Learn More
Enterprise privacy policies often reflect different legal regulations, promises made to customers, as well as more restrictive enterprise-internal practices. The notion of policy refinement is fundamental for privacy policies, as it allows one to check whether a company's policy fulfills regulations or adheres to standards set by customer organizations, to(More)
In this paper, we formulate the concept of policy-based cryptography which makes it possible to perform policy enforcement in large-scale open environments like the Internet, with respect to the data minimization principle according to which only strictly necessary information should be collected for a given purpose. We use existing cryptographic primitives(More)
Real-time frauds can be applied against numerous zero-knowledge or minimal disclosure identification schemes that protect physical services, be it opening a door or verifying attributes of a certified device. In [4], Brands and Chaum proposed distance-bounding protocols to forbid mafia fraud attacks and let the terrorist fraud attack as an open issue. In(More)
The concept of policy-based cryptography is a promising paradigm for trust establishment and authorization in largescale open environments like the Internet and Mobile Networks. It aims at providing a framework for performing cryptographic operations with respect to policies formalized as monotone Boolean expressions written in standard normal forms. A(More)
A policy-based encryption scheme allows a user to encrypt a message with respect to a credential-based policy formalized as monotone boolean expression written in standard normal form. The encryption is so that only a user having access to a qualified set of credentials for the policy is able to successfully decrypt the message. An inherent property of(More)
In [14], an ad-hoc network is perceived as a community of interconnected autonomous devices providing services and resources to each other. Such devices often belong to users from different security domains that do not have pre-existing trust relationships. A security framework is therefore needed to ensure trustworthy interactions within such kind of(More)
The concept of policy-based cryptography (PBC) is a promising paradigm for trust establishment and authorization in large-scale open environments. A policy-based encryption scheme (PBE) allows to encrypt a message according to a policy so that only entities fulfilling the policy are able to perform the decryption of the message. Symmetrically, a(More)
The term proxy certificate is used to describe a certificate that is issued by an end user for the purpose of delegating responsibility to another user so that the latter can perform certain actions on behalf of the former. Such certificates have been suggested for use in a number of applications, particularly in distributed computing environments where(More)
  • 1