Privacy preservation has become an essential requirement in today's computing environment; abuse based on anonymity and user-controlled pseudonyms is a serious problem. For prompt deployment in legacy information systems, it would be desirable to develop a new method in the standard paradigm. This paper investigates practical methods for privacy preservation with X.509 standard certificates by providing conditional traceability for both identity and attribute certificates in the legacy systems. We separate certificate authorities, one for verifying identities and the other for validating contents, in a blinded manner without requiring a trusted third party. We design a concrete method with its more generic and applicative extensions, and prove security formally. We also evaluate performance through rigorous experiments and discuss possible applications.
Bibliographical noteFunding Information:
The author thanks anonymous reviewers and Editor-in-Chief for their helpful comments, and Jung Hee Cheon and Yongdae Kim for their encouragement on this work. This work was supported in part by National Research Foundation of Korea Grant funded by Korea Government ( 2009-0077066 ).
All Science Journal Classification (ASJC) codes
- Control and Systems Engineering
- Theoretical Computer Science
- Computer Science Applications
- Information Systems and Management
- Artificial Intelligence