Skip to content

Universally Composable Cryptographic Role-Based Access Control

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Original languageEnglish
Title of host publicationProvable Security - ProvSec 2016
Subtitle of host publication10th International Conference, ProvSec 2016, Nanjing, China, November 10-11, 2016, Proceedings
EditorsLiqun Chen, Jinguang Han
Publisher or commissioning bodySpringer
Pages61-80
Number of pages20
ISBN (Electronic)9783319474229
ISBN (Print)9783319474212
DOIs
DateAccepted/In press - 3 Aug 2016
DateE-pub ahead of print - 13 Oct 2016
DatePublished (current) - 16 Nov 2016

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
ISSN (Print)0302-9743

Abstract

In cryptographic access control sensitive data is protected by cryptographic primitives and the desired access structure is enforced through appropriate management of the secret keys. In this paper we study rigorous security definitions for the cryptographic enforcement of Role Based Access Control (RBAC). We propose the first simulation-based security definition within the framework of Universal Composability (UC). Our definition is natural and intuitively appealing, so we expect that our approach would carry over to other access models.

Next, we establish two results that clarify the strength of our definition when compared with existing ones that use the game-based definitional approach. On the positive side, we demonstrate that both read and write-access guarantees in the sense of game-based security are implied by UC security of an access control system. Perhaps expected, this result serves as confirmation that the definition we propose is sound.

Our main technical result is a proof that simulation-based security requires impractical assumptions on the encryption scheme that is employed. As in other simulation-based settings, the source of inefficiency is the well known "commitment problem" which naturally occurs in the context of cryptographic access control to file systems.

    Research areas

  • cryptographic protocols/Access Control, Universal Composability

Documents

Links

DOI

View research connections

Related faculties, schools or groups