Skip to main content

An Architecture for Privacy-ABCs

  • Chapter
  • First Online:
Attribute-based Credentials for Trust

Abstract

One of the main objectives of the ABC4Trust project was to define a common, unified architecture for Privacy-ABC systems to allow comparing their respective features and combining them into common platforms. The chapter presents an overview of features and concepts of Privacy-ABCs and introduces the architecture proposed by ABC4Trust, describing the layers and components as well as the highlevel APIs. We also present the language framework of ABC4Trust through an example scenario. Furthermore, this chapter investigates integration of Privacy-ABCs with the existing Identity Management protocols and also analyses the required trust relationships in the ecosystem of Privacy-ABCs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

eBook
USD 16.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. ABC4Trust EU Project. https://www.abc4trust.eu.

  2. Abstract syntax notation one (ASN.1), 2008. International Telecommunication Union - ITU-T recommendation X.680.

    Google Scholar 

  3. Bartel, Mark and Boyer, John and Fox, Barb and LaMacchia, Brian and Simon, Ed. XML-Signature Syntax and Processing. http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/, February 2002.

  4. Thomas Baignères, Patrik Bichsel, Robert R Enderlein, Hans Knudsen, Kasper Damgård, Jonas Jensen, Gregory Neven, Janus Nielsen, Pascal Paillier, and Michael Stausholm. Final Reference Implementation. Deliverable D4.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/D4.2%20Final%20Reference%20Implementation.pdf, Last accessed on 2014-11-08.

  5. Patrik Bichsel, Jan Camenisch, Maria Dubovitskaya, Robert R. Enderlein, Stephan Krenn, Ioannis Krontiris, Anja Lehmann, Gregory Neven, Janus Dam Nielsen, Christian Paquin, Franz-Stefan Preiss, Kai Rannenberg, Ahmad Sabouri, and Michael Stausholm. Architecture for Attribute-based Credential Technologies - Final Version. Deliverable D2.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable_D2.2.pdf, Last accessed on 2014-11-08.

  6. Stefan Brands. The ID Corner blog. The problem(s) with OpenID. http://www.untrusted.ca/cache/openid.html.

  7. J. Callas, L. Donnerhacke, H. Finney, D. Shaw, and R. Thayer. OpenPGP Message Format. http://www.rfc-editor.org/rfc/rfc4880.txt.

  8. David Chaum. Blind signatures for untraceable payments. In Advances in cryptology, pages 199–203. Springer, 1983.

    Google Scholar 

  9. Jan Camenisch, Stephan Krenn, Anja Lehmann, Gert Læssø e Mikkelsen, Gregory Neven, and Michael østergaard Pedersen. Scientific Comparison of ABC Protocols: Part I Formal Treatment of Privacy-Enhancing Credential Systems. Deliverable D3.1, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable\%20D3.1\%20Part\%201.pdf, Last accessed on 2014-11-08.

    Google Scholar 

  10. Douglas Crockford. The application/json media type for JavaScript Object Notation (JSON). Technical Report RFC 4627, Internet Engineering Taskforce (IETF), 2006.

    Google Scholar 

  11. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. RFC 5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Technical report, IETF, May 2008.

    Google Scholar 

  12. Nelly Delessy, Eduardo B Fernandez, and Maria M Larrondo-Petrie. A pattern language for identity management. In Computing in the Global Information Technology, 2007. ICCGI 2007. International Multi-Conference on, pages 31–31. IEEE, 2007.

    Google Scholar 

  13. Arkajit Dey and Stephen Weis. PseudoID: Enhancing Privacy in Federated Login. In Hot Topics in Privacy Enhancing Technologies, pages 95–107, 2010.

    Google Scholar 

  14. Facebook Login. https://developers.facebook.com/products/login/.

  15. Fido Alliance. http://fidoalliance.org.

  16. Russell Hardin. Trust and trustworthiness, volume 4. Russell Sage Foundation, 2004.

    Google Scholar 

  17. Dick Hardt. OAuth 2.0 Authorization Protocol. http://tools.ietf.org/html/rfc6749, October 2012.

  18. Dick Hardt, Johnny Bufu, and Josh Hoyt. OpenID Attribute Exchange 1.0. http://openid.net/specs/openid-attributeexchange-1_0.html, December 2007.

  19. D. Hardt, A. Tom, B. Eaton, and Y. Goland. OAuthWeb Resource Authorization Profiles. http://tools.ietf.org/html/drafthardt-oauth-01, January 2010. draft version 19 at time of writing.

  20. M. Jones, J. Bradley, and H. Tschofenig. Proof-Of-Possession Semantics for JSON Web Tokens (JWTs). http://tools.ietf.org/html/draft-jones-oauth-proof-of-possession-00.

  21. Audun Jøsang and Stéphane Lo Presti. Analysing the relationship between risk and trust. In Trust Management, pages 135–145. Springer, 2004.

    Google Scholar 

  22. Json web token (jwt). http://datatracker.ietf.org/doc/draft-ietf-oauth-json-web-token. draft version 19 at time of writing.

  23. Tadayoshi Kohno, Andre Broido, and Kimberly C Claffy. Remote physical device fingerprinting. Dependable and Secure Computing, IEEE Transactions on, 2(2):93–108, 2005.

    Google Scholar 

  24. Uwe Kylau, Ivonne Thomas, Michael Menzel, and Christoph Meinel. Trust requirements in identity federation topologies. In Advanced Information Networking and Applications, 2009. AINA’09. International Conference on, pages 137–145. IEEE, 2009.

    Google Scholar 

  25. Jesus Luna, Neeraj Suri, and Ioannis Krontiris. Privacy-by-design based on quantitative threat modeling. In Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on, pages 1–8. IEEE, 2012.

    Google Scholar 

  26. D. Harrison Mcknight and Norman L. Chervany. The Meanings of Trust. Technical report, University of Minnesota, 1996.

    Google Scholar 

  27. C. Mortimore, B. Campbell, and Jones M. SAML 2.0 Bearer Assertion Profiles for OAuth 2.0. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-19, March 2014. draft version 19 at time of writing.

  28. Kieron O’Hara. Trust: From Socrates to Spin. Icon Books Ltd, 2004.

    Google Scholar 

  29. OpenID Connect. http://openid.net/connect/.

  30. OpenID Authentication 2.0. http://openid.net/specs/openid-authentication-2_0.html, December 2007.

  31. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf, March 2005.

  32. U-Prove WS-Trust Profile V1.0. http://www.microsoft.com/u-prove, March 2011.

  33. WS-Trust 1.4. http://docs.oasis-open.org/ws-sx/wstrust/v1.4/ws-trust.html, April 2012.

  34. Web Services Federation Language (WS-Federation) Version 1.2. http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html, May 2009.

  35. Andrea Westerinen, John Schnizlein, John Strassner, Mark Scherling, Bob Quinn, Jay Perry, Shai Herzog, An-Ni Huynh, Mark Carlson, and Steve Waldbusser. Terminology for Policy-Based Management. Internet RFC 3198, November 2001.

    Google Scholar 

  36. WS-SecurityPolicy 1.2. http://docs.oasis-open.org/wssx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-cs.html, April 2007.

  37. WS-Trust 1.4. http://docs.oasis-open.org/ws-sx/wstrust/v1.4/os/ws-trust-1.4-spec-os.html, February 2009.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Patrik Bichsel .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Bichsel, P. et al. (2015). An Architecture for Privacy-ABCs. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds) Attribute-based Credentials for Trust. Springer, Cham. https://doi.org/10.1007/978-3-319-14439-9_2

Download citation

Publish with us

Policies and ethics