《Anonymous Single-Sign-On for n Designated Services with Traceability》

Publisher:网络空间安全学院Release Time:2018-12-18Times Views:195

Lecturer: Prof. Han Jinguang

Date and Time: Thu, December 20, 2018 10:00 AM

Location: Conference Room 6320, Bldg. 6, Wireless Valley

AbstractAnonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity. This has become more important with the introduction of strong privacy regulations. We describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is that authentication can occur only between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole service access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.

Bio: Dr. Han is a researcher at Surrey Centre for Cyber Security, Department of Computer Science, University of Surrey. He obtained a PhD at School of Computing and Information Technology, University of Wollongong. His research focuses on cryptography, cloud computing, access control, and privacy protection system. He has published over 40 journal and conference articles on IEEE TPDS, IEEE TC, IEEE TIFS, ESORIC, etc. He was awarded National Scholarship for outstanding self-funded international students. In addition, he is an associate editor of Soft Computing, and guest editor of Future Generation Computer Systems, International Journal of Information Security, International Journal of Foundations of Computer Science, etc. He is also a senior member of IEEE and Chinese Association for Cryptologic Research, and a member of ACM.