Abstract
“Break-glass” is a term used in IT healthcare systems to denote an emergency access to private information without having the credentials to do so. In this paper we introduce the concept of break-glass encryption for cloud storage, where the security of the ciphertexts – stored on a cloud – can be violated exactly once, for emergency circumstances, in a way that is detectable and without relying on a trusted party. Detectability is the crucial property here: if a cloud breaks glass without permission from the legitimate user, the latter should detect it and have a proof of such violation. However, if the break-glass procedure is invoked by the legitimate user, then semantic security must still hold and the cloud will learn nothing. Distinguishing that a break-glass is requested by the legitimate party is also challenging in absence of secrets. In this paper, we provide a formalization of break-glass encryption and a secure instantiation using hardware tokens. Our construction aims to be a feasibility result and is admittedly impractical. Whether hardware tokens are necessary to achieve this security notion and whether more practical solutions can be devised are interesting open questions.
Cite
CITATION STYLE
Scafuro, A. (2019). Break-glass Encryption. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11443 LNCS, pp. 34–62). Springer Verlag. https://doi.org/10.1007/978-3-030-17259-6_2
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
