Abstract
We suggest a scheme to cryptographically support role based access control (RBAC) in large organizations where user roles change frequently. To achieve this, we propose a secure method to manage role keys and we extend a recent pairing-based mediated identity-based cryptographic scheme to allow the enforcement of possession of multiple roles to access certain documents. We also design an architecture and a set of algorithms which cryptographically enforce RBAC and allow for role addition, revocation, and delegation. Finally, we briefly discuss the space requirements and security of our scheme.
This work was partially supported by Canada’s National Sciences and Engineering Research Council.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, L., Harrison, K., Soldera, D., Smart, N.P.: Applications of Multiple Trust Authorities in Pairing Based Cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)
Boneh, G.T.D., Ding, X., Wong, C.: A Method for Fast revocation of Public Key Certificates and Security Capabilities. In: Proceedings of the 10th USENIX Security Symposium, USENIX, pp. 297–308 (2001)
Ding Dan Boneh, X., Tsudik, G.: Identity-based Mediated RSA. In: Proceedings of the third International Workshop on Information and Security Applications (WISA 2002), Jeju Island, Korea (2002)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)
Libert, B., Quisquater, J.-J.: Efficient Revocation and Threshold Pairing Based Cryptosystems. In: Proceedings of the twenty-second annual symposium on Principles of distributed computing, pp. 163–171. ACM Press, New York (2003)
Nali, D., Miri, A., Adams, C.: Mediated Hierarchical Identity-Based Cryptography (2004) (in preparation)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nali, D., Adams, C., Miri, A. (2004). Using Mediated Identity-Based Cryptography to Support Role-Based Access Control. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-540-30144-8_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23208-7
Online ISBN: 978-3-540-30144-8
eBook Packages: Springer Book Archive