Proceedings Article10.1145/1180405.1180419
Secure attribute-based systems
Matthew Pirretti,Patrick Traynor,Patrick McDaniel,Brent Waters +3 more
- 30 Oct 2006
- pp 99-112
TL;DR: A novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives is introduced and a policy system that meets the needs of complex policies is defined and illustrated and cryptographic optimizations that vastly improve enforcement efficiency are proposed.
read more
Abstract: Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two example applications: a HIPAA compliant distributed file system and a social network. A performance analysis of our ABE system and example applications demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Attribute-based encryption for fine-grained access control of encrypted data
Vipul Goyal,Omkant Pandey,Amit Sahai,Brent Waters +3 more
- 30 Oct 2006
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Ciphertext-Policy Attribute-Based Encryption
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization
Brent Waters
- 06 Mar 2011
TL;DR: A new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model is presented.
Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption
Allison Lewko,Tatsuaki Okamoto,Amit Sahai,Katsuyuki Takashima,Brent Waters +4 more
- 30 May 2010
TL;DR: In this article, a fully secure attribute-based encryption (ABE) scheme and a predicate encryption (PE) scheme for inner-product predicates were constructed using dual pairing vector spaces.
•Posted Content
Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization.
TL;DR: In this article, the authors present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model.
References
How to share a secret
TL;DR: This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
- 19 Aug 2001
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Identity-based cryptosystems and signature schemes
Adi Shamir
- 23 Aug 1985
TL;DR: In this article, the authors introduce a novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other's signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
- 01 Dec 1993
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
5.7K
Related Papers (5)
Amit Sahai,Brent Waters +1 more
- 22 May 2005
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
Dan Boneh,Matthew K. Franklin +1 more
- 19 Aug 2001
Adi Shamir
- 23 Aug 1985