Abstract
Attribute Based Access Control (ABAC) has gradually become a hot research topic in distributed systems. While frequent disclosure of subject attributes, resource attributes or environment attributes may lead to leaks of sensitive information. This article mainly focuses on protecting privacy of resource requester in the process of ABAC, and presents a trust based sensitive attributes protection mechanism which can disclose attributes through comparing resource requester’s attribute sensitivity with resource provider’s trust level. After experiments comparison with Beth model, we get a conclusion that this mechanism has higher accuracy, without violating resource requester’s privacy.
Keywords
References
Eric, Y., Jin, T.: Attributed Based Access Control (ABAC) for Web Services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), pp. 560–569 (2005)
Beth, T., Borcherding, M., Klein, B.: Valuation of Trust in Open Networks. LNCS, vol. 875, pp. 1–18 (1994)
Seamons, K.E., Winslett, M., Yu, T., Yu, L., Jarvis, R.: Protecting Privacy during On-Line Trust Negotiation. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 129–143. Springer, Heidelberg (2003)
Holt, J.E., Bradshaw, R.W., Seamons, K.E., Orman, H.: Hidden credentials. In: Proceedings of the ACM Workshop on Privacy in the Electronic Society, pp. 1–8 (2003)
Bradshaw, R., Holt, J., Seamons, K.E.: Concealing complex policies with hidden credentials. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 146–157 (2004)
Li, N.H., Du, W.L., Boneh, D.: Oblivious signature-based envelope. In: Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003), pp. 182–189 (2003)
Li, J., Li, N.: OACerts: Oblivious Attribute Certificates. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 301–317. Springer, Heidelberg (2005)
Winsborough, W.H., Li, N.H.: Protecting sensitive attributes in automated trust negotiation. In: Proceedings of the ACM Workshop on Privacy in the Electronic Society, pp. 41–51 (2002)
Irwin, K., Yu, T.: Preventing Attribute Information Leakage in Automated Trust Negotiation. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 41–51 (2005)
Sang, A.: A Subjective Metric of Authentication. In: Proceedings of European Symposium on Research in Security, pp. 329–344 (1998)
Yu, T., Winslett, M.: Policy migration for sensitive credentials in trust negotiation. In: Proceedings of the 2003 ACM Workshop on Privacy in the Electronic Society (WPES 2003), pp. 9–20 (2003)
Gevers, S., De Decker, B.: Privacy Friendly Information Disclosure. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 636–646. Springer, Heidelberg (2006)
Esmaeeli, A., Shahriari, H.R.: Privacy Protection of Grid Service Requesters through Distributed Attribute Based Access Control Model. In: Bellavista, P., Chang, R.-S., Chao, H.-C., Lin, S.-F., Sloot, P.M.A. (eds.) GPC 2010. LNCS, vol. 6104, pp. 573–582. Springer, Heidelberg (2010)
Kolter, J., Schillinger, R., Pernul, G.: A Privacy-Enhanced Attribute-Based Access Control System. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 129–143. Springer, Heidelberg (2007)
EI-Khatib, K.: A Privacy Negotiation Protocol for Web Services. In: Workshop on Collaboration Agents: Autonomous Agents for Collaborative Environments Halifax (October 13, 2003)
Guajardo, J., Mennink, B., Schoenmakers, B.: Anonymous Credential Schemes with Encrypted Attributes. In: Heng, S.-H., Wright, R.N., Goi, B.-M. (eds.) CANS 2010. LNCS, vol. 6467, pp. 314–333. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, G., Liu, J., Liu, J. (2013). Protecting Sensitive Attributes in Attribute Based Access Control. In: Ghose, A., et al. Service-Oriented Computing - ICSOC 2012 Workshops. ICSOC 2012. Lecture Notes in Computer Science, vol 7759. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37804-1_30
Download citation
DOI: https://doi.org/10.1007/978-3-642-37804-1_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37803-4
Online ISBN: 978-3-642-37804-1
eBook Packages: Computer ScienceComputer Science (R0)