Cryptographically Enforced Four-Eyes Principle

被引：6

作者：

Bilzhause, Arne ^{[1
,2
]}

Huber, Manuel ^{[3
]}

Poehls, Henrich C. ^{[1
,2
]}

Samelin, Kai ^{[4
,5
]}

机构：

[1] Univ Passau, Chair IT Secur, Passau, Germany

[2] Univ Passau, Inst IT Secur & Secur Law ISL, Passau, Germany

[3] Fraunhofer Res Inst AISEC, Munich, Germany

[4] IBM Res Zurich, Ruschlikon, Switzerland

[5] Tech Univ Darmstadt, Darmstadt, Germany

来源：

PROCEEDINGS OF 2016 11TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, (ARES 2016) | 2016年

关键词：

D O I：

10.1109/ARES.2016.28

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The 4-eyes principle (4EP) is a well-known access control and authorization principle, and used in many scenarios to minimize the likelihood of corruption. It states that at least two separate entities must approve a message before it is considered authentic. Hence, an adversarial party aiming to forge bogus content is forced to convince other parties to collude in the attack. We present a formal framework along with a suitable security model. Namely, a party sets a policy for a given message which involves multiple additional approvers in order to authenticate the message. Finally, we show how these signatures are black-box realized by secure sanitizable signature schemes.

引用

页码：760 / 767

页数：8

共 32 条

[1]

Ahn J. H., 2011, 2011096 CRYPT EPRINT

[2]

[Anonymous], P 3 ACM C COMP COMM

[3]

[Anonymous], 2006, P 13 ACM C COMP COMM, DOI DOI 10.1145/1180405.1180453

[4]

Asokan N, 1998, LECT NOTES COMPUT SC, V1403, P591, DOI 10.1007/BFb0054156

[5]

Ateniese G, 2005, LECT NOTES COMPUT SC, V3679, P159

[6]

Baum-Waidner B, 2000, LECT NOTES COMPUT SC, V1853, P524

[7]

Boldyreva A, 2003, LECT NOTES COMPUT SC, V2567, P31

[8]

Boneh D, 2003, LECT NOTES COMPUT SC, V2656, P416

[9]

Brzuska Christina, 2014, Public Key Infrastructures, Services and Applications. 10th European Workshop, EuroPKI 2013, Revised Selected Papers: LNCS 8341, P12, DOI 10.1007/978-3-642-53997-8_2

[10]

Brzuska Christina, 2013, Public Key Infrastructures, Services and Applications. 9th European Workshop, EuroPKI 2012. Revised Selected Papers: LNCS 7868, P178, DOI 10.1007/978-3-642-40012-4_12

← 1 2 3 4 →