A privacy-enhanced access control

Takamichi Saito, Kentaro Umesawa, Hiroshi G. Okuno

Research output: Contribution to journalArticle

Abstract

It is sometimes necessary to access a server anonymously when the Internet or an electronic commerce application is used. In the present paper, for this need there is proposed a new system that uses an SPKI (Simple Public Key Infrastructure) framework in order to provide service with an emphasis on privacy. The proposed system does not require ID information and other personal information to be presented to the server. In short, only the information relating to the corresponding service is included in the certificate submitted to the server for utilization of the service, and not the ID information of the client. However, even though this is a system of anonymous access, it is not a framework that allows unlimited access, such as anonymous FTP (File Transfer Protocol). The SPKI framework itself only determines the format of the certificate, and does not provide a methodology for selecting or managing users. Therefore, in this paper, a new framework is proposed, and controlled anonymous access is shown to be obtainable by this framework. This paper will also discuss advantages of the proposed system, its anonymity, management, security, and the processing for certificate revocation.

Original languageEnglish
Pages (from-to)77-86
Number of pages10
JournalSystems and Computers in Japan
Volume37
Issue number5
DOIs
Publication statusPublished - 2006 May
Externally publishedYes

Fingerprint

Access Control
Access control
Privacy
Servers
Certificate
Public Key Infrastructure
Server
Electronic commerce
Revocation
Internet
Anonymity
Network protocols
Electronic Commerce
Processing
Framework
Necessary
Methodology

Keywords

  • Access control
  • PKI
  • Privacy
  • SPKI
  • System security

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems
  • Theoretical Computer Science
  • Computational Theory and Mathematics

Cite this

A privacy-enhanced access control. / Saito, Takamichi; Umesawa, Kentaro; Okuno, Hiroshi G.

In: Systems and Computers in Japan, Vol. 37, No. 5, 05.2006, p. 77-86.

Research output: Contribution to journalArticle

Saito, Takamichi ; Umesawa, Kentaro ; Okuno, Hiroshi G. / A privacy-enhanced access control. In: Systems and Computers in Japan. 2006 ; Vol. 37, No. 5. pp. 77-86.
@article{cd9b7d63be1543938215b37631761e21,
title = "A privacy-enhanced access control",
abstract = "It is sometimes necessary to access a server anonymously when the Internet or an electronic commerce application is used. In the present paper, for this need there is proposed a new system that uses an SPKI (Simple Public Key Infrastructure) framework in order to provide service with an emphasis on privacy. The proposed system does not require ID information and other personal information to be presented to the server. In short, only the information relating to the corresponding service is included in the certificate submitted to the server for utilization of the service, and not the ID information of the client. However, even though this is a system of anonymous access, it is not a framework that allows unlimited access, such as anonymous FTP (File Transfer Protocol). The SPKI framework itself only determines the format of the certificate, and does not provide a methodology for selecting or managing users. Therefore, in this paper, a new framework is proposed, and controlled anonymous access is shown to be obtainable by this framework. This paper will also discuss advantages of the proposed system, its anonymity, management, security, and the processing for certificate revocation.",
keywords = "Access control, PKI, Privacy, SPKI, System security",
author = "Takamichi Saito and Kentaro Umesawa and Okuno, {Hiroshi G.}",
year = "2006",
month = "5",
doi = "10.1002/scj.10214",
language = "English",
volume = "37",
pages = "77--86",
journal = "Systems and Computers in Japan",
issn = "0882-1666",
publisher = "John Wiley and Sons Inc.",
number = "5",

}

TY - JOUR

T1 - A privacy-enhanced access control

AU - Saito, Takamichi

AU - Umesawa, Kentaro

AU - Okuno, Hiroshi G.

PY - 2006/5

Y1 - 2006/5

N2 - It is sometimes necessary to access a server anonymously when the Internet or an electronic commerce application is used. In the present paper, for this need there is proposed a new system that uses an SPKI (Simple Public Key Infrastructure) framework in order to provide service with an emphasis on privacy. The proposed system does not require ID information and other personal information to be presented to the server. In short, only the information relating to the corresponding service is included in the certificate submitted to the server for utilization of the service, and not the ID information of the client. However, even though this is a system of anonymous access, it is not a framework that allows unlimited access, such as anonymous FTP (File Transfer Protocol). The SPKI framework itself only determines the format of the certificate, and does not provide a methodology for selecting or managing users. Therefore, in this paper, a new framework is proposed, and controlled anonymous access is shown to be obtainable by this framework. This paper will also discuss advantages of the proposed system, its anonymity, management, security, and the processing for certificate revocation.

AB - It is sometimes necessary to access a server anonymously when the Internet or an electronic commerce application is used. In the present paper, for this need there is proposed a new system that uses an SPKI (Simple Public Key Infrastructure) framework in order to provide service with an emphasis on privacy. The proposed system does not require ID information and other personal information to be presented to the server. In short, only the information relating to the corresponding service is included in the certificate submitted to the server for utilization of the service, and not the ID information of the client. However, even though this is a system of anonymous access, it is not a framework that allows unlimited access, such as anonymous FTP (File Transfer Protocol). The SPKI framework itself only determines the format of the certificate, and does not provide a methodology for selecting or managing users. Therefore, in this paper, a new framework is proposed, and controlled anonymous access is shown to be obtainable by this framework. This paper will also discuss advantages of the proposed system, its anonymity, management, security, and the processing for certificate revocation.

KW - Access control

KW - PKI

KW - Privacy

KW - SPKI

KW - System security

UR - http://www.scopus.com/inward/record.url?scp=33645661537&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33645661537&partnerID=8YFLogxK

U2 - 10.1002/scj.10214

DO - 10.1002/scj.10214

M3 - Article

AN - SCOPUS:33645661537

VL - 37

SP - 77

EP - 86

JO - Systems and Computers in Japan

JF - Systems and Computers in Japan

SN - 0882-1666

IS - 5

ER -