HOME

TheInfoList



Click Here for Items Related To - U-Prove
OR:
U-Prove on:   [Wikipedia]   [Google]   [Amazon]

U-Prove is a
free and open-source Free and open-source software (FOSS) is a term used to refer to groups of software consisting of both free software and open-source software where anyone is freely licensed to use, copy, study, and change the software in any way, and the source ...
Microsoft open-sources clever U-Prove identity framework
/ref> technology and accompanying SDK for user-centric identity management. The underlying
cryptographic protocol A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol descr ...
s were designed by Dr.
Stefan Brands Stefan Brands designed the core cryptographic protocols of Microsoft's U-Prove technology. Earlier versions of these protocols were implemented by DigiCash, Zero-Knowledge Systems, Credentica, and a consortium of European banks and IT organizat ...
and further developed by Credentica and, subsequently,
Microsoft Microsoft Corporation is an American multinational corporation, multinational technology company, technology corporation producing Software, computer software, consumer electronics, personal computers, and related services headquartered at th ...
. The technology was developed to allow internet users to disclose only the minimum amount of
personal data Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person. The abbreviation PII is widely accepted in the United States, but the phrase it abbreviates ha ...
when making
electronic transaction Electronic funds transfer (EFT) is the electronic transfer of money from one bank account to another, either within a single financial institution or across multiple institutions, via computer-based systems, without the direct intervention of ...
s as a way to reduce the likelihood of
privacy violation The right to privacy is an element of various legal traditions that intends to restrain governmental and private actions that threaten the privacy of individuals. Over 150 national constitutions mention the right to privacy. On 10 December 1948 ...
s. Security expert
Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Ce ...
praised the cryptography behind U-Prove.Microsoft U-Prove Technology Wins Another Award , CSO Online
/ref>


Overview

U-Prove enables application developers to reconcile seemingly conflicting
security" \n\n\nsecurity.txt is a proposed standard for websites' security information that is meant to allow security researchers to easily report security vulnerabilities. The standard prescribes a text file called \"security.txt\" in the well known locat ...
and
privacy Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of a ...
objectives (including anonymity), and allows for digital identity claims to be efficiently tied to the use of tamper-resistant devices such as
smart card A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...
s. Application areas of particular interest include cross-domain enterprise identity and access management, e-government SSO and data sharing, electronic health records, anonymous electronic voting, policy-based digital rights management, social networking data portability, and electronic payments. In 2008, Microsoft committed to opening up the U-Prove technology. As the first step, in March 2010 the company released a cryptographic specification and
open-source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
API implementation code for part of the U-Prove technology as a
Community Technology Preview A software release life cycle is the sum of the stages of development and maturity for a piece of computer software ranging from its initial development to its eventual release, and including updated versions of the released version to help impro ...
under Microsoft's Open Specification Promise. Since then, several extensions have been released under the same terms and the technology has been tested in real-life applications. In 2010, the
International Association of Privacy Professionals The International Association of Privacy Professionals (IAPP) is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management is ...
(IAPP) honored U-Prove with the ''2010 Privacy Innovation Award for Technology''. Microsoft also won the in ''European Identity Award'' in the ''Best Innovation'' category for U-Prove at the European Identity Conference 2010. The U-Prove Crypto SDK for C# is licensed under Apache License 2.0 and the source code is available on
GitHub GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, co ...
. Microsoft also provides a
JavaScript JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of Website, websites use JavaScript on the Client (computing), client side ...
SDK that implements the client-side of the U-Prove Cryptographic Specification.Download U-Prove JavaScript SDK from Official Microsoft Download Center
/ref>


See also

*
Blind signature In cryptography a blind signature, as introduced by David Chaum, is a form of digital signature in which the content of a message is disguised ( blinded) before it is signed. The resulting blind signature can be publicly verified against the origi ...
*
Zero-knowledge proof In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true while the prover avoids conveying any additional information a ...
* Identity metasystem * Adam Back's opensourc
credlib
library implementing U-prove credentials


References


Further reading

* * *


External links


U-Prove
on Credentica.com
U-Prove
on Microsoft website * Public-key cryptography Microsoft application programming interfaces Microsoft free software Software using the Apache license Computer access control frameworks {{crypto-stub