Cryptographic Role-Based Access Control, Reconsidered

Bin Liu, Antonis Michalas, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

2 Downloads (Pure)


In this paper, we follow the line of existing study on cryptographic enforcement of Role-Based Access Control (RBAC). Inspired by the study of the relation between the existing security definitions for such system, we identify two different types of attacks which cannot be captured by the existing ones. Therefore, we propose two new security definitions towards the goal of appropriately modelling cryptographic enforcement of Role-Based Access Control policies and study the relation between our new definitions and the existing ones. In addition, we show that the cost of supporting dynamic policy update is inherently expensive by presenting two lower bounds for such systems which guarantee correctness and secure access.

Original languageEnglish
Title of host publicationProvable and Practical Security - 16th International Conference, ProvSec 2022, Proceedings
EditorsChunpeng Ge, Fuchun Guo
Number of pages8
ISBN (Print)9783031209161
Publication statusPublished - 2022
Publication typeA4 Article in conference proceedings
EventInternational Conference on Provable Security - Nanjing, China
Duration: 11 Nov 202212 Nov 2022

Publication series

NameLecture Notes in Computer Science
Volume13600 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Provable Security

Publication forum classification

  • Publication forum level 1

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Cryptographic Role-Based Access Control, Reconsidered'. Together they form a unique fingerprint.

Cite this