Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Oblivious enforcement of hidden information release policies

Wongchaowart, B and Lee, AJ (2010) Oblivious enforcement of hidden information release policies. In: UNSPECIFIED UNSPECIFIED, 324 - 327. ISBN 9781605589367

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)

Abstract

In a computing system, sensitive data must be protected by release policies that determine which principals are authorized to access that data. In some cases, such a release policy could refer to information about the requesting principal that is unavailable to the information provider. Furthermore, the release policy itself may contain sensitive information about the resource that it protects. In this paper we describe a scheme for enforcing information release policies whose satisfaction cannot be verified by the entity holding the protected information, but only by the entity requesting this information. Not only does our scheme prevent the information provider from learning whether the policy was satisfied, but it also hides the information release policy being enforced from the requesting principal. Unlike previous approaches, our construction requires no guesswork or wasted computation on the part of the information requester. The information release policies that we consider can contain third-party assertions that themselves have release conditions that must be satisfied; we show that our system functions correctly even when these dependencies form cycles. © 2010 ACM.


Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Book Section
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Wongchaowart, B
Lee, AJadamlee@pitt.eduADAMLEE
Date: 16 July 2010
Date Type: Publication
Journal or Publication Title: Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010
Page Range: 324 - 327
Event Type: Conference
DOI or Unique Handle: 10.1145/1755688.1755730
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Refereed: Yes
ISBN: 9781605589367
Date Deposited: 30 Nov 2012 19:03
Last Modified: 02 Feb 2019 16:56
URI: http://d-scholarship.pitt.edu/id/eprint/16482

Metrics

Monthly Views for the past 3 years

Plum Analytics

Altmetric.com


Actions (login required)

View Item View Item