Credentials for privacy and interoperation

Abstract

We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be based and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.