Skip to main content
placeholder image

Fine-grained information flow control using attributes

Journal Article


Abstract


  • Information flow control (IFC) mechanisms regulate where information is allowed to travel. To enhance IFC, access control encryption (ACE) was proposed where both the no write-down rule and the no read-up rule are supported. Nevertheless, there are still two issues: (1) how to determine whether a communication request should be permitted or denied was not considered; (2) the commutation cost is linear with the number of receivers. Attribute-based system (ABS) can implement one-to-many communication and fine-grained access policies. In this paper, a new IFC scheme is proposed by combing ACE with ABS. Our scheme provides the following features: (1) IFC policies are defined over a universe set of attributes; (2) the computation cost to determine whether a communication request should be permitted or denied is constant, instead of linear with the number of required attributes or receivers; (3) weak attribute privacy is achieved; (4) fine-grained access policies on encrypted data are supported; (5) the communication cost is linear with the number of required attributes and is independent of the number of receivers. To the best of our knowledge, it is the first IFC scheme enforced by using attributes.

Authors


  •   Han, Jinguang (external author)
  •   Chen, Liqun (external author)
  •   Susilo, Willy
  •   Huang, Xinyi (external author)
  •   Castiglione, Aniello (external author)
  •   Liang, Kaitai (external author)

Publication Date


  • 2019

Citation


  • Han, J., Chen, L., Susilo, W., Huang, X., Castiglione, A. & Liang, K. (2019). Fine-grained information flow control using attributes. Information Sciences, 484 167-182.

Scopus Eid


  • 2-s2.0-85061005560

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/2328

Number Of Pages


  • 15

Start Page


  • 167

End Page


  • 182

Volume


  • 484

Place Of Publication


  • United States

Abstract


  • Information flow control (IFC) mechanisms regulate where information is allowed to travel. To enhance IFC, access control encryption (ACE) was proposed where both the no write-down rule and the no read-up rule are supported. Nevertheless, there are still two issues: (1) how to determine whether a communication request should be permitted or denied was not considered; (2) the commutation cost is linear with the number of receivers. Attribute-based system (ABS) can implement one-to-many communication and fine-grained access policies. In this paper, a new IFC scheme is proposed by combing ACE with ABS. Our scheme provides the following features: (1) IFC policies are defined over a universe set of attributes; (2) the computation cost to determine whether a communication request should be permitted or denied is constant, instead of linear with the number of required attributes or receivers; (3) weak attribute privacy is achieved; (4) fine-grained access policies on encrypted data are supported; (5) the communication cost is linear with the number of required attributes and is independent of the number of receivers. To the best of our knowledge, it is the first IFC scheme enforced by using attributes.

Authors


  •   Han, Jinguang (external author)
  •   Chen, Liqun (external author)
  •   Susilo, Willy
  •   Huang, Xinyi (external author)
  •   Castiglione, Aniello (external author)
  •   Liang, Kaitai (external author)

Publication Date


  • 2019

Citation


  • Han, J., Chen, L., Susilo, W., Huang, X., Castiglione, A. & Liang, K. (2019). Fine-grained information flow control using attributes. Information Sciences, 484 167-182.

Scopus Eid


  • 2-s2.0-85061005560

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers1/2328

Number Of Pages


  • 15

Start Page


  • 167

End Page


  • 182

Volume


  • 484

Place Of Publication


  • United States