Go to DBLP homepagePASSP: A Private Authorization Scheme Oriented Service Providers
Abstract: In our data-centric society, major service providers have access to vast amounts of user information (e.g., user-generated content such as social media posts, and device-generated content such as geolocation data) for convenient and efficient services. There are privacy implications when users authorize share personal data managed by service providers. To make authorization private and controllable, in this paper, we propose a private authorization scheme oriented service providers. A decentralized publicly-verifiable re-encryption method based on IPFS is proposed to minimize the reliance on service providers, by shifting to a distributed storage and computation model. Besides, we propose a trustless authorization authentication method that hides the authorization relationship to protect user privacy. We also evaluate the security of our scheme, as well as its performance to demonstrate utility.
Loading