Article

Concealing complex policies with hidden credentials

Authors:

Robert W. Bradshaw,

Jason E. Holt,

Kent E. SeamonsAuthors Info & Claims

CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

Pages 146 - 157

https://doi.org/10.1145/1030083.1030104

Published: 25 October 2004 Publication History

Get Access

Abstract

Hidden credentials are useful in protecting sensitive resource requests, resources, policies, and credentials. We propose a significant performance improvement when implementing hidden credentials using Boneh/Franklin Identity Based Encryption. We also propose a substantially improved secret splitting scheme for enforcing complex policies, and show how it improves concealment of policies from nonsatisfying recipients.

References

[1]

D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H. Wong. Secret handshakes from pairing-based key agreements. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, pages 180--196, Oakland, CA, May 2003.]]

Digital Library

Google Scholar

[2]

M. Bellare and C. Namprempre. Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In Asiacrypt, volume 1976 of Lecture Notes in Computer Science. Springer-Verlag, 2000. Extended abstract.]]

Digital Library

Google Scholar

[3]

J. C. Benaloh and J. Leichter. Generalized secret sharing and monotone functions. In S. Goldwasser, editor, Advances in Cryptology - CRYPTO '88, volume 403 of Lecture Notes in Computer Science, pages 27--35. Springer, 1990.]]

Digital Library

Google Scholar

[4]

E. Bertino, E. Ferrari, and A. Squicciarini. χ-TNL: An XML-based language for trust negotiation. In Fourth IEEE International Workshop on Policies for Distributed Systems and Networks, pages 81--84, Como, Italy, June 2003. IEEE Computer Society Press.]]

Digital Library

Google Scholar

[5]

P. Bonatti and P. Samarati. Regulating service access and information release on the web. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7), pages 134--143. ACM Press, Nov. 2000.]]

Digital Library

Google Scholar

[6]

D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. In Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages 213--229. Springer, 2001.]]

Digital Library

Google Scholar

[7]

E. Fujisaki and T. Okamoto. Secure integration of asymmetric and symmetric encryption schemes. Lecture Notes in Computer Science, 1666:537--554, 1999.]]

Digital Library

Google Scholar

[8]

J. Holt, R. Bradshaw, K. E. Seamons, and H. Orman. Hidden credentials. In 2nd ACM Workshop on Privacy in the Electronic Society, pages 1--8, Washington, DC, Oct. 2003. ACM Press.]]

Digital Library

Google Scholar

[9]

N. Li, W. Du, and D. Boneh. Oblivious signature-based envelope. In Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003), pages 182--189, Boston, Massachusetts, July 2003. ACM Press.]]

Digital Library

Google Scholar

[10]

K. E. Seamons, M. Winslett, and T. Yu. Limiting the disclosure of access control policies during automated trust negotiation. In Network and Distributed System Security Symposium, pages 109--124, San Diego, CA, Feb. 2001.]]

Google Scholar

[11]

W. H. Winsborough, K. E. Seamons, and V. E. Jones. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, volume I, pages 88--102, Hilton Head, SC, Jan. 2000. IEEE Press.]]

Google Scholar

[12]

M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating trust on the web. IEEE Internet Computing, 6(6):30--37, November/December 2002.]]

Digital Library

Google Scholar

[13]

T. Yu and M. Winslett. A Unified Scheme for Resource Protection in Automated Trust Negotiation. In IEEE Symposium on Security and Privacy, Oakland, CA, May 2003.]]

Digital Library

Google Scholar

Cited By

View all

Balabhadra AAlla RMallipudi RBikkina NVurukonda NKunda V(2023)A Study On Ciphertext Policy Attribute Based Encryption2023 9th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS57279.2023.10113095(2398-2402)Online publication date: 17-Mar-2023
https://doi.org/10.1109/ICACCS57279.2023.10113095
Oberko PObeng VXiong H(2021)A survey on multi-authority and decentralized attribute-based encryptionJournal of Ambient Intelligence and Humanized Computing10.1007/s12652-021-02915-5Online publication date: 15-Mar-2021
https://doi.org/10.1007/s12652-021-02915-5
Pradhan AR PSethi KBera P(2020)Smart Grid Data Security using Practical CP-ABE with Obfuscated Policy and Outsourcing Decryption2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)10.1109/CyberSA49311.2020.9139628(1-8)Online publication date: Jun-2020
https://doi.org/10.1109/CyberSA49311.2020.9139628
Show More Cited By

Index Terms

Concealing complex policies with hidden credentials
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Hidden Credentials
WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society

Hidden Credentials are useful in situations where requests for service, credentials, access policies and resources are extremely sensitive. We show how transactions which depend on fulfillment of policies described by monotonic boolean formulae can take ...
Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two ...
Unlinkable attribute-based credentials with practical revocation on smart-cards
CARDIS'12: Proceedings of the 11th international conference on Smart Card Research and Advanced Applications

Attribute-based credentials are cryptographic schemes designed to enhance user privacy. These schemes can be used for constructing anonymous proofs of the ownership of personal attributes. The attributes can represent any information about a user, e.g., ...

Comments

Information & Contributors

Information

Published In

CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

October 2004

376 pages

ISBN:1581139616

DOI:10.1145/1030083

General Chair:
Vijay Atluri
Rutgers University
,
Program Chairs:
Birgit Pfitzmann
IBM Research, Switzerland
,
Patrick McDaniel
AT&T Labs

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 October 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS04

Sponsor:

CCS04: 11th ACM Conference on Computer and Communications Security 2004

October 25 - 29, 2004

Washington DC, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

95
Total Citations
View Citations
867
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Balabhadra AAlla RMallipudi RBikkina NVurukonda NKunda V(2023)A Study On Ciphertext Policy Attribute Based Encryption2023 9th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS57279.2023.10113095(2398-2402)Online publication date: 17-Mar-2023
https://doi.org/10.1109/ICACCS57279.2023.10113095
Oberko PObeng VXiong H(2021)A survey on multi-authority and decentralized attribute-based encryptionJournal of Ambient Intelligence and Humanized Computing10.1007/s12652-021-02915-5Online publication date: 15-Mar-2021
https://doi.org/10.1007/s12652-021-02915-5
Pradhan AR PSethi KBera P(2020)Smart Grid Data Security using Practical CP-ABE with Obfuscated Policy and Outsourcing Decryption2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)10.1109/CyberSA49311.2020.9139628(1-8)Online publication date: Jun-2020
https://doi.org/10.1109/CyberSA49311.2020.9139628
Islam TLim KManivannan D(2020)Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC)10.1109/CCNC46108.2020.9045108(1-6)Online publication date: Jan-2020
https://doi.org/10.1109/CCNC46108.2020.9045108
Deuber DMaffei MMalavolta GRabkin MSchröder DSimkin M(2018)Functional CredentialsProceedings on Privacy Enhancing Technologies10.1515/popets-2018-00132018:2(64-84)Online publication date: 20-Feb-2018
https://doi.org/10.1515/popets-2018-0013
Xia DZhang Y(2017)The fuzzy control of trust establishment2017 4th International Conference on Systems and Informatics (ICSAI)10.1109/ICSAI.2017.8248370(655-659)Online publication date: Nov-2017
https://doi.org/10.1109/ICSAI.2017.8248370
Tomaiuolo M(2016)Trust Management and Delegation for the Administration of Web ServicesLeadership and Personnel Management10.4018/978-1-4666-9624-2.ch026(570-589)Online publication date: 2016
https://doi.org/10.4018/978-1-4666-9624-2.ch026
Riad K(2016)Revocation basis and proofs access control for cloud storage multi-authority systems2016 Third International Conference on Artificial Intelligence and Pattern Recognition (AIPR)10.1109/ICAIPR.2016.7585223(1-10)Online publication date: Sep-2016
https://doi.org/10.1109/ICAIPR.2016.7585223
Riad K(2016)Multi-authority trust access control for cloud storage2016 4th International Conference on Cloud Computing and Intelligence Systems (CCIS)10.1109/CCIS.2016.7790297(429-433)Online publication date: Aug-2016
https://doi.org/10.1109/CCIS.2016.7790297
Wu DTaly AShankar ABoneh D(2016)Privacy, Discovery, and Authentication for the Internet of ThingsComputer Security – ESORICS 201610.1007/978-3-319-45741-3_16(301-319)Online publication date: 15-Sep-2016
https://doi.org/10.1007/978-3-319-45741-3_16
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Hidden Credentials

Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials

Unlinkable attribute-based credentials with practical revocation on smart-cards

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Hidden Credentials

Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials

Unlinkable attribute-based credentials with practical revocation on smart-cards

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations