Access Control with Hidden Policies and Credentials for Service Computing

Author

Ye, Xinfeng ; Gao, Mingyu

Author_Institution

Dept. of Comput. Sci., Auckland Univ., New Zealand

fYear

2012

fDate

24-29 June 2012

Firstpage

242

Lastpage

249

Abstract

In a services computing environment, a large amount of sensitive data is hosted by service providers. As the owners of data might have different security requirements for their data, many systems allow each data item to have its own access control policy. For privacy and security reasons, some data owners and clients might want their access control policies and credentials to remain secret to the service providers which handle the access control of the data. That is, the service providers cannot comprehend the contents of the access control policies and the credentials. This paper proposed a role-based access control scheme. It uses cryptographic techniques to obscure data´s access control policies and clients´ credentials. The scheme is efficient as the policy enforcement process only uses the information available on the service provider that carries out the access control. A prototype of the scheme has been implemented and the execution time of the scheme were measured.

Keywords

authorisation; cryptography; service-oriented architecture; client credentials; cryptographic techniques; data access control policy; hidden credentials; hidden policies; policy enforcement process; role-based access control scheme; sensitive data; services computing environment; Access control; Cryptography; Engines; Green products; Production; Web services; access control; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Services Computing (SCC), 2012 IEEE Ninth International Conference on

Conference_Location

Honolulu, HI

Print_ISBN

978-1-4673-3049-7

Type

conf

DOI

10.1109/SCC.2012.13

Filename

6274150