Abstract. Attribute-based signatures allow a signer owning a set of attributes to anonymously sign a message w.r.t. some signing policy. A recipient of the signature is convinced that a signer with a set of attributes satisfying the signing policy has indeed produced the signature without learning the identity of the signer or which set of attributes was used in the signing. Traceable attribute-based signatures add anonymity revocation mechanisms to attribute-based signatures whereby a special tracing authority equipped with a secret key is capable of revealing the identity of the signer. Such a feature is important in settings where accountability and abuse prevention are required. In this work, we first provide a formal security model for traceable attribute-based signatures. Our focus is on the more practical case where attribute management is distributed among different authorities rather than relying on a single central authority. By specializing our model to the single attribute authority setting, we overcome some of the shortcomings of the existing model for the same setting. Our second contribution is a generic construction for the primitive which achieves a strong notion of security. Namely, it achieves CCA anonymity and its security is w.r.t. adaptive adversaries. Moreover, our framework permits expressive signing polices. Finally, we provide some instantiations of the primitive whose security reduces to falsifiable intractability assumptions and without relying on idealized assumptions.
Service Level Agreements require a monitoring system that checks that no party violates the agreement. Current monitoring techniques either have a high performance overhead or are not reliable enough. This paper proposes a new hybrid monitoring system that we call reactive monitoring. It tries to balance the disadvantages of established monitoring techniques, in particular online and offline monitoring. Online monitoring has a relatively high performance overhead and offline monitoring does not identify all possible violations. Reactive monitoring combines online monitoring, which is used for reactively checking continuous SLA properties with a new passive monitoring scheme. This scheme is used for monitoring discrete SLA properties. It is based on cryptographic primitives that provide proof that either a certain stage in an interaction has been reached correctly with all participants in compliance of the service level agreements or that a violation has occurred. In the latter case the violating party can be identified.A theoretical analysis shows that in the worst case scenario this new approach has the same overhead as online monitoring techniques and in most cases the overhead will be significantly lower.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.