Dynamic Accumulator Based Discretionary Access Control for Outsourced Storage with Unlinkable Access

(Short Paper)
  • Daniel Slamanig
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7397)


In this paper we are interested in privacy preserving discretionary access control (DAC) for outsourced storage such as increasingly popular cloud storage services. Our main goal is to enable clients, who outsource data items, to delegate permissions (read, write, delete) to other clients such that clients are able to unlinkably and anonymously perform operations on outsourced data items when holding adequate permission. In contrast to recent approaches based on oblivious RAM, oblivious transfer combined with anonymous credentials or attribute based encryption, we propose a solution based on dynamic accumulators. In doing so, our approach naturally reflects the concept of access control lists (ACLs), which are a popular means to implement DAC.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Benaloh, J.C., de Mare, M.: One-Way Accumulators: A Decentralized Alternative to Digital Signatures (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
  2. 2.
    Boneh, D., Boyen, X.: Short Signatures Without Random Oracles. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Camenisch, J., Dubovitskaya, M., Neven, G.: Oblivious Transfer with Access Control. In: ACM Conference on Computer and Communications Security, pp. 131–140. ACM (2009)Google Scholar
  4. 4.
    Camenisch, J., Dubovitskaya, M., Neven, G., Zaverucha, G.M.: Oblivious Transfer with Hidden Access Control Policies. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 192–209. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Camenisch, J., Kohlweiss, M., Soriente, C.: An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 481–500. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Camenisch, J., Lysyanskaya, A.: Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation and Encryption to Enforce Privacy in Data Storage. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 171–186. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Coull, S.E., Green, M., Hohenberger, S.: Access Controls for Oblivious and Anonymous Systems. ACM Trans. Inf. Syst. Secur. 14(1), 10 (2011)CrossRefGoogle Scholar
  9. 9.
    Franz, M., Williams, P., Carbunar, B., Katzenbeisser, S., Peter, A., Sion, R., Sotakova, M.: Oblivious Outsourced Storage with Delegation. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 127–140. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Hacigümüs, H., Mehrotra, S., Iyer, B.R.: Providing Database as a Service. In: ICDE. IEEE (2002)Google Scholar
  11. 11.
    Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshops. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)Google Scholar
  12. 12.
    Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and Integrity in Outsourced Databases. In: NDSS. The Internet Society (2004)Google Scholar
  13. 13.
    Williams, P., Sion, R., Carbunar, B.: Building Castles out of Mud: Practical Access Pattern Privacy and Correctness on Untrusted Storage. In: ACM Conference on Computer and Communications Security, pp. 139–148. ACM (2008)Google Scholar
  14. 14.
    Zarandioon, S., Yao, D(D.), Ganapathy, V.: K2C: Cryptographic Cloud Storage with Lazy Revocation and Anonymous Access. In: Rajarajan, M., et al. (eds.) SecureComm 2011. LNICST, vol. 96, pp. 59–76. Springer, Heidelberg (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Daniel Slamanig
    • 1
  1. 1.Department of Engineering and ITCarinthia University of Applied SciencesKlagenfurtAustria

Personalised recommendations