description
- The number of transactions performed electronically is rising fast. Every day people use the Internet for purposes ranging from accessing information to electronic commerce and e-banking, to interactions with government bodies. As securing these transactions requires strong authentication, electronic authentication tokens and mechanisms become common. These mechanisms unfortunately use unique identifiers that link all transactions to users, thus seriously threatening their privacy.In several application areas, unique identification is inappropriate, making privacy-preserving attribute-based authentication desirable. However, some applications require both accountability and anonymity: e.g. voting, opinion surveys, or services restricted depending on age, citizenship, or other attributes. Other applications only require the ability to link to natural persons under very exceptional circumstances (e.g. criminal prosecution) and should otherwise make such linkage impossible. Over the past few years Attribute-based Credential (ABC) systems have emerged to support userids that can be trusted yet protect privacy at the same time.A position paper issued in 2009-02 by ENISA on "Privacy Features of European eID Card Specifications" underlines the need for "privacy-respecting use of unique identifiers" in emerging eID cards, and explicitly refers to ABC technologies as having significant potential in this area. None of these technologies has been successfully deployed so far for lack of architectural guidance and practical experience.ABC4Trust's objective is (1) to define a common, unified architecture for ABC systems to allow comparing their respective features and combining them on common platforms, and (2) to deliver open reference implementations of selected ABC systems and deploy them in actual production pilots allowing provably accredited members of restricted communities to provide anonymous feedback on their community or its members.