Projects per year
Abstract
This paper tackles the issue of access control in fully decentralised systems. Previously, access control always fell back to some degree of centralisation. Our work approaches this problem by outsourcing access policy evaluation to the millions of trusted computing bases already deployed in the form of current Android devices. This assures correct policy evaluation to both data owners and those seeking data access. In essence, our solution encrypts to-be-shared data, splits and wraps the encryption key, and cryptographically binds it to an access policy. Policies are evaluated by freely selectable evaluators, that do not need to be enrolled beforehand. Evaluators then interface with attribute providers during policy evaluation. Each evaluator independently reaches a conclusion about whether or not to grant access, leading to a decision by majority vote. We designed this system with practicality and real-world applicability in mind, meaning that it can be deployed and used today. We achieve this by relying on efficient primitives and foregoing expensive cryptographic constructions, making it possible to define even highly complex access policies. Overall, this presents a clear advantage over previous concepts.
| Original language | English |
|---|---|
| Title of host publication | Network and System Security - 14th International Conference, NSS 2020, Proceedings |
| Subtitle of host publication | 14th International Conference, NSS 2020, Melbourne, VIC, Australia, November 25–27, 2020, Proceedings |
| Editors | Mirosław Kutyłowski, Jun Zhang, Chao Chen |
| Publisher | Springer |
| Pages | 311-326 |
| Number of pages | 16 |
| ISBN (Print) | 978-3-030-65744-4 |
| DOIs | |
| Publication status | Published - 1 Jan 2020 |
| Event | 14th International Conference on Network and System Security - Virtual, Melbourne, Australia Duration: 25 Nov 2020 → 27 Nov 2020 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 12570 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 14th International Conference on Network and System Security |
|---|---|
| Abbreviated title | NSS 2020 |
| Country/Territory | Australia |
| City | Virtual, Melbourne |
| Period | 25/11/20 → 27/11/20 |
Keywords
- Decentralised Access Control
- Trusted Computing
- Peer-to-Peer
- Trusted computing
- Peer-to-peer
- Decentralised access control
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Dive into the research topics of 'Multiply, Divide, and Conquer - Making Fully Decentralised Access Control a Reality'. Together they form a unique fingerprint.Projects
- 1 Active
-
A-SIT - Secure Information Technology Center Austria
Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.
21/05/99 → 6/08/20
Project: Research area