Managing and Presenting User Attributes over a Decentralized Secure Name System

  • Martin SchanzenbachEmail author
  • Christian Banse
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9963)


Today, user attributes are managed at centralized identity providers. However, two centralized identity providers dominate digital identity and access management on the web. This is increasingly becoming a privacy problem in times of mass surveillance and data mining for targeted advertisement. Existing systems for attribute sharing or credential presentation either rely on a trusted third party service or require the presentation to be online and synchronous. In this paper we propose a concept that allows the user to manage and share his attributes asynchronously with a requesting party using a secure, decentralized name system.


Shared Secret Trust Relationship User Agent User Attribute Trust Establishment 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work has been partially funded in the project PARADISE by the German Federal Ministry of Education and Research under the reference 16KIS0422.


  1. 1.
    Brown, D.: Standards for efficient cryptography, sec 1: elliptic curve cryptography. Released Stan. Version 1, 2 (2009)Google Scholar
  2. 2.
    Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)Google Scholar
  3. 3.
    French data protection authority. Decision no. 2016–007 of January 26, 2016 issuing formal notice to FACEBOOK INC. and FACEBOOK IRELAND, January 2016Google Scholar
  4. 4.
    Gola, P., Schomerus, R., Klug, C.: BDSG-: Bundesdatenschutzgesetz: Kommentar. Beck, Mnchen, 8. berarbeitete und ergnzte auflage edition (2005)Google Scholar
  5. 5.
    Hardjono, T.: User-managed access (uma) profile of oauth 2.0, December 2015.
  6. 6.
    Jones, M., Bradley, J., Sakimura, N.: Json web token (jwt). RFC 7519, RFC Editor, May 2015.
  7. 7.
    Jones, M., Hardt, D.: The oauth 2.0 authorization framework: Bearer token usage. RFC 6750, RFC Editor, October 2012.
  8. 8.
    Lowe, G.: Casper: A compiler for the analysis of security protocols. J. Comput. Secur. 6(1,2), 53–84 (1998)CrossRefGoogle Scholar
  9. 9.
    Rivest, R.L., Lampson, B.: Sdsi-a simple distributed security infrastructure. In: Crypto (1996)Google Scholar
  10. 10.
    Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., Mortimore, C.: OpenID Connect Core 1.0 incorporating errata set 1. Technical report, November 2014Google Scholar
  11. 11.
    Wachs, M., Schanzenbach, M., Grothoff, C.: A censorship-resistant, privacy-enhancing and fully decentralized name system. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 127–142. Springer, Heidelberg (2014)Google Scholar
  12. 12.
    Wachs, M., Schanzenbach, M., Grothoff, C.: On the feasibility of a censorship resistant decentralized name system. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 19–30. Springer, Heidelberg (2014)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Fraunhofer AISECGarching b. MünchenGermany

Personalised recommendations