This section contains general news about the ABC4Trust project.
To keep you updated, we have a RSS Feed containing ABC4Trust News.
On the 23rd of November 2012, 32 students of the course “Distributed Systems I” of the Department of Computer Engineering & Informatics at the University of Patras, Greece, started their participation in one of the two pilots that were developed within the context of the ABC4Trust project. This pilot is about remote evaluation of courses that students have attended throughout the semester, using “minimal disclosure” technologies that the ABC4Trust project developed in a reference implementation. Students are allowed to evaluate the course in the end of the semester after proving, anonymously, that they have attended the course sufficiently many times (i.e. over a preset attendance threshold), that they are students of the University, and that they have registered for the course under evaluation. The students have smart cards which they use in order to collect attendance units in class by passing the cards near a contactless reader of a class attendance application. After the semester has ended, they will use their smart cards in order to prove to the course evaluation system their eligibility to participate in the evaluation of the course.
This group of students will use the Idemix technology developed by IBM. Another group of 32 students will soon start their participation too, using the U-Prove technology introduced by Microsoft. We expect that after the pilot has ended (beginning of fall 2013) the students will be able to give accurate opinions from the users’ perspective. These opinions will enable the ABC4Trus consortium to proceed to enhancements of the reference implementation that will take account the students’ opinions towards increased usability, user friendliness, and ease of use.
After the success of the last IFIP Summer School “Privacy and Identity Management for emerging Internet Applications throughout a Person’s Lifetime” in September 2011, ABC4Trust is again collaborating with other projects and several IFIP (International Federation for Information Processing) working groups to arrange a Summer School in 2013. This 8th International Summer School, organised jointly by the IFIP Working Groups 9.2, 9.5, 9.6/11.7, 11.4, 11.6 and projects such as ABC4Trust, A4Cloud, PRISMS, DigiDeas and FutureID, will focus on “Privacy and Identity Management for Emerging Services and Technologies”. It will be held in Nijmegen, the Netherlands, from June 17 to 21, 2013. The local organisers are PI.lab and Radboud University Nijmegen.
The aim of the Summer School is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas, build up a collegial relationship with others, gain experience in making presentations, and potentially publish a paper through the resulting book proceedings. It takes a holistic approach to society and technology and supports interdisciplinary exchange in the keynote lectures, tutorials and workshops. In particular, participants' contributions that combine technical, legal, regulatory, socio-economic, social or societal, ethical, anthropological, philosophical, or psychological perspectives are welcome. The school is interactive in character, and is composed of a combination of keynote lectures and workshops with PhD student presentations. Contributions are selected based on an extended abstract review by a Summer School Programme Committee.
The ABC4Trust web-team congratulates our colleague Jan Camisch from IBM Research - Zurich as well as the co-authors Stephan Krenn and Victor Shoup for being awarded with the Best Paper Award at the 17th annual AsiaCrypt Conference held in Seoul, Korea, on December 4th - 8th, 2011.
The paper provides a method to design efficient cryptographic proof protocols that can be proven secure in a very strong security model. This assures that a protocols security is retained no matter in what environment a protocol is used. An example of such protocols are the privacy-enhancing technologies designed and applied in the ABC4Trust project.
The contribution with the title "A Framework for Practical Universally Composable Zero-Knowledge Protocols" has been published in the Springer LNCS series.
Zero-knowledge proofs of knowledge (ZK-PoK) for discrete logarithms and related problems are indispensable for practical cryptographic protocols. Recently, Camenisch, Kiayias, and Yung provided a specification language (the CKY-language) for such protocols which allows for a modular design and protocol analysis: for every zero-knowledge proof specified in this language, protocol designers are ensured that there exists an efficient protocol which indeed proves the specified statement.
With the Report "Architecture for Attribute-based Credential Technologies" (Privacy ABCs) the ABC4Trust consortium published the first version of the architecture design for the deployment of Attribute-based credentials. The ABC4Trust project will brings this privacy preserving technology to life in two pilots. The first pilot provides a social network for pupils in a secondary school in Söderhamn, Sweden. The second pilot will allow anonymous yet securely authenticated evaluation of classes at the University of Patras, Greece.
The architecture report provides the basis for the pilots and describes central aspects of the technology as it will be deployed in ABC4Trust. The architecture report has been designed to decompose future (reference) implementations of Privacy-ABC technologies into sets of modules and specify the abstract functionality of these components in such a way that they are independent from algorithms or cryptographic components used underneath.
The report also provides an analysis regarding the applicability of the ABC4Trust architecture to the popular existing identity protocols and frameworks such as WS-*, SAML, OpenID, OAuth and X.509.
The goal of ABC4Trust is to address the federation and interchangeability of technologies that support trustworthy yet privacy-preserving Attribute-based Credentials (Privacy-ABC).
Towards this goal, one of the main objectives of the project is to define a common, unified architecture for Privacy-ABC systems to allow comparing their respective features and combining them on common platforms. The first version of this architecture is described in the deliverable at hand. Its main contribution is the specification of the data artifacts exchanged between the implicated entities (i.e. issuer, user, verifier, revocation authority, etc.), in such a way that the underlying differences of concrete Privacy-ABC implementations are abstracted away through the definition of formats that can convey information independently from the mechanism-specific cryptographic data. It also defines all technology-agnostic components and corresponding APIs a system needs to implement in order to perform the corresponding operations, i.e. to process an obtained issuance/presentation policy, perform the selection of applicable credentials for a given policy or to trigger the mechanism-specific generation of the cryptographic evidence.
How Privacy-ABCs can be applied in existing identity protocols and frameworks such as WS-*, SAML, OpenID, OAuth and X.509 and how Privacy-ABCs can help to alleviate some of the security, privacy and scalability issues of these protocols is also discussed.
Attribute Based Credentials for privacy preserving identity management:
Legal and technical issues, implementation initiatives, and future trends
September 20th 2011, TITANIA HOTEL, Panepisthmiou 52 , Athens, Greece, "OURANOS" Conference Center, on the 10th floor.
For more information click here
Date: September 5-9, 2011 Location: University of Trento/Italy
ABC4Trust jointly supports the The IFIP Summer School together with PrimeLife and other European and national projects related to privacy and IT security. Please consider your participation. The preliminary agenda as of today can be found below. For details, updates and registration please visit the website of the IFIP Summer School 2011.
Date: September 5-9, 2011 Location: University of Trento/Italy
Excerpt from the Call for Papers:
Internet applications, such as Web 2.0 applications and cloud computing, increasingly pose privacy dilemmas. When they communicate over the Internet, individuals leave trails of personal data which may be stored for many years to come. These developments raise substantial new challenges for personal privacy at the technical, social, ethical, regulatory, and legal levels: How can privacy be protected in emerging Internet applications such as collaborative scenarios and virtual communities? What frameworks and tools could be used to gain, regain and maintain informational self-determination and lifelong privacy?
Date: June 10th, 2011, from 10:00 to 16:30
Location: IBM Research Zurich, Säumerstrasse 4, 8803 Rüschlikon, Switzerland
Cost: no registration fee
Joint dinner: June 9th, 2011, 19:00 Restaurant Moosegg, Säumerstrasse 31, 8803 Rüschlikon
Trustworthy, yet privacy-preserving authentication is necessary to enable long-term and lifelong privacy for users. Attribute-based credentials offer a solution allowing strong authentication while the user may remain anonymous towards the relying party and without the identity provider learning to know about the websites visited or services deployed by a user. The technology to deploy attribute-based credentials is available with IBM’s Identity Mixer and Microsoft’s U-Prove. The EC-funded project ABC4Trust now takes up the heritage of the PRIME and PrimeLife projects and will deploy systems using attribute-based credentials in actual production pilots and deliver open reference implementations.