Hiding the Policy in Cryptographic Access Control
نویسندگان
چکیده
Recently, cryptographic access control has received a lot of attention, mainly due to the availability of efficient Attribute-Based Encryption (ABE) schemes. ABE allows to get rid of a trusted reference monitor by enforcing access rules in a cryptographic way. However, ABE has a privacy problem: The access policies are sent in clear along with the ciphertexts. Further generalizing the idea of policy-hiding in cryptographic access control, we introduce policy anonymity where – similar to the well-understood concept of k-anonymity – the attacker can only see a large set of possible policies that might have been used to encrypt, but is not able to identify the one that was actually used. We show that using a concept from graph theory we can extend a known ABE construction to achieve the desired privacy property.
منابع مشابه
Policy-hiding Access Control in Open Environment Policy-hiding Access Control in Open Environment *
In Trust Management and attribute-based access control systems, access control decisions are based on the attributes (rather than the identity) of the requester: Access is granted if Alice’s attributes in her certificates satisfy Bob’s access policy. In this paper, we develop a policy-hiding access control scheme that protects both sensitive attributes and sensitive policies. That is, Bob can d...
متن کاملDesign of cybernetic metamodel of cryptographic algorithms and ranking of its supporting components using ELECTRE III method
Nowadays, achieving desirable and stable security in networks with national and organizational scope and even in sensitive information systems, should be based on a systematic and comprehensive method and should be done step by step. Cryptography is the most important mechanism for securing information. a cryptographic system consists of three main components: cryptographic algorithms, cryptogr...
متن کاملDecentralizing Policy-Hiding Attribute-Based Encryption
Attribute-based encryption (ABE) enables limiting access to encrypted data to users who possess certain attributes. Different aspects of ABE have been studied, such as the multi-authority setting (MA-ABE), and policy hiding, meaning the access policy is unknown to unauthorized parties, as in predicate encryption (PE). However, no practical scheme so far provided both properties, which are often...
متن کاملDevelopment of a Unique Biometric-based Cryptographic Key Generation with Repeatability using Brain Signals
Network security is very important when sending confidential data through the network. Cryptography is the science of hiding information, and a combination of cryptography solutions with cognitive science starts a new branch called cognitive cryptography that guarantee the confidentiality and integrity of the data. Brain signals as a biometric indicator can convert to a binary code which can be...
متن کاملCryptographic Enforcement of Role-Based Access Control
Many cryptographic schemes have been designed to enforce information flow policies. However, enterprise security requirements are often better encoded, or can only be encoded, using role-based access control policies rather than information flow policies. In this paper, we provide an alternative formulation of role-based access control that enables us to apply existing cryptographic schemes to ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011