Back to University of Twente portal
Cryptographically enforced distributed data access control
Ibraimi, Luan (2011) Cryptographically enforced distributed data access control. thesis.
![[img]](http://doc.utwente.nl/style/images/fileicons/application_pdf.png)
| PDF 3514Kb |
| Abstract: | Outsourcing data storage reduces the cost of ownership. However, once data is stored
on a remote server, users lose control over their sensitive data. There are two approaches to control the access to outsourced data. The first approach assumes that the outsourcee is fully trusted. This approach is also referred to as server mediated access control and works as follows: whenever a user wants to access the stored data, the user has to provide credentials to the server. If the credentials are valid and satisfy the access control policy, the user is allowed to access the stored data. However, fully trusting the server can be dangerous since if the server gets hacked, all users data would be readable by hackers. The second approach reduces the trust on the server and assumes that the server is honest-but-curious: the server is honest in the sense that it stores the data correctly and makes the data available to users, and the server is curious in the sense that it attempts to extract knowledge from the stored data. This approach is also referred as cryptographically enforced access control because it relies on encryption techniques to enforce an access control policy. The main idea of this approach is to map an access control policy into an encryption key, and then to encrypt the data under the encryption key such that only authorized users who possess a decryption key can access the data in clear. Even if the server gets hacked, user data are secure since the data are encrypted. In this thesis we focus on the second approach and propose new encryption schemes for enforcing access control policies with significant advantages over existing ones. In particular, we push the limits of three cryptographic primitives: proxy re-encryption, attribute-based encryption and public-key encryption. |
| Item Type: | Thesis |
| Faculty: | Electrical Engineering, Mathematics and Computer Science (EEMCS) |
| Research Group: | |
| Link to this item: | http://purl.utwente.nl/publications/78287 |
| Official URL: | http://dx.doi.org/10.3990/1.9789036532280 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page