Emergency access control management via attribute based encrypted QR codes

Belguith, S ORCID: https://orcid.org/0000-0003-0069-8552, Gochhayat, SP, Conti, M and Russello, G 2018, Emergency access control management via attribute based encrypted QR codes , in: IEEE Workshop on Security and Privacy in the Cloud (IEEE CNS 2018 workshop: SPC 2018), 30 May - 1 June 2018, Beijing, China.

[img] PDF - Published Version
Restricted to Repository staff only

Download (743kB) | Request a copy

Abstract

In dynamic environments such as disaster management, mechanisms for the controlled override of access restrictions, a.k.a. break-glass need to be supported. These access control mechanisms should ensure access to facilities, for example, an office building, in an emergency situation, without relying on the use of an online authentication server as connectivity might not be available.

In this paper, we propose a break-glass access control mechanism based on a novel use of QR codes, Shamir’s Secret Sharing Scheme and Attribute Based Encryption. Our proposed solution is such that a secret access key is split using Shamir’s secret sharing scheme and encrypted using attribute based encryption, then encoded in a QR code. Subsequently, emergency actors scan the QR code and recover the individual secret key using their attributes satisfying an access policy associated with the ciphertext. The novelty of our solution lies in the fact that a flexible access control is ensured only when a sufficient number of authorized users collaborate to get access to a building without requiring an online third party. In addition, the access secret key is only decrypted by the authorized users thanks to the use of an attribute based encryption scheme. Finally, we demonstrate the feasibility and the efficiency of the solution by implementing a prototype and analysing its performance.

Item Type: Conference or Workshop Item (Paper)
Additional Information: Proceedings ISBN: 978-1-5386-4586-4
Schools: Schools > School of Computing, Science and Engineering > Salford Innovation Research Centre
Journal or Publication Title: 2018 IEEE Conference on Communications and Network Security (CNS)
Publisher: IEEE
Depositing User: Dr. Sana Belguith
Date Deposited: 20 May 2019 13:21
Last Modified: 21 May 2019 11:32
URI: http://usir.salford.ac.uk/id/eprint/51375

Actions (login required)

Edit record (repository staff only) Edit record (repository staff only)

Downloads

Downloads per month over past year