ENFORCING RBAC POLICIES OVER DATA STORED ON UNTRUSTED SERVER

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

SOLTANI NAEIMEH; BOHLOOLI RAMIN; JALILI RASOOL

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY Year:2018 | Volume:10 | Issue:2 Page(s): 129-139

Download Full-Text

Persian Verion

View:

586

Download:

238

Cites:

Information Journal Paper

Title

ENFORCING RBAC POLICIES OVER DATA STORED ON UNTRUSTED SERVER

Author(s)

SOLTANI NAEIMEH | BOHLOOLI RAMIN | JALILI RASOOL | Issue Writer Certificate

Keywords

ACCESS CONTROLQ2

OUTSOURCED DATAQ1

ROLE-BASED ACCESS CONTROLQ1

CHINESE REMAINDER THEOREMQ1

Abstract

One of the security issues in data outsourcing is enforcement of the data owner' s ACCESS CONTROL policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy updating, write ACCESS CONTROL enforcement, overhead of accessing/processing data at the user/owner side. Most of the existing solutions address only some of challenges, while imposing high overhead on both owner and users. Though, policy management in the Role-Based ACCESS CONTROL (RBAC) model is easier and more efficient due to the existence of role hierarchical structure and role inheritance; most of the existing solutions address only enforcement of policies in the form of ACCESS CONTROL matrix. In this paper, we propose an approach to enforce RBAC policies on encrypted data outsourced to a service provider. We utilize CHINESE REMAINDER THEOREM for key management and role/permission assignment. Efficient user revocation, efficient role hierarchical structure updating, availability of authorized resources for users of new roles, and enforcement of write ACCESS CONTROL policies as well as static separation of duties, are of advantages of the proposed solution.

Cites

No record.

References

No record.

Cite

APA: Copy

SOLTANI, NAEIMEH, BOHLOOLI, RAMIN, & JALILI, RASOOL. (2018). ENFORCING RBAC POLICIES OVER DATA STORED ON UNTRUSTED SERVER. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 10(2 ), 129-139. SID. https://sid.ir/paper/241808/en

Vancouver: Copy

SOLTANI NAEIMEH, BOHLOOLI RAMIN, JALILI RASOOL. ENFORCING RBAC POLICIES OVER DATA STORED ON UNTRUSTED SERVER. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY[Internet]. 2018;10(2 ):129-139. Available from: https://sid.ir/paper/241808/en

IEEE: Copy

NAEIMEH SOLTANI, RAMIN BOHLOOLI, and RASOOL JALILI, “ENFORCING RBAC POLICIES OVER DATA STORED ON UNTRUSTED SERVER,” THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 10, no. 2 , pp. 129–139, 2018, [Online]. Available: https://sid.ir/paper/241808/en

Related Journal Papers