A Framework for the Cryptographic Enforcement of Information Flow Policies. / Alderman, James; Crampton, Jason; Farley, Naomi.

Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM, 2017. p. 143-154.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Standard

A Framework for the Cryptographic Enforcement of Information Flow Policies. / Alderman, James; Crampton, Jason; Farley, Naomi.

Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM, 2017. p. 143-154.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Alderman, J, Crampton, J & Farley, N 2017, A Framework for the Cryptographic Enforcement of Information Flow Policies. in Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM, pp. 143-154. https://doi.org/10.1145/3078861.3078868

APA

Alderman, J., Crampton, J., & Farley, N. (2017). A Framework for the Cryptographic Enforcement of Information Flow Policies. In Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies (pp. 143-154). ACM. https://doi.org/10.1145/3078861.3078868

Vancouver

Alderman J, Crampton J, Farley N. A Framework for the Cryptographic Enforcement of Information Flow Policies. In Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM. 2017. p. 143-154 https://doi.org/10.1145/3078861.3078868

Author

Alderman, James ; Crampton, Jason ; Farley, Naomi. / A Framework for the Cryptographic Enforcement of Information Flow Policies. Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM, 2017. pp. 143-154

BibTeX

@inproceedings{49afec6085574fbfa734f3c56f45c793,
title = "A Framework for the Cryptographic Enforcement of Information Flow Policies",
abstract = "It is increasingly common to outsource data storage to untrusted, third party (e.g. cloud) servers. However, in such settings, low-level online reference monitors may not be appropriate for enforcing read access, and thus cryptographic enforcement schemes (CESs) may be required. Much of the research on cryptographic access control has focused on the use of specific primitives and, primarily, on how to generate appropriate keys and fails to model the access control system as a whole. Recent work in the context of role-based access control has shown a gap between theoretical policy specification and computationally secure implementations of access control policies, potentially leading to insecure implementations. Without a formal model, it is hard to (i) reason about the correctness and security of a CES, and (ii) show that the security properties of a particular cryptographic primitive are sufficient to guarantee security of the CES as a whole.In this paper, we provide a rigorous definitional framework for a CES that enforces read-only information flow policies (which encompass many practical forms of access control, including role-based policies). This framework (i) provides a tool by which instantiations of CESs can be proven correct and secure, (ii) is independent of any particular cryptographic primitives used to instantiate a CES, and (iii) helps to identify the limitations of current primitives (e.g. key assignment schemes) as components of a CES.",
author = "James Alderman and Jason Crampton and Naomi Farley",
year = "2017",
month = jun,
day = "7",
doi = "10.1145/3078861.3078868",
language = "English",
isbn = "978-1-4503-4702-0",
pages = "143--154",
booktitle = "Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies",
publisher = "ACM",

}

RIS

TY - GEN

T1 - A Framework for the Cryptographic Enforcement of Information Flow Policies

AU - Alderman, James

AU - Crampton, Jason

AU - Farley, Naomi

PY - 2017/6/7

Y1 - 2017/6/7

N2 - It is increasingly common to outsource data storage to untrusted, third party (e.g. cloud) servers. However, in such settings, low-level online reference monitors may not be appropriate for enforcing read access, and thus cryptographic enforcement schemes (CESs) may be required. Much of the research on cryptographic access control has focused on the use of specific primitives and, primarily, on how to generate appropriate keys and fails to model the access control system as a whole. Recent work in the context of role-based access control has shown a gap between theoretical policy specification and computationally secure implementations of access control policies, potentially leading to insecure implementations. Without a formal model, it is hard to (i) reason about the correctness and security of a CES, and (ii) show that the security properties of a particular cryptographic primitive are sufficient to guarantee security of the CES as a whole.In this paper, we provide a rigorous definitional framework for a CES that enforces read-only information flow policies (which encompass many practical forms of access control, including role-based policies). This framework (i) provides a tool by which instantiations of CESs can be proven correct and secure, (ii) is independent of any particular cryptographic primitives used to instantiate a CES, and (iii) helps to identify the limitations of current primitives (e.g. key assignment schemes) as components of a CES.

AB - It is increasingly common to outsource data storage to untrusted, third party (e.g. cloud) servers. However, in such settings, low-level online reference monitors may not be appropriate for enforcing read access, and thus cryptographic enforcement schemes (CESs) may be required. Much of the research on cryptographic access control has focused on the use of specific primitives and, primarily, on how to generate appropriate keys and fails to model the access control system as a whole. Recent work in the context of role-based access control has shown a gap between theoretical policy specification and computationally secure implementations of access control policies, potentially leading to insecure implementations. Without a formal model, it is hard to (i) reason about the correctness and security of a CES, and (ii) show that the security properties of a particular cryptographic primitive are sufficient to guarantee security of the CES as a whole.In this paper, we provide a rigorous definitional framework for a CES that enforces read-only information flow policies (which encompass many practical forms of access control, including role-based policies). This framework (i) provides a tool by which instantiations of CESs can be proven correct and secure, (ii) is independent of any particular cryptographic primitives used to instantiate a CES, and (iii) helps to identify the limitations of current primitives (e.g. key assignment schemes) as components of a CES.

U2 - 10.1145/3078861.3078868

DO - 10.1145/3078861.3078868

M3 - Conference contribution

SN - 978-1-4503-4702-0

SP - 143

EP - 154

BT - Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies

PB - ACM

ER -