Paper 2008/474

Access Controls for Oblivious and Anonymous Systems

Scott Coull, Matthew Green, and Susan Hohenberger

Abstract

The use of privacy-enhancing cryptographic protocols, such as anonymous credentials and oblivious transfer, often has a detrimental effect on the ability of providers to effectively implement access controls on their content. In this paper, we propose a stateful anonymous credential system that allows the provider to implement non-trivial, real-world access controls on oblivious protocols conducted with anonymous users. Our stateful anonymous credential system models the behavior of users as a state machine, and embeds that state within an anonymous credential to restrict access to resources based on the state information. The use of state machine models of user behavior allows the provider to restrict the users' actions according to a wide variety of access control models without learning anything about the users' identities or actions. Our system is secure in the standard model under basic assumptions, and, after an initial setup phase, each transaction requires only constant time. As a concrete example, we show how to implement the Brewer-Nash (Chinese Wall) and Bell-La Padula (Multilevel Security) access control models within our credential system. Furthermore, we combine our credential system with a simulatable, adaptive oblivious transfer scheme to create a privacy-friendly oblivious database with strong access controls.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
oblivious transferanonymous credentialsprivacy
Contact author(s)
mgreen @ cs jhu edu
History
2010-01-12: last of 2 revisions
2008-11-18: received
See all versions
Short URL
https://ia.cr/2008/474
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/474,
      author = {Scott Coull and Matthew Green and Susan Hohenberger},
      title = {Access Controls for Oblivious and Anonymous Systems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/474},
      year = {2008},
      url = {https://eprint.iacr.org/2008/474}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.