Attribute Based Encryption is a technique that associates user’s attributes with keys. Data is encrypted using a specific policy and only those keys whose attributes satisfy that policy are allowed to decrypt it. In this paper, we propose a secure communication model based on Ciphertext Policy Attribute Based Encryption (CP-ABE). This model allows Role Based Access Control for documents without...

Data access control is a crucial aspect of data management. Actors who want to share need systems manage consent in order decide can their data. This guarantees the privacy data, which often sensitive. As secure distributed ledger, blockchain widely used today for access. However, not ideal storing large volumes due its characteristics. Therefore, it coupled with off-chain facilitate storage th...

The extensive application of the Internet Things (IoT) and artificial intelligence technology has greatly promoted construction development smart cities. Smart home as foundation cities can optimize lifestyles. However, users access system through public channels, transmitted information is vulnerable to attack by attackers, privacy data security user will be difficult guaranteed. Therefore, ho...

Securely sharing and managing personal content is a challenging task in multidevice environments. In this paper, we design and implement a new platform called personal content networking (PCN). Our work is inspired by content-centric networking (CCN) becausewe aim to enable access to personal content using its name instead of its location. The unique challenge of PCN is to support secure file o...

The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Research systems based on capabilities provide a more secure mechanism but also fail to support more flexible security constraints such as parameter restrictions, logging and state-dependent access. They also fail to enforce a strict need-to-know view o...

The event-condition-action paradigm (also known as triggers or rules) is a powerful technology. It gives a database “active” capabilities – the ability to react automatically to changes in the database or in the environment. One potential use of this technology is in the area of multilevel secure (MLS) data processing, such as, military, where the subjects and objects are classified into differ...

Current approaches to access control on Web servers do not scale to enterprisewide systems, since they are mostly based on individual users. Therefore, we were motivated by the need to manage and enforce the strong access control technology of RBAC in large-scale Web environments. Cookies can be used to support RBAC on the Web, holding users’ role information. However, it is insecure to store a...