Title :
Access Control with Hidden Policies and Credentials for Service Computing
Author :
Ye, Xinfeng ; Gao, Mingyu
Author_Institution :
Dept. of Comput. Sci., Auckland Univ., New Zealand
Abstract :
In a services computing environment, a large amount of sensitive data is hosted by service providers. As the owners of data might have different security requirements for their data, many systems allow each data item to have its own access control policy. For privacy and security reasons, some data owners and clients might want their access control policies and credentials to remain secret to the service providers which handle the access control of the data. That is, the service providers cannot comprehend the contents of the access control policies and the credentials. This paper proposed a role-based access control scheme. It uses cryptographic techniques to obscure data´s access control policies and clients´ credentials. The scheme is efficient as the policy enforcement process only uses the information available on the service provider that carries out the access control. A prototype of the scheme has been implemented and the execution time of the scheme were measured.
Keywords :
authorisation; cryptography; service-oriented architecture; client credentials; cryptographic techniques; data access control policy; hidden credentials; hidden policies; policy enforcement process; role-based access control scheme; sensitive data; services computing environment; Access control; Cryptography; Engines; Green products; Production; Web services; access control; security;
Conference_Titel :
Services Computing (SCC), 2012 IEEE Ninth International Conference on
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4673-3049-7
DOI :
10.1109/SCC.2012.13
