Journal Article10.3233/JCS-2009-0383
Secure attribute-based systems
150
TL;DR: A novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives is introduced and a policy system that meets the needs of complex policies is defined and illustrated, and cryptographic optimizations that vastly improve enforcement efficiency are proposed.
read more
Abstract: Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two proposed applications: a HIPAA compliant distributed file system and a social network. A performance analysis and characterization of ABE primitives demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
TL;DR: A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.
Time-based proxy re-encryption scheme for secure data sharing in a cloud environment
Qin Liu,Guojun Wang,Jie Wu +2 more
TL;DR: A time-based proxy re-encryption (TimePRE) scheme to allow a user's access right to expire automatically after a predetermined period of time, so that the data owner can be offline in the process of user revocations.
258
Towards Secure and Privacy-Preserving Data Sharing for COVID-19 Medical Records: A Blockchain-Empowered Approach
TL;DR: Wang et al. as mentioned in this paper proposed a blockchain-empowered security and privacy protection scheme with traceable and direct revocation for COVID-19 medical records, which performs the blockchain for uniform identity authentication and all public keys, revocation lists, etc are stored on a blockchain.
177
Flexible Data Access Control Based on Trust and Reputation in Cloud Computing
Zheng Yan,Xueyun Li,Mingjun Wang,Athanasios V. Vasilakos +3 more
- 01 Jul 2017
TL;DR: A scheme to control data access in cloud computing based on trust evaluated by the data owner and/or reputations generated by a number of reputation centers in a flexible manner is proposed by applying Attribue-Based Encryption and Proxy Re-Encryption.
159
Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage
TL;DR: This work presents a searchable CP‐ABE with attribute revocation, where access structures are partially hidden so that receivers cannot extract sensitive information from the ciphertext.
135
References
How to share a secret
TL;DR: This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
- 19 Aug 2001
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Identity-based cryptosystems and signature schemes
Adi Shamir
- 23 Aug 1985
TL;DR: In this article, the authors introduce a novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other's signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
- 01 Dec 1993
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
5.7K
Related Papers (5)
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
Amit Sahai,Brent Waters +1 more
- 22 May 2005
Allison Lewko,Brent Waters +1 more
- 15 May 2011