Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC

Authors:
Muhammad Rizwan Asghar;Giovanni Russello;Bruno Crispo
Affiliations:
CREATE-NET International Research Center, Trento, Italy;CREATE-NET International Research Center, Trento, Italy;University of Trento, Trento, Italy
Venue:
Proceedings of the 18th ACM conference on Computer and communications security
Year:
2011

Citing 5
Cited 0

Role-Based Access Control Models

Computer
A data outsourcing architecture combining cryptography and access control

Proceedings of the 2007 ACM workshop on Computer security architecture
Cryptographic enforcement of role-based access control

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Shared and searchable encrypted data for untrusted servers

Journal of Computer Security - DBSEC 2008
ESPOON: Enforcing Encrypted Security Policies in Outsourced Environments

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The enforcement of security policies is an open challenge in environments where the IT infrastructure has been outsourced to a third party. Although the outsourcing allows companies to gain economical benefits and scalability, it imposes the threat of leaking the private information about the sensitive data managed and processed by untrusted parties. In this work, we propose an architecture to enforce Role-Based Access Control (RBAC) style of authorisation policies in outsourced environments. As a proof of concept, we have implemented a demo and measured the performance overhead incurred by the proposed architecture.