In this paper, we introduce an information-theoretic approach to the access control problem within a scenario where a trusted central authority is tasked with user registration, and a set of guards is responsible for granting anonymous access to a restricted resource. More precisely, we consider access schemes with centralized user registration, where a trusted authority is responsible for the generation of access tokens assigned to users, while preserving user anonymity with respect to the guards. We first propose an information-theoretic model for anonymous access schemes with centralized user registration, then we show a lower bound on the size of the private information that each guard has to store. Finally, we propose a simple and optimal construction for anonymous access schemes with centralized registration.
An Information-Theoretic Approach to Anonymous Access Control
Alfredo De Santis;Barbara Masucci
;
2024-01-01
Abstract
In this paper, we introduce an information-theoretic approach to the access control problem within a scenario where a trusted central authority is tasked with user registration, and a set of guards is responsible for granting anonymous access to a restricted resource. More precisely, we consider access schemes with centralized user registration, where a trusted authority is responsible for the generation of access tokens assigned to users, while preserving user anonymity with respect to the guards. We first propose an information-theoretic model for anonymous access schemes with centralized user registration, then we show a lower bound on the size of the private information that each guard has to store. Finally, we propose a simple and optimal construction for anonymous access schemes with centralized registration.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
