Abstract
One of the main objectives of the ABC4Trust project was to define a common, unified architecture for Privacy-ABC systems to allow comparing their respective features and combining them into common platforms. The chapter presents an overview of features and concepts of Privacy-ABCs and introduces the architecture proposed by ABC4Trust, describing the layers and components as well as the highlevel APIs. We also present the language framework of ABC4Trust through an example scenario. Furthermore, this chapter investigates integration of Privacy-ABCs with the existing Identity Management protocols and also analyses the required trust relationships in the ecosystem of Privacy-ABCs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ABC4Trust EU Project. https://www.abc4trust.eu.
Abstract syntax notation one (ASN.1), 2008. International Telecommunication Union - ITU-T recommendation X.680.
Bartel, Mark and Boyer, John and Fox, Barb and LaMacchia, Brian and Simon, Ed. XML-Signature Syntax and Processing. http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/, February 2002.
Thomas Baignères, Patrik Bichsel, Robert R Enderlein, Hans Knudsen, Kasper Damgård, Jonas Jensen, Gregory Neven, Janus Nielsen, Pascal Paillier, and Michael Stausholm. Final Reference Implementation. Deliverable D4.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/D4.2%20Final%20Reference%20Implementation.pdf, Last accessed on 2014-11-08.
Patrik Bichsel, Jan Camenisch, Maria Dubovitskaya, Robert R. Enderlein, Stephan Krenn, Ioannis Krontiris, Anja Lehmann, Gregory Neven, Janus Dam Nielsen, Christian Paquin, Franz-Stefan Preiss, Kai Rannenberg, Ahmad Sabouri, and Michael Stausholm. Architecture for Attribute-based Credential Technologies - Final Version. Deliverable D2.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable_D2.2.pdf, Last accessed on 2014-11-08.
Stefan Brands. The ID Corner blog. The problem(s) with OpenID. http://www.untrusted.ca/cache/openid.html.
J. Callas, L. Donnerhacke, H. Finney, D. Shaw, and R. Thayer. OpenPGP Message Format. http://www.rfc-editor.org/rfc/rfc4880.txt.
David Chaum. Blind signatures for untraceable payments. In Advances in cryptology, pages 199–203. Springer, 1983.
Jan Camenisch, Stephan Krenn, Anja Lehmann, Gert Læssø e Mikkelsen, Gregory Neven, and Michael østergaard Pedersen. Scientific Comparison of ABC Protocols: Part I Formal Treatment of Privacy-Enhancing Credential Systems. Deliverable D3.1, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable\%20D3.1\%20Part\%201.pdf, Last accessed on 2014-11-08.
Douglas Crockford. The application/json media type for JavaScript Object Notation (JSON). Technical Report RFC 4627, Internet Engineering Taskforce (IETF), 2006.
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. RFC 5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Technical report, IETF, May 2008.
Nelly Delessy, Eduardo B Fernandez, and Maria M Larrondo-Petrie. A pattern language for identity management. In Computing in the Global Information Technology, 2007. ICCGI 2007. International Multi-Conference on, pages 31–31. IEEE, 2007.
Arkajit Dey and Stephen Weis. PseudoID: Enhancing Privacy in Federated Login. In Hot Topics in Privacy Enhancing Technologies, pages 95–107, 2010.
Facebook Login. https://developers.facebook.com/products/login/.
Fido Alliance. http://fidoalliance.org.
Russell Hardin. Trust and trustworthiness, volume 4. Russell Sage Foundation, 2004.
Dick Hardt. OAuth 2.0 Authorization Protocol. http://tools.ietf.org/html/rfc6749, October 2012.
Dick Hardt, Johnny Bufu, and Josh Hoyt. OpenID Attribute Exchange 1.0. http://openid.net/specs/openid-attributeexchange-1_0.html, December 2007.
D. Hardt, A. Tom, B. Eaton, and Y. Goland. OAuthWeb Resource Authorization Profiles. http://tools.ietf.org/html/drafthardt-oauth-01, January 2010. draft version 19 at time of writing.
M. Jones, J. Bradley, and H. Tschofenig. Proof-Of-Possession Semantics for JSON Web Tokens (JWTs). http://tools.ietf.org/html/draft-jones-oauth-proof-of-possession-00.
Audun Jøsang and Stéphane Lo Presti. Analysing the relationship between risk and trust. In Trust Management, pages 135–145. Springer, 2004.
Json web token (jwt). http://datatracker.ietf.org/doc/draft-ietf-oauth-json-web-token. draft version 19 at time of writing.
Tadayoshi Kohno, Andre Broido, and Kimberly C Claffy. Remote physical device fingerprinting. Dependable and Secure Computing, IEEE Transactions on, 2(2):93–108, 2005.
Uwe Kylau, Ivonne Thomas, Michael Menzel, and Christoph Meinel. Trust requirements in identity federation topologies. In Advanced Information Networking and Applications, 2009. AINA’09. International Conference on, pages 137–145. IEEE, 2009.
Jesus Luna, Neeraj Suri, and Ioannis Krontiris. Privacy-by-design based on quantitative threat modeling. In Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on, pages 1–8. IEEE, 2012.
D. Harrison Mcknight and Norman L. Chervany. The Meanings of Trust. Technical report, University of Minnesota, 1996.
C. Mortimore, B. Campbell, and Jones M. SAML 2.0 Bearer Assertion Profiles for OAuth 2.0. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-19, March 2014. draft version 19 at time of writing.
Kieron O’Hara. Trust: From Socrates to Spin. Icon Books Ltd, 2004.
OpenID Connect. http://openid.net/connect/.
OpenID Authentication 2.0. http://openid.net/specs/openid-authentication-2_0.html, December 2007.
Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf, March 2005.
U-Prove WS-Trust Profile V1.0. http://www.microsoft.com/u-prove, March 2011.
WS-Trust 1.4. http://docs.oasis-open.org/ws-sx/wstrust/v1.4/ws-trust.html, April 2012.
Web Services Federation Language (WS-Federation) Version 1.2. http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html, May 2009.
Andrea Westerinen, John Schnizlein, John Strassner, Mark Scherling, Bob Quinn, Jay Perry, Shai Herzog, An-Ni Huynh, Mark Carlson, and Steve Waldbusser. Terminology for Policy-Based Management. Internet RFC 3198, November 2001.
WS-SecurityPolicy 1.2. http://docs.oasis-open.org/wssx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-cs.html, April 2007.
WS-Trust 1.4. http://docs.oasis-open.org/ws-sx/wstrust/v1.4/os/ws-trust-1.4-spec-os.html, February 2009.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Bichsel, P. et al. (2015). An Architecture for Privacy-ABCs. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds) Attribute-based Credentials for Trust. Springer, Cham. https://doi.org/10.1007/978-3-319-14439-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-14439-9_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14438-2
Online ISBN: 978-3-319-14439-9
eBook Packages: Business and EconomicsBusiness and Management (R0)