{"title":"海报:ESPOONERBAC:在外包环境中使用加密的RBAC实施安全策略","authors":"M. R. Asghar, G. Russello, B. Crispo","doi":"10.1145/2046707.2093507","DOIUrl":null,"url":null,"abstract":"The enforcement of security policies is an open challenge in environments where the IT infrastructure has been outsourced to a third party. Although the outsourcing allows companies to gain economical benefits and scalability, it imposes the threat of leaking the private information about the sensitive data managed and processed by untrusted parties. In this work, we propose an architecture to enforce Role-Based Access Control (RBAC) style of authorisation policies in outsourced environments. As a proof of concept, we have implemented a demo and measured the performance overhead incurred by the proposed architecture.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/2046707.2093507","citationCount":"8","resultStr":"{\"title\":\"Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC\",\"authors\":\"M. R. Asghar, G. Russello, B. Crispo\",\"doi\":\"10.1145/2046707.2093507\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The enforcement of security policies is an open challenge in environments where the IT infrastructure has been outsourced to a third party. Although the outsourcing allows companies to gain economical benefits and scalability, it imposes the threat of leaking the private information about the sensitive data managed and processed by untrusted parties. In this work, we propose an architecture to enforce Role-Based Access Control (RBAC) style of authorisation policies in outsourced environments. As a proof of concept, we have implemented a demo and measured the performance overhead incurred by the proposed architecture.\",\"PeriodicalId\":72687,\"journal\":{\"name\":\"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1145/2046707.2093507\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2046707.2093507\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2046707.2093507","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC
The enforcement of security policies is an open challenge in environments where the IT infrastructure has been outsourced to a third party. Although the outsourcing allows companies to gain economical benefits and scalability, it imposes the threat of leaking the private information about the sensitive data managed and processed by untrusted parties. In this work, we propose an architecture to enforce Role-Based Access Control (RBAC) style of authorisation policies in outsourced environments. As a proof of concept, we have implemented a demo and measured the performance overhead incurred by the proposed architecture.