Cryptographic Role-Based Access Control, Reconsidered

被引：0

作者：

Liu, Bin ^{[1
]}

Michalas, Antonis ^{[1
,2
]}

Warinschi, Bogdan ^{[3
,4
]}

机构：

[1] Tampere Univ, Tampere, Finland

[2] RISE Res Inst Sweden, Gothenburg, Sweden

[3] DFINITY, Zurich, Switzerland

[4] Univ Bristol, Bristol, Avon, England

来源：

PROVABLE AND PRACTICAL SECURITY, PROVSEC 2022 | 2022年 / 13600卷

关键词：

D O I：

10.1007/978-3-031-20917-8_19

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we follow the line of existing study on cryptographic enforcement of Role-Based Access Control (RBAC). Inspired by the study of the relation between the existing security definitions for such system, we identify two different types of attacks which cannot be captured by the existing ones. Therefore, we propose two new security definitions towards the goal of appropriately modelling cryptographic enforcement of Role-Based Access Control policies and study the relation between our new definitions and the existing ones. In addition, we show that the cost of supporting dynamic policy update is inherently expensive by presenting two lower bounds for such systems which guarantee correctness and secure access.

引用

页码：282 / 289

页数：8

共 50 条

[1] Cryptographic Enforcement of Role-Based Access Control
Crampton, Jason
[J]. FORMAL ASPECTS OF SECURITY AND TRUST, 2011, 6561 : 191 - 205
[2] Universally Composable Cryptographic Role-Based Access Control
Liu, Bin
Warinschi, Bogdan
[J]. PROVABLE SECURITY, (PROVSEC 2016), 2016, 10005 : 61 - 80
[3] Role-based access control
[J]. Xiaoxing Weixing Jisuanji Xitong/Mini-Micro Systems, 2000, 21 (02): : 198 - 200
[4] Integrating Trust with Cryptographic Role-based Access Control for Secure Cloud Data Storage
Zhou, Lan
Varadharajan, Vijay
Hitchens, Michael
[J]. 2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013), 2013, : 560 - 569
[5] Trust Enhanced Cryptographic Role-Based Access Control for Secure Cloud Data Storage
Zhou, Lan
Varadharajan, Vijay
Hitchens, Michael
[J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2015, 10 (11) : 2381 - 2395
[6] Trust-based Secure Cloud Data Storage with Cryptographic Role-based Access Control
Zhou, Lan
Varadharajan, Vijay
Hitchens, Michael
[J]. PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY (SECRYPT 2013), 2013, : 62 - 73
[7] Role-based access control and the access control matrix
Saunders, G
Hitchens, M
Varadharajan, V
[J]. INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS, 2003, 2836 : 145 - 157
[8] Role-Based Access Control and the Access Control Matrix
Saunders, G.
Hitchens, M.
Varadharajan, V.
[J]. 2001, Association for Computing Machinery (35):
[9] Role-based access control in DCOM
Ahn, GJ
[J]. JOURNAL OF SYSTEMS ARCHITECTURE, 2000, 46 (13) : 1175 - 1184
[10] Role-Based Access Control in Retrospect
Franqueira, Virginia N. L.
Wieringa, Roel J.
[J]. COMPUTER, 2012, 45 (06) : 81 - 88

← 1 2 3 4 5 →