S. Raschid Muller scite author profile

Abstract. In classical encryption schemes, data is encrypted under a single key that is associated with a user or group. In Ciphertext-Policy Attribute-Based Encryption(CP-ABE) keys are associated with attributes of users, given to them by a central trusted authority, and data is encrypted under a logical formula over these attributes. We extend this idea to the case where an arbitrary number of independent parties can be present to maintain attributes and their corresponding secret keys. We present a scheme for multi-authority CP-ABE, propose the first two constructions that fully implement the scheme, and prove their security against chosen plaintext attacks.

show abstract

Hiding the Policy in Cryptographic Access Control

Muller

Katzenbeisser

2012

View full text Add to dashboard Cite

Abstract. Recently, cryptographic access control has received a lot of attention, mainly due to the availability of efficient Attribute-Based Encryption (ABE) schemes. ABE allows to get rid of a trusted reference monitor by enforcing access rules in a cryptographic way. However, ABE has a privacy problem: The access policies are sent in clear along with the ciphertexts. Further generalizing the idea of policy-hiding in cryptographic access control, we introduce policy anonymity where -similar to the well-understood concept of k-anonymity -the attacker can only see a large set of possible policies that might have been used to encrypt, but is not able to identify the one that was actually used. We show that using a concept from graph theory we can extend a known ABE construction to achieve the desired privacy property.

show abstract

Factors in Information Assurance Professionals' Intentions to Adhere to Information Security Policies

Muller

Lind²

2020

View full text Add to dashboard Cite

Information security policies (ISPs) serve to clarify and formalize organizational information security practices and reduce data risks, but research shows that ISP noncompliance remains a prominent concern for both scholars and practitioners. This study utilized the unified theory of acceptance and use of technology 2 (UTAUT2) to explore factors that predict information assurance professionals' behavioral intentions to comply with ISPs. The research question addressed: To what extent do performance expectancy, effort expectancy, social influence, facilitating conditions, hedonic motivation, price value, and habit predict information assurance professionals' behavioral intention to comply with information security policies in organizations? A nonexperimental, cross-sectional research design using structural equation modeling (PLS-SEM) addressed the research question with information assurance professionals in government agencies where habit emerged as the important component of ISP compliance with hedonic factors having a negative impact.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

S. Raschid Muller

Distributed Attribute-Based Encryption

On Multi-Authority Ciphertext-Policy Attribute-Based Encryption

Hiding the Policy in Cryptographic Access Control

Factors in Information Assurance Professionals' Intentions to Adhere to Information Security Policies

Contact Info

Product

Resources

About