End-to-end confidentiality for a message warehousing service using Identity-Based Encryption

More and more classes of devices become capable of connecting to the Internet. Due to the observation that a point-to-point communication is insufficient for many non-interactive application integration scenarios we assume the existence of a logically centralized message warehousing service, which clients can use to deposit and retrieve messages. The particular challenge in this context is that a client depositing messages can only describe eligible receiving clients using their characterizing attributes and does not know their specific identities. The depositing client still wants to prevent exposure of the message content to the message warehousing service. We explore how this many-to-many integration between devices and enterprise systems can achieve end-to-end information confidentiality using a solution based on Identity-Based Encryption.

[1]  Ying Wang,et al.  An ID-based broadcast encryption scheme for key distribution , 2005, IEEE Trans. Broadcast..

[2]  Joachim Biskup,et al.  A Hybrid PKI Model: Application to Secure Mediation , 2002, DBSec.

[3]  Marco Casassa Mont,et al.  A flexible role-based secure messaging service: exploiting IBE technology for privacy in health care , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[4]  Tyron Stading,et al.  Secure communication in a distributed system using identity based encryption , 2003, CCGrid 2003. 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid, 2003. Proceedings..

[5]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[6]  Yücel Karabulut,et al.  Secure Enterprise Services Consumption for SaaS Technology Platforms , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[7]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[8]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.