University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Anonymous Single-Sign-On for n designated services with traceability

Han, Jinguang, Chen, Liqun, Schneider, Steve, Treharne, Helen and Wesemeyer, Stephan (2018) Anonymous Single-Sign-On for n designated services with traceability In: 23rd European Symposium on Research in Computer Security (ESORICS) 2018, 2018-09-03-2018-09-07, Barcelona, Spain.

[img]
Preview
Text
Anonymous Single-Sign-On for n designated services with traceability.pdf - Accepted version Manuscript

Download (720kB) | Preview

Abstract

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity. This has become more important with the introduction of strong privacy regulations. In this paper we describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is that authentication can occur only between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole service access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.

Item Type: Conference or Workshop Item (Conference Paper)
Divisions : Faculty of Engineering and Physical Sciences > Computing Science
Authors :
NameEmailORCID
Han, Jinguangj.han@surrey.ac.uk
Chen, Liqunliqun.chen@surrey.ac.uk
Schneider, SteveS.Schneider@surrey.ac.uk
Treharne, HelenH.Treharne@surrey.ac.uk
Wesemeyer, StephanS.Wesemeyer@surrey.ac.uk
Editors :
NameEmailORCID
Lopez, Javier
Zhou, Jianying
Soriano, Miguel
Date : 8 August 2018
Funders : Engineering and Physical Sciences Research Council (EPSRC)
DOI : 10.1007/978-3-319-99073-6
Grant Title : DICE: “Data to Improve the Customer Experience”
Copyright Disclaimer : Copyright 2018 Springer Nature Switzerland AG
Projects : DICE: “Data to Improve the Customer Experience”.
Uncontrolled Keywords : Anonymous Single-Sign-on; Security; Privacy; Anonymity
Related URLs :
Additional Information : The two-volume set, LNCS 11098 and LNCS 11099 constitutes the refereed proceedings of the 23nd European Symposium on Research in Computer Security, ESORICS 2018, held in Barcelona, Spain, in September 2018. The 56 revised full papers presented were carefully reviewed and selected from 283 submissions. The papers address issues such as software security, blockchain and machine learning, hardware security, attacks, malware and vulnerabilities, protocol security, privacy, CPS and IoT security, mobile security, database and web security, cloud security, applied crypto, multi-party computation, SDN security. Kindle edition
Depositing User : Clive Harris
Date Deposited : 13 Sep 2018 09:43
Last Modified : 04 Apr 2019 11:29
URI: http://epubs.surrey.ac.uk/id/eprint/849276

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800