Attribute-based pseudonymity for privacy-preserving authentication in cloud services
Sucasas, Victor, Mantas, Georgios ORCID: https://orcid.org/0000-0002-8074-0417, Papaioannou, Maria and Rodriguez, Jonathan (2021) Attribute-based pseudonymity for privacy-preserving authentication in cloud services. IEEE Transactions on Cloud Computing. ISSN 2372-0018 (doi:10.1109/TCC.2021.3084538)
Preview |
PDF (Author's accepted manuscript)
33438_MANTAS_Attribute_based_pseudonymity_for_privacy_preserving_authentication_in_cloud_services.pdf - Accepted Version Download (194kB) | Preview |
Preview |
PDF
33438-MANTAS-Attribute-based-pseudonymity-for-privacy-preserving-authentication-in-cloud-services.pdf - Accepted Version Download (1MB) | Preview |
Abstract
Attribute-based authentication is considered a cornerstone component to achieve scalable fine-grained access control in the fast growing market of cloud-based services. Unfortunately, it also poses a privacy concern. Users attributes should not be linked to the users identity and spread across different organizations. To tackle this issue, several solutions have been proposed such as Privacy Attribute-Based Credentials (Privacy-ABCs), which support pseudonym-based authentication with embedded attributes. Privacy-ABCs allow users to establish anonymous accounts with service providers while hiding the identity of the user under a pseudonym. However, Privacy-ABCs require the selective disclosure of the attribute values towards service providers. Other schemes such as Attribute Base Signatures (ABS) and mesh signatures do not require the disclosure of attributes; unfortunately, these schemes do not cater for pseudonym generation in their construction, and hence cannot be used to establish anonymous accounts. In this paper, we propose a pseudonym-based signature scheme that enables unlinkable pseudonym self-generation with embedded attributes, similarly to Privacy-ABCs, and integrates a secret sharing scheme in a similar fashion to ABS and mesh signature schemes for attribute verification. Our proposed scheme also provides verifiable collusion, enabling users to share attributes according to the service providers policies.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | privacy preservation, authentication, pseudonimity smart cities, cloud computing |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science T Technology > T Technology (General) |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Engineering (ENG) |
Related URLs: | |
Last Modified: | 16 May 2022 07:50 |
URI: | http://gala.gre.ac.uk/id/eprint/33438 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year