ETSI - TS 103 532
CYBER; Attribute Based Encryption for Attribute Based Access Control
Organization: | ETSI |
Publication Date: | 1 March 2018 |
Status: | inactive |
Page Count: | 99 |
scope:
The present document specifies trust models, functions and protocols using attribute based encryption as a foundation of an attribute based access control scheme. It covers both the Ciphertext-Policy (CP-ABE) and Key-Policy (KP-ABE) variants of Attribute-Based Encryption.
The specifications address the following aspects:
• Identification of an ABE scheme covering both the Ciphertext-Policy and Key-Policy variants
• Definition of interactions between the data sources, the service providers and the authority releasing attributes and key material
• Mechanisms for keys, policies, and attributes distribution
• Mechanisms for secret key expiration and revocation
• Definition of semantics for a basic set of attributes to ensure interoperability
• Mapping to a standard Public Key Infrastructure X.509
• Mapping to a standard assertion protocol (SAML)
• Definition of a policy schema for data access control
• Identification of limitations compared to traditional ABAC features
• Translation rules to XACML
• Definition of new protocol bindings when existing bindings do not cover the deployment scenario (e.g. a CoAP binding for the IoT case)