Privacy-preserving Policy-driven Access Control with Mixed Credentials
Shouhuai Xu - University of Texas at San Antonio
Nov 16, 2005Size: 105.9MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractAccess control in decentralized systems is
an important problem that has not been fully understood,
except perhaps that it should be based on credentials.
There are mainly two research approaches towards
this goal: one is to pursue powerful individual credentials yet without
necessarily considering flexible access control policies,
the other is to consider flexible policies yet without necessarily
accommodating the useful credential schemes that have become available.
This paper proposes a unified approach that simultaneously consider
flexible policies and useful credentials.
A first realization of this approach is the notion of assembly signatures
(and identifications), which are:
(1) privacy-preserving, meaning that the access requestor's privacy is
ensured; (2) policy-driven, meaning that the validity of a signature is
with respect to a given access control policy;
(3) ``mixed credentials"-based, meaning that a signature
is constructed out of various anonymous and non-anonymous credentials.
(This is a joint work with Moti Yung)
About the SpeakerShouhuai Xu is an assistant professor in the Department
of Computer Science, University of Texas, San Antonio.
He earned his PhD in computer science in 2000 from
Fudan University, China. He is interested in system-oriented
security design and analysis, with a current emphasis on
cryptographic design and analysis. His research is funded
by NSF, ARO etc. Please refer to
http://www.cs.utsa.edu/~shxu for more information.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.