Anonymity Analysis in Credentials-based Systems: A Formal Framework

V. Benjumea, J. Lopez, and J. M. Troya.

Abstract

Anonymity has been formalized and some metrics have been defined in the scope of anonymizing communication channels. In this paper, such formalization has been extended to cope with anonymity in those scenarios where users must anonymously prove that they own certain privileges to perform remote transactions. In these types of scenarios, the authorization policy states the privileges required to perform a given remote transaction. The paper presents a framework to analyze the actual degree of anonymity reached in a given transaction and allows its comparison with an ideal anonymity degree as defined by the authorization policy, providing a tool to model, design and analyze anonymous systems in different scenarios.

Keywords: anonymity metrics, anonymity degree, adequacy degree, anonymous credential systems