• 제목/요약/키워드: access policy

검색결과 1,267건 처리시간 0.025초

Secure Attribute-Based Access Control with a Ciphertext-Policy Attribute-Based Encryption Scheme

  • Sadikin, Rifki;Park, Young Ho;Park, Kil Houm
    • 한국산업정보학회논문지
    • /
    • 제19권1호
    • /
    • pp.1-12
    • /
    • 2014
  • An access control system is needed to ensure only authorized users can access a sensitive resource. We propose a secure access control based on a fully secure and fine grained ciphertext-policy attribute-based encryption scheme. The access control for a sensitive resource is ensured by encrypting it with encryption algorithm from the CP-ABE scheme parameterized by an access control policy. Furthermore, the proposed access control supports non-monotone type access control policy. The ciphertext only can be recovered by users whose attributes satisfy the access control policy. We also implement and measure the performance of our proposed access control. The results of experiments show that our proposed secure access control is feasible.

Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing

  • Li, Jiguo;Wang, Haiping;Zhang, Yichen;Shen, Jian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제10권7호
    • /
    • pp.3339-3352
    • /
    • 2016
  • In ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user's secret key is associated with a set of attributes, and the ciphertext is associated with an access policy. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. In the present schemes, access policy is sent to the decryptor along with the ciphertext, which means that the privacy of the encryptor is revealed. In order to solve such problem, we propose a CP-ABE scheme with hidden access policy, which is able to preserve the privacy of the encryptor and decryptor. And what's more in the present schemes, the users need to do excessive calculation for decryption to check whether their attributes match the access policy specified in the ciphertext or not, which makes the users do useless computation if the attributes don't match the hidden access policy. In order to solve efficiency issue, our scheme adds a testing phase to avoid the unnecessary operation above before decryption. The computation cost for the testing phase is much less than the decryption computation so that the efficiency in our scheme is improved. Meanwhile, our new scheme is proved to be selectively secure against chosen-plaintext attack under DDH assumption.

The COAPI Cats: The Current State of Open Access Repository Movement and Policy Documentations

  • Roy, Bijan K.;Biswas, Subal C.;Mukhopadhyay, Parthasarathi
    • International Journal of Knowledge Content Development & Technology
    • /
    • 제6권1호
    • /
    • pp.69-84
    • /
    • 2016
  • The paper investigates open access (OA) self archiving policies of different Open Access Repositories (OARs) of COAPI (Coalition of Open Access Policy Institutions) founder members as reported in June 2011 (i.e. a total of 22 members against a total of 46 COPAI members as reported by Open Biomed (http://openbiomed.info/2011/08/coapi-cats/). The paper consulted three databases (OpenDOAR, ROAR and ROARMAP) in order to evaluate twenty-two (22) COAPI-members OARs self archiving policy documentations and highlights of some progress on issues so far. After analyzing policy documentations, key findings have been highlighted and common practices have been suggested in line with global recommendations and best practice guidelines at national and international levels for strengthening national research systems. The paper has implications for administrators, funding agencies, policy makers and professional librarians in devising institute specific self archiving policies for their own organization.

Improving Security in Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing

  • Yin, Hongjian;Zhang, Leyou;Cui, Yilei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제13권5호
    • /
    • pp.2768-2780
    • /
    • 2019
  • Ciphertext-policy attribute-based encryption (CP-ABE) is one of the practical technologies to share data over cloud since it can protect data confidentiality and support fine-grained access control on the encrypted data. However, most of the previous schemes only focus on data confidentiality without considering data receiver privacy preserving. Recently, Li et al.(in TIIS, 10(7), 2016.7) proposed a CP-ABE with hidden access policy and testing, where they declare their scheme achieves privacy preserving for the encryptor and decryptor, and also has high decryption efficiency. Unfortunately, in this paper, we show that their scheme fails to achieve hidden access policy at first. It means that any adversary can obtain access policy information by a simple decisional Diffie-Hellman test (DDH-test) attack. Then we give a method to overcome this shortcoming. Security and performance analyses show that the proposed scheme not only achieves the privacy protection for users, but also has higher efficiency than the original one.

PERFORMANCE OF MYOPIC POLICY FOR MULTI-CHANNEL DYNAMIC SPECTRUM ACCESS NETWORKS

  • Lee, Yutae
    • East Asian mathematical journal
    • /
    • 제30권1호
    • /
    • pp.23-29
    • /
    • 2014
  • To solve inefficient spectrum usage problem under current static spectrum management policy, various kinds of dynamic spectrum access strategies have appeared. Myopic policy, which maximizes immediate throughput, is a simple and robust strategy with reduced complexity. In this paper, we present a simple mathematical model to evaluate the saturation throughput and medium access delay of a myopic policy in the presence of multiple channels.

PERIODIC SENSING AND GREEDY ACCESS POLICY USING CHANNEL MODELS WITH GENERALLY DISTRIBUTED ON AND OFF PERIODS IN COGNITIVE NETWORKS

  • Lee, Yutae
    • Journal of applied mathematics & informatics
    • /
    • 제32권1_2호
    • /
    • pp.129-136
    • /
    • 2014
  • One of the fundamental issues in the design of dynamic spectrum access policy is the modeling of the dynamic behavior of channel occupancy by primary users. Under a Markovian modeling of channel occupancy, a periodic sensing and greedy access policy is known as one of the simple and practical dynamic spectrum access policies in cognitive radio networks. In this paper, the primary occupancy of each channel is modeled as a discrete-time alternating renewal process with generally distributed on- and off-periods. A periodic sensing and greedy access policy is constructed based on the general channel occupancy model. Simulation results show that the proposed policy has better throughput than the policies using channel models with exponentially distributed on- or off-periods.

동적 스펙트럼 접속을 위한 myopic 방식의 성능 분석 (Performance Evaluation of Myopic Policy for Dynamic Spectrum Access)

  • 이유태
    • 한국정보통신학회논문지
    • /
    • 제17권5호
    • /
    • pp.1101-1105
    • /
    • 2013
  • 정적 스펙트럼 관리 방식 아래에서 스펙트럼의 낮은 이용 효율을 개선하기 위하여 다양한 종류의 동적 스펙트럼 접속 방식이 제안되어 왔다. 동적 스펙트럼 접속 방식 중 하나인 myopic 방식은 즉각적인 처리율을 최대로 하는 방식으로 복잡하지 않고 단순하면서도 효율적인 것이 장점이다. 본 논문에서는 myopic 방식의 매체 접속 지연 시간의 분포를 포화 트래픽 환경에서 분석하고, 이를 이용하여 포화 상태가 아닌 정상 상태에서의 시스템 지연 시간을 구한다. 이러한 분석 방법과 결과는 이차 사용자의 실시간 트래픽에 대한 지연 성능 보장을 위한 자료로 사용될 수 있다.

안전한 접근 경로를 보장하기 위한 접근 제어 (Access Control for Secure Access Path)

  • 김현배
    • 정보교육학회논문지
    • /
    • 제1권2호
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

비단조 접근 구조를 갖는 CP-ABE 방식 (Ciphertext Policy-Attribute Based Encryption with Non Monotonic Access Structures)

  • 리프키 사디킨;문상재;박영호
    • 전자공학회논문지
    • /
    • 제50권9호
    • /
    • pp.21-31
    • /
    • 2013
  • CP-ABE 방식은 신뢰된 서버 없이 접근 제어 메카니즘을 구현할 수 있다. 본 논문에서는 권한을 부여받은 사용자가 민감한 데이터에 접근할 수 있도록 CP-ABE 방식으로 속성기반 접근 제어 메카니즘을 제안한다. CP-ABE 개념은 암호문에서 접근 제어 방법을 포함하는 것이다. 만약 사용자가 암호문의 접근 구조를 통해 속성을 가진다면 암호문은 복호될 수 있다. 본 논문에서는 제안한 CP-ABE 방식이 비단조 접근 구조로 표현됨을 증명하고 다른 CP-ABE 방식들과 성능 비교한다.

Sharing and Privacy in PHRs: Efficient Policy Hiding and Update Attribute-based Encryption

  • Liu, Zhenhua;Ji, Jiaqi;Yin, Fangfang;Wang, Baocang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제15권1호
    • /
    • pp.323-342
    • /
    • 2021
  • Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.