3,974 research outputs found
Selective disclosure credential sets
We describe a credential system similar to the electronic cash system
described by Chaum, Fiat and Naor. Our system uses bit commitments to
create selective disclosure credentials which limit what portions of a
credential the holder must reveal. We show how credentials from
separate issuers can be linked to the same person in order to prevent
users from pooling credentials to obtain services no one user could
obtain alone. We also describe how to use a blinding technique
described by Laurie which may not violate the patents on blind
signatures
I2PA : An Efficient ABC for IoT
Internet of Things (IoT) is very attractive because of its promises. However,
it brings many challenges, mainly issues about privacy preserving and
lightweight cryptography. Many schemes have been designed so far but none of
them simultaneously takes into account these aspects. In this paper, we propose
an efficient ABC scheme for IoT devices. We use ECC without pairing, blind
signing and zero knowledge proof. Our scheme supports block signing, selective
disclosure and randomization. It provides data minimization and transactions'
unlinkability. Our construction is efficient since smaller key size can be used
and computing time can be reduced. As a result, it is a suitable solution for
IoT devices characterized by three major constraints namely low energy power,
small storage capacity and low computing power
Privacy-Preserving Trust Management Mechanisms from Private Matching Schemes
Cryptographic primitives are essential for constructing privacy-preserving
communication mechanisms. There are situations in which two parties that do not
know each other need to exchange sensitive information on the Internet. Trust
management mechanisms make use of digital credentials and certificates in order
to establish trust among these strangers. We address the problem of choosing
which credentials are exchanged. During this process, each party should learn
no information about the preferences of the other party other than strictly
required for trust establishment. We present a method to reach an agreement on
the credentials to be exchanged that preserves the privacy of the parties. Our
method is based on secure two-party computation protocols for set intersection.
Namely, it is constructed from private matching schemes.Comment: The material in this paper will be presented in part at the 8th DPM
International Workshop on Data Privacy Management (DPM 2013
Know your customer:balancing innovation and regulation for financial inclusion
Financial inclusion depends on providing adjusted services for citizens with
disclosed vulnerabilities. At the same time, the financial industry needs to
adhere to a strict regulatory framework, which is often in conflict with the
desire for inclusive, adaptive, and privacy-preserving services. In this
article we study how this tension impacts the deployment of privacy-sensitive
technologies aimed at financial inclusion. We conduct a qualitative study with
banking experts to understand their perspectives on service development for
financial inclusion. We build and demonstrate a prototype solution based on
open source decentralized identifiers and verifiable credentials software and
report on feedback from the banking experts on this system. The technology is
promising thanks to its selective disclosure of vulnerabilities to the full
control of the individual. This supports GDPR requirements, but at the same
time, there is a clear tension between introducing these technologies and
fulfilling other regulatory requirements, particularly with respect to 'Know
Your Customer.' We consider the policy implications stemming from these
tensions and provide guidelines for the further design of related technologies.Comment: Published in the Journal Data & Polic
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
Contributions to the privacy provisioning for federated identity management platforms
Identity information, personal data and user’s profiles are key assets for organizations
and companies by becoming the use of identity management (IdM) infrastructures a prerequisite
for most companies, since IdM systems allow them to perform their business
transactions by sharing information and customizing services for several purposes in more
efficient and effective ways.
Due to the importance of the identity management paradigm, a lot of work has been done
so far resulting in a set of standards and specifications. According to them, under the
umbrella of the IdM paradigm a person’s digital identity can be shared, linked and reused
across different domains by allowing users simple session management, etc. In this way,
users’ information is widely collected and distributed to offer new added value services
and to enhance availability. Whereas these new services have a positive impact on users’
life, they also bring privacy problems.
To manage users’ personal data, while protecting their privacy, IdM systems are the ideal
target where to deploy privacy solutions, since they handle users’ attribute exchange.
Nevertheless, current IdM models and specifications do not sufficiently address comprehensive
privacy mechanisms or guidelines, which enable users to better control over the
use, divulging and revocation of their online identities. These are essential aspects, specially
in sensitive environments where incorrect and unsecured management of user’s data
may lead to attacks, privacy breaches, identity misuse or frauds.
Nowadays there are several approaches to IdM that have benefits and shortcomings, from
the privacy perspective.
In this thesis, the main goal is contributing to the privacy provisioning for federated
identity management platforms. And for this purpose, we propose a generic architecture
that extends current federation IdM systems. We have mainly focused our contributions
on health care environments, given their particularly sensitive nature. The two main
pillars of the proposed architecture, are the introduction of a selective privacy-enhanced
user profile management model and flexibility in revocation consent by incorporating an
event-based hybrid IdM approach, which enables to replace time constraints and explicit
revocation by activating and deactivating authorization rights according to events. The
combination of both models enables to deal with both online and offline scenarios, as well
as to empower the user role, by letting her to bring together identity information from
different sources.
Regarding user’s consent revocation, we propose an implicit revocation consent mechanism
based on events, that empowers a new concept, the sleepyhead credentials, which
is issued only once and would be used any time. Moreover, we integrate this concept
in IdM systems supporting a delegation protocol and we contribute with the definition
of mathematical model to determine event arrivals to the IdM system and how they are
managed to the corresponding entities, as well as its integration with the most widely
deployed specification, i.e., Security Assertion Markup Language (SAML).
In regard to user profile management, we define a privacy-awareness user profile management
model to provide efficient selective information disclosure. With this contribution a
service provider would be able to accesses the specific personal information without being
able to inspect any other details and keeping user control of her data by controlling
who can access. The structure that we consider for the user profile storage is based on
extensions of Merkle trees allowing for hash combining that would minimize the need of
individual verification of elements along a path. An algorithm for sorting the tree as we
envision frequently accessed attributes to be closer to the root (minimizing the access’
time) is also provided.
Formal validation of the above mentioned ideas has been carried out through simulations
and the development of prototypes. Besides, dissemination activities were performed in
projects, journals and conferences.Programa Oficial de Doctorado en IngenierÃa TelemáticaPresidente: MarÃa Celeste Campo Vázquez.- Secretario: MarÃa Francisca Hinarejos Campos.- Vocal: Óscar Esparza MartÃ
Teaching self-sovereign identity
For service providers, secure and reliable identification of users is essential to provide its services. From a user perspective, traditional identifiers are currently solved by centralized entities who have the capacity to control not only the creation of the identifier, but also the withdrawal. Moreover, in most cases more personal information is being provided than needs to be demonstrated. A blockchain-based Self-Sovereign Identity (SSI) provides a secure and reliable identification method for service providers, gives the user self-control of the identifier, and enables a way to provide just the essential information that is needed to get the service. This paper aims to make two practical documents; the first one being an introductory practice to get started with this topic and the second one that consists of developing a simple SSI login system for web services offered to university students.Para los proveedores de servicios, la identificación segura y confiable de los usuarios es fundamental para prestar sus servicios. Desde la perspectiva del usuario, los identificadores tradicionales actualmente son proporcionados por entidades centralizadas que tienen la capacidad de controlar, no solo la creación del identificador, sino también la retirada. Además, en la mayorÃa de los casos se proporciona más información personal de la que se necesita demostrar. Una Auto-Identidad Soberana basada en blockchain proporciona un método de identificación seguro y fiable para los proveedores de servicios, le da al usuario el autocontrol del identificador y permite una forma de proporcionar sólo la información esencial que se necesita para obtener el servicio. Este trabajo tiene como objetivo realizar dos documentos prácticos, siendo el primero una práctica introductoria para iniciarse en este tema y el segundo que consiste en desarrollar un sistema de inicio de sesión de Auto-Identidad Soberana simple para servicios web ofrecidos a estudiantes universitarios.Per als proveïdors de serveis, la identificació segura i fiable dels usuaris és fonamental per prestar els seus serveis. Des de la perspectiva de l'usuari, els identificadors tradicionals són proporcionats actualment per entitats centralitzades que tenen la capacitat de controlar, no només la creació de l'identificador, sinó també la retirada. A més, en la majoria dels casos es proporciona més informació personal de la que cal demostrar. Una identitat autosobirana basada en blockchain proporciona un mètode d'identificació segur i fiable per als proveïdors de serveis, dóna a l'usuari l'autocontrol de l'identificador i permet una manera de proporcionar només la informació essencial que es necessita per obtenir el servei. Aquest treball té com a objectiu fer dos documents prà ctics, sent el primer una prà ctica introductòria per iniciar-se en aquest tema i el segon que consisteix a desenvolupar un sistema d'inici de sessió d'identitat autosobirana simple per a serveis web oferts a estudiants universitaris
- …