Abstract
Popularity of data outsourcing and its consequent access control issues such as dynamism and efficiency is the main motivation of this paper. Existing solutions suffer from the potential unlimited number of user keys, inefficient update of policies, and disclosure of data owner’s access control policies. Using Chinese remainder theorem and proxy re-encryption together, in this paper, we propose an efficient access control enforcement mechanism based on selective encryption that addresses all the shortages. The overall architecture, required algorithms, and access control policy update are discussed. The mechanism is evaluated through simulation and, the given results are satisfactory.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Damiani, E., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Key management for multi-user encrypted databases. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, pp. 74–83 (2005)
di Vimercati, S.D.C., Jajodia, S., Foresti, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: VLDB, pp. 123–134 (2007)
di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Trans. Database Syst. 35(2), 1–46 (2010)
Tian, X., Wang, X., Zhou, A.: DSP re-encryption: a flexible mechanism for access control enforcement management in daaS. In: Proceedingsof IEEE International Conference on Cloud Computing, pp. 25–32 (2009)
Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)
Wang, G., Liu, Q., Wu, J.: Achieving fine-grained access control for secure data sharing on cloud servers. Concurr. Comput. Pract. Exp. 23(12), 1443–1464 (2011)
Kong, Y., Seberry, J., Getta, J.R., Yu, P.: A cryptographic solution for general access control. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 461–473. Springer, Heidelberg (2005)
Tourani, P., Hadavi, M.A., Jalili, R.: Access control enforcement on outsoured data ensuring privacy of access control policies. In: 2011 International Conference on High Performance Computing and Simulation (HPCS), pp. 491–497 (2011)
Syalim, A., Nishide, T., Sakurai, K.: Realizing proxy re-encryption in the symmetric world. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds.) ICIEIS 2011, Part I. CCIS, vol. 251, pp. 259–274. Springer, Heidelberg (2011)
Damiani, E., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data encryption in outsourced dynamic environments. In: Proceedings of the Second International Workshop on Views on Designing Complex Architectures, pp. 127–142
Zych, A., Petković, M., Jonker, W.: Efficient key management for cryptographically enforced access control. Comput. Stand. Interfaces 30(6), 410–417 (2008)
Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)
di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Pelosi, G., Samarati, P.: Preserving confidentiality of security policies in data outsourcing. In: Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, pp. 75–84 (2008)
Lanovenko, A., Guo, H.: Dynamic group key management in outsourced databases. In: Proceedings of the World Congress on Engineering and Computer Science, USA (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Karimi, L., Javadi, S.A., Hadavi, M.A., Jalili, R. (2014). Missing a Trusted Reference Monitor: How to Enforce Confidential and Dynamic Access Policies?. In: Jahangir, A., Movaghar, A., Asadi, H. (eds) Computer Networks and Distributed Systems. CNDS 2013. Communications in Computer and Information Science, vol 428. Springer, Cham. https://doi.org/10.1007/978-3-319-10903-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-10903-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10902-2
Online ISBN: 978-3-319-10903-9
eBook Packages: Computer ScienceComputer Science (R0)