Enki

Hang, Isabelle; Kerschbaum, Florian; Damiani, Ernesto

doi:10.1145/2723372.2749439

Cited by 22 publications

(1 citation statement)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The main shortcoming of these solutions is due to their evaluation costs (they rely on public key encryption), and not always easily and efficiently support access revocation. Approaches based on selective encryption (e.g., [15], [29], [30]) assume to encrypt each resource with a key that only authorized users know or can derive. In this scenario, policy updates are then either managed by the data owner, with considerable overhead, or delegated to the server through over-encryption [15], [29] or updatable encryption [31].…”

Section: Related Workmentioning

confidence: 99%

Mix&Slice for Efficient Access Revocation on Outsourced Data

Bacis

Vimercati

Foresti

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

A complex problem when outsourcing data to the cloud is access control management. Encryption, by wrapping data with a self-enforcing protection layer, provides access control enforcement by making resources intelligible only to users holding the necessary key. The real challenge becomes then the efficient revocation of access. We address this challenge and present an approach to effectively and efficiently enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. Our experimental results show the effectiveness of our approach, and confirm its efficiency, especially when managing large resources with dynamic access policy.

show abstract