Users become more and more concerned about their privacy when browsing the Internet or performing other kinds of electronic transactions. Hence a secure and improved management of the identity of the users has growing demand. Identity management in its widest sense means management of all the personal information about a person, including at least all the person's digital relations. Business cases are e.g. the reduction of user-management cost and a general boost of electronic business. Identity management is an infrastructure issue where a standard, like the Internet and web standards, may benefit almost all parties. Today's most important on-line transactions require a user to provide her identity or certain attributes to the service provider. As a prevalent approach users enter uncertified attributes in web forms, which implies that service providers request more attributes than required for the business process itself. The service providers use the additional information to check the provided attributes for consistency.
Federated identity management (FIM) protocols have multiple advantages over this approach. The service provider can obtain precisely the attributes required and have these attributes certified by a trusted identity provider. The FIM protocols follow the scheme to send a requestor acting on behalf of a user to an identity provider where the user authenticates and obtains a credential for the attributes requested by the service provider. The FIM approach may enhance the user's privacy by following the data minimization principle, i.e. that only user data required for the service are transmitted. FIM provides widely-deployed and standardized protocols with benefits in terms of security of attributes and privacy of the users.
Anonymous credential systems provide even stronger methods for identity management and attribute exchange. This concept was introduced by D. Chaum in “Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030.1044, October 1985.” The key property of anonymous credential systems is that the issuing transaction for an anonymous credential is unlinkable to its show transaction. This allows a user to keep an anonymous credential secret and use it multiple times to provide certified attribute data to relying parties. An advanced anonymous credential system is disclosed in “J. Camenisch and A. Lysyanskaya, Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation, in B. Pfitzmann, editor, Advances in Cryptology, EUROCRYPT 2001, volume 2045 of LNCS, pages 93.118. Springer Verlag, 2001.” This advanced anonymous credential system allows that even multiple shows of the same credential be unlinkable to each other. This system was further generalized to so-called private certificate systems that allow the user to selectively show statements regarding identity attributes that are stored in a single credential and support more differentiated attributes, the show of arbitrary logical formulas over those attributes, and the integration of verifiable encrypted attributes and cryptographic commitments of attributes. When asserting attributes with this system, the identity provider need not be involved in the transaction. The user obtains her private certificates ahead of time and stores them locally. Whenever the user wants to provide certified attributes to a service provider, she uses one or more private certificates to generate a new proof to show a logical formula over the attributes in her private certificate.
The generalized system mentioned above is based on zero-knowledge proofs of knowledge. Current signature standards, in particular public key signature standards such as the stable and well-established standard for XML Signatures, are not compatible with zero knowledge proofs (Donald Eastlake, Joseph Reagle, David Solo (eds.): XML-Signature Syntax and Processing, W3C Recommendation, 2002, available from http://www.w3.org/TR/xmldsig-core/). However, XML-signatures are the basis for most FIM and Web Services (WS)-Security frameworks.
It is an object of the invention to provide improved solutions for identity management.