Abstract
This article studies the notion of quantitative policies for trust management and gives protocols for realizing them in a disclosure-minimizing fashion. Specifically, Bob values each credential with a certain number of points, and requires a minimum total threshold of points before granting Alice access to a resource. In turn, Alice values each of her credentials with a privacy score that indicates her degree of reluctance to reveal that credential. Bob's valuation of credentials and his threshold are private. Alice's privacy-valuation of her credentials is also private. Alice wants to find a subset of her credentials that achieves Bob's required threshold for access, yet is of as small a value to her as possible. We give protocols for computing such a subset of Alice's credentials without revealing any of the two parties' above-mentioned private information. Furthermore, we develop a fingerprint method that allows Alice to independently and easily recover the optimal knapsack solution, once the computed optimal value is given, but also enables verification of the integrity of the optimal value. The fingerprint method is useful beyond the specific authorization problem studied, and can be applied to any integer knapsack dynamic programming in a private setting.
- Atallah, M. J. and Du, W. 2001. Secure multi-party computational geometry. In Proceedings of 7th International Workshop on Algorithms and Data Structures (WADS'01). Lecture Notes in Computer Science, vol. 2125. Springer Verlag, 165--179. Google Scholar
Digital Library
- Atallah, M. J. and Li, J. 2004. Secure outsourcing of sequence comparisons. In Proceedings of the 4th Workshop on Privacy Enhancing Technologies (PET'04). Lecture Notes in Computer Science, vol. 3424. 63--78. Google Scholar
Digital Library
- Aura, T. 1998. On the structure of delegation networks. In Proceedings of 11th IEEE Computer Security Foundations Workshop (CSFW'98). IEEE Computer Society Press, 14--26. Google Scholar
Digital Library
- Aura, T. 1999. Distributed access-rights management with delegation certificates. In Proceedings of the Secure Internet Programming -- Security Issues for Distributed and Mobile Objects. Lecture Notes in Computer Science, vol. 1603. Springer, 211--235. Google Scholar
Digital Library
- Banerjee, N., Acharya, A., and Das, S. 2007. Enabling SIP-based sessions in ad hoc networks. Journal of Wireless Networks, 13, 4, 461 -- 479. Google Scholar
Digital Library
- Ben-Or, M. and Wigderson, A. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In The 20th Annual ACM Symposium on Theory of Computing (STOC'88). ACM Press, 1--10. Google Scholar
Digital Library
- Beth, T., Borcherding, M., and Klein, B. 1994. Valuation of trust in open networks. In Proceedings of the 3rd European Symposium on Research in Computer Security (ESORICS'94). 3--18. Google Scholar
Digital Library
- Bonatti, P. A. and Samarati, P. 2002. A uniform framework for regulating service access and information release on the web. J. Comp. Sci., 10, 3, 241--272. Google Scholar
Digital Library
- Boneh, D. and Franklin, M. 2001. Identity-Based Encryption from the Weil Pairing. In Proceedings of the 21st Annual International Cryptology Conference (CRYPTO'01). Lecture Notes in Computer Science, vol. 2139. Springer, 213--229. Google Scholar
Digital Library
- Bradshaw, R., Holt, J., and Seamons, K. 2004. Concealing complex policies with hidden credentials. In Proceedings of 11th ACM Conference on Computer and Communications Security (CCS'04). Google Scholar
Digital Library
- Camenisch, J. and Lysyanskaya, A. 2001. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In Advances in Cryptology (EUROCRYPT'01), B. Pfitzmann, Ed. Lecture Notes in Computer Science, vol. 2045. Springer Verlag, 93--118. Google Scholar
Digital Library
- Camenisch, J. and Van Herreweghen, E. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02). 21--30. Google Scholar
Digital Library
- Camp, L. J. and Wolfram, C. 2004. Pricing security. In Advances in Information Security -- Economics of Information Security. Vol. 12. Kluwer Academic Publishers, 17--34.Google Scholar
- Canetti, R. 2000. Security and composition of multiparty cryptographic protocols. J. Crypto., 13(1), 143--202.Google Scholar
Digital Library
- Chaum, D., Cr##eacute##peau, C., and Damgard, I. 1988. Multiparty unconditionally secure protocols. In The 20th Annual ACM Symposium on Theory of Computing (STOC'88). ACM Press, 11--19. Google Scholar
Digital Library
- Chen, W., Clarke, L., Kurose, J., and Towsley, D. 2005. Optimizing cost-sensitive trust-negotiation protocols. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05). Vol. 2. 1431--1442.Google Scholar
- Cocks, C. 2001. An identity based encryption scheme based on quadratic residues. In 8th IMA International Conference on Cryptography and Coding (CCIS'01). Vol. 2260. Springer, 360--363. Google Scholar
Digital Library
- Cormen, T. H., Leiserson, C. E., L.Rivest, R., and Stein, C. 2001. Introduction to algorithms. MIT Press. Google Scholar
Digital Library
- Damgård, I. and Jurik, M. 2001. A generalisation, a simplification and some applications of Paillier's probabilistic public-key system. In Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC'01). Lecture Notes in Computer Science 1992. 119--136. Google Scholar
Digital Library
- Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P., and Violante, F. 2002. A reputation-based approach for choosing reliable resources in peer-to-peer networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'02). 207--216. Google Scholar
Digital Library
- Danezis, G., Lewis, S., and Anderson, R. 2005. How much is location privacy worth? In Fourth Workshop on the Economics of Information Security (WEIS'05).Google Scholar
- Du, W. 2001. A study of several specific secure two-party computation problems. PhD thesis, Purdue University, West Lafayette, Indiana. Google Scholar
Digital Library
- Freedman, M., Nissim, K., and Pinkas, B. 2004. Efficient private matching and set intersection. In Advances in Cryptology (Eurocrypt'04). LNCS, vol. 3027. Springer-Verlag, 1--19.Google Scholar
- Frikken, K. B. and Atallah, M. J. 2004. Privacy preserving route planning. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES'04). ACM Press, 8--15. Google Scholar
Digital Library
- Frikken, K. B., Atallah, M. J., and Li, J. 2004. Hidden access control policies with hidden credentials. In Proceedings of the 3nd ACM Workshop on Privacy in the Electronic Society (WPES'04). Google Scholar
Digital Library
- Frikken, K. B., Li, J., and Atallah, M. J. 2006. Trust negotiation with hidden credentials, hidden policies, and policy cycles. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS'06).Google Scholar
- Goldreich, O. 2002. Secure multi-party computation. Unpublished manuscript.Google Scholar
- Goldreich, O. 2004. The Foundations of Cryptography. Vol. 2. Cambridge University Press. Google Scholar
Digital Library
- Goldreich, O., Micali, S., and Wigderson, A. 1987. How to play any mental game. In The 19th Annual ACM Conference on Theory of Computing. ACM Press, 218--229. Google Scholar
Digital Library
- Goldwasser, S. 1997. Multi-party computations: past and present. In The 16th Annual ACM Symposium on Principles of Distributed Computing. ACM Press, 1--6. Google Scholar
Digital Library
- Goldwasser, S., Micali, S., and Rackoff, C. 1985. The knowledge complexity of interactive proof-systems. In Proceedings of the 17th Annual ACM Symposium on Theory of Computing (STOC'85). 291--304. Google Scholar
Digital Library
- Holt, J. E., Bradshaw, R. W., Seamons, K. E., and Orman, H. 2003. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society (WPES'03). Google Scholar
Digital Library
- Huang, Q., Jao, D., and Wang, H. J. 2005. Applications of secure electronic voting to automated privacy-preserving troubleshooting. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS'05). Google Scholar
Digital Library
- Jagannathan, G. and Wright, R. N. 2005. Privacy-preserving distributed k-means clustering over arbitrarily partitioned data. In Proceedings of the 11th ACM SIGKDD International Conference on Knowledge Discovery in Data Mining (KDD'05). 593--599. Google Scholar
Digital Library
- Kissner, L. and Song, D. 2005. Private and threshold set-intersection. In Advances in Cryptology (CRYPTO'05).Google Scholar
- Landwehr, C. E. 2004. Improving information flow in the information security market. In Advances in Information Security -- Economics of Information Security. Vol. 12. Kluwer Academic Publishers, 155--163.Google Scholar
- Li, J., Li, N., and Winsborough, W. H. 2005. Automated trust negotiation using cryptographic credentials. In Proceedings of 12th ACM Conference on Computer and Communications Security (CCS'05). 46--57. Google Scholar
Digital Library
- Lipmaa, H. 2003. Verifiable homomorphic oblivious transfer and private equality test. In Advances in Cryptology (Asiacrypt'03). Lecture Notes in Computer Science. 416--433.Google Scholar
- Paillier, P. 1999. Public-key cryptosystems based on composite degree residuosity classes. Advances in Cryptology (EUROCRYPT'99), Lecture Notes in Computer Science 1592, 223--238. Google Scholar
Digital Library
- Shamir, A. 1984. Identity-based cryptosystems and signature schemes. In Advances in Cryptology (CRYPTO'84). Lecture Notes in Computer Science, vol. 196. Springer, 47--53. Google Scholar
Digital Library
- Tamassia, R., Yao, D., and Winsborough, W. H. 2004. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT'04). ACM Press, 146--155. Google Scholar
Digital Library
- Tran, H., Hitchens, M., Varadharajan, V., and Watters, P. 2005. A trust based access control framework for P2P file-sharing systems. In Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) Track 9. IEEE Computer Society, 302c. Google Scholar
Digital Library
- Winsborough, W. H. and Li, N. 2004. Safety in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy (SP'04). IEEE Computer Society Press.Google Scholar
- Winsborough, W. H., Seamons, K. E., and Jones, V. E. 2000. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition (DARPA'00). Vol. I. IEEE Press, 88--102.Google Scholar
- Yao, A. C. 1986. How to generate and exchange secrets. In Proceedings of the 27th IEEE Symposium on Foundations of Computer Science (FOCS'86). IEEE Computer Society Press, 162--167. Google Scholar
Digital Library
- Yao, D., Frikken, K. B., Atallah, M. J., and Tamassia, R. 2006. Point-based trust: Define how much privacy is worth. In Proceedings of the International Conference on Information and Communications Security (ICICS'06). LNCS, vol. 4307. Springer, 190--209. Google Scholar
Digital Library
- Yao, D., Tamassia, R., and Proctor, S. 2007. Private distributed scalar product protocol with application to privacy-preserving computation of trust. In Proceedings of the IFIPTM Joint iTrust and PST Conferences on Privacy, Trust Management and Security (iTRUST'07).Google Scholar
- Yokoo, M. and Suzuki, K. 2002. Secure multi-agent dynamic programming based on homomorphic encryption and its application to combinatorial auction. In Proceedings of the 1st Joint International Conference on Autonomous Agents and Multiagent Systems (AAMAS'02). ACM Press, 112--119. Google Scholar
Digital Library
- Yu, T., Ma, X., and Winslett, M. 2000. PRUNES: An efficient and complete strategy for automated trust negotiation over the internet. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'00). 210--219. Google Scholar
Digital Library
- Yu, T. and Winslett, M. 2003. A unified scheme for resource protection in automated trust negotiation. In Proceedings of IEEE Symposium on Security and Privacy (SP'03). IEEE Computer Society Press, 110--122. Google Scholar
Digital Library
- Yu, T., Winslett, M., and Seamons, K. E. 2001. Interoperable strategies in automated trust negotiation. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS'01). ACM Press, 146--155. Google Scholar
Digital Library
- Zouridaki, C., Mark, B. L., Hejmo, M., and Thomas, R. K. 2005. A quantitative trust establishment framework for reliable data packet delivery in MANETs. In Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'05), V. Atluri, P. Ning, and W. Du, Eds. ACM, 1--10. Google Scholar
Digital Library
Index Terms
Private Information: To Reveal or not to Reveal
Recommendations
A privacy framework: indistinguishable privacy
EDBT '13: Proceedings of the Joint EDBT/ICDT 2013 WorkshopsIn this paper we illustrate a privacy framework named Indistinguishable Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party ...
Privacy-preserving point-inclusion protocol for an arbitrary area based on phase-encoded quantum private query
The point-inclusion problem is an important secure multi-party computation that it involves two parties, where one has a private point and the other has a private area, and they want to determine whether the point is inside the area without revealing ...
Design and Analysis of Private-Preserving Dot Product Protocol
ICECT '09: Proceedings of the 2009 International Conference on Electronic Computer TechnologyPrivate-preserving shared dot product protocol is an important protocol of many secure multi-party computation problems. It has been the main building block of various data mining algorithms with privacy concerns, and providing fundamental security ...








Comments