demonstration

Mask: a system for privacy-preserving policy-based access to published content

Authors:

Mohamed Nabeel,

Ning Shang,

John Zage,

Elisa BertinoAuthors Info & Claims

SIGMOD '10: Proceedings of the 2010 ACM SIGMOD International Conference on Management of data

Pages 1239 - 1242

https://doi.org/10.1145/1807167.1807329

Published: 06 June 2010 Publication History

Get Access

Abstract

We propose to demonstrate Mask, the first system addressing the seemingly-unsolvable problem of how to selectively share contents among a group of users based on access control policies expressed as conditions against the identity attributes of these users while at the same time assuring the privacy of these identity attributes from the content publisher. Mask consists of three entities: a Content Publisher, Users referred to as Subscribers, and Identity Providers that issue certified identity attributes. The content publisher specifies access control policies against identity attributes of subscribers indicating which conditions the identity attributes of a subscriber must verify in order for this subscriber to access a document or a subdocument. The main novelty of Mask is that, even though the publisher is able to match the identity attributes of the subscribers against its own access control policies, the publisher does not learn the values of the identity attributes of the subscribers; the privacy of the authorized subscribers is thus preserved. Based on the specified access control policies, documents are divided into subdocuments and the subdocuments having different access control policies are encrypted with different keys. Subscribers derive the keys corresponding to the subdocuments they are authorized to access. Key distribution in Mask is supported by a novel group key management protocol by which subscribers can reconstruct the decryption keys from the subscription information they receive from the publisher. The publisher however does not learn which decryption keys each subscriber is able to reconstruct. In this demonstration, we show our system using a healthcare scenario.

References

[1]

M. Eichelberg, T. Aden, J. Riesmeier, A. Dogac, and G. B. Laleci. A survey and analysis of Electronic Healthcare Record standards. ACM Comput. Surv., 37(4):277--315, 2005.

Digital Library

Google Scholar

[2]

R. Richardson. CSI Computer Crime and Security Survey. Technical report, Computer Security Institute, 2008.

Google Scholar

[3]

N. Shang, M. Nabeel, F. Paci, and E. Bertino. A privacy-preserving approach to policy-based content dissemination. Technical Report CERIAS TR 2009-27, Purdue University, 2009.

Google Scholar

[4]

N. Shang, M. Nabeel, F. Paci, and E. Bertino. A privacy-preserving approach to policy-based content dissemination. In ICDE '10: Proceedings of the 2010 IEEE 26th International Conference on Data Engineering, 2010.

Crossref

Google Scholar

[5]

XML in clinical research and healthcare industries. http://xml.coverpages.org/healthcare.html.

Google Scholar

Cited By

View all

Victor NLopez D(2021)Privacy Preserving Big Data PublishingResearch Anthology on Privatizing and Securing Data10.4018/978-1-7998-8954-0.ch060(1281-1298)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8954-0.ch060
Victor NLopez D(2018)Privacy Preserving Big Data PublishingHCI Challenges and Privacy Preservation in Big Data Security10.4018/978-1-5225-2863-0.ch003(47-70)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-2863-0.ch003
Wu YLyu YFang QZheng GYin HShi Y(2017)Protecting Outsourced Data in Semi-Trustworthy Cloud: A Hierarchical System2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW)10.1109/ICDCSW.2017.19(300-305)Online publication date: Jun-2017
https://doi.org/10.1109/ICDCSW.2017.19

Index Terms

Mask: a system for privacy-preserving policy-based access to published content
1. Applied computing
  1. Computers in other domains
    1. Publishing
2. Information systems
  1. Data management systems
    1. Database management system engines

Recommendations

Privacy Preserving Policy-Based Content Sharing in Public Clouds

An important problem in public clouds is how to selectively share documents based on fine-grained attribute-based access control policies (acps). An approach is to encrypt documents satisfying different policies with different keys using a public key ...
Privacy-enhanced access control in primelife
DIM '10: Proceedings of the 6th ACM workshop on Digital identity management

This talk gives an overview of the PrimeLife¹ project, funded by the European Commission's 7th Framework Programme, with a particular focus on its research results in privacy-preserving access control in distributed systems. Users commonly reveal more ...
A Lattice-Based Privacy Aware Access Control Model
CSE '09: Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03

As the amount of data being collected by service providers increases, privacy concerns increase for the data owners that must provide private data to get services. Legislative acts require enterprises protect the privacy of their customers and privacy ...

Comments

Information & Contributors

Information

Published In

SIGMOD '10: Proceedings of the 2010 ACM SIGMOD International Conference on Management of data

June 2010

1286 pages

ISBN:9781450300322

DOI:10.1145/1807167

General Chair:
Ahmed Elmagarmid
Purdue University, USA
,
Program Chair:
Divyakant Agrawal
University of California at Santa Barbara, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 June 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Demonstration

Conference

SIGMOD/PODS '10

Sponsor:

SIGMOD

SIGMOD/PODS '10: International Conference on Management of Data

June 6 - 10, 2010

Indiana, Indianapolis, USA

Acceptance Rates

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
440
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)2

Reflects downloads up to 31 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Victor NLopez D(2021)Privacy Preserving Big Data PublishingResearch Anthology on Privatizing and Securing Data10.4018/978-1-7998-8954-0.ch060(1281-1298)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8954-0.ch060
Victor NLopez D(2018)Privacy Preserving Big Data PublishingHCI Challenges and Privacy Preservation in Big Data Security10.4018/978-1-5225-2863-0.ch003(47-70)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-2863-0.ch003
Wu YLyu YFang QZheng GYin HShi Y(2017)Protecting Outsourced Data in Semi-Trustworthy Cloud: A Hierarchical System2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW)10.1109/ICDCSW.2017.19(300-305)Online publication date: Jun-2017
https://doi.org/10.1109/ICDCSW.2017.19

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Privacy Preserving Policy-Based Content Sharing in Public Clouds

Privacy-enhanced access control in primelife

A Lattice-Based Privacy Aware Access Control Model

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations