The enforcement of access control policies using cryptography has received considerable interest in recent years and the security of such schemes is increasingly well understood. Recent work in the area has turned to the efficient enforcement of certain classes of policies and asymptotic results are now known. However, for practical purposes, it is useful to have explicit bounds on the time and space complexity of enforcement schemes. In this paper, we provide such bounds for interval-based access control policies, which generalize temporal and geo-spatial access control policies, thereby subsuming a substantial body of work in the literature. Moreover, our enforcement schemes are more practical than existing schemes, in the sense that they operate in the same way as standard enforcement schemes, unlike other efficient schemes in the literature. The main difference between our approach and earlier work is that we develop techniques that are specific to the cryptographic enforcement of interval-based access control policies, rather than applying generic techniques that give rise to complex constructions and asymptotic bounds.
View on arXiv