Title :
Access control enforcement on outsourced data ensuring privacy of access control policies
Author :
Tourani, Parastou ; Hadavi, Mohammad Ali ; Jalili, Rasool
Author_Institution :
Dept. of Comput. Eng., Sharif Univ. of Technol., Tehran, Iran
Abstract :
Nowadays, data outsourcing has become a solution for many organizations especially large scale enterprises due to the high costs of in-house management of the rapidly growing data. Among all security requirements in this context, user access control and its following dynamic changes are of interest. In this paper, we propose an efficient and reliable mechanism to solve this problem in owner-write-users-read applications. A novel solution is introduced to enforce access control on outsourced data using the Chinese Remainder Theorem. The solution allows updating policy changes at a limited cost in terms of both computational power and the number of users´ secret keys. Although the server, on which data is stored, is delegated for enforcing access control, access control policies are protected from being revealed to the server or the users. The solution is applicable to data outsourcing scenarios where users are anonymous but the server is still able to enforce the owner access control policies.
Keywords :
authorisation; cryptography; data privacy; outsourcing; Chinese Remainder Theorem; access control enforcement; access control policies; data outsourcing; in-house management; large scale enterprises; outsourced data ensuring privacy; owner-write-users-read applications; rapidly growing data; security requirements; user access control; user secret keys; Authorization; Encryption; Outsourcing; Servers; Access Control; Access Control Policy; Chinese Remainder Theorem; Outsourced Data; Privacy;
Conference_Titel :
High Performance Computing and Simulation (HPCS), 2011 International Conference on
Conference_Location :
Istanbul
Print_ISBN :
978-1-61284-380-3
DOI :
10.1109/HPCSim.2011.5999865
