论文信息 - Towards Pervasive Cryptographic Access Control Models

Towards Pervasive Cryptographic Access Control Models

Access control lies at the heart of any technical information security and information assurance system. Access control is traditionally enforced by reference monitors, which are assumed to be able to reliably monitor and mediate all traffic from users to objects. An alternative view to enforcement is cryptography, referred to as cryptographic access control (CAC). CAC has gained popularity with the emergence of distributed computing, especially cloud computing and “everything as a service”. CAC is not a formal model, but an enforcement paradigm. In this paper we propose an extension to the current CAC framework and discuss the limits, where it is in general feasible to extend CAC as a paradigm over reference monitors.

Mikko Kiviharju

[1] Moni Naor,et al. Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[2] Craig Gentry,et al. A fully homomorphic encryption scheme , 2009 .

[3] B. Barak. Fully Homomorphic Encryption and Post Quantum Cryptography , 2010 .

[4] Dalia Khader,et al. Attribute Based Group Signature with Revocation , 2007, IACR Cryptol. ePrint Arch..

[5] D. E. Bell,et al. Secure Computer Systems : Mathematical Foundations , 2022 .

[6] Sushil Jajodia,et al. Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[7] Vijayalakshmi Atluri,et al. Role-based Access Control , 1992 .

[8] Brent Waters,et al. Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9] Dalia Khader,et al. Attribute Based Group Signatures , 2007, IACR Cryptol. ePrint Arch..

[10] J. Savoie. A Strong Three-Factor Authentication Device: Trusted DAVE and the New Generic Content-Based Information Security (CBIS) Architecture , 2004 .