Privacy-Preserving Multi-Party Access Control

Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by different stakeholders for jointly-managed resources, thus determining whether access to those resources should be granted or not. While providing effective solutions for the protection of co-owned resources, existing approaches do not address the protection of policies themselves, whose disclosure can leak sensitive information about, e.g., the relationships of co-owners with other parties. In this paper, we propose a privacy-preserving multi-party access control mechanism, which preserves the confidentiality of user policies. In particular, we propose secure computation protocols for the evaluation of multi-party policies, based on two privacy-preserving techniques, namely homomorphic encryption and secure function evaluation. An experimental evaluation of our approach shows its practical feasibility in terms of both computation and communication costs.

[1]  Nadeem Javaid,et al.  Secure policy execution using reusable garbled circuit in the cloud , 2018, Future Gener. Comput. Syst..

[2]  Jason Crampton,et al.  On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval , 2015, SACMAT.

[3]  M. Premkumar,et al.  Resolving Multi-party Privacy Conflicts in Social Media , 2018 .

[4]  David M. Nicol,et al.  unFriendly: Multi-party Privacy Risks in Social Networks , 2010, Privacy Enhancing Technologies.

[5]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[6]  Peng Liu,et al.  My Friend Leaks My Privacy: Modeling and Analyzing Privacy in Social Networks , 2018, SACMAT.

[7]  Anna Cinzia Squicciarini,et al.  Constrained Social-Energy Minimization for Multi-Party Sharing in Online Social Networks , 2016, AAMAS.

[8]  Lauren E. Sherman,et al.  The Power of the Like in Adolescence , 2016, Psychological science.

[9]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[10]  Shafi Goldwasser,et al.  Machine Learning Classification over Encrypted Data , 2015, NDSS.

[11]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[12]  Jason Crampton,et al.  PTaCL: A Language for Attribute-Based Access Control in Open Systems , 2012, POST.

[13]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[14]  Shuchih Ernest Chang,et al.  User trust in social networking services: A comparison of Facebook and LinkedIn , 2017, Comput. Hum. Behav..

[15]  Sotiris Ioannidis,et al.  SAMPAC: Socially-Aware collaborative Multi-Party Access Control , 2017, CODASPY.

[16]  Jerry den Hartog,et al.  Data Governance and Transparency for Collaborative Systems , 2016, DBSec.

[17]  Gyu Myoung Lee,et al.  Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption , 2019, Sensors.

[18]  Fabio Martinelli,et al.  Privacy preserving clustering over horizontal and vertical partitioned data , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[19]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[20]  Jose M. Such,et al.  Sharing Policies in Multiuser Privacy Scenarios: Incorporating Context, Preferences, and Arguments in Decision Making , 2016 .

[21]  Zekeriya Erkin,et al.  Efficient and secure equality tests , 2016, 2016 IEEE International Workshop on Information Forensics and Security (WIFS).

[22]  Anna Cinzia Squicciarini,et al.  Survey on Access Control for Community-Centered Collaborative Systems , 2018, ACM Comput. Surv..

[23]  Pan Hui,et al.  Groupthink and Peer Pressure: Social Influence in Online Social Network Groups , 2009, 2009 International Conference on Advances in Social Network Analysis and Mining.

[24]  Jerry den Hartog,et al.  Formal analysis of XACML policies using SMT , 2017, Comput. Secur..

[25]  ZannoneNicola,et al.  Survey on Access Control for Community-Centered Collaborative Systems , 2018 .

[26]  Jerry den Hartog,et al.  Collaborative Access Decisions: Why Has My Decision Not Been Enforced? , 2016, ICISS.

[27]  Sotiris Ioannidis,et al.  Face/Off: Preventing Privacy Leakage From Photos in Social Networks , 2015, CCS.

[28]  Charles Morisset,et al.  Efficient Extended ABAC Evaluation , 2018, SACMAT.

[29]  Elaine B. Barker,et al.  SP 800-56B. Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography , 2009 .

[30]  Jerry den Hartog,et al.  CollAC: Collaborative access control , 2014, 2014 International Conference on Collaboration Technologies and Systems (CTS).

[31]  Michael Naehrig,et al.  Private Predictive Analysis on Encrypted Medical Data , 2014, IACR Cryptol. ePrint Arch..

[32]  William H. Jobe Functional completeness and canonical forms in many-valued logics1 , 1962, Journal of Symbolic Logic.

[33]  Nicola Zannone,et al.  Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[34]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[35]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[36]  Ninghui Li,et al.  Towards practical automated trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[37]  Philippe Fournier-Viger,et al.  Inferring social network user profiles using a partial social graph , 2016, Journal of Intelligent Information Systems.

[38]  Nicola Zannone,et al.  Towards the development of privacy-aware systems , 2009, Inf. Softw. Technol..

[39]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[40]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[41]  Sandro Etalle,et al.  GEM: A distributed goal evaluation algorithm for trust management , 2012, Theory and Practice of Logic Programming.

[42]  Zekeriya Erkin,et al.  Generating Private Recommendations Efficiently Using Homomorphic Encryption and Data Packing , 2012, IEEE Transactions on Information Forensics and Security.

[43]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[44]  D. C. Feldman,et al.  The Development and Enforcement of Group Norms , 1984 .

[45]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[46]  Zekeriya Erkin,et al.  An efficient privacy-preserving comparison protocol in smart metering systems , 2016, EURASIP J. Inf. Secur..

[47]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.