Massey Documents by Type

Permanent URI for this communityhttps://mro.massey.ac.nz/handle/10179/294

Browse

Filters

2013 - 20192

Settings

Has files: YesSubject: search.filters.subject.Access control

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Towards implementing RSA-based CP-ABE algorithm on Android system : a thesis presented in partial fulfilment of the requirements for the degree of Master of Information Sciences at Massey University, Auckland, New Zealand
    (Massey University, 2019) Xing, Jiaxin
    Cipher-text-Policy Attribute-Based Encryption (CP-ABE) algorithm has been proposed to encrypt and decrypt data based on the matching between attributes and an access policy placed over cipher-text. Using CP-ABE, data owner can encrypt data along with an access policy to enforce a fine-grained access control. To improve the efficiency of performance, this study chose a RSA-based CP-ABE algorithm with an access-tree structure while most existing CP-ABE has been implemented using ECC. This new RSA-based CP-ABE algorithm was implemented in the Linux system in another study while this thesis addresses an implementation strategy on an Android system. To achieve this goal, a simple encryption application was designed for users who want to encrypt and decrypt messages through their mobile devices. This study used Android Studio to create the encryption application. In this cipher program, users input the message they want to encrypt and get the encrypted data through the function button named “CIPHER”, and they also can decrypt the cipher-text in the same way. There are four main algorithms involved in a CP-ABE scheme. They respectively are setup, key generation, encryption and decryption. During the setup process, the CP-ABE scheme uses the RSA algorithm to choose two prime numbers. These prime numbers are used to a master public key and a master private key. In the key generation algorithm, a secret key is generated for a set of attributes using the master private key. In the encryption step, it creates a cipher-text with an access tree. In the decryption algorithm, if and only if the attributes for the user’s decryption key satisfies this access policy is able to decode the encrypted data. This algorithm uses the construction of lightweight no-paring crypto-system based on RSA, and the construction supports an expressive monotone tree access structure to implement the complex access control as a more generic system. By using this algorithm, the encryption and decryption processes are more efficient and secure.
  • Thumbnail Image
    Item
    A model of distributed rights allocation in online social interaction : a thesis presented in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Information Technology at Massey University, Albany, Auckland, New Zealand
    (Massey University, 2013) Ahmad, Adnan
    In computing, the management of information resources is done through access control, a process by which authorized users are granted permission over resources. The last decade has witnessed the emergence of socio-technical systems (STS) like Facebook, Twitter, and YouTube, where millions of users interact with each other and share billions of resources on daily basis. Access control for a STS is different from traditional systems in having to satisfy the social requirements of the community as well as the technical requirements of the system. The problems traditional access control models face today are firstly the complexity of mapping millions of users to billions of resources, and secondly the social requirements of users who want to own the resources they post. Current access control models for STS manage access through rule semantics, roles, trust, history management or contents. However, there is no general logical scheme that allows users to allocate rights, covering not just transfer and delegation but also joint and several ownership. The trend from centralized to distributed access control demands a general model to manage rights allocation for users having heterogeneous privacy policies. The model's validity derives from socio-technical design, where social requirements like ownership, freedom and privacy give technical access axioms. The aim is to satisfy not only technical but also social requirements, over which the success of today?s software depends. This research first proposes the social access control model for supporting local administration, dynamic asymmetric relationships and object privacy classification. This core model is then used as a basis of various rights allocation models. The research further illustrates a rights allocation framework based on various properties of STS and presents a reduction approach to design the model. This framework reduces all the possible rights allocations into four basic models: Replace, Revoke, Share and Merge, which can manage every tweet, every post, and every single communication on any STS. The proposed rights allocation models are demonstrated on various current and hypothetical use-cases of current STS to show that it can be used in any system that has social interactions, and where users want to control their resources. This research extends the online social interactions in STS to new horizons which are currently restricted due to the limitations posed by current technology.