TY - GEN
T1 - A Role-Based Access Control System Using Attribute-Based Encryption
AU - Wang, Yong
AU - Ma, Yuan
AU - Xiang, Keyu
AU - Liu, Zhenyan
AU - Li, Ming
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/11/26
Y1 - 2018/11/26
N2 - Applications and services such as cloud storage and data sharing cause data owners to fail to control data access. In such open environment, the third-party service providers become the executor, which means traditional centralized access control becomes untrustworthy. The mainstream role-based access control is insufficient in the open environment, while the cryptography-based access control implementation relies heavily on key distribution, so we designed and implemented a role-based access control system based on attribute encryption. The user role assignment and the role permission assignment process are implemented through attribute-based encryption, so that the access decision is no longer dependent on specific policy decision points, ensuring the reliable enforcement of access policies. Meanwhile, our approach adds attributes to the role-based access control model, implements attribute-based user role assignments and role permission assignments, which makes the access control process more flexible. The validation verification and performance testing of a prototype prove the feasibility of our scheme.
AB - Applications and services such as cloud storage and data sharing cause data owners to fail to control data access. In such open environment, the third-party service providers become the executor, which means traditional centralized access control becomes untrustworthy. The mainstream role-based access control is insufficient in the open environment, while the cryptography-based access control implementation relies heavily on key distribution, so we designed and implemented a role-based access control system based on attribute encryption. The user role assignment and the role permission assignment process are implemented through attribute-based encryption, so that the access decision is no longer dependent on specific policy decision points, ensuring the reliable enforcement of access policies. Meanwhile, our approach adds attributes to the role-based access control model, implements attribute-based user role assignments and role permission assignments, which makes the access control process more flexible. The validation verification and performance testing of a prototype prove the feasibility of our scheme.
KW - Attribute-based access control
KW - attribute-based encryption
KW - role-based access control
KW - secure file sharing
UR - http://www.scopus.com/inward/record.url?scp=85059964852&partnerID=8YFLogxK
U2 - 10.1109/BDAI.2018.8547200
DO - 10.1109/BDAI.2018.8547200
M3 - Conference contribution
AN - SCOPUS:85059964852
T3 - International Conference on Big Data and Artificial Intelligence, BDAI 2018
SP - 128
EP - 133
BT - International Conference on Big Data and Artificial Intelligence, BDAI 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2018 International Conference on Big Data and Artificial Intelligence, BDAI 2018
Y2 - 22 June 2018 through 24 June 2018
ER -