scispace - formally typeset
Search or ask a question
Topic

Trusted third party

About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.


Papers
More filters
Patent
Frederick C. Chong1
14 Mar 2005
TL;DR: In this paper, the authors propose a trusted third party authentication for Web services, in which the user identity context is constructed using a service session token issued by the trusted third-party.
Abstract: The present invention extends to trusted third party authentication for Web services. Web services trust and delegate user authentication responsibility to a trusted third party that acts as an identity provider for the trusting Web services. The trusted third party authenticates users through common authentication mechanisms, such as, for example, username/password and X.509 certificates and uses initial user authentication to bootstrap subsequent secure sessions with Web services. Web services construct user identity context using a service session token issued by the trusted third party and reconstruct security states without having to use a service-side distributed cache.

129 citations

01 Jan 2007
TL;DR: In this paper, the authors present the first anonymous credential system in which services can blacklist misbehaving users without contacting a trusted third party (TTP), without users fearing arbitrary deanonymization by a TTP.
Abstract: Several credential systems have been proposed in which users can authenticate to services anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a trusted third party (TTP). The ability of the TTP to revoke a user’s privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, systems such as “e-cash” have been proposed in which users are deanonymized under only certain types of well-defined misbehavior such as “double spending.” While useful in some applications, it is not possible to generalize such techniques to more subjective definitions of misbehavior. We present the first anonymous credential system in which services can “blacklist” misbehaving users without contacting a TTP. Since blacklisted users remain anonymous, misbehaviors can be judged subjectively without users fearing arbitrary deanonymization by a TTP.

127 citations

Patent
22 Feb 2001
TL;DR: A trusted time infrastructure system as discussed by the authors provides time stamps for electronic documents from a local source, consisting of a trusted master clock, a trusted local clock, and a network operations center.
Abstract: A trusted time infrastructure system provides time stamps for electronic documents from a local source. The system comprises a trusted master clock (204), a trusted local clock (206), and a network operations center (210). The trusted master clock and network operations center are located within secure environments controlled by a trusted third party. The trusted local clock may be located in an insecure environment. The trusted master clock is certified to be synchronized with an accepted time standard, such as a national time server (202). The trusted local clock, which issues time stamps, is certified to be synchronized with the trusted master clock. Time stamps and certifications are signed by the issuing device using public key cryptography to enable subsequent authentication. The network operations center logs clock certifications and responds to requests for authentication of time stamps.

127 citations

Journal ArticleDOI
TL;DR: This paper proposes a novel blockchain-based distributed key management architecture with fog computing to reduce latency and multiblockchains operated in the cloud to achieve cross-domain access and evaluated the performance of the proposed architecture and compared it with existing models using various performance measures.
Abstract: The rapid development of the Internet of Things (IoT) and the explosive growth of valuable data produced by user equipment have led to strong demand for access control, especially hierarchical access control, which is performed from a group communication perspective. However, the key management strategies for such a future Internet are based mostly on a trusted third party that requires full trust of the key generation center (KGC) or central authority (CA). Recent studies indicate that centralized cloud centers will be unlikely to deliver satisfactory services to customers because we place too much trust in third parties; therefore, these centers do not apply to user privacy-oriented scenarios. This paper addresses these issues by proposing a novel blockchain-based distributed key management architecture (BDKMA) with fog computing to reduce latency and multiblockchains operated in the cloud to achieve cross-domain access. The proposed scheme utilizes blockchain technology to satisfy the decentralization, fine-grained auditability, high scalability, and extensibility requirements, as well as the privacy-preserving principles for hierarchical access control in IoT. We designed system operations methods and introduced different authorization assignment modes and group access patterns to reinforce the extensibility. We evaluated the performance of our proposed architecture and compared it with existing models using various performance measures. The simulation results show that the multiblockchain structure substantially improves system performance, and the scalability is excellent as the network size increases. Furthermore, dynamic transaction collection time adjustment enables the performance and system capacity to be optimized for various environments.

126 citations

Patent
04 Sep 1998
TL;DR: Secure anonymous communication between a first party and a second party is accomplished by establishing an identity of the first party with a third party, obtaining an anonymous certificate having a selected attribute by the first parties from the third party and presenting the anonymous certificate to the second party for verification to establish the anonymous communication as mentioned in this paper.
Abstract: Secure anonymous communication between a first party and a second party is accomplished by establishing an identity of the first party with a third party, obtaining an anonymous certificate having a selected attribute by the first party from the third party, and presenting the anonymous certificate by the first party to the second party for verification to establish the anonymous communication.

125 citations


Network Information
Related Topics (5)
Encryption
98.3K papers, 1.4M citations
90% related
Server
79.5K papers, 1.4M citations
85% related
Wireless ad hoc network
49K papers, 1.1M citations
84% related
Mobile computing
51.3K papers, 1M citations
83% related
Network packet
159.7K papers, 2.2M citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202321
202240
2021125
2020201
2019179
2018177