For complex user management, large enterprises employ Role-Based Access Controls (RBAC) models for making access decisions based on the role in which a user is active in. However, RBAC models cannot be deployed in outsourced environments as they rely on trusted infrastructure in order to regulate access to the data. The deployment of RBAC models may reveal private information about sensitive data they aim to protect. In this paper, we aim at filling this gap by proposing ESPOON ERBAC for enforcing RBAC policies in outsourced environments. ESPOON ERBAC enforces RBAC policies in an encrypted manner where a curious service provider may learn a very limited information about RBAC policies. We have implemented ESPOON ERBAC and provided its performance evaluation showing a limited overhead, thus confirming viability of our approach.
Category / Keywords: applications / Encrypted RBAC, Policy Protection, Sensitive Policy Evaluation, Secure Cloud Storage, Confidentiality Original Publication (in the same form): Elsevier Computers & Security (COSE), Volume 35, 2013 Date: received 11 Sep 2013 Contact author: asghar at disi unitn it Available format(s): PDF | BibTeX Citation Version: 20130914:031005 (All versions of this report) Short URL: ia.cr/2013/587 Discussion forum: Show discussion | Start new discussion