Mask

A system for privacy-preserving policy-based access to published content

Mohamed Nabeel, Ning Shang, John Zage, Elisa Bertino

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

We propose to demonstrate Mask, the first system addressing the seemingly-unsolvable problem of how to selectively share contents among a group of users based on access control policies expressed as conditions against the identity attributes of these users while at the same time assuring the privacy of these identity attributes from the content publisher. Mask consists of three entities: a Content Publisher, Users referred to as Subscribers, and Identity Providers that issue certified identity attributes. The content publisher specifies access control policies against identity attributes of subscribers indicating which conditions the identity attributes of a subscriber must verify in order for this subscriber to access a document or a subdocument. The main novelty of Mask is that, even though the publisher is able to match the identity attributes of the subscribers against its own access control policies, the publisher does not learn the values of the identity attributes of the subscribers; the privacy of the authorized subscribers is thus preserved. Based on the specified access control policies, documents are divided into subdocuments and the subdocuments having different access control policies are encrypted with different keys. Subscribers derive the keys corresponding to the subdocuments they are authorized to access. Key distribution in Mask is supported by a novel group key management protocol by which subscribers can reconstruct the decryption keys from the subscription information they receive from the publisher. The publisher however does not learn which decryption keys each subscriber is able to reconstruct. In this demonstration, we show our system using a healthcare scenario.

Original languageEnglish
Title of host publicationProceedings of the 2010 International Conference on Management of Data, SIGMOD '10
Pages1239-1242
Number of pages4
DOIs
Publication statusPublished - 2010
Externally publishedYes
Event2010 International Conference on Management of Data, SIGMOD '10 - Indianapolis, IN, United States
Duration: 6 Jun 201011 Jun 2010

Other

Other2010 International Conference on Management of Data, SIGMOD '10
CountryUnited States
CityIndianapolis, IN
Period6/6/1011/6/10

Fingerprint

Access control
Masks
Demonstrations

Keywords

  • access control
  • broadcast systems
  • group key management
  • identity
  • privacy

ASJC Scopus subject areas

  • Information Systems
  • Software

Cite this

Nabeel, M., Shang, N., Zage, J., & Bertino, E. (2010). Mask: A system for privacy-preserving policy-based access to published content. In Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10 (pp. 1239-1242) https://doi.org/10.1145/1807167.1807329

Mask : A system for privacy-preserving policy-based access to published content. / Nabeel, Mohamed; Shang, Ning; Zage, John; Bertino, Elisa.

Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10. 2010. p. 1239-1242.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nabeel, M, Shang, N, Zage, J & Bertino, E 2010, Mask: A system for privacy-preserving policy-based access to published content. in Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10. pp. 1239-1242, 2010 International Conference on Management of Data, SIGMOD '10, Indianapolis, IN, United States, 6/6/10. https://doi.org/10.1145/1807167.1807329
Nabeel M, Shang N, Zage J, Bertino E. Mask: A system for privacy-preserving policy-based access to published content. In Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10. 2010. p. 1239-1242 https://doi.org/10.1145/1807167.1807329
Nabeel, Mohamed ; Shang, Ning ; Zage, John ; Bertino, Elisa. / Mask : A system for privacy-preserving policy-based access to published content. Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10. 2010. pp. 1239-1242
@inproceedings{67d57112fe3949f6a33a11073f0701c4,
title = "Mask: A system for privacy-preserving policy-based access to published content",
abstract = "We propose to demonstrate Mask, the first system addressing the seemingly-unsolvable problem of how to selectively share contents among a group of users based on access control policies expressed as conditions against the identity attributes of these users while at the same time assuring the privacy of these identity attributes from the content publisher. Mask consists of three entities: a Content Publisher, Users referred to as Subscribers, and Identity Providers that issue certified identity attributes. The content publisher specifies access control policies against identity attributes of subscribers indicating which conditions the identity attributes of a subscriber must verify in order for this subscriber to access a document or a subdocument. The main novelty of Mask is that, even though the publisher is able to match the identity attributes of the subscribers against its own access control policies, the publisher does not learn the values of the identity attributes of the subscribers; the privacy of the authorized subscribers is thus preserved. Based on the specified access control policies, documents are divided into subdocuments and the subdocuments having different access control policies are encrypted with different keys. Subscribers derive the keys corresponding to the subdocuments they are authorized to access. Key distribution in Mask is supported by a novel group key management protocol by which subscribers can reconstruct the decryption keys from the subscription information they receive from the publisher. The publisher however does not learn which decryption keys each subscriber is able to reconstruct. In this demonstration, we show our system using a healthcare scenario.",
keywords = "access control, broadcast systems, group key management, identity, privacy",
author = "Mohamed Nabeel and Ning Shang and John Zage and Elisa Bertino",
year = "2010",
doi = "10.1145/1807167.1807329",
language = "English",
isbn = "9781450300322",
pages = "1239--1242",
booktitle = "Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10",

}

TY - GEN

T1 - Mask

T2 - A system for privacy-preserving policy-based access to published content

AU - Nabeel, Mohamed

AU - Shang, Ning

AU - Zage, John

AU - Bertino, Elisa

PY - 2010

Y1 - 2010

N2 - We propose to demonstrate Mask, the first system addressing the seemingly-unsolvable problem of how to selectively share contents among a group of users based on access control policies expressed as conditions against the identity attributes of these users while at the same time assuring the privacy of these identity attributes from the content publisher. Mask consists of three entities: a Content Publisher, Users referred to as Subscribers, and Identity Providers that issue certified identity attributes. The content publisher specifies access control policies against identity attributes of subscribers indicating which conditions the identity attributes of a subscriber must verify in order for this subscriber to access a document or a subdocument. The main novelty of Mask is that, even though the publisher is able to match the identity attributes of the subscribers against its own access control policies, the publisher does not learn the values of the identity attributes of the subscribers; the privacy of the authorized subscribers is thus preserved. Based on the specified access control policies, documents are divided into subdocuments and the subdocuments having different access control policies are encrypted with different keys. Subscribers derive the keys corresponding to the subdocuments they are authorized to access. Key distribution in Mask is supported by a novel group key management protocol by which subscribers can reconstruct the decryption keys from the subscription information they receive from the publisher. The publisher however does not learn which decryption keys each subscriber is able to reconstruct. In this demonstration, we show our system using a healthcare scenario.

AB - We propose to demonstrate Mask, the first system addressing the seemingly-unsolvable problem of how to selectively share contents among a group of users based on access control policies expressed as conditions against the identity attributes of these users while at the same time assuring the privacy of these identity attributes from the content publisher. Mask consists of three entities: a Content Publisher, Users referred to as Subscribers, and Identity Providers that issue certified identity attributes. The content publisher specifies access control policies against identity attributes of subscribers indicating which conditions the identity attributes of a subscriber must verify in order for this subscriber to access a document or a subdocument. The main novelty of Mask is that, even though the publisher is able to match the identity attributes of the subscribers against its own access control policies, the publisher does not learn the values of the identity attributes of the subscribers; the privacy of the authorized subscribers is thus preserved. Based on the specified access control policies, documents are divided into subdocuments and the subdocuments having different access control policies are encrypted with different keys. Subscribers derive the keys corresponding to the subdocuments they are authorized to access. Key distribution in Mask is supported by a novel group key management protocol by which subscribers can reconstruct the decryption keys from the subscription information they receive from the publisher. The publisher however does not learn which decryption keys each subscriber is able to reconstruct. In this demonstration, we show our system using a healthcare scenario.

KW - access control

KW - broadcast systems

KW - group key management

KW - identity

KW - privacy

UR - http://www.scopus.com/inward/record.url?scp=77954728129&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77954728129&partnerID=8YFLogxK

U2 - 10.1145/1807167.1807329

DO - 10.1145/1807167.1807329

M3 - Conference contribution

SN - 9781450300322

SP - 1239

EP - 1242

BT - Proceedings of the 2010 International Conference on Management of Data, SIGMOD '10

ER -