The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Concealing complex policies with hidden credentials
Proceedings of the 11th ACM conference on Computer and communications security
Oblivious signature-based envelope
Distributed Computing
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
Confidentiality-preserving distributed proofs of conjunctive queries
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Improving privacy and security in multi-authority attribute-based encryption
Proceedings of the 16th ACM conference on Computer and communications security
Multi-authority attribute based encryption
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Eyeing your exposure: quantifying and controlling information sharing for improved privacy
Proceedings of the Seventh Symposium on Usable Privacy and Security
Hi-index | 0.00 |
In a computing system, sensitive data must be protected by release policies that determine which principals are authorized to access that data. In some cases, such a release policy could refer to information about the requesting principal that is unavailable to the information provider. Furthermore, the release policy itself may contain sensitive information about the resource that it protects. In this paper we describe a scheme for enforcing information release policies whose satisfaction cannot be verified by the entity holding the protected information, but only by the entity requesting this information. Not only does our scheme prevent the information provider from learning whether the policy was satisfied, but it also hides the information release policy being enforced from the requesting principal. Unlike previous approaches, our construction requires no guesswork or wasted computation on the part of the information requester. The information release policies that we consider can contain third-party assertions that themselves have release conditions that must be satisfied; we show that our system functions correctly even when these dependencies form cycles.