Abstract
Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by different stakeholders for jointly-managed resources, thus determining whether access to those resources should be granted or not. While providing effective solutions for the protection of co-owned resources, existing approaches do not address the protection of policies themselves, whose disclosure can leak sensitive information about, e.g., the relationships of co-owners with other parties. In this paper, we propose a privacy-preserving multi-party access control mechanism, which preserves the confidentiality of user policies. In particular, we propose secure computation protocols for the evaluation of multi-party policies, based on two privacy-preserving techniques, namely homomorphic encryption and secure function evaluation. An experimental evaluation of our approach shows its practical feasibility in terms of both computation and communication costs.
Author supplied keywords
Cite
CITATION STYLE
Sheikhalishahi, M., Tillem, G., Erkin, Z., & Zannone, N. (2019). Privacy-preserving multi-party access control. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 1–13). Association for Computing Machinery. https://doi.org/10.1145/3338498.3358643
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
