Article,

Cryptographic Enforcement of Segregation of Duty

.
14 (2): 858-870 (2017)

Abstract

Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose interesting challenges in often neglected security dimensions. Cryptographic approaches are presented to technically enforce strict auditability, traceability and multi-partyauthorized access control, and thus also enable exoneration from allegations. These ideas are illustrated by challenging examples - constructing various checks and balances for Telecommunications data retention, a vividly discussed and widely known issue. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer

Tags

Users

  • @steschum

Comments and Reviews