Date Added: Oct 2010
This paper focuses on the inherent trade-off between privacy and access control in Pervasive Computing Environments (PCEs). On one hand, service providers require user authentication and authorization for the provision of a service, while at the same time end users require untraceability and unlinkability for their transactions. There are also cases where the anonymity of a specific credential must be revoked and a real identity be traced, in order to establish accountability. The authors analyze privacy and security requirements for PCEs and they show that existing privacy-preserving access control schemes do not fully satisfy these requirements.