anonymous authorisation in smart environments
play

Anonymous Authorisation in Smart Environments Florian Baumann - PowerPoint PPT Presentation

Nov 30, 2022 •137 likes •358 views

Anonymous Authorisation in Smart Environments Florian Baumann Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen August 13, 2014 Florian Baumann: Anonymous Authorisation in

  1. Anonymous Authorisation in Smart Environments Florian Baumann Chair for Network Architectures and Services Department for Computer Science Technische Universit¨ at M¨ unchen August 13, 2014 Florian Baumann: Anonymous Authorisation in Smart Environments 1

  2. Outline Motivation & Context 1 Research Questions 2 3 Analysis Requirements Approaches Comparison of the approaches 4 Solution Schedule 5 Florian Baumann: Anonymous Authorisation in Smart Environments 2

  3. Motivation & Context IDEM Customizable and Tenant-aware System for Energy Control Privacy concerns Tracking of individuals Profiling of individuals and their habits, especially with other sensor data Identity of individual often unnecessary to make authorisation decision Prevention of data breaches and abuse (if there is no data, it can’t be breached or abused) Florian Baumann: Anonymous Authorisation in Smart Environments 3

  4. Scenario Administration rents parts of its building to different companies Companies have Employees, who need to use the different services provided Employees have to authorise, to use services (e.g. Meeting Rooms, Cafeteria) Florian Baumann: Anonymous Authorisation in Smart Environments 4

  5. Research Questions Research Questions What is a suitable solution for secure, yet anonymous authorisation? What properties does the system need for an anonymous authorisation? How does the user interact with the system? Florian Baumann: Anonymous Authorisation in Smart Environments 5

  6. Requirements Requirements (R1) Non-linkability of authorisations by the same person (R2) Revocation of Anonymity in special cases (e.g. fraud) (R3) Preventing unauthorised Lending (R4) Non-repudiation (R5) Revocation (R6) Limited show Token Florian Baumann: Anonymous Authorisation in Smart Environments 6

  7. Approaches Existing Authorisation Solutions (Shibboleth, OAuth, Kerberos) Building Tokens/Coins Similar to coin money, Tokens can be only used once User receives Tokens into a digital wallet (Smartcard, Smartphone) Tokens contain a serial number, building remembers which serial numbers have been used Digital Credentials Proposed by Stefan Brands in 1993, borrowing heavily from work by David Chaum Similar to X.509 Certificates, as they contain attributes about the holder Allows for selective disclosure of these attributes, through proofs of knowledge Florian Baumann: Anonymous Authorisation in Smart Environments 7

  8. Approaches Existing Authorisation Solutions (Shibboleth, OAuth, Kerberos) Building Tokens/Coins Similar to coin money, Tokens can be only used once User receives Tokens into a digital wallet (Smartcard, Smartphone) Tokens contain a serial number, building remembers which serial numbers have been used Digital Credentials Proposed by Stefan Brands in 1993, borrowing heavily from work by David Chaum Similar to X.509 Certificates, as they contain attributes about the holder Allows for selective disclosure of these attributes, through proofs of knowledge Florian Baumann: Anonymous Authorisation in Smart Environments 7

  9. Approaches Existing Authorisation Solutions (Shibboleth, OAuth, Kerberos) Building Tokens/Coins Similar to coin money, Tokens can be only used once User receives Tokens into a digital wallet (Smartcard, Smartphone) Tokens contain a serial number, building remembers which serial numbers have been used Digital Credentials Proposed by Stefan Brands in 1993, borrowing heavily from work by David Chaum Similar to X.509 Certificates, as they contain attributes about the holder Allows for selective disclosure of these attributes, through proofs of knowledge Florian Baumann: Anonymous Authorisation in Smart Environments 7

  10. Comparison R1 R2 R3 R4 R5 R6 Existing Solutions � � � ✗ ✗ Building Coins � � � ✗ ✗ ✗ Digital Credentials � � � � � � (R4) Non-repudiation (R1) Non-linkability (R5) Revocation (R2) Anonymity Revocation (R6) Limited show Token (R3) Unauthorised Lending Florian Baumann: Anonymous Authorisation in Smart Environments 8

  11. Digital Credentials Source: ABC4Trust Implemented by idemix (IBM) and U-Prove (Mircosoft) Privacy-Preserving Attribute-Based Credential Engine (ABC4Trust) provides interoperability Florian Baumann: Anonymous Authorisation in Smart Environments 9

  12. Credential Types Credential Types CompanyCred CompanyID, Name, NotBefore, NotAfter, Revocation Handle EmployeeCred UserID, Name, NotBefore, NotAfter, Revocation Handle CompanyID carried over from the CompanyCred ServiceCred ServiceID, NotBefore, NotAfter, Revocation Handle UserID, CompanyID carried over from EmployeeCred Flag specifying, if User can pass it on to someone else Bound to same Key as EmployeeCred Florian Baumann: Anonymous Authorisation in Smart Environments 10

  13. Credential Types Credential Types CompanyCred CompanyID, Name, NotBefore, NotAfter, Revocation Handle EmployeeCred UserID, Name, NotBefore, NotAfter, Revocation Handle CompanyID carried over from the CompanyCred ServiceCred ServiceID, NotBefore, NotAfter, Revocation Handle UserID, CompanyID carried over from EmployeeCred Flag specifying, if User can pass it on to someone else Bound to same Key as EmployeeCred Florian Baumann: Anonymous Authorisation in Smart Environments 10

  14. Credential Types Credential Types CompanyCred CompanyID, Name, NotBefore, NotAfter, Revocation Handle EmployeeCred UserID, Name, NotBefore, NotAfter, Revocation Handle CompanyID carried over from the CompanyCred ServiceCred ServiceID, NotBefore, NotAfter, Revocation Handle UserID, CompanyID carried over from EmployeeCred Flag specifying, if User can pass it on to someone else Bound to same Key as EmployeeCred Florian Baumann: Anonymous Authorisation in Smart Environments 10

  15. Credential Types Credential Types CompanyCred CompanyID, Name, NotBefore, NotAfter, Revocation Handle EmployeeCred UserID, Name, NotBefore, NotAfter, Revocation Handle CompanyID carried over from the CompanyCred ServiceCred ServiceID, NotBefore, NotAfter, Revocation Handle UserID, CompanyID carried over from EmployeeCred Flag specifying, if User can pass it on to someone else Bound to same Key as EmployeeCred Florian Baumann: Anonymous Authorisation in Smart Environments 10

  16. Issuance Issuance Administration Issues CompanyCreds to Companies Issues ServiceCreds to Users, requires EmployeeCred Companies Issues EmployeeCreds to Users, requires CompanyCred Issues ServiceCreds to Users, requires EmployeeCred Florian Baumann: Anonymous Authorisation in Smart Environments 11

  17. Verification Verification User states his CompanyID to Verifier Verifier retrieves the Issuing Public Key of the Company from the Knowledge Base (Trusted Storage) Verifier sends PresentationPolicy to User, stating which types of Credentials and Attributes he wants to see User chooses an appropriate combination from his Credentials to satisfy the policy Verifier check the received PresentationToken Verifier can store this token for later inspection Florian Baumann: Anonymous Authorisation in Smart Environments 12

  18. Revocation Normal Revocation Revocation Authority periodically publishes Revocation Info (List of Revocation Handles) User proofs, that the Revocation Handle of its Credential is not in the list of revoked Handles Revocation of all Credentials issued by a Company Once a Company leaves the building its Public Key is deleted from the Knowledge Base As a consequence all Credentials issued will not be verifiable anymore Florian Baumann: Anonymous Authorisation in Smart Environments 13

  19. Revocation Normal Revocation Revocation Authority periodically publishes Revocation Info (List of Revocation Handles) User proofs, that the Revocation Handle of its Credential is not in the list of revoked Handles Revocation of all Credentials issued by a Company Once a Company leaves the building its Public Key is deleted from the Knowledge Base As a consequence all Credentials issued will not be verifiable anymore Florian Baumann: Anonymous Authorisation in Smart Environments 13

  20. Schedule July August September October 1 2 3 4 5 6 7 8 9 10 11 12 13 14 Familiarisation Concept This Talk Implementation Testing Thesis Submission Defense Florian Baumann: Anonymous Authorisation in Smart Environments 14

  21. Thank you Thank you for listening. Any Questions? Florian Baumann: Anonymous Authorisation in Smart Environments 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SRA Authorisation Rules & New Firm Authorisation - Guidance for new & existing firms

SRA Authorisation Rules & New Firm Authorisation - Guidance for new & existing firms

SRA Authorisation Rules & New Firm Authorisation - Guidance for new & existing firms Presenters Rachel Lewis Director of Authorisation at the SRA Also responsible for the SRA Contact Centre & Business Support Services Has

525 views • 30 slides
PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo

PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo

PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo Martucci Security and Networks Group, ADIT Department of Computer and Information Science About me EE Degree (95-00) + Master in EE (00-02)

625 views • 33 slides
Marketing Authorisation: Marketing Authorisation: The Evaluation Process The Evaluation Process

Marketing Authorisation: Marketing Authorisation: The Evaluation Process The Evaluation Process

1 st EMEA Workshop for Micro, Small and Medium- Sized Enterprises (SMEs) Navigating the Regulatory Maze Marketing Authorisation: Marketing Authorisation: The Evaluation Process The Evaluation Process Dr Evdokia Korakianiti Scientific

474 views • 21 slides
Towards Smart Environments using Smart Objects Martin Sedlmayr Hans-Ulrich Prokosch Ulli Mnch

Towards Smart Environments using Smart Objects Martin Sedlmayr Hans-Ulrich Prokosch Ulli Mnch

Towards Smart Environments using Smart Objects Martin Sedlmayr Hans-Ulrich Prokosch Ulli Mnch Overview on technologies C HAIR OF M EDICAL I NFORMATICS , FAU One Service, many technologies: Pa#ent Tracking

134 views • 12 slides
Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work

Anonymous Tokens Michele Orr ia.cr/2020/072 1 Anonymous Tokens Michele Orr joint work with Ben Kreuter, Tancrde Lepoint, Mariana Raykova ia.cr/2020/072 1 Definition Anonymous tokens are lightweight, single-use anonymous credentials.

657 views • 61 slides
Extending communications and navigation to the most challenging environments using Seatooth -

Extending communications and navigation to the most challenging environments using Seatooth -

Smart Waters Smart Cities Extending communications and navigation to the most challenging environments using Seatooth - ExtremeEdge IoT and Cloud Computing Brendan Hyland, Founder & Chairman Brendan@wfs-tech.com +44 78 010 63450

252 views • 23 slides
Smart Precision in Harsh Environments Paddy French+, Gijs Krijnen* & Fred Roozeboom# + TU

Smart Precision in Harsh Environments Paddy French+, Gijs Krijnen* & Fred Roozeboom# + TU

Smart Precision in Harsh Environments Paddy French+, Gijs Krijnen* & Fred Roozeboom# + TU Delft, *U Twente, #TU Eindhoven 1 Overview Introduction/definitions Application areas Approaches Solutions Conclusions 2 What is

761 views • 46 slides
Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons

Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons

Two cool ideas: Anonymous classes Polymorphism Anonymous classes motivation You probably have many buttons and/or menu items in your VectorGraphics project Three approaches for responding to the events from selecting those buttons /

406 views • 6 slides
Presence Detection of Mobile Participants in Smart Room Environments Ivan Galov, Dmitry Korzun

Presence Detection of Mobile Participants in Smart Room Environments Ivan Galov, Dmitry Korzun

Presence Detection of Mobile Participants in Smart Room Environments Ivan Galov, Dmitry Korzun Petrozavodsk State University Department of Computer Science This demo was supported by grant KA179 Complex development of regional cooperation in

230 views • 10 slides
) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power

) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power

) tra ffi c lights smart grid Honeypots in ICS Environments space station steel mill ( power plant supertanker death star gas pipeline sewage plant wind turbine ) cypherpunk chaotic neutral privacy activist researcher DI Daniel

656 views • 27 slides
in Smart Environments Candidate: Supervisors: Emanuele Furci Fulvio Corno Dario Bonino Luigi

in Smart Environments Candidate: Supervisors: Emanuele Furci Fulvio Corno Dario Bonino Luigi

Politecnico di Torino Master degree in Computer Engineering Context Aware and Device Dependent Interaction in Smart Environments Candidate: Supervisors: Emanuele Furci Fulvio Corno Dario Bonino Luigi De Russis Academic year 2013-2014

598 views • 30 slides
12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship

12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship

12-STEP PROGRAMS Alcoholics Anonymous The Preamble Alcoholics Anonymous is a fellowship of men and women who share their experience, strength and hope with each other that they may solve their common problem and help others to recover

1.11k views • 76 slides
Internet of Mysterious Things Paul McCullagh Smart Environments Research Group Computer

Internet of Mysterious Things Paul McCullagh Smart Environments Research Group Computer

7/30/11 Internet of Mysterious Things Paul McCullagh Smart Environments Research Group Computer Science Research Institute 30 years STS-1, Shuttle Columbia, Flight #1 April 12, 1981 1 7/30/11 A marathon at your age?

592 views • 13 slides
Quisquis: An Anonymous Cryptocurrency Based on Updatable Public Keys Prastudy Fauzi, Sarah

Quisquis: An Anonymous Cryptocurrency Based on Updatable Public Keys Prastudy Fauzi, Sarah

Quisquis: An Anonymous Cryptocurrency Based on Updatable Public Keys Prastudy Fauzi, Sarah Meiklejohn, Rebekah Mercer, Claudio Orlandi @claudiorlandi Blockchain Research Applications Smart Contracts Transaction Layer This talk Consensus

578 views • 29 slides
AUTHORISATION (RPA) IN NSW NDS FORUMS April/May 2019 1 Recap 2 States and Territories,

AUTHORISATION (RPA) IN NSW NDS FORUMS April/May 2019 1 Recap 2 States and Territories,

Family & Community Services RESTRICTIVE PRACTICE . AUTHORISATION (RPA) IN NSW NDS FORUMS April/May 2019 1 Recap 2 States and Territories, including NSW, are responsible for managing the authorisation of regulated restrictive

479 views • 20 slides
Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the

Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the

Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the scene: requirements Old style authorisation: DN based gridmap-files Overview of the EDG components VO user management: VOMS

384 views • 21 slides
LARIAT: Lincoln Adaptable Real-time Information Assurance Testbed Lee M. Rossey Jesse C. Rabek,

LARIAT: Lincoln Adaptable Real-time Information Assurance Testbed Lee M. Rossey Jesse C. Rabek,

LARIAT: Lincoln Adaptable Real-time Information Assurance Testbed Lee M. Rossey Jesse C. Rabek, Robert K. Cunningham, David J. Fried, Rich P. Lippmann, Marc A. Zissman RAID 2001 October 10, 2001 This work was sponsored by the United States

314 views • 27 slides
Show me the tests! Writing Automated Tests for Drupal Me Lee Rowlands - @larowlan Senior

Show me the tests! Writing Automated Tests for Drupal Me Lee Rowlands - @larowlan Senior

DEV TRACK | LEE ROWLANDS | FEBRUARY 8 2013 Show me the tests! Writing Automated Tests for Drupal Me Lee Rowlands - @larowlan Senior Drupal Developer with PreviousNext Working with Drupal 4+ years Maintainer of 35+ contrib

684 views • 31 slides
Draft fting a Testing Strategy How a subscription-based business increased conversions by 121%

Draft fting a Testing Strategy How a subscription-based business increased conversions by 121%

Draft fting a Testing Strategy How a subscription-based business increased conversions by 121% Ben Eva Benjamin Huppertz Global Head of Conversion Management Senior Research Manager Euromoney Institutional Investor MECLABS Session speaker

1.22k views • 58 slides
Testing the Essential with AutoFixture Enrico Campidoglio @ecampidoglio Premise:

Testing the Essential with AutoFixture Enrico Campidoglio @ecampidoglio Premise:

Testing the Essential with AutoFixture Enrico Campidoglio @ecampidoglio Premise: + Small Expressive Essential 3 unit testing AutoFixture patterns Context Set() 123 System System under test under test

536 views • 30 slides
Don't Call Us, We'll Call You: Characterizing Callbacks in JavaScript Keheliya Gallaba, Ali

Don't Call Us, We'll Call You: Characterizing Callbacks in JavaScript Keheliya Gallaba, Ali

Don't Call Us, We'll Call You: Characterizing Callbacks in JavaScript Keheliya Gallaba, Ali Mesbah, Ivan Beschastnikh University of British Columbia 1 Why JavaScript? On the client 2 Why JavaScript? On the client On the server 3 Why

987 views • 63 slides
A Tour of Perl Testing A Tour of Perl Testing Perl agentzh@yahoo.cn

A Tour of Perl Testing A Tour of Perl Testing Perl agentzh@yahoo.cn

A Tour of Perl Testing A Tour of Perl Testing Perl agentzh@yahoo.cn (agentzh) 2009.9 Why testing? When things have gone wrong in collaboration... agentzh: With my patch in r2545, Jifty's I18N should work for

562 views • 54 slides
Traceable Group Encryption t Libert 1 Moti Yung 2 Marc Joye 1 Thomas Peters 3 Beno 1

Traceable Group Encryption t Libert 1 Moti Yung 2 Marc Joye 1 Thomas Peters 3 Beno 1

Traceable Group Encryption t Libert 1 Moti Yung 2 Marc Joye 1 Thomas Peters 3 Beno 1 Technicolor (France) 2 Google Inc. and Columbia University (USA) 3 UCL Crypto Group (Belgium) March 28, 2014 Buenos Aires B. Libert (Technicolor) PKC 2014

190 views • 18 slides
Beyond Vanilla LTP Spike-timing-dependent-plasticity or STDP Hebbian learning rule aSN W

Beyond Vanilla LTP Spike-timing-dependent-plasticity or STDP Hebbian learning rule aSN W

Beyond Vanilla LTP Spike-timing-dependent-plasticity or STDP Hebbian learning rule aSN W MN,aSN MN learning threshold under which LTD can occur w ij = x j (v i - ) Stimulation electrode Recording electrode (extracellular) R di l

825 views • 43 slides

More recommend