Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Multi-Terminal Binary Decision Diagrams: An Efficient DataStructure for Matrix Representation
Formal Methods in System Design
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
An optimal and progressive algorithm for skyline queries
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Analyzing web access control policies
Proceedings of the 16th international conference on World Wide Web
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
Secure kNN computation on encrypted databases
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
Hi-index | 0.00 |
The emergence of global-scale infrastructures for outsourcing data and content to service providers (e.g., cloud computing) creates unprecedented opportunities for data owners to expand their operations and increase their customer base. On the other hand, each data owner (DO) has a certain set of access control policies, which may be different than those of the service providers (SP). Therefore, to enable effective outsourcing, it is important for the DOs to choose SPs with similar access control policies. Several techniques that measure policy similarity have been proposed in previous work, but they assume that policies are publicly accessible. However, in a global-scale environment without well-established relationships of trust, participants may not be willing to reveal their policies to every other stakeholder. Therefore, the need arises to perform policy similarity in a privacy-preserving manner. Specifically, we propose a technique that allows similarity evaluation of encrypted policies. Our technique relies on an existing encryption method for numerical data called asymmetric scalar product-preserving encryption (ASPE). ASPE allows answering of nearest-neighbor queries without the need to reveal the plaintext contents of either the query or the data. We adapt ASPE to support access control policies, and we present a case study of how private policy similarity evaluation is performed within our proposed framework.