Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
A temporal key management scheme for secure broadcasting of XML documents
Proceedings of the 9th ACM conference on Computer and communications security
Trade-offs in non-reversing diameter
Nordic Journal of Computing
Space-time tradeoff for answering range queries (Extended Abstract)
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
Key management for non-tree access hierarchies
Proceedings of the eleventh ACM symposium on Access control models and technologies
On Key Assignment for Hierarchical Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 13th ACM conference on Computer and communications security
Efficient techniques for realizing geo-spatial access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
New constructions for provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 12th ACM symposium on Access control models and technologies
A Forward-Secure Public-Key Encryption Scheme
Journal of Cryptology
New constructions for provably-secure time-bound hierarchical key assignment schemes
Theoretical Computer Science
Dynamic and Efficient Key Management for Access Hierarchies
ACM Transactions on Information and System Security (TISSEC)
Efficient and secure distribution of massive geo-spatial data
Proceedings of the 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
Trade-Offs in Cryptographic Implementations of Temporal Access Control
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Cryptographic enforcement of role-based access control
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Secure key-updating for lazy revocation
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Efficient provably-secure hierarchical key assignment schemes
MFCS'07 Proceedings of the 32nd international conference on Mathematical Foundations of Computer Science
Incorporating temporal capabilities in existing key management schemes
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Time-storage trade-offs for cryptographically-enforced access control
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Enforcing subscription-based authorization policies in cloud scenarios
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A novel approach to evaluate software vulnerability prioritization
Journal of Systems and Software
| Hi-index | 0.00 |
The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the efficient enforcement of temporal and geo-spatial access control policies, and asymptotic results for the time and space complexity of efficient enforcement schemes have been obtained. However, for practical purposes, it is useful to have explicit bounds for the complexity of enforcement schemes. In this article we consider interval-based access control policies, of which temporal and geo-spatial access control policies are special cases. We define enforcement schemes for interval-based access control policies for which it is possible, in almost all cases, to obtain exact values for the schemes' complexity, thereby subsuming a substantial body of work in the literature. Moreover, our enforcement schemes are more practical than existing schemes, in the sense that they operate in the same way as standard cryptographic enforcement schemes, unlike other efficient schemes in the literature. The main difference between our approach and earlier work is that we develop techniques that are specific to the cryptographic enforcement of interval-based access control policies, rather than applying generic techniques that give rise to complex constructions and asymptotic bounds.