Oblivious Enforcement of Hidden Information Release Policies
In a computing system, sensitive data must be protected by release policies that determine which principals are au thorized to access that data. In some cases, such a release policy could refer to information about the requesting prin cipal that is unavailable to the information provider. Fur thermore, the release policy itself may contain sensitive in formation about the resource that it protects. In this pa per we describe a scheme for enforcing information release policies whose satisfaction cannot be verified by the entity holding the protected information, but only by the entity re questing this information. Not only does our scheme prevent the information provider from learning whether the policy was satisfied, but it also hides the information release policy being enforced from the requesting principal. Unlike pre vious approaches, our construction requires no guesswork or wasted computation on the part of the information re quester. The information release policies that we consider can contain third-party assertions that themselves have re lease conditions that must be satisfied; we show that our sys tem functions correctly even when these dependencies form cycles.
Hidden policies hidden credentials distributed proof
Brian Wongchaowart Adam J. Lee
Department of Computer Science University of Pittsburgh 210 S. Bouquet St.Pittsburgh, PA 15260
国际会议
北京
英文
324-327
2010-04-13(万方平台首次上网日期,不代表论文的发表时间)