Litcius/Paper detail

Catch me if you can: A Secure Bilateral Access Control System With Anonymous Credentials

Jinhua Ma, Shengmin Xu, Jianting Ning, Xinyi Huang, Robert H. Deng

2023IEEE Transactions on Services Computing26 citationsDOI

Abstract

Bilateral access control model, emerging as a novel paradigm in access control, has garnered extensive deployment within the domain of fog computing. This model offers on-demand data services, enabling the efficient identification of sensitive data without resorting to resource-intensive decryption procedures. Nonetheless, prevailing solutions exhibit impracticalities. Specifically, they fall short in supporting adaptive security, while presuming unwavering trustworthiness of the central authority. In this paper, we introduce a pioneering fine-grained and adaptively secure bilateral access control system through enhancements to the matchmaking attribute-based encryption (MABE) framework. We give a formalized definition of MABE, incorporating desirable security features such as blindness and unlinkability, aimed at capturing potential misconduct by the central authority. We propose a generic construction of MABE, drawing upon attribute-based encryption (ABE) and anonymous credential schemes (ACS), with provable security via formal security reduction in the adaptive model. We present an efficient instantiation of the MABE framework by introducing a practical ACS solution, wherein a cryptographic accumulator is employed to enhance performance. Experimental simulations substantiate that our solution not only has superior functionalities but also demonstrates performance on par with state-of-the-art solutions.

Topics & Concepts

Computer scienceCredentialComputer securityAccess controlEncryptionFunctional encryptionSoftware deploymentCryptographySecurity domainSoftware engineeringCiphertextCryptography and Data SecurityPrivacy-Preserving Technologies in DataAccess Control and Trust