1st International ICST Conference on Security and Privacy for Emerging Areas in Communication Networks

Research Article

Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information

  • @INPROCEEDINGS{10.1109/SECURECOMM.2005.18,
        author={U.  Hengartner and P.  Steenkiste},
        title={Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information},
        proceedings={1st International ICST Conference on Security and Privacy for Emerging Areas in Communication Networks},
        publisher={IEEE},
        proceedings_a={SECURECOMM},
        year={2006},
        month={3},
        keywords={},
        doi={10.1109/SECURECOMM.2005.18}
    }
    
  • U. Hengartner
    P. Steenkiste
    Year: 2006
    Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information
    SECURECOMM
    IEEE
    DOI: 10.1109/SECURECOMM.2005.18
U. Hengartner1, P. Steenkiste1
  • 1: Carnegie Mellon University

Abstract

Access control to confidential information in pervasive computing environments is challenging for multiple reasons: First, a client requesting access might not know which access rights are necessary in order to be granted access to the requested information. Second, access control must support flexible access rights that include context-sensitive constraints. Third, pervasive computing environments consist of a multitude of information services, which makes simple management of access rights essential. We discuss the shortcomings of existing access-control schemes that rely on either clients presenting a proof of access to a service or services encrypting information before handing the information over to a client. We propose a proofbased access-control architecture that employs hierarchical identity-based encryption in order to enable services to inform clients of the required proof of access in a covert way, without leaking information. Furthermore, we introduce an encryption-based access-control architecture that exploits hierarchical identity-based encryption in order to deal with multiple, hierarchical constraints on access rights. We present an example implementation of our proposed architectures and discuss the performance of this implementation.