Attribute-Based Messaging: Access Control and Confidentiality

Authors:
Rakesh Bobba;Omid Fatemieh;Fariba Khan;Arindam Khan;Carl A. Gunter;Himanshu Khurana;Manoj Prabhakaran
Affiliations:
University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign;University of Illinois Urbana-Champaign
Venue:
ACM Transactions on Information and System Security (TISSEC)
Year:
2010

Citing 30
Cited 9

A uniform framework for regulating service access and information release on the web

Journal of Computer Security
Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation

ACM Transactions on Information and System Security (TISSEC)
Identity-Based Encryption from the Weil Pairing

SIAM Journal on Computing
Secure Integration of Asymmetric and Symmetric Encryption Schemes

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
An Identity Based Encryption Scheme Based on Quadratic Residues

Proceedings of the 8th IMA International Conference on Cryptography and Coding
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Role-Based Access Control

Role-Based Access Control
A Flexible Role-based Secure Messaging Service: Exploiting IBE Technology for Privacy in Health Care

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
First experiences using XACML for access control in distributed systems

Proceedings of the 2003 ACM workshop on XML security
A logic-based framework for attribute based access control

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
WSEmail: Secure Internet Messaging Based on Web Services

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Attributed Based Access Control (ABAC) for Web Services

ICWS '05 Proceedings of the IEEE International Conference on Web Services
CPOL: high-performance policy evaluation

Proceedings of the 12th ACM conference on Computer and communications security
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Secure attribute-based systems

Proceedings of the 13th ACM conference on Computer and communications security
AMPol: Adaptive Messaging Policy

ECOWS '06 Proceedings of the European Conference on Web Services
Ciphertext-Policy Attribute-Based Encryption

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Emergency Alerts as RSS Feeds with Interdomain Authorization

ICIMP '07 Proceedings of the Second International Conference on Internet Monitoring and Protection
NaLIX: A generic natural language search environment for XML data

ACM Transactions on Database Systems (TODS)
Attribute-based encryption with non-monotonic access structures

Proceedings of the 14th ACM conference on Computer and communications security
A formal framework for reflective database access control policies

Proceedings of the 15th ACM conference on Computer and communications security
Identity-based encryption with efficient revocation

Proceedings of the 15th ACM conference on Computer and communications security
PBES: a policy based encryption system with application to data sharing in the power grid

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Improving privacy and security in multi-authority attribute-based encryption

Proceedings of the 16th ACM conference on Computer and communications security
Predicate encryption supporting disjunctions, polynomial equations, and inner products

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Attribute-based encryption with partially hidden encryptor-specified access structures

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Attribute-sets: a practically motivated enhancement to attribute-based encryption

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
From proxy encryption primitives to a deployable secure-mailing-list solution

ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Constructing a generic natural language interface for an XML database

EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
Fuzzy identity-based encryption

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Security policy implementation strategies for common carrier monitoring service providers

POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
MundoMessage: enabling trustworthy ubiquitous emergency communication

Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
Declarative privacy policy: finite models and attribute-based encryption

Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Development of a system framework for implementation of an enhanced role-based access control model to support collaborative processes

HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Flexible attribute-based encryption

ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Masque: access control for interactive sharing of encrypted data in social networks

NSS'12 Proceedings of the 6th international conference on Network and System Security
Survey Cyber security in the Smart Grid: Survey and challenges

Computer Networks: The International Journal of Computer and Telecommunications Networking
How to use attribute-based encryption to implement role-based access control in the cloud

Proceedings of the 2013 international workshop on Security in cloud computing
Access control requirements for structured document in cloud computing

International Journal of Grid and Utility Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attribute-Based Messaging (ABM) enables messages to be addressed using attributes of recipients rather than an explicit list of recipients. Such messaging offers benefits of efficiency, exclusiveness, and intensionality, but faces challenges in access control and confidentiality. In this article we explore an approach to intraenterprise ABM based on providing access control and confidentiality using information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second, we demonstrate use of attribute-based encryption to provide end-to-end confidentiality. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch confidential ABM messages approved by XACML policy review for an enterprise of at least 60,000 users with only seconds of latency.