Abstract
Security is very important for many Internet and mobile applications, but with the recent proliferation of tracking and profiling of users and unauthorized distribution of their personal data, user privacy is also becoming a very important issue. In addition, new technologies are introducing the possibility of innovative applications that require user anonymity. Privacy means that user identities and transactions are revealed and known only to transaction partners and only during the execution of the transaction. Anonymity, on the other hand, means that even transaction partners do not have access to that information. The requirements for providing standard security services, that require sharing of user identities and security credentials, are contrary to the requirements of privacy and anonymity. This paper describes an innovative solution to this problem: a design of extensions of standard security protocols – user authentication, key exchange protocol, and authorization protocol – to include privacy and even anonymity of users. The solution is based on the concept of a secure application proxy server, special cryptographic protocols, and encapsulated security objects.
Highlights
The research results described in this paper address the issues of the security, privacy, and anonymity of users and their transactions when using Internet applications
In this paper we have described our research and design solutions for the two most popular security services—authentication and authorization, extended with anonymity and privacy
Our solutions are based on the core principle of the Bitcoin system, so our protocols can be used to enhance the security of the Bitcoin and many other applications that require privacy and anonymity in addition to security
Summary
When providing standard security services to users, such as authentication or authorization, using current security technologies and protocols, users are required to share their identities, security credentials, actions, and transactions data with application services providers (ASPs). This practice exposes users’ private and sensitive data to various threats, including theft by hackers, and impersonation and violation of privacy by legitimate services providers. This paper presents a solution to provide standard security services in combination with privacy and anonymity by designing security infrastructure based on the use of security proxies These are designed servers, located between users and ASP servers that act as user agents for transactions. The protocols described in this paper can be used with all new applications that require the privacy and anonymity of validated users
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
