Kayem, Anne V.D.M. and Martin, Patrick and Akl, Selim G. (2011) Efficient enforcement of dynamic cryptographic access control policies for outsourced data, Proceedings of 10th Information Security South Africa (ISSA), 2011, August 15 - 17, 2011, Johanesburg, South Africa, 1-8, IEEE.
![[img]](http://pubs.cs.uct.ac.za/style/images/fileicons/application_pdf.png) |
PDF
ISSA2011-Kayem.pdf Download (679kB) |
Abstract
Outsourcing of their data to third-party service providers is a cost-effective data management strategy for many organizations. Outsourcing, however, introduces new challenges with respect to ensuring the security and the privacy of the data. In addition to the need for standard access control policies, organizations must now be concerned with the privacy of their data and so hiding the data from the service provider is important. Simply encrypting the data before it is transmitted to the service provider is inefficient and vulnerable to security attacks when the access control policies change. Approaches based on two layers of encryption alleviate the privacy concern but still require re-encryption of the data when policies change. This paper presents a novel and efficient solution that employs two layers of encryption of the data and an encrypted data object containing the second access key. Changes to the access control policies are handled by re-encrypting the object containing the affected key, which is an efficient operation. The paper presents our key management approach, a security analysis of our approach, and an evaluation of the performance of a proof of concept implementation of our approach.
| Item Type: | Conference paper |
|---|---|
| Uncontrolled Keywords: | Access control , Encryption , Cryptographic Key Management, Outsourcing , Standards organizations , data encapsulation , data privacy |
| Subjects: | Information systems > Data management systems > Data structures > Data layout > Data encryption Computer systems organization > Dependable and fault-tolerant systems and networks |
| Alternate Locations: | http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6027517 |
| Date Deposited: | 18 Nov 2011 |
| Last Modified: | 10 Oct 2019 15:33 |
| URI: | http://pubs.cs.uct.ac.za/id/eprint/731 |
Actions (login required)
 |
View Item |