Embedded document security using sticky policies and identity based encryption

  As we move into storing data within a public cloud infrastructure we reduce the defences and must embed security into the data. Along with this we need to find ways to embed access rights into documents so that those who access the information provide the correct credentials. This will allow documents such as health care records to be store in public cloud infrastructure, but still have a strong focus on security.
The aim of this research is to deliver a functional construct addressing these cloud security requirement. Overall the work uses sticky polices and identity-based encryption (IBE) to integrate with well defined document formats (docx, pptx, xlsx, docm, pptm, ppsx, xlsm). With a sticky policy we integrate access rules which define who, what, when and where could do with the data. With IBE we can guarantee that the policy has not been tampered by illegitimate person as well as ensure protected data confidentiality and its integrity. The work takes the Stanford University Pairing-Based Cryptography library and together with standard cryptographic library set it protects the policy-authorized documents. The work has produced a novel software process, which compliments existing Information Rights Management (IRM) solutions with explicit focus on data sharing in the cloud.
Overall the work aims to improve the current methods of storing documents with Cloud-based systems, and provide slightly new ways to securely attach access rules to the data. Although it is quite technical author proves that actual implementation would be much simpler than currently used RSA and Attribute-Based Encryption (ABE) based IRM systems. Perhaps structure like this has many other applications, however authors believe that cloud-based implementation will have the right impact giving researchers good fundaments for further work.

  • Dates:

    2013 to 2019

  • Qualification:

    Doctorate (PhD)

Project Team