article

A secure and private system for subscription-based remote services

Authors:

Pino Persiano and

Ivan ViscontiAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 6, Issue 4

Pages 472 - 500

https://doi.org/10.1145/950191.950193

Published: 01 November 2003 Publication History

Abstract

In this paper we study privacy issues regarding the use of the SSL/TLS protocol and X.509 certificates. Our main attention is placed on subscription-based remote services (e.g., subscription to newspapers and databases) where the service manager charges a flat fee for a period of time independent of the actual number of times the service is requested.We start by pointing out that restricting the access to such services by using X.509 certificates and the SSL/TLS protocol, while preserving the interests of the service managers, neglects the right to privacy of the users.We then propose the concept of a crypto certificate and the Secure and Private Socket Layer protocol (SPSL protocol, in short) and show how they can be used to preserve user privacy and, at the same time, protecting the interests of the service managers. The SPSL protocol only requires the user to have a standard X.509 certificate (with an RSA key) and does not require the user to get any special ad hoc certificate.Finally, we show the viability of the proposed solution by describing a system based on SPSL for secure and private access to subscription-based web services. Our implementation includes an SPSL proxy for a TLS-enabled web client and a module for the Apache web server along with administrative tools for the server side. The system has been developed starting from the implementation of an API for the SPSL protocol that we describe in the paper.

References

[1]

Apache 2002. The Apache web server project. http://www.apache.org.]]

[2]

Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. 2000. A practical and provably secure coalition-resistant group signature scheme. In Proceedings of Advances in Cryptology---CRYPTO 2000, M. Bellare, Ed. Lecture Notes in Computer Science, vol. 1880. Springer Verlag, Berlin, 255--270.]]

[3]

Ateniese, G. and Tsudik, G. 1999. Some open issues and new directions in group signatures. In Financial Cryptography. Lecture Notes in Computer Science, vol. 1648. Springer Verlag, Berlin, 196--211.]]

[4]

Brands, S. 2000. Rethinking Public Key Infrastructures and Digital Certificates---Building in Privacy. MIT Press, Cambridge, MA.]]

[5]

Camenisch, J. L. 1997. Efficient and generalized group signatures. In Proceedings of Advances in Cryptology---Eurocrypt '97. Lecture Notes in Computer Science, vol. 1233. Springer Verlag, Berlin, 465--479.]]

[6]

Chaum, D. 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the Association for Computing Machinery 24, 2 (Feb.), 84--88.]]

[7]

Chaum, D. 1983. Blind signatures for untraceable payments. In Advances in Cryptology: Proceedings of Crypto'82. D. Chaum, R. L. Rivest, and A. T. Sherman, Eds. Plenum Press, New York, 199--203.]]

[8]

Chaum, D. 1985. Security without identification: transaction systems to make big brother obsolete. Communications of the Association for Computing Machinery 28, 10, 1030--1044.]]

[9]

Chaum, D. and van Heyst, E. 1991. Group signatures. In Proceedings of Advances in Cryptology (EUROCRYPT '91), D. W. Davies, Ed. LNCS, vol. 547. Springer, Berlin, 257--265.]]

[10]

De Santis, A., Di Crescenzo, G., and Persiano, G. 1998. Communication-efficient anonymous group identification. In Proceedings of the 5th ACM Conference on Computer and Communications Security. ACM Press, San Francisco, CA, 73--82.]]

[11]

De Santis, A., Di Crescenzo, G., Persiano, G., and Yung, M. 1994. On monotone formula closure of SZK. In Proceedings of 35th Annual Symposium on Foundations of Computer Science (Santa Fe, NM, Nov. 20--22, 1994), S. Goldwasser, Ed. IEEE Computer Society Press, Los Alamitos, CA, 454--465.]]

[12]

Dierks, T. and Allen, C. 1999. RFC 2246: The TLS protocol version 1.]]

[13]

Dubuisson, O. 2000. ASN.1---Communication Between Heterogeneous Systems. Morgan Kaufmann Publisher, San Mateo, CA.]]

[14]

Eastlake, D. and Jones, P. 2001. US secure hash algorithm 1. RFC 3174.]]

[15]

Feige, U., Fiat, A., and Shamir, A. 1988. Zero-knowledge proofs of identity. Journal of Cryptology 1, 2, 77--94.]]

[16]

Feige, U. and Shamir, A. 1990. Witness indistinguishable and witness hiding protocols. In Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing. B. Awerbuch, Ed. ACM Press, Baltimore, MD, 416--426.]]

[17]

Freier, A. O., Karlton, P., and Kocher, P. C. 1996. The SSL protocol---version 3.0.]]

[18]

Goldwasser, S., Micali, S., and Rackoff, C. 1989. The knowledge complexity of interactive systems. SIAM Journal of Computing 18, 1, 186--208.]]

[19]

Gülcü, C. and Tsudik, G. 1996. Mixing e-mail with BABEL. In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS '96). Internet Society, IEEE Computer Society Press, San Diego, CA.]]

[20]

Housley, R., Polk, W., Ford, W., and Solo, D. 2002. Internet X509 public key infrastructure: Certificate and certificate revocation List (CRL) profile. Network Working Group, RFC 3280.]]

[21]

ModSSL. The ModSSL home page. http://www.modssl.org.]]

[22]

Moz2I 2000. The Moz2I home page. http://www.security.unisa.it/spsl/moz2i.html.]]

[23]

OpenSSL. The OpenSSL home page. http://www.openssl.org.]]

[24]

Persiano, P. and Visconti, I. 2000. User privacy issues regarding certificates and the TLS protocol: The design and implementation of the SPSL protocol. In Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-00), S. Jajodia and P. Samarati, Eds. ACM Press, New York, 53--62.]]

[25]

Reed, M. G., Syverson, P. F., and Goldschlag, D. M. 1998. Anonymous connections and onion routing. IEEE Journal on Special Areas in Communications 16, 4 (May), 482--494.]]

[26]

Reiter, M. K. and Rubin, A. D. 1998. CROWDS: Anonymity for web transactions. ACM Transaction on Information and System Security 1, 1, 66--92.]]

[27]

Rivest, L., Shamir, A., and Tauman, Y. 2001. How to leak a secret. In ASIACRYPT: Advances in Cryptology---ASIACRYPT: International Conference on the Theory and Application of Cryptology, C. Boyd, Ed. Lecture Notes in Computer Science, vol. 2248. Springer Verlag, Berlin, 552--565.]]

[28]

Rivest, R. L. 1992. RFC 1321: The MD5 message-digest Algorithm.]]

[29]

Schechter, S., Parnell, T., and Hartemink, A. 1999. Anonymous authentication of membership in dynamic groups. In Proceedings of the 3rd International Conference on Financial Cryptography 99, M. Franklin, Ed. Lecture Notes in Computer Science, vol. 1648. Springer Verlag, Berlin, 184--195.]]

[30]

SPSL. The SPSL home page. http://www.security.unisa.it/spsl.]]

[31]

Stubblebine, S. G., Syverson, P. F., and Goldschlag, D. M. 1999. Unlinkable serial transactions: protocols and applications. ACM Transactions on Information and System Security 2, 4, 354--389.]]

[32]

W3C. 1999. Resource description framework (RDF) model and syntax speficitation. REC-rdf-syntax-19990222.]]

Cited By

Yi XPaulet RBertino ERao F(2020)Practical Anonymous Subscription with Revocation Based on Broadcast Encryption2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00028(241-252)Online publication date: Apr-2020
https://doi.org/10.1109/ICDE48307.2020.00028
Liu Xin (2011)Practical anonymous subscription system with privacy preserving data mining2011 IEEE 2nd International Conference on Software Engineering and Service Science10.1109/ICSESS.2011.5982273(138-141)Online publication date: Jul-2011
https://doi.org/10.1109/ICSESS.2011.5982273
Canard SJambert A(2010)Untraceability and profiling are not mutually exclusiveProceedings of the 7th international conference on Trust, privacy and security in digital business10.5555/1894888.1894903(117-128)Online publication date: 30-Aug-2010
https://dl.acm.org/doi/10.5555/1894888.1894903
Show More Cited By

Index Terms

A secure and private system for subscription-based remote services

Recommendations

Anonymous System for Fully Distributed and Robust Secure Multi-Party Computation
CODASPY '23: Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy

In secure multi-party computation (SMPC), it is considered that multiple parties that are known to each other evaluate a function over their private inputs in a secure fashion. The participating parties do not learn anything about each other's private ...
Read More
Anonymity preserving framework for location-based information services
MEDES '10: Proceedings of the International Conference on Management of Emergent Digital EcoSystems

Recently, location based services (LBS) have become more important in today technology advancements. Privacy issue in LBS is one of the most important concerns. In this paper, we have proposed an anonymity preserving framework which can provide a user ...
Read More
Revocation of privacy-enhanced public-key certificates
Special issue: Software engineering education and training

This paper presents a novel protocol for the revocation of privacy-enhanced/anonymous public-key certificates in relation to a protocol for anonymous public-key certificate issuing published previously. Not only can this certificate revocation protocol ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 6, Issue 4

November 2003

146 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/950191

Issue’s Table of Contents

Copyright © 2003 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 November 2003

Published in TISSEC Volume 6, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
1,933
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)1

Other Metrics

View Author Metrics

Citations

Cited By

Yi XPaulet RBertino ERao F(2020)Practical Anonymous Subscription with Revocation Based on Broadcast Encryption2020 IEEE 36th International Conference on Data Engineering (ICDE)10.1109/ICDE48307.2020.00028(241-252)Online publication date: Apr-2020
https://doi.org/10.1109/ICDE48307.2020.00028
Liu Xin (2011)Practical anonymous subscription system with privacy preserving data mining2011 IEEE 2nd International Conference on Software Engineering and Service Science10.1109/ICSESS.2011.5982273(138-141)Online publication date: Jul-2011
https://doi.org/10.1109/ICSESS.2011.5982273
Canard SJambert A(2010)Untraceability and profiling are not mutually exclusiveProceedings of the 7th international conference on Trust, privacy and security in digital business10.5555/1894888.1894903(117-128)Online publication date: 30-Aug-2010
https://dl.acm.org/doi/10.5555/1894888.1894903
Canard SJambert A(2010)Untraceability and Profiling Are Not Mutually ExclusiveTrust, Privacy and Security in Digital Business10.1007/978-3-642-15152-1_11(117-128)Online publication date: 2010
https://doi.org/10.1007/978-3-642-15152-1_11
Slamanig DStingl C(2009)Investigating Anonymity in Group Based Anonymous AuthenticationThe Future of Identity in the Information Society10.1007/978-3-642-03315-5_20(268-281)Online publication date: 2009
https://doi.org/10.1007/978-3-642-03315-5_20
Stingl CSlamanig D(2008)Privacy-enhancing methods for e-health applications: how to prevent statistical analyses and attacksInternational Journal of Business Intelligence and Data Mining10.1504/IJBIDM.2008.0221353:3(236-254)Online publication date: 1-Dec-2008
https://dl.acm.org/doi/10.1504/IJBIDM.2008.022135
Blanton MAbe MGligor V(2008)Online subscriptions with anonymous accessProceedings of the 2008 ACM symposium on Information, computer and communications security10.1145/1368310.1368342(217-227)Online publication date: 18-Mar-2008
https://dl.acm.org/doi/10.1145/1368310.1368342
Slamanig DStingl C(2008)Privacy Aspects of eHealthProceedings of the 2008 Third International Conference on Availability, Reliability and Security10.1109/ARES.2008.115(1226-1233)Online publication date: 4-Mar-2008
https://dl.acm.org/doi/10.1109/ARES.2008.115
Benjumea VChoi SLopez JYung M(2007)Anonymity 2.0 - X.509 extensions supporting privacy-friendly authenticationProceedings of the 6th international conference on Cryptology and network security10.5555/1778554.1778579(265-281)Online publication date: 8-Dec-2007
https://dl.acm.org/doi/10.5555/1778554.1778579
Benjumea VChoi SLopez JYung M(2007)Anonymity 2.0 – X.509 Extensions Supporting Privacy-Friendly AuthenticationCryptology and Network Security10.1007/978-3-540-76969-9_17(265-281)Online publication date: 2007
https://doi.org/10.1007/978-3-540-76969-9_17
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents