Explore the challenges and practicality of cryptographically enforcing dynamic access control policies in cloud environments in this 20-minute IEEE conference talk. Delve into the complexities of maintaining confidentiality and robust access controls on cloud-hosted data, examining the use of advanced cryptographic techniques such as identity-based encryption and attribute-based encryption. Analyze the computational costs associated with implementing dynamic access controls on untrusted platforms, focusing on role-based access control (RBAC0) enforcement using identity-based and public-key cryptography. Discover the potential bottlenecks and prohibitive overheads in realistic scenarios, particularly when supporting revocation and file updates. Gain insights into future research directions for developing more efficient and natural constructions for cryptographic enforcement of dynamic access controls in cloud computing.
On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud
Overview
Syllabus
Introduction
Cloud Data Outsourcing
Traditional Access Control
Advanced Cryptography
Cost of Advanced Cryptography
Overview
System Model
RoleBased Access Control
RoleBased Encryption
Revoking Access
Using Key Versioning
Evaluation
Reallife APIs
Cost of Revocation
Revocation Frequency
Lazy Encryption
Delaying State Change
Advanced Crypto
Future Research
Conclusion
Taught by
IEEE Symposium on Security and Privacy
