Attribute-based Encryption with Break-glass

By Achim D. Brucker, Helmut Petritsch, and Stefan G. Weber.

Attribute-based Encryption (ABE) allows for implementing fine-grained decentralized access control based on properties or attributes a user has. Thus, there is no need for writing detailed, user-based policies in advance. This makes ABE in particular interesting for implementing se- curity mechanisms in dynamic environments such as ubiquitous comput- ing, disaster management, or health-care. For supporting the latter two application areas, common ABE approaches lack one important feature: break-glass, i. e., the controlled overruling of access control restrictions. In this paper we present an integration of break-glass into an approach for end-to-end secure information sharing using ABE techniques.

Keywords:
Access Control, Break-Glass, Attribute-Based Encryption, Disaster Management, Trusted Computing Plattform

Please cite this work as follows:
A. D. Brucker, H. Petritsch, and S. G. Weber, “Attribute-based encryption with break-glass,” in Workshop in information security theory and practice (WISTP), P. Samarati, M. Tunstall, and J. Posegga, Eds. Heidelberg: Springer-Verlag, 2010, pp. 237–244. doi: 10.1007/978-3-642-12368-9_18. Author copy: http://logicalhacking.com/publications/brucker.ea-attribute-based-2010/

BibTeX
@InCollection{ brucker.ea:attribute-based:2010,
  author        = {Achim D. Brucker and Helmut Petritsch and Stefan G. Weber},
  booktitle     = {Workshop In Information Security Theory And Practice
                   (WISTP)},
  fullbooktitle = {Information Security Theory and Practice. Security and
                   Privacy of Pervasive Systems and Smart Devices},
  language      = {USenglish},
  title         = {Attribute-based Encryption with Break-glass},
  year          = {2010},
  editor        = {Pierangela Samarati and Michael Tunstall and Joachim
                   Posegga},
  publisher     = {Springer-Verlag },
  address       = {Heidelberg },
  series        = {Lecture Notes in Computer Science },
  doi           = {10.1007/978-3-642-12368-9_18},
  number        = {6033},
  pages         = {237--244},
  abstract      = {Attribute-based Encryption (ABE) allows for implementing
                   fine-grained decentralized access control based on properties
                   or attributes a user has. Thus, there is no need for writing
                   detailed, user-based policies in advance. This makes ABE in
                   particular interesting for implementing se- curity mechanisms
                   in dynamic environments such as ubiquitous comput- ing,
                   disaster management, or health-care. For supporting the latter
                   two application areas, common ABE approaches lack one
                   important feature: break-glass, i. e., the controlled
                   overruling of access control restrictions. In this paper we
                   present an integration of break-glass into an approach for
                   end-to-end secure information sharing using ABE techniques.},
  areas         = {security},
  keywords      = {Access Control, Break-Glass, Attribute-Based Encryption,
                   Disaster Management, Trusted Computing Plattform},
  note          = {Author copy: \url{http://logicalhacking.com/publications/brucker.ea-attribute-based-2010/}},
}