Suitability Analysis and the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud
Data ed ora: Giovedi' 9 Marzo 2017, ore 11:30
Luogo: Sala Riunioni (primo piano), Crema
Relatore: prof. Adam J. Lee, University of Pittsburgh, USA
Persona di riferimento: prof. Pierangela Samarati
The abilit.y to enforce robust and dynamic access controls on cloud-hosted data while simultaneously ensuring confidentiality with respect to the cloud itself is a clear goal for many users and organizations. To this end, there has been much cryptographic research proposing the use of (hierarchical) identity-based encryption, attribute-based encryption, predicate encryption, functional encryption, and related technologies to perform robust and private access control on untrusted cloud providers. However, the vast majority of this work studies static models in which the access control policies being enforced do not change over time. This is contrary to the needs of most practical applications, which leverage dynamic data and/or policies.
In this talk, we overview work that our group has done in the area of access control suitability analysis over the last few years. In short, this line of work aims to determine the access control mechanism that provides the best fit for a particular application, both in terms of its ability to securely enforce the range of policies required by the application using qualitative measures of expressiveness, and its ability to do so well in terms of quantitative cost metrics. Leveraging these techniques, we show that the cryptographic enforcement of dynamic access controls on untrusted platforms incurs computational costs that are likely prohibitive in practice. Specifically, we develop lightweight constructions for enforcing role-based access controls (i.e., RBAC_0) over cloud-hosted files using identity-based and traditional public-key cryptography. This is done under a threat model as close as possible to the one assumed in the cryptographic literature. We prove the correctness of these constructions, and leverage real-world RBAC datasets and our suitability analysis techniques experimentally analyze, via simulation, their associated computational costs. This analysis shows that supporting revocation, file updates, and other state change functionality is likely to incur prohibitive overheads in even minimally-dynamic, realistic scenarios. We identify a number of bottlenecks in such systems, and fruitful areas for future work that will lead to more natural and efficient constructions for the cryptographic enforcement of dynamic access controls. Our findings naturally extend to the use of more expressive cryptographic primitives (e.g., HIBE or ABE) and richer access control models (e.g., RBAC_1 or ABAC).