ANONYMOUS SERVICES - Enhancing End-user Privacy Exploiting Anonymous Networks

Giovanni Cabiddu, Emanuele Cesena, Davide Vernizzi

Abstract

The large number of online services poses serious problems to users’ privacy. The sole confidentiality of data exchanged is not enough for complete privacy because an external observer may learn sensitive information simply by observing the communication channel, even if it is not possible to access the actual data transmitted. In this position paper, we propose a solution where user privacy is guaranteed by providing anonymous access to the services. Our solution is based on a service gateway, an anonymous credential system, an authentication protocol and an anonymous network. We designed the solution to be cost-effective and scalable; moreover, we employ existing standard protocols whenever possible to facilitate development and deployment.

References

  1. Balfe, S., Lakhani, A. D., and Paterson, K. G. (2005). Securing peer-to-peer networks using Trusted Computing. In Trusted Computing, pages 271-298. IEEE Press.
  2. Brickell, E., Camenisch, J., and Chen, L. (2004). Direct Anonymous Attestation. In CCS'04, 11th ACM Conference on Computer and Communications Security, pages 132-145. ACM Press.
  3. Camenisch, J. and Lysyanskaya, A. (2001). An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In Advanced in Cryptology - EUROCRYPT 2001, volume 2045 of LNCS, pages 93-118. Springer.
  4. Cesena, E., Löhr, H., Ramunno, G., Sadeghi, A.-R., and Vernizzi, D. (2010). Anonymous authentication with TLS and DAA. In To appear in TRUST 2010, 3rd International Conference on Trust and Trustworthy Computing.
  5. Chaum, D. (1985). Security without identification: transaction systems to make big brother obsolete. Commun. ACM, 28(10):1030-1044.
  6. Dingledine, R., Mathewson, N., and Syverson, P. (2004). Tor: The second-generation onion router. In 13th USENIX Security Symposium, pages 303-320.
  7. Lin, X., Lu, R., Shen, X., Nemoto, Y., and Kato, N. (2009). SAGE: a strong privacy-preserving scheme against global eavesdropping for ehealth systems. IEEE J. on Sel. Areas Comm., 27(4):365-378.
  8. Trusted Computing Group (2007). TPM main specification level 2, version 1.2, revision 103. https://www.trustedcomputinggroup.org/.
  9. Wendolsky, R., Herrmann, D., and Federrath, H. (2007). Performance comparison of low-latency anonymisation services from a user perspective. In PET 2007, 7th International Symposium on Privacy Enhancing Technologies, volume 4776 of LNCS, pages 233-253. Springer.
Download


Paper Citation


in Harvard Style

Cabiddu G., Cesena E. and Vernizzi D. (2010). ANONYMOUS SERVICES - Enhancing End-user Privacy Exploiting Anonymous Networks . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 221-225. DOI: 10.5220/0003032202210225


in Bibtex Style

@conference{secrypt10,
author={Giovanni Cabiddu and Emanuele Cesena and Davide Vernizzi},
title={ANONYMOUS SERVICES - Enhancing End-user Privacy Exploiting Anonymous Networks},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={221-225},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003032202210225},
isbn={978-989-8425-18-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - ANONYMOUS SERVICES - Enhancing End-user Privacy Exploiting Anonymous Networks
SN - 978-989-8425-18-8
AU - Cabiddu G.
AU - Cesena E.
AU - Vernizzi D.
PY - 2010
SP - 221
EP - 225
DO - 10.5220/0003032202210225