skip to main content
research-article

Private Information: To Reveal or not to Reveal

Published:01 October 2008Publication History
Skip Abstract Section

Abstract

This article studies the notion of quantitative policies for trust management and gives protocols for realizing them in a disclosure-minimizing fashion. Specifically, Bob values each credential with a certain number of points, and requires a minimum total threshold of points before granting Alice access to a resource. In turn, Alice values each of her credentials with a privacy score that indicates her degree of reluctance to reveal that credential. Bob's valuation of credentials and his threshold are private. Alice's privacy-valuation of her credentials is also private. Alice wants to find a subset of her credentials that achieves Bob's required threshold for access, yet is of as small a value to her as possible. We give protocols for computing such a subset of Alice's credentials without revealing any of the two parties' above-mentioned private information. Furthermore, we develop a fingerprint method that allows Alice to independently and easily recover the optimal knapsack solution, once the computed optimal value is given, but also enables verification of the integrity of the optimal value. The fingerprint method is useful beyond the specific authorization problem studied, and can be applied to any integer knapsack dynamic programming in a private setting.

References

  1. Atallah, M. J. and Du, W. 2001. Secure multi-party computational geometry. In Proceedings of 7th International Workshop on Algorithms and Data Structures (WADS'01). Lecture Notes in Computer Science, vol. 2125. Springer Verlag, 165--179. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Atallah, M. J. and Li, J. 2004. Secure outsourcing of sequence comparisons. In Proceedings of the 4th Workshop on Privacy Enhancing Technologies (PET'04). Lecture Notes in Computer Science, vol. 3424. 63--78. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Aura, T. 1998. On the structure of delegation networks. In Proceedings of 11th IEEE Computer Security Foundations Workshop (CSFW'98). IEEE Computer Society Press, 14--26. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Aura, T. 1999. Distributed access-rights management with delegation certificates. In Proceedings of the Secure Internet Programming -- Security Issues for Distributed and Mobile Objects. Lecture Notes in Computer Science, vol. 1603. Springer, 211--235. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Banerjee, N., Acharya, A., and Das, S. 2007. Enabling SIP-based sessions in ad hoc networks. Journal of Wireless Networks, 13, 4, 461 -- 479. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Ben-Or, M. and Wigderson, A. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In The 20th Annual ACM Symposium on Theory of Computing (STOC'88). ACM Press, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Beth, T., Borcherding, M., and Klein, B. 1994. Valuation of trust in open networks. In Proceedings of the 3rd European Symposium on Research in Computer Security (ESORICS'94). 3--18. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Bonatti, P. A. and Samarati, P. 2002. A uniform framework for regulating service access and information release on the web. J. Comp. Sci., 10, 3, 241--272. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Boneh, D. and Franklin, M. 2001. Identity-Based Encryption from the Weil Pairing. In Proceedings of the 21st Annual International Cryptology Conference (CRYPTO'01). Lecture Notes in Computer Science, vol. 2139. Springer, 213--229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Bradshaw, R., Holt, J., and Seamons, K. 2004. Concealing complex policies with hidden credentials. In Proceedings of 11th ACM Conference on Computer and Communications Security (CCS'04). Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Camenisch, J. and Lysyanskaya, A. 2001. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In Advances in Cryptology (EUROCRYPT'01), B. Pfitzmann, Ed. Lecture Notes in Computer Science, vol. 2045. Springer Verlag, 93--118. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Camenisch, J. and Van Herreweghen, E. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02). 21--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Camp, L. J. and Wolfram, C. 2004. Pricing security. In Advances in Information Security -- Economics of Information Security. Vol. 12. Kluwer Academic Publishers, 17--34.Google ScholarGoogle Scholar
  14. Canetti, R. 2000. Security and composition of multiparty cryptographic protocols. J. Crypto., 13(1), 143--202.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Chaum, D., Cr##eacute##peau, C., and Damgard, I. 1988. Multiparty unconditionally secure protocols. In The 20th Annual ACM Symposium on Theory of Computing (STOC'88). ACM Press, 11--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Chen, W., Clarke, L., Kurose, J., and Towsley, D. 2005. Optimizing cost-sensitive trust-negotiation protocols. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05). Vol. 2. 1431--1442.Google ScholarGoogle Scholar
  17. Cocks, C. 2001. An identity based encryption scheme based on quadratic residues. In 8th IMA International Conference on Cryptography and Coding (CCIS'01). Vol. 2260. Springer, 360--363. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Cormen, T. H., Leiserson, C. E., L.Rivest, R., and Stein, C. 2001. Introduction to algorithms. MIT Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Damgård, I. and Jurik, M. 2001. A generalisation, a simplification and some applications of Paillier's probabilistic public-key system. In Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC'01). Lecture Notes in Computer Science 1992. 119--136. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P., and Violante, F. 2002. A reputation-based approach for choosing reliable resources in peer-to-peer networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'02). 207--216. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Danezis, G., Lewis, S., and Anderson, R. 2005. How much is location privacy worth? In Fourth Workshop on the Economics of Information Security (WEIS'05).Google ScholarGoogle Scholar
  22. Du, W. 2001. A study of several specific secure two-party computation problems. PhD thesis, Purdue University, West Lafayette, Indiana. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Freedman, M., Nissim, K., and Pinkas, B. 2004. Efficient private matching and set intersection. In Advances in Cryptology (Eurocrypt'04). LNCS, vol. 3027. Springer-Verlag, 1--19.Google ScholarGoogle Scholar
  24. Frikken, K. B. and Atallah, M. J. 2004. Privacy preserving route planning. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES'04). ACM Press, 8--15. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Frikken, K. B., Atallah, M. J., and Li, J. 2004. Hidden access control policies with hidden credentials. In Proceedings of the 3nd ACM Workshop on Privacy in the Electronic Society (WPES'04). Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Frikken, K. B., Li, J., and Atallah, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS'06).Google ScholarGoogle Scholar
  27. Goldreich, O. 2002. Secure multi-party computation. Unpublished manuscript.Google ScholarGoogle Scholar
  28. Goldreich, O. 2004. The Foundations of Cryptography. Vol. 2. Cambridge University Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Goldreich, O., Micali, S., and Wigderson, A. 1987. How to play any mental game. In The 19th Annual ACM Conference on Theory of Computing. ACM Press, 218--229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Goldwasser, S. 1997. Multi-party computations: past and present. In The 16th Annual ACM Symposium on Principles of Distributed Computing. ACM Press, 1--6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Goldwasser, S., Micali, S., and Rackoff, C. 1985. The knowledge complexity of interactive proof-systems. In Proceedings of the 17th Annual ACM Symposium on Theory of Computing (STOC'85). 291--304. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Holt, J. E., Bradshaw, R. W., Seamons, K. E., and Orman, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society (WPES'03). Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Huang, Q., Jao, D., and Wang, H. J. 2005. Applications of secure electronic voting to automated privacy-preserving troubleshooting. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS'05). Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Jagannathan, G. and Wright, R. N. 2005. Privacy-preserving distributed k-means clustering over arbitrarily partitioned data. In Proceedings of the 11th ACM SIGKDD International Conference on Knowledge Discovery in Data Mining (KDD'05). 593--599. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Kissner, L. and Song, D. 2005. Private and threshold set-intersection. In Advances in Cryptology (CRYPTO'05).Google ScholarGoogle Scholar
  36. Landwehr, C. E. 2004. Improving information flow in the information security market. In Advances in Information Security -- Economics of Information Security. Vol. 12. Kluwer Academic Publishers, 155--163.Google ScholarGoogle Scholar
  37. Li, J., Li, N., and Winsborough, W. H. 2005. Automated trust negotiation using cryptographic credentials. In Proceedings of 12th ACM Conference on Computer and Communications Security (CCS'05). 46--57. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Lipmaa, H. 2003. Verifiable homomorphic oblivious transfer and private equality test. In Advances in Cryptology (Asiacrypt'03). Lecture Notes in Computer Science. 416--433.Google ScholarGoogle Scholar
  39. Paillier, P. 1999. Public-key cryptosystems based on composite degree residuosity classes. Advances in Cryptology (EUROCRYPT'99), Lecture Notes in Computer Science 1592, 223--238. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Shamir, A. 1984. Identity-based cryptosystems and signature schemes. In Advances in Cryptology (CRYPTO'84). Lecture Notes in Computer Science, vol. 196. Springer, 47--53. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Tamassia, R., Yao, D., and Winsborough, W. H. 2004. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT'04). ACM Press, 146--155. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Tran, H., Hitchens, M., Varadharajan, V., and Watters, P. 2005. A trust based access control framework for P2P file-sharing systems. In Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) Track 9. IEEE Computer Society, 302c. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Winsborough, W. H. and Li, N. 2004. Safety in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy (SP'04). IEEE Computer Society Press.Google ScholarGoogle Scholar
  44. Winsborough, W. H., Seamons, K. E., and Jones, V. E. 2000. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition (DARPA'00). Vol. I. IEEE Press, 88--102.Google ScholarGoogle Scholar
  45. Yao, A. C. 1986. How to generate and exchange secrets. In Proceedings of the 27th IEEE Symposium on Foundations of Computer Science (FOCS'86). IEEE Computer Society Press, 162--167. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Yao, D., Frikken, K. B., Atallah, M. J., and Tamassia, R. 2006. Point-based trust: Define how much privacy is worth. In Proceedings of the International Conference on Information and Communications Security (ICICS'06). LNCS, vol. 4307. Springer, 190--209. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Yao, D., Tamassia, R., and Proctor, S. 2007. Private distributed scalar product protocol with application to privacy-preserving computation of trust. In Proceedings of the IFIPTM Joint iTrust and PST Conferences on Privacy, Trust Management and Security (iTRUST'07).Google ScholarGoogle Scholar
  48. Yokoo, M. and Suzuki, K. 2002. Secure multi-agent dynamic programming based on homomorphic encryption and its application to combinatorial auction. In Proceedings of the 1st Joint International Conference on Autonomous Agents and Multiagent Systems (AAMAS'02). ACM Press, 112--119. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Yu, T., Ma, X., and Winslett, M. 2000. PRUNES: An efficient and complete strategy for automated trust negotiation over the internet. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'00). 210--219. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Yu, T. and Winslett, M. 2003. A unified scheme for resource protection in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy (SP'03). IEEE Computer Society Press, 110--122. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Yu, T., Winslett, M., and Seamons, K. E. 2001. Interoperable strategies in automated trust negotiation. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS'01). ACM Press, 146--155. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Zouridaki, C., Mark, B. L., Hejmo, M., and Thomas, R. K. 2005. A quantitative trust establishment framework for reliable data packet delivery in MANETs. In Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'05), V. Atluri, P. Ning, and W. Du, Eds. ACM, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Private Information: To Reveal or not to Reveal

        Recommendations

        Reviews

        Amos O Olagunju

        In this paper, readers will find protocols for computing the degrees of reluctance for software systems to reveal credentials that will allow users to gain access to resources. The authors' insights include: a point-based trust (PBT) model for dynamically providing services rooted in access methods and credentials that limit the loss of privacy; a protocol for joint computation of the optimum total privacy scores of at-large credentials by a server and a client, without divulging the secret, sensitive parameters of both parties; and a fingerprint algorithm to enable the client to independently recover and validate the integrity of the computed optimal knapsack solution. This is a comprehensive analysis of the issues of trust negotiation, management, and computation. Yao et al. show how to select a combination of credentials suited to the particular privacy scores for each credential. They discuss access control policies as a knapsack optimization problem, and offer a novel dynamic programming solution. The protocols advocated for realizing quantitative policies in trust management use semantically secure homomorphic encryption schemes widely, to provide protection against partly candid foes. The paper offers perceptive access control and PBT management ideas. Their two-party PBT framework ushers in new opportunities for the development of efficient solutions for multi-knapsack problems. The design and implementation of quantifiable policies and protocols for trust management of access to resources in grid computing and the Internet entail answering nontrivial questions. Despite the recently promoted model for associating platform trust with behavioral policy [1], and the access and privacy policies for granting access to resources [2], many issues remain unresolved. For example, how should optimal values of arbitrarily rated credentials be computed and validated, so that they can be used to grant access to resources among entities in open ad hoc networks and e-commerce systems__?__ How should satisfactory point-based trust be implemented in protocols designed for open systems in which providers and users have different and conflicting interests__?__ This paper provides clear perceptions of these questions and more. If you are interested in privacy, and you should be, this is an insightful paper for your reading list. Online Computing Reviews Service

        Access critical reviews of Computing literature here

        Become a reviewer for Computing Reviews.

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Information and System Security
          ACM Transactions on Information and System Security  Volume 12, Issue 1
          October 2008
          230 pages
          ISSN:1094-9224
          EISSN:1557-7406
          DOI:10.1145/1410234
          Issue’s Table of Contents

          Copyright © 2008 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 1 October 2008
          • Revised: 1 July 2008
          • Accepted: 1 July 2008
          • Received: 1 October 2007
          Published in tissec Volume 12, Issue 1

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!