Design-flow Methodology for Secure Group Anonymous Authentication

摘要

In heterogeneous distributed systems, computing devices and software components often come from different providers and have different security, trust, and privacy levels. In many of these systems, the need frequently arises to (i) control the access to services and resources granted to individual devices or components in a context-aware manner and (ii) establish and enforce data sharing policies that preserve the privacy of the critical information on end users. In essence, the need is to authenticate and anonymize an entity or device simultaneously, two seemingly contradictory goals. The design challenge is further complicated by potential security problems, such as man-in-the-middle attacks, hijacked devices, and counterfeits. In this work, we present a system design flow for a trustworthy group anonymous authentication protocol (GAAP), which not only fulfills the desired functionality for authentication and privacy, but also provides strong security guarantees.