Secure attribute-based systems

Journal of Computer Security

Volumn 18, Issue 5, 2010, Pages 799-837

  Pirretti, Matthew ^a   Traynor, Patrick ^b   McDaniel, Patrick ^c   Waters, Brent ^d  

^a MOTOROLA INC   (United States)

^b Georgia Institute of Technology   (United States)

^c PENNSYLVANIA STATE UNIVERSITY   (United States)

^d UNIVERSITY OF TEXAS AT AUSTIN   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOSYSTEMS; DISTRIBUTED FILE SYSTEMS; DISTRIBUTED SYSTEMS; MANAGEMENT ARCHITECTURES; PERFORMANCE ANALYSIS; POLICY SYSTEMS; SOCIAL NETWORKS;

CRYPTOGRAPHY; INFORMATION MANAGEMENT; NETWORK ARCHITECTURE;

NETWORK SECURITY;

EID: 77957150308     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2009-0383     Document Type: Article

References (43)

1. Friendster, http://www.friendster.com, 2006.
2. The OpenSSL project, http://www.openssl.org, 2006.
3. The Human Genome Project, http://www.ornl.gov/sci/techresources/Human- Genome/home.shtml, 2006.
4. G. Antenise, M. Blanton and J. Kirsch, Secret handshakes with dynamic and fuzzy matching, in: Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), San Diego, CA, 2007.
5. M. Bellare and P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, in: Proceedings of the ACM Conference on Computer and Communications Security (CCS), Fairfax, VA, 1993.
6. J. Bethencourt, A. Sahai and B. Waters, Ciphertext-policy attribute-based encryption, in: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, 2007.
7. M. Blaze, J. Feigenbaum and M. Strauss, Compliance checking in the PolicyMaker trust management system, in: Financial Cryptography (FC), Anguilla, BWI, 1998.
8. D. Boneh and M.K. Franklin, Identity-based encryption from the Weil pairing, in: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, Springer-Verlag, 2001, pp. 213-229.
9. M. Bowman, C. Dharap, M. Baruah, B. Camargo and S. Potti, A file system for information management, in: Proceedings of the ISMM International Conference on Intelligent Information Management Systems, March 1994.
10. J. Camenisch and E. Van Herreweghen, Design and implementation of the idemix anonymous credential system, in: Proceedings of the ACM Conference on Computer and Communications Security, Washington, DC, 2002.
11. R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor and B. Pinkas, Multicast security: A taxonomy and some efficient constructions, in: Proceedings of IEEE INFOCOM'99, New York, NY, 1999.
12. R. Canetti, O. Goldreich and S. Halevi, The random oracle methodology, revisited (preliminary version), in: Proceedings of the ACM Symposium on Theory of Computing (STOC), Dallas, TX, 1998, pp. 209-218.
13. C. Cocks, An identity based encryption scheme based on quadratic residues, in: IMA International Conference, 2001, pp. 360-363.
14. E. Cronin, S. Jamin, T. Malkin and P. McDaniel, On the performance, feasibility, and use of forward secure signatures, in: Proceedings of 10th ACM Conference on Computer and Communications Security (CCS), ACM, Washington, DC, October 2003, pp. 131-144.
15. D.E. Denning, A lattice model of secure information flow, Communications of the ACM 19(5) (1976), 236-243.
16. C. Ellison and B. Schneier, Ten risks of PKI: What you're not being told about public key infrastructure, Computer Security Journal 16(1) (2000), 1-7.
17. D.F. Ferraiolo, R. Sandhu, S. Gavrila, D.R. Kuhn and R. Chandramouli, Proposed NIST standard for role-based access control, ACM Transactions on Information System Security 4(3) (2001), 224-274.
18. C. Gentry and A. Silverberg, Hierarchical ID-based cryptography, in: Proceedings of ASIACRYPT, Queenstown, New Zealand, 2002.
19. B. Gopal and U. Manber, Integrating content-based access mechanisms with hierarchical file systems, in: OSDI'99: Proceedings of the Third Symposium on Operating Systems Design and Implementation, USENIX Association, Berkeley, CA, 1999, pp. 265-278.
20. V. Goyal, O. Pandey, A. Sahai and B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in: Proceedings of the ACM Conference on Computer and Communications Security (CCS), Fairfax, VA, 2006.
21. T. Hardjono and B. Weis, The multicast group security architecture, RFC 3740 (Informational), March 2004.
22. D.R. Hardy and M.F. Schwartz, Essence: A resource discovery system based on semantic file indexing, in: Proceedings of the USENIX Winter Conference, USENIX Association, Berkeley, CA, January 1993, pp. 361-374.
23. F.J. Hill and G.R. Peterson, Computer Aided Logical Design with Emphasis on VLSI, 4th edn, Wiley, 1993.
24. J. Horwitz and B. Lynn, Toward hierarchical identity-based encryption, in: Theory and Application of Cryptographic Techniques, 2002, pp. 466-481.
25. A. Kapadia, P.P. Tsang and S.W. Smith, Attribute-based publishing with hidden credentials and hidden policies, in: Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), San Diego, CA, 2007.
26. B. Lampson, Protection, in: Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, Princeton University, 1971, pp. 437-443,
27. B. Lynn, PBC library, 2006, available at: http://crypto.stanford.edu/pbc/ .
28. P. McDaniel, A. Prakash and P. Honeyman, A flexible framework for secure group communication, in: USENIX Security Symposium, Washington, DC, 1999, pp. 99-114.
29. P. McDaniel and A.D. Rubin, A response to "can we eliminate certificate revocation lists?", in: FC'00: Proceedings of the 4th International Conference on Financial Cryptography, SpringerVerlag, London, UK, 2001, pp. 245-258.
30. A.J. Menezes, T. Okamoto and S.A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, IEEE Transactions on Information Theory 39(5) (1993), 1639-1646.
31. A. Miyaji, M. Nakabayashi and S. Takano, New explicit conditions of elliptic curve traces for FR-reduction, IEICE Transactions on Fundamentals E84-A(5) (2001), 1234-1243. (Pubitemid 32486851)
32. M. Myers, R. Ankney, A. Malpani, S. Galperin and C. Adams, X.509 internet public key infrastructure: Online Certificate Status Protocol - OCSP, 1999, available at: http://www.ietf.org/rfc/rfc2560.txt.
33. D. Nali, C. Adams and A. Miri, Using threshold attribute-based encryption for practical biometric-based access control, International Journal of Network Security 1(3) (2005), 173-182.
34. M. Pirretti, P. Traynor, P. McDaniel and B. Waters, Secure attribute-based systems, in: Proceedings of the ACM Conference on Computer and Communications Security (CCS), Fairfax, VA, 2006.
35. A. Sahai and B. Waters, Fuzzy identity based encryption, in: Eurocrypt 2005, Aarhus, Denmark, 2005.
36. R.S. Sandhu, E.J. Coyne, H.L. Feinstein and C.E. Youman, Role-based access control models, Computer 29(2) (1996), 38-47.
37. R.S. Sandhu and P. Samarati, Access control: Principles and practice, IEEE Communications Magazine 32(9) (1994), 40-48.
38. A. Shamir, How to share a secret, Communications of the ACM 22(11) (1979), 612-613.
39. A. Shamir, Identity-based cryptosystems and signature schemes, in: Proceedings of CRYPTO 84 on Advances in Cryptology, Springer-Verlag, New York, 1985, pp. 47-53.
40. V. Shoup, Using hash functions as a hedge against chosen ciphertext attack, in: EUROCRYPT, Bruges, Belgium, 2000, pp. 275-288.
41. P. Traynor, K. Butler, W. Enck and P. McDaniel, Realizing massive-scale conditional access systems through attribute-based cryptosystems, in: Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS), San Diego, CA, 2008.
42. United States Department of Health and Human Services, Health Insurance Portability and Accountability Act, 1996, available at: http://aspe.hhs.gov/ admnsimp/pl104191.htm.
43. D. Yao, N. Fazio, Y. Dodis and A. Lysyanskaya, ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption, in: Proceedings of the ACM Conference on Computer and Communications Security (CCS), Washington, DC, 2004.