Journal
2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS
Volume -, Issue -, Pages 321-+Publisher
IEEE COMPUTER SOC
DOI: 10.1109/sp.2007.11
Keywords
-
Categories
Funding
- National Natural Science Foundation of China [61572146, 61363030, 61262030, U1501252, 61562015]
- Natural Science Foundation of Guangxi Province [2015GXNSFAA139285, 2014GXNSFAA118354, 2016GXNSFDA380006, 2015GXNSFDA139038]
- Guangxi Key Laboratory of Trusted Software
- High Level of Innovation Team of Colleges and Universities in Guangxi and Outstanding Scholars Program
Ask authors/readers for more resources
In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call Ciphertext-Policy Attribute-Based Encryption. By using our techniques encrypted data can be kept confidential even if the storage server is untrusted; moreover, our methods are secure against collusion attacks. Previous Attribute-Based Encryption systems used attributes to describe the encrypted data and built policies into user's keys,while in our system attributes are used to describe a user's credentials, and a party encrypting data determines a policy for who can decrypt. Thus, our methods are conceptually closer to traditional access control methods such as Role-Based Access Control (RBAC). In addition, we provide an implementation of our system and give performance measurements.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available
Share Paper
