This site contains all relevant Events by ABC4trust. To keep you updated, we have a RSS Feed with ABC4Trust Events.
At the European eID Interoperability Concepts and Compliance Conference, ABC4Trust partner IBM Research will be present with a demonstration on Privacy-Preserving Authentication by Attribute-based Credentials. The conference will take place in Biel, Switzerland from May 27th-28th, 2012.
Authentication is an all-embracing mechanism in today’s digital society. Current authentication systems require users to provide more personal data than actually necessary, and offer many attack vectors due to insecure authentication methods such as username/passwords. With Privacy-preserving Attribute-based Credentials, systems that allow for minimizing the data released during authentication do exist. A combination of these technologies with eID solutions could provide the necessary security and trust for all participants while preserving the user’s privacy at the same time. In the current discussion for future electronic IDcards and other means to authenticate online and offline, the growing privacy threats for users are not sufficiently reflected. Therefore, any upcoming European and national eID schemas should help citizens to protect their privacy by providing secure authentication methods with which the user can verify only the relevant attributes but does not need to reveal more than these necessary attributes. Users would be enabled to act under a pseudonym with their real identity unknown to the service provider. However, acknowledging risks for service providers, it should be possible to trace back a so far pseudonymous user under certain previously specified conditions. With Privacy-preserving Attribute-based Credentials, such as IBM’s Identity mixer presented at the conference in Biel or Microsoft’s U-Prove, technology can be a key enabler for privacy preserving eID solutions in the future.
The demonstration in the conference’s exhibition area will show data-minimizing authentication with attribute-based credentials based on the scenario of a teenage chat room, where the chat provider requires authentication with respect to a service-specific privacy-preserving policy. When a user wants to enter the chat room, the implementation determines whether and how the user can fulfil the policy with her credentials. A graphical user interface allows the user to select and verify which personal information she wants to use to fulfil the policy. Prior to sending any information, the user interface also provides her with a detailed summary of which information she is about to release to the service provider. Based on the user's input, the prototype generates a cryptographic presentation token that shows fulfilment of the service provider's policy without revealing any unnecessary information. Finally, this presentation token is sent to the service provider for verification who grants access to the chat accordingly. Our prototype is the first implementation of such far reaching data-minimizing privacy-preserving authentication.
Visitors of the demo will learn that it is possible to perform online authentication in a privacy-preserving manner.
For first information on Privacy-ABCs, the problems they can solve and what the project is about see the ABC4Trust Flyer.
For a description of the demo to be shown in Biel see Bichsel/Preiss, A Comprehensive Framework Enabling Data-Minimizing Authentication, 2011.
Read more on an architecture to make existing systems of Privacy-ABCs interoperable, and the how the processing of personal data can be limited to enhance privacy and legal compliance: D2.1 Architecture for Attribute-based Credential Technologies.
Privacy-Enhanced Credentials Going Live – From Theory to Practice, ABC4Trust tutorial at CSP EU Forum, Berlin April, 24th 2012
ABC4Trust will hold a tutorial session at the Cyber Security & Privacy EU Forum 2012 (CSP EU FORUM) under the title “Privacy-Enhanced Credentials Going Live – From Theory to Practice”. The tutorial will be part of the CSP EU Forum in Berlin, Germany, on April, 24th 2012.
[Update] The organizers published the agenda with the time slot for our tutorial. Join us on the first day of the conference (April 24th) between 16:00 and 18:00. Please note also that the CSP EU forum is now open for registration.
Trustworthy authentication and authorization is one of the main ingredients to ensure secure transactions over the Internet. The currently prevalent solution for user-authentication is by username and password. In case the authorization requires information about the user such as address or credential card number, these information are typically obtained by exchange with other service providers. Increasingly, cryptographic approaches such as X.509 certificates are used that offer stronger security guarantees. Both of these approaches have considerable privacy concerns. Briefly, the users have to reveal their full identity and personal data to one or more service providers even though that amount of information would not be strictly necessary.
In tutorial session the presenters will discuss how Privacy-ABCs can provide the same, or better, level of strong authentication while preserving the privacy of the user. In a nutshell, privacy-ABCs allow the user to establish several partial identities (1) with each service provider, where they only disclose the information that is minimally required for this purpose. For instance, it often might be sufficient to prove the mere fact that the user is over 18 instead of revealing the full date of birth.
The technology to deploy privacy attribute-based credentials is already available with IBM's Identity Mixer and Microsoft's U-Prove. Currently, both are being integrated and used for two pilots in the EU-funded project ABC4Trust project which takes up the heritage of the European PRIME and PrimeLife projects.
This tutorial aims at providing a better understanding of the features and concepts of Privacy-ABCs and its potential application areas. We will also discuss how the ABC4Trust project advances the current state by identifying a common architecture (2) and deploying Privacy-ABCs in real-life environments. Presentations of the two pilot scenarios and a legal assessment of such privacy-enhancing technologies will complete this tutorial.
Agenda of the Tutorial session
More precisely, the tutorial consist of the following three parts:
Attribute Based Credentials for privacy preserving identity management:
Legal and technical issues, implementation initiatives, and future trends
September 20th 2011, TITANIA HOTEL, Panepisthmiou 52 , Athens, Greece, "OURANOS" Conference Center, on the 10th floor.
New and original research results and the latest state-of-the-art in Attribute-based Credentials and Trustworthiness will be presented by scientific experts and businessmen.
Date: June 10th, 2011, from 10:00 to 16:30
Location: IBM Research Zurich, Säumerstrasse 4, 8803 Rüschlikon, Switzerland
Cost: no registration fee
Joint dinner: June 9th, 2011, 19:00 Restaurant Moosegg, Säumerstrasse 31, 8803 Rüschlikon
Trustworthy, yet privacy-preserving authentication is necessary to enable long-term and lifelong privacy for users. Attribute-based credentials offer a solution allowing strong authentication while the user may remain anonymous towards the relying party and without the identity provider learning to know about the websites visited or services deployed by a user. The technology to deploy attribute-based credentials is available with IBM's Identity Mixer and Microsoft's U-Prove. The EC-funded project ABC4Trust now takes up the heritage of the PRIME and PrimeLife projects and will deploy systems using attribute-based credentials in actual production pilots and deliver open reference implementations.