HetDAPAC: Distributed Attribute-Based Private Access Control with Heterogeneous Attributes

Author:

Shreya Meel, Sennur Ulukus

Keyword:

Computer Science, Information Theory, Information Theory (cs.IT), Cryptography and Security (cs.CR), Networking and Internet Architecture (cs.NI), Signal Processing (eess.SP)

journal:

date:

2024-01-24 00:00:00

Abstract

Verifying user attributes to provide fine-grained access control to databases is fundamental to an attribute-based authentication system. In such systems, either a single (central) authority verifies all attributes, or multiple independent authorities verify individual attributes distributedly to allow a user to access records stored on the servers. While a \emph{central} setup is more communication cost efficient, it causes privacy breach of \emph{all} user attributes to a central authority. Recently, Jafarpisheh et al. studied an information theoretic formulation of the \emph{distributed} multi-authority setup with $N$ non-colluding authorities, $N$ attributes and $K$ possible values for each attribute, called an $(N,K)$ distributed attribute-based private access control (DAPAC) system, where each server learns only one attribute value that it verifies, and remains oblivious to the remaining $N-1$ attributes. We show that off-loading a subset of attributes to a central server for verification improves the achievable rate from $\frac{1}{2K}$ in Jafarpisheh et al. to $\frac{1}{K+1}$ in this paper, thus \emph{almost doubling the rate} for relatively large $K$, while sacrificing the privacy of a few possibly non-sensitive attributes.

PDF: HetDAPAC: Distributed Attribute-Based Private Access Control with Heterogeneous Attributes.pdf