Fine-Grained Information Flow Control Using Attributes

Jinguang Han, Liqun Chen, Willy Susilo, Xinyi Huang, Aniello Castiglione, Kaitai Liang

Research output: Contribution to journalArticle

1 Citation (Scopus)
65 Downloads (Pure)

Abstract

Information flow control (IFC) mechanisms regulate where information is allowed to travel. To enhance IFC, access control encryption (ACE) was proposed where both the no write-down rule and the no read-up rule are supported. Nevertheless, there are still two issues: (1) how to determine whether a communication request should be permitted or denied was not considered; (2) the commutation cost is linear with the number of receivers. Attribute-based system (ABS) can implement one-to-many communication and fine-grained access policies. In this paper, a new IFC scheme is proposed by combing ACE with ABS. Our scheme provides the following features: (1) IFC policies are defined over a universe set of attributes; (2) the computation cost to determine whether a communication request should be permitted or denied is constant, instead of linear with the number of required attributes or receivers; (3) weak attribute privacy is achieved; (4) fine-grained access policies on encrypted data are supported; (5) the communication cost is linear with the number of required attributes and is independent of the number of receivers. To the best of our knowledge, it is the first IFC scheme enforced by using attributes.
Original languageEnglish
Pages (from-to)167-182
Number of pages16
JournalInformation Sciences
Volume484
Early online date30 Jan 2019
DOIs
Publication statusPublished - 01 May 2019

Keywords

  • Information flow control
  • Attribute-based system
  • Access control encryption
  • Security
  • Privacy

Fingerprint Dive into the research topics of 'Fine-Grained Information Flow Control Using Attributes'. Together they form a unique fingerprint.

  • Cite this

    Han, J., Chen, L., Susilo, W., Huang, X., Castiglione, A., & Liang, K. (2019). Fine-Grained Information Flow Control Using Attributes. Information Sciences, 484, 167-182. https://doi.org/10.1016/j.ins.2019.01.074