Minimal credential disclosure in trust negotiations

Federica Paci, David Bauer, Elisa Bertino, Douglas M. Blough, Anna Squicciarini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.

Original languageEnglish (US)
Title of host publicationProceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Pages89-96
Number of pages8
DOIs
StatePublished - Dec 1 2008
Event4th ACM Workshop on Digital Identity Management, DIM'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 - Alexandria, VA, United States
Duration: Oct 27 2008Oct 31 2008

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other4th ACM Workshop on Digital Identity Management, DIM'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
CountryUnited States
CityAlexandria, VA
Period10/27/0810/31/08

Fingerprint

Industry

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

Paci, F., Bauer, D., Bertino, E., Blough, D. M., & Squicciarini, A. (2008). Minimal credential disclosure in trust negotiations. In Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 (pp. 89-96). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1456424.1456439
Paci, Federica ; Bauer, David ; Bertino, Elisa ; Blough, Douglas M. ; Squicciarini, Anna. / Minimal credential disclosure in trust negotiations. Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. pp. 89-96 (Proceedings of the ACM Conference on Computer and Communications Security).
@inproceedings{0b8789e56a66409f9272332a30a43eab,
title = "Minimal credential disclosure in trust negotiations",
abstract = "The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.",
author = "Federica Paci and David Bauer and Elisa Bertino and Blough, {Douglas M.} and Anna Squicciarini",
year = "2008",
month = "12",
day = "1",
doi = "10.1145/1456424.1456439",
language = "English (US)",
isbn = "9781605582948",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
pages = "89--96",
booktitle = "Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08",

}

Paci, F, Bauer, D, Bertino, E, Blough, DM & Squicciarini, A 2008, Minimal credential disclosure in trust negotiations. in Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. Proceedings of the ACM Conference on Computer and Communications Security, pp. 89-96, 4th ACM Workshop on Digital Identity Management, DIM'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08, Alexandria, VA, United States, 10/27/08. https://doi.org/10.1145/1456424.1456439

Minimal credential disclosure in trust negotiations. / Paci, Federica; Bauer, David; Bertino, Elisa; Blough, Douglas M.; Squicciarini, Anna.

Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. p. 89-96 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Minimal credential disclosure in trust negotiations

AU - Paci, Federica

AU - Bauer, David

AU - Bertino, Elisa

AU - Blough, Douglas M.

AU - Squicciarini, Anna

PY - 2008/12/1

Y1 - 2008/12/1

N2 - The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.

AB - The secure release of identity attributes is a key enabler for electronic business interactions. Integrity and confidentiality of identity attributes are two key requirements in such context. Users should also have the maximum control possible over the release of their identity attributes and should state under which conditions these attributes can be disclosed. Moreover, users should disclose only the identity attributes that are actually required for the transactions at hand. In this paper we present an approach for the controlled release of identity attributes that addresses such requirements. The approach is based on the integration of trust negotiation and minimal credential disclosure techniques. Trust negotiation supports selective and incremental disclosure of identity attributes, while minimal credential disclosure guarantees that only the attributes necessary to complete the on line interactions are disclosed.

UR - http://www.scopus.com/inward/record.url?scp=70349246369&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70349246369&partnerID=8YFLogxK

U2 - 10.1145/1456424.1456439

DO - 10.1145/1456424.1456439

M3 - Conference contribution

AN - SCOPUS:70349246369

SN - 9781605582948

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 89

EP - 96

BT - Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08

ER -

Paci F, Bauer D, Bertino E, Blough DM, Squicciarini A. Minimal credential disclosure in trust negotiations. In Proceedings of the 4th ACM Workshop on Digital Identity Management, DIM'08,Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08. 2008. p. 89-96. (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1456424.1456439