سال انتشار: ۱۳۸۹
محل انتشار: هفتمین کنفرانس انجمن رمز ایران
تعداد صفحات: ۸
Parastou Tourani – 2Information Security Center, Department of Information and Communication Technology Malek-Ashtar University of Technology, Tehran, Iran
Ali Hadavi – Information Security Center, Department of Information and Communication Technology Malek-Ashtar University of Technology, Tehran, Iran
Rasool Jalili – Network Security Center, Department of Computer Engineering
Data outsourcing as a new paradigm is becoming a more useful model in many organizations because of significant cost saving and service benefits that it provides. In this paradigm, access control management is challenging due to new conditions such as untrustworthiness server for the delegated data contents. In this paper, we introduce a novel solution to enforce access control based on selective encryption. Additional encryption on data by the server is proposed with using Chinese Remainder Theorem for sharing resource’s key between authorized users. The number of users’ secret keys used to enforce access control policy is maintained limited. The result is a secure solution that protects information on the security policies from being revealed to the server or users and it also removes the risk of collusion between users themselves or between users and the server.