A card requirements language enabling privacy-preserving access control

  • Camenisch J
  • Mödersheim S
  • Neven G
 et al. 
  • 27

    Readers

    Mendeley users who have this article in their library.
  • 16

    Citations

    Citations of this article.

Abstract

We address the problem of privacy-preserving access control in distributed systems. Users commonly reveal more personal data than strictly necessary to be granted access to online resources, even though existing technologies, such as anonymous credential systems, offer functionalities that would allow for privacy-friendly authorization. An important reason for this lack of technology adoption is, as we believe, the absence of a suitable authorization language offering adequate expressiveness to address the privacy-friendly functionalities. To overcome this problem, we propose an authorization language that allows for expressing access control requirements in a privacy-preserving way. Our language is independent from concrete technology, thus it allows for specifying requirements regardless of implementation details while it is also applicable for technologies designed without privacy considerations. We see our proposal as an important step towards making access control systems privacy-preserving.

Author-supplied keywords

  • access control
  • anonymous credentials
  • digital credentials
  • policy languages
  • privacy

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Authors

  • Jan Camenisch

  • Sebastian Mödersheim

  • Gregory Neven

  • Franz-Stefan Preiss

  • Dieter Sommer

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free