Secure attribute-based systems

Matthew Pirretti, Patrick Traynor, Patrick McDaniel, Brent Waters

Research output: Contribution to journalConference article

254 Scopus citations

Abstract

Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two example applications: a HIPAA compliant distributed file system and a social network. A performance analysis of our ABE system and example applications demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.

Original languageEnglish (US)
Article number1180419
Pages (from-to)99-112
Number of pages14
JournalProceedings of the ACM Conference on Computer and Communications Security
DOIs
StatePublished - Dec 1 2006
EventCCS 2006: 13th ACM Conference on Computer and Communications Security - Alexandria, VA, United States
Duration: Oct 30 2006Nov 3 2006

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this