Cryptographically Enforced Distributed Data Access Control

L. Ibraimi

Abstract

Outsourcing data storage reduces the cost of ownership. However, once data is stored on a remote server, users lose control over their sensitive data. There are two approaches to control the access to outsourced data. The first approach assumes that the outsourcee is fully trusted. This approach is also referred to as server mediated access control and works as follows: whenever a user wants to access the stored data, the user has to provide credentials to the server. If the credentials are valid and satisfy the access control policy, the user is allowed to access the stored data. However, fully trusting the server can be dangerous since if the server gets hacked, all users data would be readable by hackers. The second approach reduces the trust on the server and assumes that the server is honest-but-curious: the server is honest in the sense that it stores the data correctly and makes the data available to users, and the server is curious in the sense that it attempts to extract knowledge from the stored data. This approach is also referred as cryptographically enforced access control because it relies on encryption techniques to enforce an access control policy. The main idea of this approach is to map an access control policy into an encryption key, and then to encrypt the data under the encryption key such that only authorized users who possess a decryption key can access the data in clear. Even if the server gets hacked, user data are secure since the data are encrypted. In this thesis we focus on the second approach and propose new encryption schemes for enforcing access control policies with significant advantages over existing ones. In particular, we push the limits of three cryptographic primitives: proxy re-encryption, attribute-based encryption and public-key encryption. Our contributions can be summarized as follows: 1.We propose a proxy re-encryption scheme which enables the delegator to provide a fine-grained access control policy. Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. 2.We propose two ciphertext-policy attribute-based encryption schemes which are more efficient and at least as expressive as the existing state-of-the-art schemes. In ciphertext-policy attribute-based encryption the data is encrypted under an access control policy defined over attributes. A user can decrypt the ciphertext only if the attribute set of her secret key satisfies the access control policy of the ciphertext. 3.We propose a ciphertext-policy attribute-based encryption scheme in which the secret keys of dishonest or compromised users are revoked. 4.We propose a ciphertext-policy attribute-based encryption scheme that allows users to update the access control policy of the ciphertext without decrypting it. 5.We propose a public-key encryption scheme that allows the secret key holder to delegate to the server the power to search her ciphertexts for possible malware
Original languageUndefined
Awarding Institution
  • University of Twente
Supervisors/Advisors
  • Hartel, Pieter H., Supervisor
  • Jonker, Willem , Supervisor
  • Advisor
Sponsors
Date of Award21 Oct 2011
Place of PublicationEnschede
Print ISBNs978-90-365-3228-0
DOIs
StatePublished - 21 Oct 2011

Fingerprint

Cryptography
Servers
Access control
Outsourcing
Costs
Malware

Keywords

  • Distributed
  • Cryptographically
  • DIES-Data Security
  • IR-78287
  • EWI-20720
  • METIS-279668
  • Data access

Cite this

Ibraimi, L.. / Cryptographically Enforced Distributed Data Access Control. Enschede, 2011. 133 p.
@misc{03300781cdaf4bc38a0d092221c113ba,
title = "Cryptographically Enforced Distributed Data Access Control",
abstract = "Outsourcing data storage reduces the cost of ownership. However, once data is stored on a remote server, users lose control over their sensitive data. There are two approaches to control the access to outsourced data. The first approach assumes that the outsourcee is fully trusted. This approach is also referred to as server mediated access control and works as follows: whenever a user wants to access the stored data, the user has to provide credentials to the server. If the credentials are valid and satisfy the access control policy, the user is allowed to access the stored data. However, fully trusting the server can be dangerous since if the server gets hacked, all users data would be readable by hackers. The second approach reduces the trust on the server and assumes that the server is honest-but-curious: the server is honest in the sense that it stores the data correctly and makes the data available to users, and the server is curious in the sense that it attempts to extract knowledge from the stored data. This approach is also referred as cryptographically enforced access control because it relies on encryption techniques to enforce an access control policy. The main idea of this approach is to map an access control policy into an encryption key, and then to encrypt the data under the encryption key such that only authorized users who possess a decryption key can access the data in clear. Even if the server gets hacked, user data are secure since the data are encrypted. In this thesis we focus on the second approach and propose new encryption schemes for enforcing access control policies with significant advantages over existing ones. In particular, we push the limits of three cryptographic primitives: proxy re-encryption, attribute-based encryption and public-key encryption. Our contributions can be summarized as follows: 1.We propose a proxy re-encryption scheme which enables the delegator to provide a fine-grained access control policy. Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. 2.We propose two ciphertext-policy attribute-based encryption schemes which are more efficient and at least as expressive as the existing state-of-the-art schemes. In ciphertext-policy attribute-based encryption the data is encrypted under an access control policy defined over attributes. A user can decrypt the ciphertext only if the attribute set of her secret key satisfies the access control policy of the ciphertext. 3.We propose a ciphertext-policy attribute-based encryption scheme in which the secret keys of dishonest or compromised users are revoked. 4.We propose a ciphertext-policy attribute-based encryption scheme that allows users to update the access control policy of the ciphertext without decrypting it. 5.We propose a public-key encryption scheme that allows the secret key holder to delegate to the server the power to search her ciphertexts for possible malware",
keywords = "Distributed, Cryptographically, DIES-Data Security, IR-78287, EWI-20720, METIS-279668, Data access",
author = "L. Ibraimi",
note = "SIKS Dissertation Series; no. 2011-41",
year = "2011",
month = "10",
doi = "10.3990/1.9789036532280",
isbn = "978-90-365-3228-0",
school = "University of Twente",

}

Ibraimi, L 2011, 'Cryptographically Enforced Distributed Data Access Control', University of Twente, Enschede. DOI: 10.3990/1.9789036532280

Cryptographically Enforced Distributed Data Access Control. / Ibraimi, L.

Enschede, 2011. 133 p.

Research output: ScientificPhD Thesis - Research UT, graduation UT

TY - THES

T1 - Cryptographically Enforced Distributed Data Access Control

AU - Ibraimi,L.

N1 - SIKS Dissertation Series; no. 2011-41

PY - 2011/10/21

Y1 - 2011/10/21

N2 - Outsourcing data storage reduces the cost of ownership. However, once data is stored on a remote server, users lose control over their sensitive data. There are two approaches to control the access to outsourced data. The first approach assumes that the outsourcee is fully trusted. This approach is also referred to as server mediated access control and works as follows: whenever a user wants to access the stored data, the user has to provide credentials to the server. If the credentials are valid and satisfy the access control policy, the user is allowed to access the stored data. However, fully trusting the server can be dangerous since if the server gets hacked, all users data would be readable by hackers. The second approach reduces the trust on the server and assumes that the server is honest-but-curious: the server is honest in the sense that it stores the data correctly and makes the data available to users, and the server is curious in the sense that it attempts to extract knowledge from the stored data. This approach is also referred as cryptographically enforced access control because it relies on encryption techniques to enforce an access control policy. The main idea of this approach is to map an access control policy into an encryption key, and then to encrypt the data under the encryption key such that only authorized users who possess a decryption key can access the data in clear. Even if the server gets hacked, user data are secure since the data are encrypted. In this thesis we focus on the second approach and propose new encryption schemes for enforcing access control policies with significant advantages over existing ones. In particular, we push the limits of three cryptographic primitives: proxy re-encryption, attribute-based encryption and public-key encryption. Our contributions can be summarized as follows: 1.We propose a proxy re-encryption scheme which enables the delegator to provide a fine-grained access control policy. Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. 2.We propose two ciphertext-policy attribute-based encryption schemes which are more efficient and at least as expressive as the existing state-of-the-art schemes. In ciphertext-policy attribute-based encryption the data is encrypted under an access control policy defined over attributes. A user can decrypt the ciphertext only if the attribute set of her secret key satisfies the access control policy of the ciphertext. 3.We propose a ciphertext-policy attribute-based encryption scheme in which the secret keys of dishonest or compromised users are revoked. 4.We propose a ciphertext-policy attribute-based encryption scheme that allows users to update the access control policy of the ciphertext without decrypting it. 5.We propose a public-key encryption scheme that allows the secret key holder to delegate to the server the power to search her ciphertexts for possible malware

AB - Outsourcing data storage reduces the cost of ownership. However, once data is stored on a remote server, users lose control over their sensitive data. There are two approaches to control the access to outsourced data. The first approach assumes that the outsourcee is fully trusted. This approach is also referred to as server mediated access control and works as follows: whenever a user wants to access the stored data, the user has to provide credentials to the server. If the credentials are valid and satisfy the access control policy, the user is allowed to access the stored data. However, fully trusting the server can be dangerous since if the server gets hacked, all users data would be readable by hackers. The second approach reduces the trust on the server and assumes that the server is honest-but-curious: the server is honest in the sense that it stores the data correctly and makes the data available to users, and the server is curious in the sense that it attempts to extract knowledge from the stored data. This approach is also referred as cryptographically enforced access control because it relies on encryption techniques to enforce an access control policy. The main idea of this approach is to map an access control policy into an encryption key, and then to encrypt the data under the encryption key such that only authorized users who possess a decryption key can access the data in clear. Even if the server gets hacked, user data are secure since the data are encrypted. In this thesis we focus on the second approach and propose new encryption schemes for enforcing access control policies with significant advantages over existing ones. In particular, we push the limits of three cryptographic primitives: proxy re-encryption, attribute-based encryption and public-key encryption. Our contributions can be summarized as follows: 1.We propose a proxy re-encryption scheme which enables the delegator to provide a fine-grained access control policy. Proxy re-encryption is a cryptographic primitive developed to delegate the decryption right from one party (the delegator) to another (the delegatee). In our scheme, the delegator can categorize messages into different types and delegate the decryption right of each type to the delegatee through a proxy. 2.We propose two ciphertext-policy attribute-based encryption schemes which are more efficient and at least as expressive as the existing state-of-the-art schemes. In ciphertext-policy attribute-based encryption the data is encrypted under an access control policy defined over attributes. A user can decrypt the ciphertext only if the attribute set of her secret key satisfies the access control policy of the ciphertext. 3.We propose a ciphertext-policy attribute-based encryption scheme in which the secret keys of dishonest or compromised users are revoked. 4.We propose a ciphertext-policy attribute-based encryption scheme that allows users to update the access control policy of the ciphertext without decrypting it. 5.We propose a public-key encryption scheme that allows the secret key holder to delegate to the server the power to search her ciphertexts for possible malware

KW - Distributed

KW - Cryptographically

KW - DIES-Data Security

KW - IR-78287

KW - EWI-20720

KW - METIS-279668

KW - Data access

U2 - 10.3990/1.9789036532280

DO - 10.3990/1.9789036532280

M3 - PhD Thesis - Research UT, graduation UT

SN - 978-90-365-3228-0

ER -

Ibraimi L. Cryptographically Enforced Distributed Data Access Control. Enschede, 2011. 133 p. Available from, DOI: 10.3990/1.9789036532280