Hiding the Policy in Cryptographic Access Control

Muller, S. Raschid; Katzenbeisser, Stefan

doi:10.1007/978-3-642-29963-6_8

Cited by 18 publications

(20 citation statements)

References 22 publications

(39 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This makes the whole scheme not usable for a dynamic scenario. In [23], the authors proposed a similar scheme while also avoiding the disclosure of the AC policy itself, deemed to be sensitive metadata. Still, run-time modifications of the policy were not addressed.…”

Section: Related Workmentioning

confidence: 99%

Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization

Berlato

Carbone

Lee

et al. 2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

To facilitate the adoption of cloud by organizations, Cryptographic Access Control (CAC) is the obvious solution to control data sharing among users while preventing partially trusted Cloud Service Providers (CSP) from accessing sensitive data. Indeed, several CAC schemes have been proposed in the literature. Despite their differences, available solutions are based on a common set of entities-e.g., a data storage service or a proxy mediating the access of users to encrypted data-that operate in different (security) domains-e.g., on-premise or the CSP. However, the majority of the CAC schemes assume a fixed assignment of entities to domains; this has security and usability implications that are not made explicit and can make inappropriate the use of a CAC scheme in certain scenarios with specific requirements. For instance, assuming that the proxy runs at the premises of the organization avoids the vendor lock-in effect but may substantially undermine scalability. To the best of our knowledge, no previous work considers how to select the best possible architecture (i.e., the assignment of entities to domains) to deploy a CAC scheme for the requirements of a given scenario. In this paper, we propose a methodology to assist administrators in exploring different architectures of CAC schemes for a given scenario. We do this by identifying the possible architectures underlying the CAC schemes available in the literature and formalizing them in simple set theory. This allows us to reduce the problem of selecting the most suitable architecture satisfying a heterogeneous set of requirements arising from the considered scenario to a Multi-Objective Optimization Problem (MOOP) for which state-of-the-art solvers can be invoked. Finally, we show how the capability of solving the MOOP can be used to build a prototype tool assisting administrators to preliminary perform a "What-if"

show abstract

Section: Related Workmentioning

confidence: 99%

Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization

Berlato

Carbone

Lee

et al. 2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…The work of [32] tried to protect subscription privacy in a publish/subscribe system. The problem of protecting publication privacy was considered in the work reported in [14,29,31]. They did not consider supporting access control capabilities.…”

Section: Related Workmentioning

confidence: 99%

“…Clients delegated their authorization functions to the home brokers and the target domain's security management servers. Although it addressed the access control issue in publish/subscribe middlewares, such overdelegation in some degree violated the security requirements of clients controlling their events' accessing [13,14]. In the work of [13,15], event encryption-based schemes were proposed to avoid the delegation of access control.…”

Section: Introductionmentioning

confidence: 99%

Cross-layer access control in publish/subscribe middleware over software-defined networks

Zhang

Zhou

Chen

2019

Computer Communications

View full text Add to dashboard Cite

When technologies of software-defined networks (SDNs) provide a chance to improve the quality of service (QoS) of publish/subscribe middlewares, new chances are also arising for adversaries to attack the networks and the middlewares. We here propose a cross-layer access control solution to protect the publish/subscribe middleware over SDNs. Applications over a publish/subscribe middleware interact by an indirect, anonymous and multicast event communication paradigm, where we hope that the applications, the middleware, and the underlying network collaborate to realize the access control of reading/writing events. The key issue is how to use the flow matching capability of SDN switches to efficiently and securely enforce complex authorization policies that include multiple conjunction and disjunction structures. It is required to resist against the collusion attacks of SDN controllers and subscribers when the middleware/network is partially delegated to enforce the authorization policies of publishers. In our cross-layer solution, a policy representation method is presented to encode authorization policies into flow entries with high data compression and security, and a two-party computation method is presented to carry out secret sharing for defeating malicious SDN controllers and subscribers. Finally, our solution is evaluated to show its effectiveness.

show abstract

“…Müller et al . explored the expression of access policy. The monotonic syntax tree was proposed in which all inner nodes were labeled with either ∨ or ∧ and the leaves represented either Boolean variables or the constant values ⊥.…”

Section: Related Workmentioning

confidence: 99%

An access control scheme with dynamic user management and cloud‐aided decryption

Shi

Huang

Wang

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Ciphertext‐policy attribute‐based encryption is becoming a cryptographic solution to realize fine‐grained access control. However, some important problems have not been effectively solved yet such as (i) low efficiency of dynamic change of a user or his attribute and (ii) high computation cost at user end. In this paper, we propose an access control scheme with dynamic user management using a version key and especially realize direct cloud‐aided attribute revocation without updating another user's key or re‐encrypting ciphertexts. We present a cloud‐aided decryption method with which most of decrypting work can be transferred to cloud. Compared with the existing schemes, our scheme causes less computation cost at user end and supports efficient dynamic change of a user or his attribute. Simulation indicates that our direct cloud‐aided attribute revocation method takes less time. Copyright © 2017 John Wiley & Sons, Ltd.

show abstract

Hiding the Policy in Cryptographic Access Control

Cited by 18 publications

References 22 publications

Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization

Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization

Cross-layer access control in publish/subscribe middleware over software-defined networks

An access control scheme with dynamic user management and cloud‐aided decryption

Contact Info

Product

Resources

About