PAES: Policy-Based Authority Evaluation Scheme

Authors:
Enrico Scalavino;Vaibhav Gowadia;Emil C. Lupu
Affiliations:
Department of Computing, Imperial College London,;Department of Computing, Imperial College London,;Department of Computing, Imperial College London,
Venue:
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Year:
2009

Citing 11
Cited 1

Certificate chain discovery in SPKI?SDSI

Journal of Computer Security
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Security architectures for controlled digital information dissemination

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Understanding Trusted Computing: Will Its Benefits Outweigh Its Drawbacks?

IEEE Security and Privacy
Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Secure information sharing enabled by Trusted Computing and PEI models

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Multi-authority attribute based encryption

TCC'07 Proceedings of the 4th conference on Theory of cryptography
Fuzzy identity-based encryption

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Secure cross-domain data sharing architecture for crisis management

Proceedings of the tenth annual ACM workshop on Digital rights management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Enterprise Rights Management (ERM) systems aim to protect disseminated data even after it has been sent to remote locations. Existing systems are based on common components, have similar functionalities and often have two shortcomings: a centralised architecture and a lack of concern for the trust and privacy of data recipients. To access the data, recipients must present their credentials to a policy evaluation authority, which they cannot choose and may not trust. Furthermore, recipients may be unable to access the data if their connection is intermittent or if they are off-line. To address these limitations, we propose PAES: a Policy-based Authority Evaluation Scheme , which combines data protection with a distributed policy evaluation protocol. The result allows us to implement the sticky policies paradigm in combination with trust management techniques. This permits distributing policy evaluation over a flexible set of authorities, simultaneously increasing the resilience of policy enforcement.