M. Naor et A. Wool, ACCESS-CONTROL AND SIGNATURES VIA QUORUM SECRET SHARING, IEEE transactions on parallel and distributed systems, 9(9), 1998, pp. 909-922
Citations number
49
Categorie Soggetti
Computer Science Theory & Methods","Engineering, Eletrical & Electronic","Computer Science Theory & Methods
We suggest a method of controlling the access to a secure database via
quorum systems. A quorum system is a collection of sets (quorums) eve
ry two of which have a nonempty intersection. Quorum systems have been
used for a number of applications in the area of distributed systems.
We propose a separation between access servers, which are protected a
nd trustworthy, but may be outdated, and the data servers, which may a
ll be compromised. The main paradigm is that only the servers in a com
plete quorum can collectively grant (or revoke) access permission. The
method we suggest ensures that, after authorization is revoked, a che
ating user Alice will not be able to access the data even if many acce
ss servers still consider her authorized and even if the complete raw
database is available to her. The method has a low overhead in terms o
f communication and computation. It can also be converted into a distr
ibuted system for issuing secure signatures. An important building blo
ck in our method is the use of secret sharing schemes that realize the
access structures of quorum systems. We provide several efficient con
structions of such schemes which may be of interest in their own right
.