A content-driven access control system

Protecting identity in the Internet age requires the ability to go beyond the identification of explicitly identifying information like social security numbers, to also find the broadly-held attributes that, when taken together, are identifying. We present a system that can work in conjunction with natural language processing algorithms or user-generated tags, to protect identifying attributes in text. The system uses a new attribute-based encryption protocol to control access to such identifying attributes and thus protects identity. The system supports the definition of user access rights based on role or identity. We extend the existing model of attribute-based encryption to support user revocation and provide a heuristic instantiation of revocation.

Citation

Golle, P.; Staddon, J.; Gagne, M.; Rasmussen, P. A content-driven access control system. 7th Symposium on Identity and Trust on the Internet (IDtrust 2008); 2008 March 4-6; Gaithersburg, MD. NY: ACM; 2008; 26-35.