Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Computer Networks and Distributed Systems

CNDS 2013: Computer Networks and Distributed Systems pp 92–104Cite as

Missing a Trusted Reference Monitor: How to Enforce Confidential and Dynamic Access Policies?

  • Conference paper
  • First Online:

  • 385 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 428))

Abstract

Popularity of data outsourcing and its consequent access control issues such as dynamism and efficiency is the main motivation of this paper. Existing solutions suffer from the potential unlimited number of user keys, inefficient update of policies, and disclosure of data owner’s access control policies. Using Chinese remainder theorem and proxy re-encryption together, in this paper, we propose an efficient access control enforcement mechanism based on selective encryption that addresses all the shortages. The overall architecture, required algorithms, and access control policy update are discussed. The mechanism is evaluated through simulation and, the given results are satisfactory.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Damiani, E., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Key management for multi-user encrypted databases. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, pp. 74–83 (2005)

    Google Scholar 

  2. di Vimercati, S.D.C., Jajodia, S., Foresti, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: VLDB, pp. 123–134 (2007)

    Google Scholar 

  3. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Trans. Database Syst. 35(2), 1–46 (2010)

    Article  Google Scholar 

  4. Tian, X., Wang, X., Zhou, A.: DSP re-encryption: a flexible mechanism for access control enforcement management in daaS. In: Proceedingsof IEEE International Conference on Cloud Computing, pp. 25–32 (2009)

    Google Scholar 

  5. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)

    Article  MATH  Google Scholar 

  6. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Wang, G., Liu, Q., Wu, J.: Achieving fine-grained access control for secure data sharing on cloud servers. Concurr. Comput. Pract. Exp. 23(12), 1443–1464 (2011)

    Article  Google Scholar 

  8. Kong, Y., Seberry, J., Getta, J.R., Yu, P.: A cryptographic solution for general access control. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 461–473. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Tourani, P., Hadavi, M.A., Jalili, R.: Access control enforcement on outsoured data ensuring privacy of access control policies. In: 2011 International Conference on High Performance Computing and Simulation (HPCS), pp. 491–497 (2011)

    Google Scholar 

  10. Syalim, A., Nishide, T., Sakurai, K.: Realizing proxy re-encryption in the symmetric world. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds.) ICIEIS 2011, Part I. CCIS, vol. 251, pp. 259–274. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  11. Damiani, E., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data encryption in outsourced dynamic environments. In: Proceedings of the Second International Workshop on Views on Designing Complex Architectures, pp. 127–142

    Google Scholar 

  12. Zych, A., Petković, M., Jonker, W.: Efficient key management for cryptographically enforced access control. Comput. Stand. Interfaces 30(6), 410–417 (2008)

    Article  Google Scholar 

  13. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)

    Book  Google Scholar 

  14. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Pelosi, G., Samarati, P.: Preserving confidentiality of security policies in data outsourcing. In: Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, pp. 75–84 (2008)

    Google Scholar 

  15. Lanovenko, A., Guo, H.: Dynamic group key management in outsourced databases. In: Proceedings of the World Congress on Engineering and Computer Science, USA (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Leila Karimi, Seyyed Ahmad Javadi, Mohammad Ali Hadavi & Rasool Jalili

Authors
  1. Leila Karimi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seyyed Ahmad Javadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammad Ali Hadavi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rasool Jalili
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Ali Hadavi .

Editor information

Editors and Affiliations

  1. Department of Computer Engineering, Sharif University of Technology, Sharif University of Technology, Tehran, Iran

    Amir Hossein Jahangir

  2. Department of Computer Engineering, Sharif University of Technology, Sharif University of Technology, Tehran, Iran

    Ali Movaghar

  3. Department of Computer Engineering, Sharif University of Technology, Sharif University of Technology, Tehran, Iran

    Hossein Asadi

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Karimi, L., Javadi, S.A., Hadavi, M.A., Jalili, R. (2014). Missing a Trusted Reference Monitor: How to Enforce Confidential and Dynamic Access Policies?. In: Jahangir, A., Movaghar, A., Asadi, H. (eds) Computer Networks and Distributed Systems. CNDS 2013. Communications in Computer and Information Science, vol 428. Springer, Cham. https://doi.org/10.1007/978-3-319-10903-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-10903-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-10902-2

  • Online ISBN: 978-3-319-10903-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation