Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials
In this paper, the authors consider the task of allowing a content provider to enforce complex access control policies on oblivious protocols conducted with anonymous users. As their primary application, they show how to construct privacy-preserving databases by combining oblivious transfer with an augmented anonymous credential system. This permits a database operator to restrict which items each user may access, without learning anything about users' identities or item choices. This strong privacy guarantee holds even when users are assigned different access control policies and are allowed to adaptively make many queries.