Article

Cryptographically Enforced RBAC

Authors:

Anna Lisa Ferrara,

Georg Fuchsbauer,

Bogdan WarinschiAuthors Info & Claims

CSF '13: Proceedings of the 2013 IEEE 26th Computer Security Foundations Symposium

Pages 115 - 129

https://doi.org/10.1109/CSF.2013.15

Published: 26 June 2013 Publication History

Abstract

Cryptographic access control promises to offer easily distributed trust and broader applicability, while reducing reliance on low-level online monitors. Traditional implementations of cryptographic access control rely on simple cryptographic primitives whereas recent endeavors employ primitives with richer functionality and security guarantees. Worryingly, few of the existing cryptographic access-control schemes come with precise guarantees, the gap between the policy specification and the implementation being analyzed only informally, if at all.In this paper we begin addressing this shortcoming.Unlike prior work that targeted ad-hoc policy specification, we look at the well-established Role-Based Access Control (RBAC) model, as used in a typical file system. In short, we provide a precise syntax for a computational version of RBAC, offer rigorous definitions for cryptographic policy enforcement of a large class of RBAC security policies, and demonstrate that an implementation based on attribute-based encryption meets our security notions. We view our main contribution as being at the conceptual level. Although we work with RBAC for concreteness, our general methodology could guide future research for uses of cryptography in other access-control models.

Cited By

View all

Alderman JCrampton JFarley NBertino ESandhu RWeippl E(2017)A Framework for the Cryptographic Enforcement of Information Flow PoliciesProceedings of the 22nd ACM on Symposium on Access Control Models and Technologies10.1145/3078861.3078868(143-154)Online publication date: 7-Jun-2017
https://dl.acm.org/doi/10.1145/3078861.3078868
Liu BWarinschi B(2016)Universally Composable Cryptographic Role-Based Access ControlProceedings of the 10th International Conference on Provable Security - Volume 1000510.1007/978-3-319-47422-9_4(61-80)Online publication date: 10-Nov-2016
https://dl.acm.org/doi/10.1007/978-3-319-47422-9_4
Alderman JJanson CCid CCrampton JBao FMiller SZhou JAhn G(2015)Access Control in Publicly Verifiable Outsourced ComputationProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714636(657-662)Online publication date: 14-Apr-2015
https://dl.acm.org/doi/10.1145/2714576.2714636
Show More Cited By

Cryptographically Enforced RBAC

Recommendations

DW-RBAC: A formal security model of delegation and revocation in workflow systems

One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current ...
A delegation model for extended RBAC

In the field of access control, delegation is an important aspect that is considered part of the administration mechanism. Thus, a comprehensive access control model must provide a flexible administration model to manage delegation and revocation. ...
ABAC and RBAC: Scalable, Flexible, and Auditable Access Management

Is it possible to obtain the flexibility and advantages of attribute-based access control while maintaining role-based access control's advantages for analysis and risk control?

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSF '13: Proceedings of the 2013 IEEE 26th Computer Security Foundations Symposium

June 2013

287 pages

ISBN:9780769550312

Publisher

IEEE Computer Society

United States

Publication History

Published: 26 June 2013

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Alderman JCrampton JFarley NBertino ESandhu RWeippl E(2017)A Framework for the Cryptographic Enforcement of Information Flow PoliciesProceedings of the 22nd ACM on Symposium on Access Control Models and Technologies10.1145/3078861.3078868(143-154)Online publication date: 7-Jun-2017
https://dl.acm.org/doi/10.1145/3078861.3078868
Liu BWarinschi B(2016)Universally Composable Cryptographic Role-Based Access ControlProceedings of the 10th International Conference on Provable Security - Volume 1000510.1007/978-3-319-47422-9_4(61-80)Online publication date: 10-Nov-2016
https://dl.acm.org/doi/10.1007/978-3-319-47422-9_4
Alderman JJanson CCid CCrampton JBao FMiller SZhou JAhn G(2015)Access Control in Publicly Verifiable Outsourced ComputationProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714636(657-662)Online publication date: 14-Apr-2015
https://dl.acm.org/doi/10.1145/2714576.2714636
Ferrara AMadhusudan PNguyen TParlato G(2014)Vac - Verifier of Administrative Role-Based Access Control PoliciesProceedings of the 16th International Conference on Computer Aided Verification - Volume 855910.1007/978-3-319-08867-9_12(184-191)Online publication date: 18-Jul-2014
https://dl.acm.org/doi/10.1007/978-3-319-08867-9_12

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

DW-RBAC: A formal security model of delegation and revocation in workflow systems

A delegation model for extended RBAC

ABAC and RBAC: Scalable, Flexible, and Auditable Access Management

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations