EASiER: Encryption-based access control in social networks with efficient revocation

Sonia Jahid, Prateek Mittal, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

197 Scopus citations

Abstract

A promising approach to mitigate the privacy risks in Online Social Networks (OSNs) is to shift access control enforcement from the OSN provider to the user by means of encryption. However, this creates the challenge of key management to support complex policies involved in OSNs and dynamic groups. To address this, we propose EASiER, an architecture that supports fine-grained access control policies and dynamic group membership by using attribute-based encryption. A key and novel feature of our architecture, however, is that it is possible to remove access from a user without issuing new keys to other users or re-encrypting existing ciphertexts. We achieve this by creating a proxy that participates in the decryption process and enforces revocation constraints. The proxy is minimally trusted and cannot decrypt ciphertexts or provide access to previously revoked users. We describe EASiER architecture and construction, provide performance evaluation, and prototype application of our approach on Facebook.

Original languageEnglish (US)
Title of host publicationProceedings of the 6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011
PublisherAssociation for Computing Machinery
Pages411-415
Number of pages5
ISBN (Print)9781450305648
DOIs
StatePublished - 2011
Externally publishedYes
Event6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011 - Hong Kong, China
Duration: Mar 22 2011Mar 24 2011

Publication series

NameProceedings of the 6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011

Other

Other6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011
Country/TerritoryChina
CityHong Kong
Period3/22/113/24/11

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Keywords

  • Access control
  • Proxy
  • Revocation
  • Social network

Fingerprint

Dive into the research topics of 'EASiER: Encryption-based access control in social networks with efficient revocation'. Together they form a unique fingerprint.

Cite this