Auditable Anonymous Delegation

The contribution of this paper is an alternative mechanism for delegation, whereby users can share their credentials in such a way that it is difficult for the delegatee to re-use credentials of the delegator. An auditor in our protocol can link actions to individuals from the audit records but cannot forge audit records. We do not greatly restrict the choice of the delegation model semantics which can be adopted. Although the primary aim of our protocol is to provide support for anonymous delegation, it is still useful even if anonymity is not required at all, because of the ability to weaken trust assumptions.