research-article

Privacy-Preserving Multi-Party Access Control

Authors:

Mina Sheikhalishahi,

Zekeriya Erkin,

Nicola ZannoneAuthors Info & Claims

WPES'19: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society

Pages 1 - 13

https://doi.org/10.1145/3338498.3358643

Published: 11 November 2019 Publication History

Abstract

Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by different stakeholders for jointly-managed resources, thus determining whether access to those resources should be granted or not. While providing effective solutions for the protection of co-owned resources, existing approaches do not address the protection of policies themselves, whose disclosure can leak sensitive information about, e.g., the relationships of co-owners with other parties. In this paper, we propose a privacy-preserving multi-party access control mechanism, which preserves the confidentiality of user policies. In particular, we propose secure computation protocols for the evaluation of multi-party policies, based on two privacy-preserving techniques, namely homomorphic encryption and secure function evaluation. An experimental evaluation of our approach shows its practical feasibility in terms of both computation and communication costs.

References

[1]

Ruqayah R. Al-Dahhan, Qi Shi, Gyu Myoung Lee, and Kashif Kifayat. 2019. Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption. Sensors, Vol. 19, 7 (2019), 1695.

[2]

Masoom Alam, Naina Emmanuel, Tanveer Khan, Abid Khan, Nadeem Javaid, Kim-Kwang Raymond Choo, and Rajkumar Buyya. 2018. Secure policy execution using reusable garbled circuit in the cloud. Future Generation Computer Systems, Vol. 87 (2018), 488--501.

[3]

Muhammad Asim, Tanya Ignatenko, Milan Petkovic, Daniel Trivellato, and Nicola Zannone. 2012. Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption. In Proceedings of International Conference on Availability, Reliability and Security. IEEE, 212--217.

Digital Library

[4]

Elaine B. Barker, Lidong Chen, Andrew R. Regenscheid, and Miles E. Smid. 2009. SP 800--56B. Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography . Technical Report. Gaithersburg, MD, United States.

[5]

Donald Beaver. 1991. Efficient Multiparty Protocols Using Circuit Randomization. In Advances in Cryptology (LNCS), Vol. 576. Springer, 420--432.

[6]

Joppe W. Bos, Kristin Lauter, and Michael Naehrig. 2014. Private predictive analysis on encrypted medical data. Journal of Biomedical Informatics, Vol. 50 (2014), 234--243.

[7]

Raphael Bost, Raluca Ada Popa, Stephen Tu, and Shafi Goldwasser. 2015. Machine Learning Classification over Encrypted Data. In Proceedings of Annual Network and Distributed System Security Symposium. Internet Society.

[8]

Ran Canetti. 2001. Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Proceedings of Symposium on Foundations of Computer Science. IEEE, 136--.

[9]

Shuchih Ernest Chang, Anne Yenching Liu, and Wei Cheng Shen. 2017. User trust in social networking services: A comparison of Facebook and LinkedIn . Computers in Human Behavior, Vol. 69 (2017), 207--217.

Digital Library

[10]

Jason Crampton and Charles Morisset. 2012. PTaCL: A Language for Attribute-based Access Control in Open Systems. In Principles of Security and Trust. Springer, 390--409.

[11]

Jason Crampton, Charles Morisset, and Nicola Zannone. 2015. On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. In Proceedings of Symposium on Access Control Models and Technologies. ACM, 99--109.

Digital Library

[12]

Stan Damen, Jerry den Hartog, and Nicola Zannone. 2014. CollAC: Collaborative access control. In Proceedings of International Conference on Collaboration Technologies and Systems. IEEE, 142--149.

[13]

Daniel Demmler, Thomas Schneider, and Michael Zohner. 2015. ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In Proceedings of Annual Network and Distributed System Security Symposium . Internet Society.

[14]

Jerry den Hartog and Nicola Zannone. 2016. Collaborative Access Decisions: Why Has My Decision Not Been Enforced?. In Information Systems Security (LNCS), Vol. 10063. Springer, 109--130.

[15]

Raïssa Yapan Dougnon, Philippe Fournier-Viger, Jerry Chun-Wei Lin, and Roger Nkambou. 2016. Inferring social network user profiles using a partial social graph. Journal of Intelligent Information Systems, Vol. 47, 2 (2016), 313--344.

Digital Library

[16]

Zekeriya Erkin, Martin Franz, Jorge Guajardo, Stefan Katzenbeisser, Inald Lagendijk, and Tomas Toft. 2009. Privacy-Preserving Face Recognition. In Proceedings of International Symposium on Privacy Enhancing Technologies. Springer, 235--253.

Digital Library

[17]

Zekeriya Erkin, Thijs Veugen, Tomas Toft, and Reginald L. Lagendijk. 2012. Generating Private Recommendations Efficiently Using Homomorphic Encryption and Data Packing. IEEE Transactions on Information Forensics and Security, Vol. 7, 3 (2012), 1053--1066.

Digital Library

[18]

Daniel C. Feldman. 1984. The Development and Enforcement of Group Norms. The Academy of Management Review, Vol. 9, 1 (1984), 47--53.

[19]

Ricard L. Fogues, Pradeep K. Murukannaiah, Jose M. Such, and Munindar P. Singh. 2017. Sharing Policies in Multiuser Privacy Scenarios: Incorporating Context, Preferences, and Arguments in Decision Making. ACM Trans. Comput.-Hum. Interact., Vol. 24, 1, Article 5 (2017), bibinfonumpages29 pages.

Digital Library

[20]

Michael J. Freedman, Kobbi Nissim, and Benny Pinkas. 2004. Efficient Private Matching and Set Intersection. In Advances in Cryptology . Springer, 1--19.

[21]

Oded Goldreich. 2004. The Foundations of Cryptography - Volume 2, Basic Applications .Cambridge University Press.

[22]

Oded Goldreich, Silvio Micali, and Avi Wigderson. 1987. How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority. In Proceedings of Annual Symposium on Theory of Computing. ACM, 218--229.

[23]

Paolo Guarda and Nicola Zannone. 2009. Towards the development of privacy-aware systems. Information & Software Technology, Vol. 51, 2 (2009), 337--350.

Digital Library

[24]

Pan Hui and Sonja Buchegger. 2009. Groupthink and Peer Pressure: Social Influence in Online Social Network Groups. In Proceedings of International Conference on Advances in Social Network Analysis and Mining . IEEE, 53--59.

Digital Library

[25]

Panagiotis Ilia, Barbara Carminati, Elena Ferrari, Paraskevi Fragopoulou, and Sotiris Ioannidis. 2017. SAMPAC: Socially-Aware collaborative Multi-Party Access Control. In Proceedings of Conference on Data and Application Security and Privacy. ACM, 71--82.

Digital Library

[26]

Panagiotis Ilia, Iasonas Polakis, Elias Athanasopoulos, Federico Maggi, and Sotiris Ioannidis. 2015. Face/Off: Preventing Privacy Leakage From Photos in Social Networks. In Proceedings of Conference on Computer and Communications Security. ACM, 781--792.

Digital Library

[27]

William H. Jobe. 1962. Functional Completeness and Canonical Forms in Many-Valued Logics. The Journal of Symbolic Logic, Vol. 27, 4 (1962), 409--422.

[28]

Cheng-Chi Lee, Pei-Shan Chung, and Min-Shiang Hwang. 2013. A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments. International Journal of Network Security, Vol. 15, 4 (2013), 231--240.

[29]

Rauf Mahmudlu, Jerry den Hartog, and Nicola Zannone. 2016. Data Governance and Transparency for Collaborative Systems. In Data and Applications Security and Privacy (LNCS 9766). Springer, 199--216.

[30]

Charles Morisset, Tim A. C. Willemse, and Nicola Zannone. 2018. Efficient Extended ABAC Evaluation. In Proceedings of Symposium on Access Control Models and Technologies. ACM, 149--160.

Digital Library

[31]

Majid Nateghizad, Zekeriya Erkin, and Reginald L. Lagendijk. 2016a. Efficient and secure equality tests. In Proceedings of International Workshop on Information Forensics and Security. IEEE, 1--6.

[32]

Majid Nateghizad, Zekeriya Erkin, and Reginald L. Lagendijk. 2016b. An efficient privacy-preserving comparison protocol in smart metering systems. EURASIP Journal on Information Security, Vol. 2016, 1 (2016), 11.

Digital Library

[33]

OASIS. 2013. eXtensible Access Control Markup Language (XACML) Version 3.0. OASIS Standard .

[34]

Federica Paci, Anna Cinzia Squicciarini, and Nicola Zannone. 2018. Survey on Access Control for Community-Centered Collaborative Systems. ACM Comput. Surv., Vol. 51, 1 (2018), 6:1--6:38.

Digital Library

[35]

Pascal Paillier. 1999. Public-key Cryptosystems Based on Composite Degree Residuosity Classes. In Proceedings of International Conference on Theory and Application of Cryptographic Techniques. Springer, 223--238.

Digital Library

[36]

Sarah Rajtmajer, Anna Squicciarini, Christopher Griffin, Sushama Karumanchi, and Alpana Tyagi. 2016. Constrained Social-Energy Minimization for Multi-Party Sharing in Online Social Networks. In Proceedings of International Conference on Autonomous Agents & Multiagent Systems. International Foundation for Autonomous Agents and Multiagent Systems, 680--688.

[37]

Mina Sheikhalishahi and Fabio Martinelli. 2017. Privacy preserving clustering over horizontal and vertical partitioned data. In Proceedings of Symposium on Computers and Communications. IEEE, 1237--1244.

[38]

Lauren E. Sherman, Ashley A. Payton, Leanna M. Hernandez, Patricia M. Greenfield, and Mirella Dapretto. 2016. The Power of the Like in Adolescence: Effects of Peer Influence on Neural and Behavioral Responses to Social Media. Psychological Science, Vol. 27, 7 (2016), 1027--1035.

[39]

Jose M. Such and Natalia Criado. 2016. Resolving Multi-Party Privacy Conflicts in Social Media. IEEE Transactions on Knowledge and Data Engineering, Vol. 28, 7 (2016), 1851--1863.

[40]

Kurt Thomas, Chris Grier, and David M. Nicol. 2010. unFriendly: Multi-party Privacy Risks in Social Networks. In Privacy Enhancing Technologies (LNCS 6205). Springer, 236--252.

[41]

Daniel Trivellato, Nicola Zannone, and Sandro Etalle. 2014. GEM: A distributed goal evaluation algorithm for trust management. TPLP, Vol. 14, 3 (2014), 293--337.

[42]

Fatih Turkmen, Jerry den Hartog, Silvio Ranise, and Nicola Zannone. 2017. Formal analysis of XACML policies using SMT . Computers & Security, Vol. 66 (2017), 185--203.

Digital Library

[43]

William H. Winsborough and Ninghui Li. 2002. Towards Practical Automated Trust Negotiation. In Proceedings of International Workshop on Policies for Distributed Systems and Networks. IEEE, 92--103.

[44]

Andrew Chi Yao. 1982. Protocols for Secure Computations. In Proceedings of Annual Symposium on Foundations of Computer Science. IEEE, 160--164.

[45]

Lingjing Yu, Sri Mounica Motipalli, Dongwon Lee, Peng Liu, Heng Xu, Qingyun Liu, Jianlong Tan, and Bo Luo. 2018. My Friend Leaks My Privacy: Modeling and Analyzing Privacy in Social Networks. In Proceedings of Symposium on Access Control Models and Technologies . ACM, 93--104.

Digital Library

[46]

Ting Yu, Marianne Winslett, and Kent E. Seamons. 2003. Supporting Structured Credentials and Sensitive Policies Through Interoperable Strategies for Automated Trust Negotiation. ACM Trans. Inf. Syst. Secur., Vol. 6, 1 (2003), 1--42.

Digital Library

Cited By

Veenker COpdam DAlishahi M(2024)Pixels Who Violate Our Privacy! Deep Learning for Identifying Images’ Key PixelsComputer Security. ESORICS 2023 International Workshops10.1007/978-3-031-54129-2_33(552-568)Online publication date: 12-Mar-2024
https://doi.org/10.1007/978-3-031-54129-2_33
Yi YZhu NHe JJurcut AZhao B(2023)Toward pragmatic modeling of privacy information propagation in online social networksComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.109429219:COnline publication date: 9-Feb-2023
https://dl.acm.org/doi/10.1016/j.comnet.2022.109429
Bay AErkin ZHoepman JSamardjiska SVos J(2022)Practical Multi-Party Private Set Intersection ProtocolsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2021.311887917(1-15)Online publication date: 2022
https://doi.org/10.1109/TIFS.2021.3118879
Show More Cited By

Index Terms

Privacy-Preserving Multi-Party Access Control
1. Security and privacy
  1. Security services
    1. Access control
2. Theory of computation
  1. Computational complexity and cryptography
    1. Cryptographic protocols

Recommendations

Privacy-Preserving Multi-Party Access Control for Third-Party UAV Services
SACMAT '23: Proceedings of the 28th ACM Symposium on Access Control Models and Technologies

Third-Party Unmanned Aerial Vehicle (UAV) Services, a.k.a. Drone-as-a-Service (DaaS), are an increasingly adopted business model, which enables possibly unskilled users, with no background knowledge, to operate drones and run automated drone-based tasks. ...
Privacy-preserving policy evaluation in multi-party access control

Recent years have seen an increasing popularity of online collaborative systems like social networks and web-based collaboration platforms. Collaborative systems typically offer their users a digital environment in which they can work together and share ...
Privacy-preserving two-party protocols

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES'19: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society

November 2019

228 pages

ISBN:9781450368308

DOI:10.1145/3338498

General Chairs:
Lorenzo Cavallaro
King's College London, United Kingdom
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chair:
Josep Domingo-Ferrer
Universitat Rovira i Virgili, Catalonia

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

ECSEL
ITEA3

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11, 2019

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
336
Total Downloads

Downloads (Last 12 months)47
Downloads (Last 6 weeks)3

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Veenker COpdam DAlishahi M(2024)Pixels Who Violate Our Privacy! Deep Learning for Identifying Images’ Key PixelsComputer Security. ESORICS 2023 International Workshops10.1007/978-3-031-54129-2_33(552-568)Online publication date: 12-Mar-2024
https://doi.org/10.1007/978-3-031-54129-2_33
Yi YZhu NHe JJurcut AZhao B(2023)Toward pragmatic modeling of privacy information propagation in online social networksComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.109429219:COnline publication date: 9-Feb-2023
https://dl.acm.org/doi/10.1016/j.comnet.2022.109429
Bay AErkin ZHoepman JSamardjiska SVos J(2022)Practical Multi-Party Private Set Intersection ProtocolsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2021.311887917(1-15)Online publication date: 2022
https://doi.org/10.1109/TIFS.2021.3118879
Sheikhalishahi MStork IZannone N(2021)Privacy-preserving policy evaluation in multi-party access controlJournal of Computer Security10.3233/JCS-200007(1-38)Online publication date: 30-Sep-2021
https://doi.org/10.3233/JCS-200007
Sancho JGarcía JAlesanco Á(2020)Distributed Access Control for Cross-Organizational Healthcare Data Sharing Scenarios8th European Medical and Biological Engineering Conference10.1007/978-3-030-64610-3_47(407-413)Online publication date: 30-Nov-2020
https://doi.org/10.1007/978-3-030-64610-3_47

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents