Permanent URL to this publication: http://dx.doi.org/10.5167/uzh-20204
Sturm, C; Hunt, E; Scholl, M H (2009). Distributed privilege enforcement in PACS. In: 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2009), Montreal, Canada, 12 July 2009 - 15 July 2009, 142-158 .
We present a new access control mechanism for P2P networks
with distributed enforcement, called P2P Access Control System (PACS). PACS enforces powerful access control models like RBAC with administrative delegation inside a P2P network in a pure P2P manner, which is not possible in any of the currently used P2P access control mechanisms. PACS uses client-side enforcement to support the replication of confidential data. To avoid a single point of failure at the time of privilege enforcement, we use threshold cryptography to distribute the enforcement among the participants. Our analysis of the expected number of messages and the computational effort needed in PACS shows that its increased flexibility comes with an acceptable additional overhead.
|Item Type:||Conference or Workshop Item (Paper), refereed, original work|
|Communities & Collections:||03 Faculty of Economics > Department of Informatics|
|DDC:||000 Computer science, knowledge & systems|
|Event End Date:||15 July 2009|
|Deposited On:||19 Aug 2009 15:39|
|Last Modified:||23 Nov 2012 14:08|
|Series Name:||Lecture Notes in Computer Science|
|Additional Information:||The original publication is available at www.springerlink.com|
Users (please log in): suggest update or correction for this item
Repository Staff Only: item control page