Minimal credential disclosure in trust negotiations

Federica Paci, David Bauer, Elisa Bertino, Douglas M. Blough, Anna C. Squicciarini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.

Original languageEnglish (US)
Title of host publicationProceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Pages89-96
Number of pages8
DOIs
StatePublished - Dec 1 2008
Event4th ACM Workshop on Digital Identity Management, DIM'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 - Alexandria, VA, United States
Duration: Oct 27 2008Oct 31 2008

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other4th ACM Workshop on Digital Identity Management, DIM'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
CountryUnited States
CityAlexandria, VA
Period10/27/0810/31/08

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Minimal credential disclosure in trust negotiations'. Together they form a unique fingerprint.

Cite this