of the 7th USENIX Security Symposium (SECURITY’98). 217--228.
[40]
Okamoto, T. and Pointcheval, D. 2001. The gap-problems: A new class of problems for the security of cryptographic schemes. In Proceedings of the International Conference on Theory and Public-Key Cryptography (PKC’01). Lecture Notes in Computer Science, vol. 1992. Springer-Verlag, 104--118.
[41]
Pallickara, S. L., Plale, B., Fang, L., and Gannon, D. 2006. End-to-end trustworthy data access in data-oriented scientific computing. In Proceedings of the 6th IEEE International Symposium on Cluster Computing and the Grid (CCGrid’06). 395--400.
[42]
Sandhu, R. S. 1993. Lattice-based access control models. IEEE Comput. 26, 11, 9--19.
[43]
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47.
[44]
Shamir, A. 1984. Identity-based cryptosystems and signature schemes. In Proceedings of the Annual International Cryptology Conference (CRYPTO’84). Lecture Notes in Computer Science, vol. 196. Springer, 47--53.
[45]
Tamassia, R., Yao, D., and Winsborough, W. H. 2004. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT’04). ACM Press, 146--155.
[46]
Winsborough, W. and Li, N. 2004. Safety in automated trust negotiation. In Proceedings of the IEEE Symposium on Security and Privacy (SP’04). IEEE Press, 147--160.
[47]
Yao, D. 2008. An ad hoc trust inference model for flexible and controlled information sharing. In Proceedings of the International Conference on Securiy and Management (SAM’08). 555--561.
[48]
Yao, D., Fazio, N., Dodis, Y., and Lysyanskaya, A. 2004. ID-based encryption for com plex hierarchies with applications to forward security and broadcast encryption. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’04). ACM Press, 354--363.
[49]
Yao, D. and Tamassia, R. 2006. Cascaded authorization with anonymous-signer aggregate signatures. In Proceedings of the IEEE Systems, Man and Cybernetics Information Assurance Workshop (IAW’06). 84--91.
[50]
Yao, D., Tamassia, R., and Proctor, S. 2005. On improving the performance of role-based cascaded delegation in ubiquitous computing. In Proceedings of the IEEE/CreateNet Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm’05). IEEE Press, 157--168.
[51]
Yu, T., Ma, X., and Winslett, M. 2000. PRUNES: An efficient and complete strategy for automated trust negotiation over the Internet. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’00). 210--219.

Cited By

View all
  • (2020)Proposal and Performance Evaluation of an Order-Specified Aggregate Authority-Transfer SignatureInformation Systems Security and Privacy10.1007/978-3-030-49443-8_6(121-136)Online publication date: 28-Jun-2020
  • (2017)Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear RevocationProceedings on Privacy Enhancing Technologies10.1515/popets-2017-00552017:4(384-403)Online publication date: 10-Oct-2017
  • (2017)Postulates for Revocation SchemesProceedings of the 6th International Conference on Principles of Security and Trust - Volume 1020410.1007/978-3-662-54455-6_11(232-252)Online publication date: 22-Apr-2017
  • Show More Cited By

Recommendations

Reviews

Edgar R. Weippl

Yao and Tamassia argue that role-based delegation raises privacy concerns because the identity of users may be sensitive information, especially in e-commerce, e-medicine, and peer-to-peer (P2P) file sharing. They propose an anonymous-signer aggregate signature scheme, to protect the identity of users and delegators. Role-based authorization is a method for access control whereas privileges are based on roles and each user holds at least one role. Role-based delegation enables a flexible management of access control because privileges, as well as the membership to a certain role, can be delegated to other users. According to the authors, "anonymous role-based [authorization] ... can be implemented with group signatures, in which a digital signature proves the membership of a signer," without privacy drawbacks. While group signatures are an effective measure for privacy protection, this method is too resource hungry for distributed environments with limited resources. Yao and Tamassia thus propose an aggregated signature scheme that aims to improve the resource related shortcomings of group signatures. The authors' novel aggregated signature scheme supports anonymous signing in role-based authorization and is based on bilinear maps within gap groups. The main advantage of aggregated signatures is a reduction of resource requirements for digital signatures, as an authorization chain of digital signatures can be merged into a single signature of constant size. The authors argue that a secure anonymous-signer aggregate signature scheme must satisfy eight properties: correctness, unforgeability, anonymity, unlinkability, traceability, exculpability, coalition-resistance, and aggregation. Their understanding of correctness is that produced signatures must be accepted by a verification operation and that a designated operation recovers a specific signer's identity. The unforgeability property dictates that "only valid role members can sign messages on behalf of the role." Furthermore, it must be computationally hard to identify the signer (anonymity) and to decide if "two different valid signatures were computed by the same role member" (unlinkability), except for the role manager. A special user, namely the role manager, must always be able to identify the signer of the valid signature, in order to fulfill the traceability property. Regarding the authors' scheme, exculpability is ensured when the role manager, together with other members, cannot sign on behalf of an uninvolved member. Yet another important security feature of their scheme is the coalition-resistance property that states: "a colluding subset of role members must furthermore not be able to produce a valid signature that cannot be opened by the role manager." Finally, the aggregation property must ensure that digital signatures can be aggregated by anyone into a single signature of constant length. The authors provide formal definitions of the eight security properties and illustrate how the proposed scheme fulfills them. A brief introduction to an anonymous role-based cascaded delegation protocol finally illustrates how Yao and Tamassia's scheme can be used in distributed systems. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security
ACM Transactions on Information and System Security  Volume 12, Issue 3
January 2009
209 pages
ISSN:1094-9224
EISSN:1557-7406
DOI:10.1145/1455526
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2009
Accepted: 01 August 2008
Revised: 01 September 2007
Received: 01 June 2006
Published in TISSEC Volume 12, Issue 3

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Delegation
  2. aggregate signature
  3. anonymity

Qualifiers

  • Research-article
  • Research
  • Refereed

Funding Sources

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)4
  • Downloads (Last 6 weeks)1
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2020)Proposal and Performance Evaluation of an Order-Specified Aggregate Authority-Transfer SignatureInformation Systems Security and Privacy10.1007/978-3-030-49443-8_6(121-136)Online publication date: 28-Jun-2020
  • (2017)Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear RevocationProceedings on Privacy Enhancing Technologies10.1515/popets-2017-00552017:4(384-403)Online publication date: 10-Oct-2017
  • (2017)Postulates for Revocation SchemesProceedings of the 6th International Conference on Principles of Security and Trust - Volume 1020410.1007/978-3-662-54455-6_11(232-252)Online publication date: 22-Apr-2017
  • (2016)Resilient Delegation Revocation with Precedence for Predecessors Is NP-Complete2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.37(432-442)Online publication date: Jun-2016
  • (2013)Privacy protection for RBAC in service oriented architecture2013 26th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE.2013.6567854(1-6)Online publication date: May-2013
  • (2013)Safeguarding ad hoc networks with a self-organized membership control systemComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2013.06.00457:13(2656-2674)Online publication date: 1-Sep-2013
  • (2012)Attribute-based strong designated-verifier signature schemeJournal of Systems and Software10.1016/j.jss.2011.11.100885:4(944-959)Online publication date: 1-Apr-2012
  • (2010)A self-organized mechanism for thwarting malicious access in ad hoc networksProceedings of the 29th conference on Information communications10.5555/1833515.1833569(266-270)Online publication date: 14-Mar-2010
  • (2010)Independently verifiable decentralized role-based delegationIEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans10.1109/TSMCA.2010.204511840:6(1206-1219)Online publication date: 1-Nov-2010
  • (2010)A Self-Organized Mechanism for Thwarting Malicious Access in Ad Hoc Networks2010 Proceedings IEEE INFOCOM10.1109/INFCOM.2010.5462232(1-5)Online publication date: Mar-2010

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media