{"title":"Guaranteeing anonymity in attribute-based authorization","authors":"Erin Lanus , Charles J. Colbourn , Gail-Joon Ahn","doi":"10.1016/j.jisa.2024.103895","DOIUrl":null,"url":null,"abstract":"<div><div>Attribute-based methods such as attribute-based access control make decisions based on attributes possessed by a subject rather than the subject’s identity. This allows for anonymous authorization but does not guarantee anonymity. If a policy can be composed that few subjects possess attributes to satisfy and is used for access control, the system can guess with high probability the requesting subject’s identity. Other approaches to achieving anonymity in attribute-based authorization do not address this attribute distribution problem. Suppose polices contain conjunctions of at most <span><math><mi>t</mi></math></span> attributes and the system must not be able to guess with probability greater than <span><math><mfrac><mrow><mn>1</mn></mrow><mrow><mi>r</mi></mrow></mfrac></math></span> the identity of a subject using a policy for authorization. The anonymity guarantee is <span><math><mi>r</mi></math></span> for maximum credential size <span><math><mi>t</mi></math></span>. An anonymizing array is a combinatorial array proposed as an abstraction to address the distribution problem by ensuring that any assignment of values to <span><math><mi>t</mi></math></span> attributes appearing in the array appears at least <span><math><mi>r</mi></math></span> times. Anonymizing arrays are related to covering arrays with higher coverage, but have an additional property, homogeneity, due to their application domain. We discuss the application of anonymizing arrays to guarantee anonymous authorization in attribute-based methods. Additionally, we develop metrics to compare arrays with the same parameters.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"87 ","pages":"Article 103895"},"PeriodicalIF":3.8000,"publicationDate":"2024-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001972","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Attribute-based methods such as attribute-based access control make decisions based on attributes possessed by a subject rather than the subject’s identity. This allows for anonymous authorization but does not guarantee anonymity. If a policy can be composed that few subjects possess attributes to satisfy and is used for access control, the system can guess with high probability the requesting subject’s identity. Other approaches to achieving anonymity in attribute-based authorization do not address this attribute distribution problem. Suppose polices contain conjunctions of at most attributes and the system must not be able to guess with probability greater than the identity of a subject using a policy for authorization. The anonymity guarantee is for maximum credential size . An anonymizing array is a combinatorial array proposed as an abstraction to address the distribution problem by ensuring that any assignment of values to attributes appearing in the array appears at least times. Anonymizing arrays are related to covering arrays with higher coverage, but have an additional property, homogeneity, due to their application domain. We discuss the application of anonymizing arrays to guarantee anonymous authorization in attribute-based methods. Additionally, we develop metrics to compare arrays with the same parameters.
基于属性的方法,如基于属性的访问控制,是根据主体所拥有的属性而不是主体的身份做出决定。这种方法允许匿名授权,但不能保证匿名性。如果能制定出一种政策,很少有主体拥有能满足要求的属性,并将其用于访问控制,那么系统就很有可能猜出请求主体的身份。在基于属性的授权中实现匿名性的其他方法并不能解决这个属性分布问题。假设策略最多包含 t 个属性的连接,系统不能以大于 1r 的概率猜出使用策略进行授权的主体的身份。匿名数组是一种组合数组,作为解决分布问题的抽象概念,它确保数组中出现的 t 个属性的任何赋值至少出现 r 次。匿名数组与覆盖数组相关,具有更高的覆盖率,但由于其应用领域的原因,还具有一个额外的属性,即同质性。我们讨论了匿名阵列在基于属性的方法中保证匿名授权的应用。此外,我们还开发了用于比较具有相同参数的数组的指标。
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.