Secure attribute-based systems

Authors:
Matthew Pirretti;Patrick Traynor;Patrick Mcdaniel;Brent Waters
Affiliations:
Motorola Labs, Schaumburg, IL, USA. E-mail: Matthew.Pirretti@motorola.com;College of Computing, Georgia Institute of Technology, Atlanta, GA, USA. E-mail: traynor@cc.gatech.edu;SIIS Laboratory, CSE, Pennsylvania State University, University Park, PA, USA. E-mail: mcdaniel@cse.psu.edu;The University of Texas at Austin, Austin, TX, USA. E-mail: bwaters@cs.utexas.edu
Venue:
Journal of Computer Security
Year:
2010

Citing 24
Cited 3

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
Computer aided logical design with emphasis on VLSI (4th ed.)

Computer aided logical design with emphasis on VLSI (4th ed.)
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Role-Based Access Control Models

Computer
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Integrating content-based access mechanisms with hierarchical file systems

OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
How to share a secret

Communications of the ACM
A lattice model of secure information flow

Communications of the ACM
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Toward Hierarchical Identity-Based Encryption

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Hierarchical ID-Based Cryptography

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Compliance Checking in the PolicyMaker Trust Management System

FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''

FC '00 Proceedings of the 4th International Conference on Financial Cryptography
An Identity Based Encryption Scheme Based on Quadratic Residues

Proceedings of the 8th IMA International Conference on Cryptography and Coding
On the performance, feasibility, and use of forward-secure signatures

Proceedings of the 10th ACM conference on Computer and communications security
ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption

Proceedings of the 11th ACM conference on Computer and communications security
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Secure attribute-based systems

Proceedings of the 13th ACM conference on Computer and communications security
Antigone: a flexible framework for secure group communication

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Ciphertext-Policy Attribute-Based Encryption

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Using hash functions as a hedge against chosen ciphertext attack

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Fuzzy identity-based encryption

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Robust attributes-based authenticated key agreement protocol using smart cards over home network

ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part III
ARDEN: Anonymous networking in delay tolerant networks

Ad Hoc Networks
Time-based proxy re-encryption scheme for secure data sharing in a cloud environment

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two proposed applications: a HIPAA compliant distributed file system and a social network. A performance analysis and characterization of ABE primitives demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.