In attribute-based access control, users with certain verified attributes will gain access to some particular data. Concerning with privacy of the users' attributes, we study the problem of distributed attribute-based private access control (DAPAC) with multiple authorities, where each authority will learn and verify only one of the attributes. To investigate its fundamental limits, we introduce an information theoretic DAPAC framework, with $N \in \mathbb{N}$, $N\geq 2$, replicated non-colluding servers (authorities) and some users. Each user has an attribute vector $\mathbf{v^*}=(v_1^*, ..., v_N^*)$ of dimension $N$ and is eligible to retrieve a message $W^{\mathbf{v}^*}$, available in all servers. Each server $n\in [N]$ is able to only observe and verify the $n$'th attribute of a user. In response, it sends a function of its data to the user. The system must satisfy the following conditions: (1) Correctness: the user with attribute vector $\mathbf{v^*}$ is able to retrieve his intended message $W^{\mathbf{v}^*}$ from the servers' response, (2) Data Secrecy: the user will not learn anything about the other messages, (3) Attribute Privacy: each Server~$n$ learns nothing beyond attribute $n$ of the user. The capacity of the DAPAC is defined as the ratio of the file size and the aggregated size of the responses, maximized over all feasible schemes. We obtain a lower bound on the capacity of this problem by proposing an achievable algorithm with rate $\frac{1}{2K}$, where $K$ is the size of the alphabet of each attribute.
翻译:在基于属性的访问控制中, 具有某些已验证属性的用户将访问某些特定数据 。 关于用户属性的隐私, 我们研究使用多个权限的基于属性的私人访问控制( DAPAC) 问题, 每个权限将只学习和验证其中的一个属性 。 为了调查其基本限制, 我们引入了一个信息理论 DAPAC 框架, 以$N = $ = $ $ $, $N\ geq 2$, 复制的非循环服务器( 权限) 和一些用户。 关于用户属性的隐私 $\ mathb$$% (v_ 1 ⁇ ),. v_ N ⁇ ) 问题。 每个用户都有一个基于属性的基于属性的私人访问控制( DAPAC ) 问题, 且每个机构都有资格检索所有服务器上可用的信息 $@ mathb* 。 每个服务器的 $n\ 美元, 只能观察和核查用户的$n 。 作为回应, 它将其数据的功能发送给用户。 。 系统必须满足以下条件:(1) 正确性: 用户关于 以 $\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\