Sciweavers

PKC
2009
Springer

Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials

15 years 29 days ago
Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials
In this work, we consider the task of allowing a content provider to enforce complex access control policies on oblivious protocols conducted with anonymous users. As our primary application, we show how to construct privacy-preserving databases by combining oblivious transfer with an augmented anonymous credential system. This permits a database operator to restrict which items each user may access, without learning anything about users' identities or item choices. This strong privacy guarantee holds even when users are assigned different access control policies and are allowed to adaptively make many queries. Our system is based on standard assumptions in the standard model and, after an initial setup phase, each transaction requires only constant time. As a main building block of our work, we show how to augment existing anonymous credential systems so that, in addition to certifying a user's attributes, they also store state about a user's access history, which is u...
Scott E. Coull, Matthew Green, Susan Hohenberger
Added 25 Nov 2009
Updated 25 Nov 2009
Type Conference
Year 2009
Where PKC
Authors Scott E. Coull, Matthew Green, Susan Hohenberger
Comments (0)