Role-Based Access Control Models
Computer
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
A lattice model of secure information flow
Communications of the ACM
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
A temporal key management scheme for secure broadcasting of XML documents
Proceedings of the 9th ACM conference on Computer and communications security
Cryptographic access control in a distributed file system
Proceedings of the eighth ACM symposium on Access control models and technologies
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
On Key Assignment for Hierarchical Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 13th ACM conference on Computer and communications security
Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series)
Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series)
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Dynamic and Efficient Key Management for Access Hierarchies
ACM Transactions on Information and System Security (TISSEC)
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Incorporating temporal capabilities in existing key management schemes
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Practical and efficient cryptographic enforcement of interval-based access control policies
ACM Transactions on Information and System Security (TISSEC)
Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC
Proceedings of the 18th ACM conference on Computer and communications security
| Hi-index | 0.00 |
Many cryptographic schemes have been designed to enforce information flow policies. However, enterprise security requirements are often better encoded, or can only be encoded, using role-based access control policies rather than information flow policies. In this paper, we provide an alternative formulation of role-based access control that enables us to apply existing cryptographic schemes to core and hierarchical role-based access control policies. We then show that special cases of our cryptographic enforcement schemes for role-based access control are equivalent to cryptographic enforcement schemes for temporal access control and to ciphertext-policy and key-policy attribute-based encryption schemes. Finally, we describe how these special cases can be extended to support richer forms of temporal access control and attribute-based encryption.