Cryptographic Role-Based Access Control, Reconsidered
2022 (English)In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)Volume 13600 LNCS, Pages 282 - 2892022, Springer Science and Business Media Deutschland GmbH , 2022, p. 282-289Conference paper, Published paper (Refereed)
Abstract [en]
In this paper, we follow the line of existing study on cryptographic enforcement of Role-Based Access Control (RBAC). Inspired by the study of the relation between the existing security definitions for such system, we identify two different types of attacks which cannot be captured by the existing ones. Therefore, we propose two new security definitions towards the goal of appropriately modelling cryptographic enforcement of Role-Based Access Control policies and study the relation between our new definitions and the existing ones. In addition, we show that the cost of supporting dynamic policy update is inherently expensive by presenting two lower bounds for such systems which guarantee correctness and secure access. © 2022, The Author(s).
Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2022. p. 282-289
Keywords [en]
Cryptography, Access control policies, Control studies, Cryptographic enforcements, CryptoGraphics, Dynamic policy, Low bound, Role-based Access Control, Security definitions, Access control
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ri:diva-61408DOI: 10.1007/978-3-031-20917-8_19Scopus ID: 2-s2.0-85142696280ISBN: 9783031209161 (print)OAI: oai:DiVA.org:ri-61408DiVA, id: diva2:1718075
Conference
16th International Conference on Provable and Practical Security, ProvSec 2022Nanjing11 November 2022through 12 November 2022
2022-12-122022-12-122022-12-12Bibliographically approved