Title: A privacy-enhanced access log management mechanism in SSO systems from nominative signatures

Authors: Sanami Nakagawa; Takashi Nishide; Eiji Okamoto; Keita Emura; Goichiro Hanaoka; Yusuke Sakai; Akihisa Kodate

Addresses: NEC Corporation, 1753, Shimonumabe Nakahara-ku. Kawasaki, Kanagawa 211-8666, Japan ' University of Tsukuba, 1-1-1 Tennodai, Tsukuba, Ibaraki, 305-8573, Japan ' University of Tsukuba, 1-1-1 Tennodai, Tsukuba, Ibaraki, 305-8573, Japan ' National Institute of Information and Communications Technology (NICT), 4-2-1 Nukui-Kitamachi, Koganei, Tokyo 184-8795, Japan ' National Institute of Advanced Industrial Science and Technology (AIST), 2-4-7 Aomi,Koto-ku, Tokyo, 135-0064, Japan ' National Institute of Advanced Industrial Science and Technology (AIST), 2-4-7 Aomi,Koto-ku, Tokyo, 135-0064, Japan ' Tsuda University, 1-18-24, Sendagaya, Shibuya-ku, Tokyo, 151-0051, Japan

Abstract: In online services, a service provider (SP) manages access logs containing customers' buying histories. Therefore, user's information is revealed from the exposed logs if each customer can be linked. In fact, such information exposure has occurred due to the popularisation of online services. To cope with this problem, SPs may only have to delete access logs, but then no illegitimate users will be traced from the logs. In this paper, we propose a log management mechanism of solving problems. Specifically, we consider single sign on (SSO) systems, since plural access logs might be connected by one account. We construct our privacy-enhanced access log management mechanism based on the Wang-Wang-Susilo SSO system (TrustCom, 2013) which applies the Schuldt-Hanaoka nominative signature scheme (ACNS, 2011). Finally, we estimte the efficiency of the proposed system, computation time is at most just over 80 milliseconds on a PC, which seems sufficiently practical.

Keywords: nominative signature; single sign on system; access log management; digital signature.

DOI: 10.1504/IJACT.2017.089373

International Journal of Applied Cryptography, 2017 Vol.3 No.4, pp.394 - 406

Available online: 12 Jan 2018 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article