Author :
Camenisch, Jan ; Lehmann, Anja ; Neven, Gregory
Abstract :
For transactions on the Internet, user authentication typically involves usernames and passwords. When creating an account, users often must provide additional personal information. Usually, this is a list of self-claimed attributes such as name, address, or birth date. Only a few attributes such as email address and credit card information have some mechanism to authenticate them. Solutions such as the Security Assertion Markup Language, OpenID, or X.509 certificates let users authenticate and transfer attributes, certified by an issuer, to a relying party in a more trusted way. However, these technologies still have considerable security and privacy concerns. Private credentials are a superior solution. With them, issuers don´t have to be involved during authentication. Also, users disclose only those attributes required by the relying parties and can do so without being easily tracked across their transactions.
Keywords :
cryptography; message authentication; Internet; OpenID; X.509 certificates; credit card information; electronic identities; email address; personal information; private credentials; security assertion markup language; selfclaimed attributes; user authentication; Access control; Authentication; Computer security; Electronic commerce; Privacy; Public key; X.509 certificates; authentication; computer security; cryptography; identity management; private credentials; public keys;
