Attribute-based access control with hidden policies and hidden credentials

IEEE Transactions on Computers

Volumn 55, Issue 10, 2006, Pages 1259-1270

  Frikken, Keith ^a   Atallah, Mikhail ^a   Li, Jiangtao ^a  

^a Purdue University   (United States)

Author keywords

Access control; Authentication; Electronic commerce security; Hidden credentials; Management of computing and information systems; Privacy; Security and protection; Trust negotiation

Indexed keywords

DATA PRIVACY; ELECTRONIC COMMERCE; INTERNET; MANAGEMENT INFORMATION SYSTEMS; NETWORK PROTOCOLS;

ACCCESS CONTROL; AUTHENTICATION; DIGITAL CREDENTIALS; ELECTRONIC COMMERCE-SECURITY; HIDDEN CREDENTIALS; TRUST NEGOTIATION;

SECURITY OF DATA;

EID: 33748485156     PISSN: 00189340     EISSN: None     Source Type: Journal    
DOI: 10.1109/TC.2006.158     Document Type: Article

References (38)

1. D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H.-C. Wong, "Secret Handshakes from Pairing-Based Key Agreements," Proc. IEEE Symp. Security and Privacy, pp. 180-196, May 2003.
2. M. Bellare and S. Micali, "Non-Interactive Oblivious Transfer and Applications," Advances in Cryptology - CRYPTO 1989, pp. 547-557, 1989.
3. M. Blaze, J. Feigenbaum, and J. Lacy, "Decentralized Trust Management," Proc. IEEE Symp. Security and Privacy, pp. 164-173, May 1996.
4. P. Bonatti and P. Samarati, "Regulating Service Access and Information Release on the Web," Proc. Seventh ACM Conf. Computer and Comm. Security, pp. 134-143, Nov. 2000.
5. D. Boneh and M. Franklin, "Identity-Based Encryption from the Weil Pairing," Advances in Cryptology - Proc. CRYPTO 2001, pp. 213-229, 2001.
6. R. Bradshaw, J. Holt, and K. Seamons, "Concealing Complex Policies with Hidden Credentials," Proc. 11th ACM Conf. Computer and Comm. Security, pp. 146-157, Oct. 2004.
7. R. Canetti, "Security and Composition of Multiparty Cryptographic Protocols," J. Cryptology, vol. 13, no. 1, pp. 143-202, 2000.
8. R. Canetti, Y. Lindell, R. Ostrovsky, and A. Sahai, "Universally Composable Two-Party and Multi-Party Secure Computation," Proc. 24th ACM Symp. Theory of Computing, pp. 494-503, 2002.
9. C. Cocks, "An Identity Based Encryption Scheme Based on Quadratic Residues," Proc. Eighth IMA Int'l Conf. Cryptography and Coding, pp. 360-363. Dec. 2001.
10. J. Daemen and V. Jijmen, The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, 2002.
11. I. Damgård and M. Jurik, "A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System," Proc. Fourth Int'l Workshop Practice and Theory in Public Key Cryptosystems, pp. 119-136, 2001.
12. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen, SPKI Certificate Theory. IETF RFC 2693, Sept. 1999.
13. S. Even, O. Goldreich, and A. Lempel, "A Randomized Protocol for Signing Contracts," Comm. ACM, vol. 28, no. 6, pp. 637-647, 1985.
14. M. Freedman, K. Nissim, B. Pinkas, "Efficient Private Matching and Set Intersection," Advances in Cryptology - Proc. EUROCRYPT 2004, pp. 1-19, May 2004.
15. O. Goldreich, "Cryptography and Cryptographic Protocols," Distributed Computing, vol. 16, nos. 2-3, pp. 177-199, 2003.
16. O. Goldreich, Foundations of Cryptography: Volume II Basic Application. Cambridge Univ. Press, 2004.
17. O. Goldreich, S. Micali, and A. Wigderson, "How to Play Any Mental Game or a Completeness Theorem for Protocols with Honest Majority," Proc. 19th ACM Symp. Theory of Computing, pp. 218-229, May 1986.
18. J.E. Holt, R.W. Bradshaw, K.E. Seamons, and H. Orman, "Hidden Credentials," Proc. Second ACM Workshop Privacy in the Electronic Sec., pp. 1-8, Oct. 2003.
19. J. Katz and R. Ostrovsky, "Round-Optimal Secure Two-Party Computation," Advances in Cryptology - Proc. CRYPTO 2004, pp. 335-354, 2004.
20. N. Li, W. Du, and D. Boneh, "Oblivious Signature-Based Envelope," Proc. 22nd ACM Symp. Principles of Distributed Computing, pp. 182-189, July 2003.
21. N. Li, J.C. Mitchell, and W.H. Winsborough, "Design of a Role-Based Trust Management Framework," Proc. IEEE Symp. Security and Privacy, pp. 114-130, May 2002.
22. N. Li, W.H. Winsborough, and J.C. Mitchell, "Distributed Credential Chain Discovery in Trust Management," J. Computer Security, vol. 11, no. 1, pp. 35-86, Feb. 2003.
23. D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella, "Fairplay - A Secure Two-Party Computation System," Proc. Usenix Security, pp. 287-302, Aug. 2004.
24. M. Naor and B. Pinkas, "Efficient Oblivious Transfer Protocols," Proc. SIAM Symp. Discrete Algorithms, pp. 448-457, Jan. 2001.
25. T. Okamoto, S. Uchiyama, and E. Fujisaki, Epoc: Efficient Probabilistic Public-Key Encryption Submission to IEEE p1363a., 1998.
26. P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," Advances in Cryptology - Proc. EUROCRYPT 1999, pp. 223-238, 1999.
27. R.L. Rivest and B. Lampson, SDSI - A Simple Distributed Security Infrastructure, Oct. 1996, http://theory.lcs.mit.edu/~rivest/sdsi11.html.
28. K.E. Seamons, M. Winslett, and T. Yu, "Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation," Proc. Symp. Network and Distributed System Security, Feb. 2001.
29. A. Shamir, "Identity-Based Cryptosystems and Signature Schemes," Advances in Cryptology - Proc. CRYPTO 1984, pp. 47-53, 1984.
30. L. Valiant, "Universal Circuits (Preliminary Report)," Proc. Eighth ACM Symp. Theory of Computing, pp. 196-203, 1976.
31. W.H. Winsborough and N. Li, "Towards Practical Automated Trust Negotiation," Proc. Third Int'l Workshop Policies for Distributed Systems and Networks, pp. 92-103, June 2002.
32. W.H. Winsborough and N. Li, "Safety in Automated Trust Negotiation," Proc. IEEE Symp. Security and Privacy, pp. 147-160, May 2004.
33. W.H. Winsborough, K.E. Seamons, and V.E. Jones, "Automated Trust Negotiation," Proc. DARPA Information Survivability Conf. and Exposition, vol. I, pp. 88-102, Jan. 2000.
34. M. Winslett, T. Yu, K.E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu, "Negotiating Trust on the Web," IEEE Internet Computing, vol. 6, no. 6, pp. 30-37, Nov. 2002.
35. A. Yao, "How to Generate and Exchange Secrets," Proc. 27th IEEE Symp. Foundations of Computer Science, pp. 162-167, 1986.
36. A.C. Yao, "How to Generate and Exchange Secrets," Proc. 27th IEEE Symp. Foundations of Computer Science, pp. 162-167, 1986.
37. T. Yu and M. Winslett, "A Unified Scheme for Resource Protection in Automated Trust Negotiation," Proc. IEEE Symp. Security and Privacy, pp. 110-122, May 2003.
38. T. Yu, M. Winslett, and K.E. Seamons, "Interoperable Strategies in Automated Trust Negotiation," Proc. Eighth ACM Conf. Computer and Comm. Security, pp. 146-155, Nov. 2001.