Role-Based Access Control Models
Computer
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
On Key Assignment for Hierarchical Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Attribute-based encryption with non-monotonic access structures
Proceedings of the 14th ACM conference on Computer and communications security
Over-encryption: management of access control evolution on outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
ACM SIGACT News
DSP RE-Encryption: A Flexible Mechanism for Access Control Enforcement Management in DaaS
CLOUD '09 Proceedings of the 2009 IEEE International Conference on Cloud Computing
Combining Attribute-Based and Access Systems
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Attribute based data sharing with attribute revocation
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Achieving secure, scalable, and fine-grained data access control in cloud computing
INFOCOM'10 Proceedings of the 29th conference on Information communications
Plutus: scalable secure file sharing on untrusted storage
FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies
Hi-index | 0.01 |
Cloud Storage, which provides cost-efficient and scalable storage services, has emerged as a hot paradigm today. As promising as it is, Cloud Storage also brings forth security challenges. Sensitive data may be outsourced for sharing on cloud storage servers, which are not within the same trusted domain as the data owner (DO). To keep the data confidential against unauthorized parties, cryptographic access control must be applied. Existing methods usually require the access policies be fully managed by the DO, which could lead to the DO-side bottleneck. This paper addressed the issue by implementing a cryptographic Role-Based Access Control via CP-ABE. The access policies are divided into two parts: Permission Assignments (PAs) and Role Assignments (RAs), and we develop an approach called propagation to allow RAs to be handled effectively by users besides the DO. Since most of the dynamic policies in the Cloud are triggered by RAs, the bottleneck could be successfully avoided.