Topic
Trusted third party
About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.
Papers published on a yearly basis
Papers
More filters
IBM1
TL;DR: This paper introduces a novel approach for augmenting attribute-based access control systems in a way that allows them to offer fully anonymous access to resources while at the same time achieving strong accountability guarantees.
Abstract: This paper introduces a novel approach for augmenting attribute-based access control systems in a way that allows them to offer fully anonymous access to resources while at the same time achieving strong accountability guarantees. We assume that users hold attribute certificates and we show how to exploit cryptographic zero-knowledge proofs to allow requesting users to prove that they hold suitable certificates for accessing a resource. In contrast to the commonly taken approach of sending all possibly relevant certificates to the access control system, our approach hence does not release any information to the access control system except for the presence of a set of certificates satisfying the access condition. This constitutes the minimal amount of information that has to be released for coming up with a correct access decision, and our approach is the first to achieve this. Additionally given a trusted third party for identity escrow, we furthermore show that a concise application of zero-knowledge proofs offers the access control system the capability to hold a requesting user accountable for her actions under specific, well-defined conditions. All the employed cryptographic techniques are highly efficient, and an architecture for exploiting our approach in practical scenarios is already in place.
57 citations
Proceedings Article•
01 Jan 2001TL;DR: Protocols for distributed certified e-mail use encryption to ensure both confidentiality and fairness, and explore scenarios that support a distributed TTP, in the context of both off-line and online protocols.
Abstract: In this paper we present protocols for distributed certified e-mail, which use encryption to ensure both confidentiality and fairness. As with other protocols for certified e-mail, ours achieve fairness by placing trust on an external entity, referred to as the Trusted Third Party (TTP). The TTP can become a bottleneck, however, and we explore scenarios that support a distributed TTP, in the context of both off-line and online protocols. With several servers dividing the TTP responsibilities, the level of confidence placed in individual servers can be reduced without compromising the TTP’s overall trust.
57 citations
TL;DR: BLAC is presented, the first anonymous credential system in which service providers can revoke the credentials of misbehaving users without relying on a Trusted Third Party (TTP), and it is indeed possible to block anonymous users who have “defaced too many Web pages” using this scheme.
Abstract: Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a Trusted Third Party (TTP). The ability of the TTP to revoke a user’s privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, some systems have been proposed in which users can be deanonymized only if they authenticate “too many times,” such as “double spending” with electronic cash. While useful in some applications, such techniques cannot be generalized to more subjective definitions of misbehavior, for example, using such schemes it is not possible to block anonymous users who “deface too many Web pages” on a Web site.We present BLAC, the first anonymous credential system in which service providers can revoke the credentials of misbehaving users without relying on a TTP . Since revoked users remain anonymous, misbehaviors can be judged subjectively without users fearing arbitrary deanonymization by a TTP . Additionally, our construction supports a d-strikes-out revocation policy, whereby users who have been subjectively judged to have repeatedly misbehaved at least d times are revoked from the system. Thus, for the first time, it is indeed possible to block anonymous users who have “defaced too many Web pages” using our scheme.
57 citations
TL;DR: This paper describes a Japanese functional model that has been developed, and proposes a document-object-oriented architecture, which is-compared with other existing models.
56 citations
Patent•
IBM1
TL;DR: In this paper, a stealth invite is sent to a third party in response to a request by an invitee to add another party to a messaging session with a number of parties.
Abstract: A method, apparatus, and computer instructions for managing messages. In response to a request by an invitee to add a third party to a messaging session with a number of parties, a stealth invite is sent to the third party. If the stealth invite is accepted, messages sent to and received from the parties are sent to the third party without the number of parties knowing of a presence of the third party in the messaging session. The addition of the third party is not announced or indicated to the other parties. The third party also is unable to send messages to the other parties, but may in some cases send messages to the invitee. A recording feature allows a party to automatically record all messages that the party can see. This feature is initiated at the beginning of a messaging session and can be set as a default.
56 citations