Title :
A secure anonymous authorisation architecture for e-commerce
Author :
Au, Wai-Ki Richard ; Choo, Kim-Kwang Raymond ; Looi, Mark
Author_Institution :
Inf. Security Res. Centre, Queensland Univ. of Technol., Brisbane, Qld., Australia
fDate :
29 March-1 April 2005
Abstract :
We propose a new authorisation architecture based on the extension to the anonymous authorisation framework proposed by Au et al., whereby a new entity, trustee, and a new concept, key binding certificate (KBC), are introduced. In the architecture, the trustee issues a KBC to certify the association between a registered user´s unique identity and the user´s one-task authorisation key (OTAK) where OTAK is used as the user´s unique identifier to preserve anonymity. More importantly, the trustee acts as an identity escrow agent to provide anonymity revocation in a well-regulated manner. Hence, any service provider is able to make authorisation decision based on the anonymous attribute certificates (AACs) issued by referee servers to anonymous users with a high level of assurance. The trustee also empowers the notion of chained referral in situations where users are required to obtain AACs from various referee servers. An improved protocol is also proposed, accompanied by an outline of its security analysis.
Keywords :
Internet; authorisation; data privacy; electronic commerce; public key cryptography; anonymous attribute certificate; e-commerce; key binding certificate; one-task authorisation key; secure anonymous authorisation architecture; Access control; Authorization; Computer architecture; Gold; IP networks; Identity management systems; Privacy; Resource management; Security; Web server;
Conference_Titel :
e-Technology, e-Commerce and e-Service, 2005. EEE '05. Proceedings. The 2005 IEEE International Conference on
Print_ISBN :
0-7695-2274-2
DOI :
10.1109/EEE.2005.16
