Picture map of Europe with pins indicating European capital cities

Open Access research with a European policy impact...

The Strathprints institutional repository is a digital archive of University of Strathclyde's Open Access research outputs. Strathprints provides access to thousands of Open Access research papers by Strathclyde researchers, including by researchers from the European Policies Research Centre (EPRC).

EPRC is a leading institute in Europe for comparative research on public policy, with a particular focus on regional development policies. Spanning 30 European countries, EPRC research programmes have a strong emphasis on applied research and knowledge exchange, including the provision of policy advice to EU institutions and national and sub-national government authorities throughout Europe.

Explore research outputs by the European Policies Research Centre...

Secure set-based policy checking and its application to password registration

Dong, Changyu and Kiefer, Franziskus (2015) Secure set-based policy checking and its application to password registration. In: Cryptology and Network Security. Security and Cryptology . Springer-Verlag Berlin. ISBN 978-3-319-26822-4 (In Press)

[img]
Preview
Text (Dong-Kiefer-CANS-2015-Secure-set-based-policy-checking-and-its-application-to-password)
Dong_Kiefer_CANS_2015_Secure_set_based_policy_checking_and_its_application_to_password.pdf - Accepted Author Manuscript

Download (496kB) | Preview

Abstract

Policies are the corner stones of today's computer systems. They define secure states and safe operations. A common problem with policies is that their enforcement is often in con ict with user privacy. In order to check the satisfiability of a policy, a server usually needs to collect from a client some information which may be private. In this work we introduce the notion of secure set-based policy checking (SPC) that allows the server to verify policies while preserving the client's privacy. SPC is a generic protocol that can be applied in many policy-based systems. As an example, we show how to use SPC to build a password registration protocol so that a server can check whether a client's password is compliant with its password policy without seeing the password. We also analyse SPC and the password registration protocol and provide security proofs. To demonstrate the practicality of the proposed primitives, we report performance evaluation results based on a prototype implementation of the password registration protocol