Cryptographically enforced RBAC
Ferrara A, Fuchsbauer G, Warinschi B. 2013. Cryptographically enforced RBAC. CSF: Computer Security Foundations, 115–129.
Download (ext.)
http://eprint.iacr.org/2013/492
[Submitted Version]
Conference Paper
| Published
| English
Scopus indexed
Author
Ferrara, Anna;
Fuchsbauer, GeorgISTA;
Warinschi, Bogdan
Department
Abstract
Cryptographic access control promises to offer easily distributed trust and broader applicability, while reducing reliance on low-level online monitors. Traditional implementations of cryptographic access control rely on simple cryptographic primitives whereas recent endeavors employ primitives with richer functionality and security guarantees. Worryingly, few of the existing cryptographic access-control schemes come with precise guarantees, the gap between the policy specification and the implementation being analyzed only informally, if at all. In this paper we begin addressing this shortcoming. Unlike prior work that targeted ad-hoc policy specification, we look at the well-established Role-Based Access Control (RBAC) model, as used in a typical file system. In short, we provide a precise syntax for a computational version of RBAC, offer rigorous definitions for cryptographic policy enforcement of a large class of RBAC security policies, and demonstrate that an implementation based on attribute-based encryption meets our security notions. We view our main contribution as being at the conceptual level. Although we work with RBAC for concreteness, our general methodology could guide future research for uses of cryptography in other access-control models.
Publishing Year
Date Published
2013-09-01
Publisher
IEEE
Page
115 - 129
Conference
CSF: Computer Security Foundations
Conference Location
New Orleans, LA, United States
Conference Date
2013-09-26 – 2013-09-28
IST-REx-ID
Cite this
Ferrara A, Fuchsbauer G, Warinschi B. Cryptographically enforced RBAC. In: IEEE; 2013:115-129. doi:10.1109/CSF.2013.15
Ferrara, A., Fuchsbauer, G., & Warinschi, B. (2013). Cryptographically enforced RBAC (pp. 115–129). Presented at the CSF: Computer Security Foundations, New Orleans, LA, United States: IEEE. https://doi.org/10.1109/CSF.2013.15
Ferrara, Anna, Georg Fuchsbauer, and Bogdan Warinschi. “Cryptographically Enforced RBAC,” 115–29. IEEE, 2013. https://doi.org/10.1109/CSF.2013.15.
A. Ferrara, G. Fuchsbauer, and B. Warinschi, “Cryptographically enforced RBAC,” presented at the CSF: Computer Security Foundations, New Orleans, LA, United States, 2013, pp. 115–129.
Ferrara A, Fuchsbauer G, Warinschi B. 2013. Cryptographically enforced RBAC. CSF: Computer Security Foundations, 115–129.
Ferrara, Anna, et al. Cryptographically Enforced RBAC. IEEE, 2013, pp. 115–29, doi:10.1109/CSF.2013.15.
All files available under the following license(s):
Copyright Statement:
This Item is protected by copyright and/or related rights. [...]
Link(s) to Main File(s)
Access Level
Open Access