Abstract
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two example applications: a HIPAA compliant distributed file system and a social network. A performance analysis of our ABE system and example applications demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.
| Original language | English (US) |
|---|---|
| Article number | 1180419 |
| Pages (from-to) | 99-112 |
| Number of pages | 14 |
| Journal | Proceedings of the ACM Conference on Computer and Communications Security |
| DOIs | |
| State | Published - Dec 1 2006 |
| Event | CCS 2006: 13th ACM Conference on Computer and Communications Security - Alexandria, VA, United States Duration: Oct 30 2006 → Nov 3 2006 |
All Science Journal Classification (ASJC) codes
- Software
- Computer Networks and Communications