Browse > Article
http://dx.doi.org/10.13089/JKIISC.2010.20.6.195

A Study on the Applicability of Anonymous Authentication Schemes for Fine-Grained Privacy Protection  

Ki, Ju-Hee (KEIT)
Hwang, Jung-Yeon (ETRI)
Shim, Mi-Na (Korea University)
Jeong, Dae-Kyeong (NIPA)
Lim, Jong-In (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.20, no.6, 2010 , pp. 195-208 More about this Journal
Abstract
As information communication technologies have highly advanced, a large amount of user sensitive information can be easily collected and unexpectedly distributed. For user-friendly services, a service provider requires and processes more user information. However known privacy protection models take on a passive attitude toward user information protection and often involve serious weaknesses. In reality, information exposure by unauthorised access and mistakenly disclosure occurs frequently. In this paper, we study on the applicability of anonymous authentication services for fine-grained user privacy protection. We analyze authentication schemes and classify them according to the level of privacy newly defined in this paper. In addition, we identify security requirements that a privacy protection scheme based on anonymous authentication can achieve within legal boundary.
Keywords
Privacy; Anonymous Authentication; Linkability; Policy; Access Control;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 송유진, 남택용, 장종수, 손승원, "개인정보보호를 위한 기술적 요구사항," 정보통신산업진흥원, 학술정보 주간기술동향 1224호
2 정상조, "광고기술의 발전과 개인정보의 보호," 한국법학원, 저스티스, 통권 제106호, pp.601-623, 2008년9월
3 양재모, "전자상거래 개인정보보호에 대한 민사적접근," 사이버커뮤니케이션학회, 사이버커뮤니케이션 학보, 27(2), pp.91-119, 2010년6월
4 윤상오, "전자정부 구현을 위한 개인정보보호 정책에 관한 연구," 한국지역정보화학회, 한국지역정보화학회지, pp.1-29, 2009년6월
5 V. Goyal, O. Pandey, A. Sahai, and B. Waters. "Attribute Based Encryption for Fine-Grained Access Conrol of Encrypted Data," In the 13th ACM conference on Computer and Communications Security (ACM CCS06), pp. 89-98, ACM, 2006.
6 방송통신위원회, 행정안전부, 지식경제부, "2010 국가정보보호백서," pp. 65-66, 2010년4월
7 김정덕, "개인정보보호를 위한 관리체계와 거버넌스," 정보보호학회지, pp. 1-5, 2008년12월   과학기술학회마을
8 이형호, "개인정보보호를 위한 준민등록번호 대체수준 및 관리체계," 한국정보기술학회, 한국정보기술학회논문지, 8(6), pp. 49-58, 2010년6월
9 J. Bethencourt, A. Sahai, and B, Waters, Ciphertext-Policy Attribute-Based Encryption, Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 321-334, IEEE, 2007.
10 Harris Interactive, "Consumer Privacy At titudes and Behaviors," http://www.bbbon line.org/UnderstandingPrivacy/library/ harrissummary.pdf
11 A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, "Handbook of Applied Cryptography," CRC Press, Oct, 1996.
12 H. Lin, R. Pass, W. D. Tseng and M. Venkitasubramaniam, "Concurrent Non-Malleable Zero Knowledge Proofs," Crypto 2010, LNCS 6223, pp. 429-446, Springer, 2010.
13 J. Camensich and E. V. Herreweghen, "Design and implementation of the idemix anonymous credential system," In Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21-30, Nov. 2002.
14 S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complexity of interactive proof systems," SIAM Journal on Computing (Philadelphia: Society for Industrial and Applied Mathematics) 18(1) pp. 186–208, 1989.
15 E. Brickell, J. Camensich, and L. Chen, "Direct Anonymous Attestation," Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132-145, Nov. 2004.
16 J. Walker and J. Li, "Key Exchange with Anonymous Authentication using DAASIGMA Protocol," INTRUST 2010.
17 R. L. Rivest, A. Shamir and Y. Tauman, "How to Leak a Secret," In Advances in Cryptology, Asiacrypt'01, LNCS 2248, pp.552-565, Springer-Verlag, 2001.
18 D. Chaum. "Security without identification: Transaction systems to make big brother obsolete," Communications of the ACM, 28(10), pp. 1030–1044, 1985.   DOI   ScienceOn
19 J. Camenisch, N. Casati, T. Gross, V. Shoup, "Credential Authenticated Identification and Key Exchange," Crypto 2010, LNCS 6223, pp. 255-276, Springer, 2010.
20 Trusted Computing Group: TCG TPM Specification Version 1.2. Available from www.trustedcomputinggroup.org.
21 P. M., Netegrity, Differences between OA SIS Security Assertion Markup Languag e (SAML) V1.1 and V1.0. OASIS Draft, Document ID sstc-saml-diff-1.1-draft-0 1, http://www.oasis-open.org/committe es/download.php/3412/sstc-saml-diff- 1.1-draft-01.pdf
22 강전일, 양대헌, 이석준, 이경희, "실생활 응용을 위한 짧은 그룹 서명 기법(BBS04)에 대한 연구," 정보보호학회논문지 19(5), pp.3-15, 2009.   과학기술학회마을
23 황정연, 이석준, 정병호, 양대헌, "효율적인 지역연 결성을 제공하는 짧은 그룹 서명 기법," 대한전자공학회 하계학술대회 발표집, 2010
24 J. Camenisch, T. S. Heydt-Benjamin, "Preliminary Thoughts on Privacy Supporting Binding of Biometrics to Credentials," Hot Topics in Privacy Enhancing Technology (HotPETs 2010), 2010.
25 IETF RFC5636, "Traceable Anonymous Certificate".
26 ISO/IEC JTC1 SC27 N8527. "National Bodies contributions received to ISO/IEC NP 20008-2 - Information technology - Security techniques - Anonymous digital signatures – Part 2 (in response to SC 27 N8212)," April, 2010.
27 J. Camenisch, T. Gross, T. S. Heydt- Benjamin, "Rethinking Accountable Privacy Supporting Services," ACM Digital Identity Management Workshop (DIM), 2008.
28 D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, W. H. Maisel, "Security and Privacy for Implantable Medical Devices," IEEE Pervasive Computing, Vol. 7 (1), 2008.
29 P Bichsel, J Camenisch, T Gross, V Shoup, "Anonymous Credentials on a Standard Java Card," ACM CCS'09, pp. 600-610, ACM Press, 2009.
30 M. Lee, N. Smart, B. Warinschi, "The Fiat –Shamir Transform for Group and Ring Signature Schemes," SCN2010, LNCS 6280, pp. 363-380, Springer, 2010.
31 A. Sahai and B.Waters, "Fuzzy Identity Based Encryption," In Advances in Cryptology – Eurocrypt, volume 3494 of LNCS, pp. 457–473. Springer, 2005.
32 S. Canard and I. Coisel and G. de Meulenaer, "Group Signatures are Suitable for Constrained Devices," ICISC2010, Springer, 2010.
33 I-PIN, http://www.g-pin.go.kr
34 Chaum and E. van Heyst, "Group signatures," In Advances in Cryptology, Eurocrypt'91, LNCS 547, pp. 257-265, 1991.
35 D. Boneh, X. Boyen and H. Shacham, "Short group signatures," In Advances in Cryptology, CRYPTO'04, LNCS 3152, pp. 41-52, 2004.