{"title":"服务计算中使用隐藏策略和凭据的访问控制","authors":"Xinfeng Ye, M. Gao","doi":"10.1109/SCC.2012.13","DOIUrl":null,"url":null,"abstract":"In a services computing environment, a large amount of sensitive data is hosted by service providers. As the owners of data might have different security requirements for their data, many systems allow each data item to have its own access control policy. For privacy and security reasons, some data owners and clients might want their access control policies and credentials to remain secret to the service providers which handle the access control of the data. That is, the service providers cannot comprehend the contents of the access control policies and the credentials. This paper proposed a role-based access control scheme. It uses cryptographic techniques to obscure data's access control policies and clients' credentials. The scheme is efficient as the policy enforcement process only uses the information available on the service provider that carries out the access control. A prototype of the scheme has been implemented and the execution time of the scheme were measured.","PeriodicalId":178841,"journal":{"name":"2012 IEEE Ninth International Conference on Services Computing","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Access Control with Hidden Policies and Credentials for Service Computing\",\"authors\":\"Xinfeng Ye, M. Gao\",\"doi\":\"10.1109/SCC.2012.13\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In a services computing environment, a large amount of sensitive data is hosted by service providers. As the owners of data might have different security requirements for their data, many systems allow each data item to have its own access control policy. For privacy and security reasons, some data owners and clients might want their access control policies and credentials to remain secret to the service providers which handle the access control of the data. That is, the service providers cannot comprehend the contents of the access control policies and the credentials. This paper proposed a role-based access control scheme. It uses cryptographic techniques to obscure data's access control policies and clients' credentials. The scheme is efficient as the policy enforcement process only uses the information available on the service provider that carries out the access control. A prototype of the scheme has been implemented and the execution time of the scheme were measured.\",\"PeriodicalId\":178841,\"journal\":{\"name\":\"2012 IEEE Ninth International Conference on Services Computing\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Ninth International Conference on Services Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SCC.2012.13\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Ninth International Conference on Services Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCC.2012.13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Access Control with Hidden Policies and Credentials for Service Computing
In a services computing environment, a large amount of sensitive data is hosted by service providers. As the owners of data might have different security requirements for their data, many systems allow each data item to have its own access control policy. For privacy and security reasons, some data owners and clients might want their access control policies and credentials to remain secret to the service providers which handle the access control of the data. That is, the service providers cannot comprehend the contents of the access control policies and the credentials. This paper proposed a role-based access control scheme. It uses cryptographic techniques to obscure data's access control policies and clients' credentials. The scheme is efficient as the policy enforcement process only uses the information available on the service provider that carries out the access control. A prototype of the scheme has been implemented and the execution time of the scheme were measured.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
