Authors:
Daniel Slamanig
1
and
Stefan Rass
2
Affiliations:
1
Carinthia University of Applied Sciences, Austria
;
2
Klagenfurt University, Austria
Keyword(s):
Anonymity, Privacy, Anonymous authentication, Anonymous transactions, Public-key encryption, One-show tokens, Blind signatures.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Cryptographic Techniques and Key Management
;
Data and Application Security and Privacy
;
Data Engineering
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Privacy
;
Public Key Crypto Applications
;
Secure Cloud Computing
;
Web Information Systems and Technologies
Abstract:
While privacy was more or less neglected in the early days of the Internet, in recent years it has emerged to be a hot topic in computer security research. Among other reasons, since the use of the Internet is becoming more and more ubiquitous, cloud computing emerges and consequently users provide a lot of information to potentially untrusted third parties. In this paper we propose an approach which provides a means for users to anonymously conduct transactions with a service-provider such that those transactions can neither be linked to a specific user nor linked together. At the same time, a service-provider can be sure that only authorized users are able to conduct transactions. In particular, we bring together the concepts of anonymous authentication from public-key encryption and anonymous as well as unlinkable token based transactions in order to profit from the advantages of the two single approaches. Since full anonymity is usually not desirable, we provide mechanism to iden
tify misbehaving anonymous users behind transactions. More precisely, we realize selective traceability, which allows revocation of the anonymity of a suspicious users along with the identification of all of her transactions, without violating the privacy of all remaining users.
(More)