Sciweavers

TISSEC
2010

BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs

13 years 7 months ago
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a trusted third party (TTP). The ability of the TTP to revoke a user's privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, systems have been proposed in which users are deanonymized if they authenticate "too many times," such as "double spending" with electronic cash. While useful in some applications, it is not possible to generalize such techniques to more subjective definitions of misbehavior, e.g., it is not possible to block users who "deface too many webpages" on a website. We present BLAC, the first anonymous credential system in which service providers can revoke the credentials of repeatedly misbehaving users with...
Patrick P. Tsang, Man Ho Au, Apu Kapadia, Sean W.
Added 22 May 2011
Updated 22 May 2011
Type Journal
Year 2010
Where TISSEC
Authors Patrick P. Tsang, Man Ho Au, Apu Kapadia, Sean W. Smith
Comments (0)