Time-space trade-offs in cryptographic enforcement mechanisms for interval-based access control policies
Departmental Seminar
- When?
- Wednesday 30 May 2012, 14:00 to 15:00
- Where?
- 39BB02
- Open to:
- Staff, Public, Students
- Speaker:
- Prof Jason Crampton, Information Security Group at Royal Holloway, University of London
The enforcement of authorization policies using cryptography has received considerable attention in recent years. Enforcement mechanisms vary in the amount of storage and the number of key derivation steps that are required in the worst case. These parameters correspond, respectively, to the number of edges and the diameter of the graph that is used to represent the authorization policy. In this talk we will consider a particular class of access control policies and the associated graphs. We then present a number of techniques for constructing a new graph that has a smaller diameter than the original graph but enforces the same authorization policy.
The talk is not really about access control or cryptography. Rather, the problem of trade-offs in cryptographic access control gives rise to interesting constructions for reducing the diameter of directed acyclic graphs without adding too many edges. It should be accessible to a general computer science audience.
Biography
Jason Crampton was awarded a BSc (Hons) in Mathematics from the University of Manchester in 1986. He worked as a maths teacher for several years and then for a trade union, during which time he completed a part time MSc in Computer Science. He returned to full-time education in 1998, as a postgraduate research student under the supervision of George Loizou, being awarded a PhD in 2002. He joined the Information Security Group at Royal Holloway, University of London in September 2002, becoming a reader in 2007 and a professor of information security in 2011.
Crampton’s research focuses on authorization and access control, particularly role-based access control, cryptographic enforcement methods for access control and the application of partial order theory to access control. His current work focuses on the theoretical foundations of mechanisms that can enforce business rules in workflow management systems and business process management systems, and on the development of frameworks for the specification of authorization policies and access control systems. He serves on the editorial board of ACM Transactions on Information and System Security and the open access journal Algorithms.
