Abstract
Cryptographic primitives are essential for constructing privacy-preserving communication mechanisms. There are situations when two parties that do not know each other need to exchange sensitive information over the Internet. Trust management mechanisms make use of digital credentials in order to establish trust among these strangers. We present a method to reach an agreement on the credentials to be exchanged in which the parties can control the disclosure of their credential preferences. Our method is based on secure two-party computation protocols for set intersection.
This work was partly supported by the Government of Catalonia under grant 2009 SGR 1135, by the Spanish Government through projects TIN2011-27076-C03-01 “CO-PRIVACY” and CONSOLIDER INGENIO 2010 CSD2007-00004 “ARES”, and by the European Comission under FP7 project ‘Inter-Trust”. The second author is partially supported as an ICREA Acadèmia researcher by the Government of Catalonia; he is with the UNESCO Chair in Data Privacy, but he is solely responsible for the views expressed in this paper, which do not necessarily reflect the position of UNESCO nor commit that organization.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aumann, Y., Lindell, Y.: Security against covert adversaries: efficient protocols for realistic adversaries. J. Cryptology 23(2), 281–343 (2010)
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: MotOrBAC 2: a security policy tool. In: Third Joint Conference on Security in Networks Architectures and Security of Information Systems (SARSSI), pp. 273–287 (2008)
Buttyán, L., Hubaux, J.-P.: Rational exchange - a formal model based on game theory. In: Fiege, L., Mühl, G., Wilhelm, U.G. (eds.) WELCOM 2001. LNCS, vol. 2232, pp. 114–126. Springer, Heidelberg (2001)
Dachman-Soled, D., Malkin, T., Raykova, M., Yung, M.: Efficient robust private set intersection. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 125–142. Springer, Heidelberg (2009)
Domingo-Ferrer, J.: Rational privacy disclosure in social networks. In: Torra, V., Narukawa, Y., Daumas, M. (eds.) MDAI 2010. LNCS, vol. 6408, pp. 255–265. Springer, Heidelberg (2010)
Domingo-Ferrer, J.: Coprivacy: an introduction to the theory and applications of co-operative privacy. SORT-Statistics and Operations Research Transactions, special issue, pp. 25–40 (2011)
Dong, C., Dulay, N.: Privacy preserving trust negotiation for pervasive healthcare. In: Pervasive Health Conference and Workshops, pp. 1–9 (2006)
Farràs, O., Domingo-Ferrer, J., Blanco-Justicia, A.: Privacy-preserving trust management mechanisms from private matching schemes. http://arxiv.org/abs/1308.2435
Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, Ch., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1–19. Springer, Heidelberg (2004)
Frikken, K.B., Li, J., Atallah, M.J.: Trust negotiation with hidden credentials, hidden policies, and policy cycles. In: NDSS (2006)
Hazay, C., Lindell, Y.: Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 155–175. Springer, Heidelberg (2008)
Interoperable Trust Assurance Infrastructure (Inter-Trust). EU Project FP7-ICT 317731, 2012–2014. http://www.inter-trust.eu
Kissner, L., Song, D.: Privacy-preserving set operations. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 241–257. Springer, Heidelberg (2005)
Lee, A.J., Winslett, M., Basney, J., Welch, V.: Traust: a trust negotiation based authorization service. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds.) iTrust 2006. LNCS, vol. 3986, pp. 458–462. Springer, Heidelberg (2006)
Lee, A.J., Winslett, M., Perano, K.J.: TrustBuilder2: a reconfigurable framework for trust negotiation. In: Bertino, E., Ferrari, E., Karabulut, Y., Li, N. (eds.) IFIPTM 2009. IFIP AICT, vol. 300, pp. 176–195. Springer, Heidelberg (2009)
Li, J., Li, N., Winsborough, W.H.: Automated trust negotiation using cryptographic credentials. ACM Trans. Inf. Syst. Secur. 13(1), art. no. 2 (2009)
MEF Global Privacy Report 2013
Meyer, U., Wetzel, S., Ioannidis, S.: Distributed privacy-preserving policy reconciliation. In: ICC, pp. 1342–1349 (2007)
Miyaji, A., Rahman, M.S.: Privacy-preserving two-party rational set intersection protocol. Informatica 36(2), 277–286 (2012)
Nejdl, W., Olmedilla, D., Winslett, M.: PeerTrust: automated trust negotiation for peers on the semantic web. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 118–132. Springer, Heidelberg (2004)
Neugebauer, G., Brutschy, L., Meyer, U., Wetzel, S.: Design and implementation of privacy-preserving reconciliation protocols. In: EDBT/ICDT Workshops, pp. 121–130 (2013)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Special Eurobarometer 359: Attitudes on Data Protection and Electronic Identity in the European Union, June 2011
Squicciarini, A., Bertino, E., Ferrari, E., Paci, F., Thuraisingham, B.: PP-trust-X: a system for privacy preserving trust negotiation. ACM Trans. Inf. Syst. Secur. 10(3), art. no. 12 (2007)
Voris, J., Ioannidis, S., Wetzel, S., Meyer, U.: Performance evaluation of privacy-preserving policy reconciliation protocols. In: POLICY, pp. 221–228 (2007)
Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DISCEX, vol. 1, pp. 88–102 (2000)
Yao, A.C.-C.: How to generate and exchange secrets. In: FOCS, pp. 162–167 (1986)
Yao, D., Frikken, K.B., Atallah, M.J., Tamassia, R.: Point-based trust: define how much privacy is worth. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 190–209. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Farràs, O., Domingo-Ferrer, J., Blanco-Justicia, A. (2014). Privacy-Preserving Trust Management Mechanisms from Private Matching Schemes. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science(), vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-54568-9_26
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54567-2
Online ISBN: 978-3-642-54568-9
eBook Packages: Computer ScienceComputer Science (R0)