To prevent data breaches via removable storage media, the way to enhance the access control capability of hosts within trusted zone with removable storage media attached was explored. Firstly, based on traditional Cipher-text-Policy hiding Attribute-Based Encryption (CP-ABE) schemes, an expression with lattice for attributes was proposed. Each attribute was described as a linear lattice or a subset lattice, and an attribute set was described as a product lattice. Furthermore, the lattice-based multi-level access control model was applied to construct access policies. The new scheme was proven fully secure under the standard model. It effectively simplifies the expression of access policies and satisfies fine-grained access control of sensitive information shared in the context of multi-level security. Secondly, considering the ubiquitous usage of removable storage media, some security attributes associating with the context of use were adopted to construct a lattice structure. Then a dynamic access control could be achieved. Finally, based on authorization and dynamic access control, a layered security solution providing multi-level protection for removable storage media was presented. Security and flexibility of proposed solution was analyzed, and a comparison experiment shows that it still has pretty good efficiency. It also can be applied to information security management in other ubiquitous environments.
|Number of pages||12|
|Journal||Tongxin Xuebao/Journal on Communications|
|Publication status||Published - 2014|