Data is key: introducing the data-based access control paradigm

Wolter Pieters; Qiang Tang

Data is key: introducing the data-based access control paradigm

Wolter Pieters, Qiang Tang

Research output: Book/Report › Report › Professional

1 Citation (Scopus)

142 Downloads (Pure)

Abstract

According to the Jericho forum, the trend in information security is moving the security perimeter as close to the data as possible. In this context, we suggest the idea of data-based access control, where decryption of data is made possible by knowing enough of the data. Trust is thus based on what someone already knows. A specific problem is defined as follows: given n pieces of data, an agent is able to recover all n items once she knows k of them. The problem is similar to both secure sketches and secret sharing, and we show that both can be used as a basis for constructions. Examples of possible applications are granting access without credentials, recovering forgotten passwords and sharing personal data in social networks.

Original language	Undefined
Place of Publication	Enschede
Publisher	Centre for Telematics and Information Technology (CTIT)
Number of pages	13
Publication status	Published - Jun 2009

Publication series

Name	CTIT Technical Report Series
Publisher	Centre for Telematics and Information Technology, University of Twente
No.	TR-CTIT-09-22
ISSN (Print)	1381-3625

Keywords

IR-65511
De-perimeterisation
secret sharing
secure sketches
data-based access control
SCS-Cybersecurity
METIS-263874
EWI-15408

Access to Document

Cite this

@book{94b650f7e90141eba7d18404b4d7eb6e,

title = "Data is key: introducing the data-based access control paradigm",

abstract = "According to the Jericho forum, the trend in information security is moving the security perimeter as close to the data as possible. In this context, we suggest the idea of data-based access control, where decryption of data is made possible by knowing enough of the data. Trust is thus based on what someone already knows. A specific problem is defined as follows: given n pieces of data, an agent is able to recover all n items once she knows k of them. The problem is similar to both secure sketches and secret sharing, and we show that both can be used as a basis for constructions. Examples of possible applications are granting access without credentials, recovering forgotten passwords and sharing personal data in social networks.",

keywords = "IR-65511, De-perimeterisation, secret sharing, secure sketches, data-based access control, SCS-Cybersecurity, METIS-263874, EWI-15408",

author = "Wolter Pieters and Qiang Tang",

year = "2009",

month = jun,

language = "Undefined",

series = "CTIT Technical Report Series",

publisher = "Centre for Telematics and Information Technology (CTIT)",

number = "TR-CTIT-09-22",

address = "Netherlands",

}

TY - BOOK

T1 - Data is key: introducing the data-based access control paradigm

AU - Pieters, Wolter

AU - Tang, Qiang

PY - 2009/6

Y1 - 2009/6

N2 - According to the Jericho forum, the trend in information security is moving the security perimeter as close to the data as possible. In this context, we suggest the idea of data-based access control, where decryption of data is made possible by knowing enough of the data. Trust is thus based on what someone already knows. A specific problem is defined as follows: given n pieces of data, an agent is able to recover all n items once she knows k of them. The problem is similar to both secure sketches and secret sharing, and we show that both can be used as a basis for constructions. Examples of possible applications are granting access without credentials, recovering forgotten passwords and sharing personal data in social networks.

AB - According to the Jericho forum, the trend in information security is moving the security perimeter as close to the data as possible. In this context, we suggest the idea of data-based access control, where decryption of data is made possible by knowing enough of the data. Trust is thus based on what someone already knows. A specific problem is defined as follows: given n pieces of data, an agent is able to recover all n items once she knows k of them. The problem is similar to both secure sketches and secret sharing, and we show that both can be used as a basis for constructions. Examples of possible applications are granting access without credentials, recovering forgotten passwords and sharing personal data in social networks.

KW - IR-65511

KW - De-perimeterisation

KW - secret sharing

KW - secure sketches

KW - data-based access control

KW - SCS-Cybersecurity

KW - METIS-263874

KW - EWI-15408

M3 - Report

T3 - CTIT Technical Report Series

BT - Data is key: introducing the data-based access control paradigm

PB - Centre for Telematics and Information Technology (CTIT)

CY - Enschede

ER -