In this section we are concerned with cryptographic means for protecting the privacy of users in electronic transactions. That is, our goal is to enable the user to conduct transactions while revealing as little information as possible. Of course, in most transactions, a user needs to reveal some information. Hence our goal will be that the user need not reveal any information in addition to what is necessary to conduct the transaction. Let us make an example to illustrate this point. Assume the user wants to rent a car and that in the process she needs to produce a driver’s license. If she would do so today, she would just show her (paper) license and the car-rental agency would inspect it and thereby learn her name, address, etc., while it would be sufficient if the agency would be able to see only the user’s picture, to verify that the license was indeed issued to the individual who intends to rent the car, and possibly the expiration date, to verify that the license is still valid. Now, we would like to achieve the same for digital certificates. If we would try to do this with conventional certificates or federated identity management tokens, we see that we would either need to enable the user to selectively reveal attributes of certificates (while hiding others) or require the user to get a certificate that includes only the attributes required for the transactions.
|Title of host publication||Digital Privacy - PRIME - Privacy and Identity Management for Europe|
|Number of pages||20|
|Publication status||E-pub ahead of print - 2011|