Cryptographic Role-Based Access Control, Reconsidered

被引：2

作者：

Liu, Bin ^{[1
]}

Michalas, Antonis ^{[1
,2
]}

Warinschi, Bogdan ^{[3
,4
]}

机构：

[1] Tampere Univ, Tampere, Finland

[2] RISE Res Inst Sweden, Gothenburg, Sweden

[3] DFINITY, Zurich, Switzerland

[4] Univ Bristol, Bristol, Avon, England

来源：

PROVABLE AND PRACTICAL SECURITY, PROVSEC 2022 | 2022年 / 13600卷

关键词：

D O I：

10.1007/978-3-031-20917-8_19

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we follow the line of existing study on cryptographic enforcement of Role-Based Access Control (RBAC). Inspired by the study of the relation between the existing security definitions for such system, we identify two different types of attacks which cannot be captured by the existing ones. Therefore, we propose two new security definitions towards the goal of appropriately modelling cryptographic enforcement of Role-Based Access Control policies and study the relation between our new definitions and the existing ones. In addition, we show that the cost of supporting dynamic policy update is inherently expensive by presenting two lower bounds for such systems which guarantee correctness and secure access.

引用

页码：282 / 289

页数：8

共 14 条

[11] Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud [J].

Qi, Saiyu ;

Zheng, Yuanqing .

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2021, 18 (02) :765-779

[12] Hierarchical Attribute-Based Encryption for Fine-Grained Access Controlin Cloud Storage Services [J].

Wang, Guojun ;

Liu, Qin ;

Wu, Jie .

PROCEEDINGS OF THE 17TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'10), 2010, :735-737

[13]

Weber SG, 2013, CRYPTOLOGY EPRINT AR, V219

[14]

Zhu Youchan, 2010, Proceedings of the 2010 International Conference on Intelligent Computation Technology and Automation (ICICTA 2010), P314, DOI 10.1109/ICICTA.2010.514

← 1 2 →