Dynamic Accumulator Based Discretionary Access Control for Outsourced Storage with Unlinkable Access - (Short Paper)

In this paper we are interested in privacy preserving discretionary access control (DAC) for outsourced storage such as increasingly popular cloud storage services. Our main goal is to enable clients, who outsource data items, to delegate permissions (read, write, delete) to other clients such that clients are able to unlinkably and anonymously perform operations on outsourced data items when holding adequate permission. In contrast to recent approaches based on oblivious RAM, oblivious transfer combined with anonymous credentials or attribute based encryption, we propose a solution based on dynamic accumulators. In doing so, our approach naturally reflects the concept of access control lists (ACLs), which are a popular means to implement DAC.

[1]  Stanislaw Jarecki,et al.  Public Key Cryptography – PKC 2009 , 2009, Lecture Notes in Computer Science.

[2]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[3]  Joachim Biskup,et al.  Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings , 2007, ESORICS.

[4]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[5]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[6]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[7]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[8]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[9]  Peter Williams,et al.  Building castles out of mud: practical access pattern privacy and correctness on untrusted storage , 2008, CCS.

[10]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[11]  Stefan Katzenbeisser,et al.  Oblivious Outsourced Storage with Delegation , 2011, Financial Cryptography.

[12]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[13]  Jan Camenisch,et al.  Oblivious transfer with access control , 2009, IACR Cryptol. ePrint Arch..

[14]  Claudio Soriente,et al.  An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials , 2009, IACR Cryptol. ePrint Arch..

[15]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[16]  Vinod Ganapathy,et al.  K2C: Cryptographic Cloud Storage with Lazy Revocation and Anonymous Access , 2011, SecureComm.

[17]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[18]  Jan Camenisch,et al.  Oblivious Transfer with Hidden Access Control Policies , 2011, Public Key Cryptography.

[19]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[20]  Matthew Green,et al.  Access controls for oblivious and anonymous systems , 2011, TSEC.

[21]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.