Today I read a paper on another way of implementing access sharing: Ciphertext-Policy Attribute-Based Encryption. The paper outlined how access trees could be used to implement user access control to content. The idea is that each user possesses a number of attributes which a publisher of the content can use to create an access list to allow only users whose attributes satisfy the tree. The tree can include gates at nodes, such as AND, OR, etc, to allow more flexibility. The scheme has the same drawback as WISPR as there is no flexible way of revocation, aside from temporally bound access trees.
I also read the paper describing the file system I will be working with: Separating key management from file system security. I began to look through the documentation available about the filesystem (SFS) in order to begin setting it up tomorrow. In order to set it up I will need to build it on cusp and then try to look into including the proxy re-signature portion back into it.
No comments:
Post a Comment