A Framework for the Cryptographic Enforcement of Information Flow Policies

Alderman, James; Crampton, Jason; Farley, Naomi

doi:10.1145/3078861.3078868

Cited by 3 publications

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a fundamental security service, the authorization mechanism becomes increasingly important in modern smart system. The hierarchical key assignment techniques [43,44,45,46] were presented, which can provide fine-grained authentication and access control for the user. In order to mitigate the potential vulnerabilities and protect the user’s privacy, Tang et al [24] integrated the fine-grained authorization mechanism into PKE-ET.…”

Section: Related Workmentioning

confidence: 99%

Identity-Based Encryption with Filtered Equality Test for Smart City Applications

Yang

Wang

2019

Sensors

View full text Add to dashboard Cite

With the growth of the urban population, the rapid development of smart cities has become the focus of urban regional development. Smart medical care is an indispensable part of smart city construction, which promotes the development of the medical industry. However, the security of data and timely service are the current problems faced by intelligent medical systems. Based on the public key encryption with filtered equality test and identity-based cryptography, an identity-based encryption with the filtered equality test (IBE-FET) is proposed for smart healthcare, in which a data receiver can use the private key and the message set to generate a warrant and send it to the cloud server. A cloud server can verify the equality between ciphertexts without decryption and check whether the encrypted message belongs to the same message set. Furthermore, the security analysis shows that the proposed scheme satisfies one-way security against the chosen identity and ciphertext attack in the random oracle model under the computational bilinear Diffie-Hellman assumption. The performance comparison shows that the scheme is feasible and practical in real life.

show abstract

Section: Related Workmentioning

confidence: 99%

Identity-Based Encryption with Filtered Equality Test for Smart City Applications

Yang

Wang

2019

Sensors

View full text Add to dashboard Cite

show abstract

“…In fact, the attack can easily be carried out in the constructions proposed in [4,3]. Interestingly, some recently proposed constructions of cryptographic access control systems pose a similar security concern [1,8,11], though they have been proven to securely enforce the corresponding access control policies within their individual frameworks.…”

Section: Introductionmentioning

confidence: 99%

Cryptographic Role-Based Access Control, Reconsidered

Liu¹,

Michalas²,

Warinschi³

2022

Provable and Practical Security

View full text Add to dashboard Cite

A significant shortcoming of traditional access control mechanisms is their heavy reliance on reference monitors. Being single points of failure, monitors need to run in protected mode and have permanent online presence in order to handle all access requests. Cryptographic access control offers an alternative solution that provides better scalability and deployability. It relies on security guarantees of the underlying cryptographic primitives and the appropriate key distribution/management in the system. In order to rigorously study security guarantees that a cryptographic access control system can achieve, providing formal security definitions for the system is of great importance, since the security guarantee of the underlying cryptographic primitives cannot be directly translated into those of the system. In this paper, we follow the line of the existing studies on the cryptographic enforcement of Role-Based Access Control (RBAC). Inspired by the study focusing on the relation between the existing security definitions for such systems, we identify two types of attacks not described in the existing works. Therefore, we propose two new security definitions with the goal of appropriately modeling cryptographic enforcement of Role-Based Access Control policies and studying the relation between our new definitions and the existing ones. In addition, we show that the cost of supporting dynamic policy updates is inherently expensive by presenting two lower bounds for such systems that guarantee correctness and secure access.

show abstract

Efficient Fine-Grained Data Sharing Mechanism for Electronic Medical Record Systems with Mobile Devices

Zhang

Yang

et al. 2020

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

A Framework for the Cryptographic Enforcement of Information Flow Policies

Cited by 3 publications

References 16 publications

Identity-Based Encryption with Filtered Equality Test for Smart City Applications

Identity-Based Encryption with Filtered Equality Test for Smart City Applications

Cryptographic Role-Based Access Control, Reconsidered

Efficient Fine-Grained Data Sharing Mechanism for Electronic Medical Record Systems with Mobile Devices

Contact Info

Product

Resources

About