Composition and integrity preservation of secure reactive systems
Proceedings of the 7th ACM conference on Computer and communications security
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Oblivious Transfer with Adaptive Queries
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Priced Oblivious Transfer: How to Sell Digital Goods
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Concealing complex policies with hidden credentials
Proceedings of the 11th ACM conference on Computer and communications security
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Simulatable Adaptive Oblivious Transfer
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Revocable Group Signature Schemes with Constant Costs for Signing and Verifying
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Randomizable Proofs and Delegatable Anonymous Credentials
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Oblivious transfer with access control
Proceedings of the 16th ACM conference on Computer and communications security
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
A verifiable random function with short proofs and keys
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Restricted adaptive oblivious transfer
Theoretical Computer Science
Practical PIR for electronic commerce
Proceedings of the 18th ACM conference on Computer and communications security
Efficient oblivious transfers with access control
Computers & Mathematics with Applications
Scalable group signatures with revocation
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient structure-preserving signature scheme from standard assumptions
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Oblivious transfer with hidden access control from attribute-based encryption
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Optimally private access control
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Universally composable adaptive oblivious transfer (with access control) from standard assumptions
Proceedings of the 2013 ACM workshop on Digital identity management
| Hi-index | 0.01 |
Consider a database where each record has different access control policies. These policies could be attributes, roles, or rights that the user needs to have in order to access the record. Here we provide a protocol that allows the users to access the database record while: (1) the database does not learn who queries a record; (2) the database does not learn which record is being queried, nor the access control policy of that record; (3) the database does not learn whether a user's attempt to access a record was successful or not; (4) the user can only obtain a single record per query; (5) the user can only access those records for which she has the correct permissions; (6) the user does not learn any other information about the database structure and the access control policies other than whether he was granted access to the queried record, and if so, the content of the record; and (7) the users' credentials can be revoked. Our scheme builds on the one by Camenisch, Dubovitskaya and Neven (CCS'09), who consider oblivious transfer with access control when the access control policies are public.