As a main building block of our work, we show how to augment existing anonymous credential systems so that, in addition to certifying a user's attributes, they also store state about a user's access history, which is updated with each use of the credential. In addition to adaptive oblivious transfer, we show that stateful anonymous credentials can be efficiently coupled with protocols for blind signatures and oblivious keyword search to privately control access on these requests. Our construction supports a wide range of access control policies, including efficient and private realizations of the Brewer-Nash (Chinese Wall) and Bell-LaPadula (Multilevel Security) policies, which are used for financial and defense applications. Overall, our stateful anonymous credential system provides a balance between the seemingly conflicting goals of access control and user privacy.
Category / Keywords: oblivious transfer, anonymous credentials, privacy Date: received 10 Nov 2008 Contact author: mgreen at cs jhu edu Available formats: PDF | BibTeX Citation Version: 20081118:204547 (All versions of this report) Discussion forum: Show discussion | Start new discussion