Flexible and Automated Role-based Cryptographic Access Control Enforcement in the Cloud


To facilitate the adoption of cloud by organizations, cryptographic access control is the obvious solution to control data sharing among users while preventing partially trusted cloud service providers to access sensitive data. In this context, CryptoAC implements a state of the art role-based cryptographic access control scheme proposed by Garrison et al. CryptoAC comes with an easy deployment process, it supports 81 different architectures and it is cloud-independent, i.e., it can be seamlessly deployed in all major cloud service providers.

Related Publications

  • Stefano Berlato, Roberto Carbone, and Silvio Ranise
    Cryptographic Enforcement of Access Control Policies in the Cloud: Implementation and Experimental Assessment
    In: 18th International Conference on Security and Cryptography (SECRYPT 2021) (complementary material, news)
  • Stefano Berlato, Roberto Carbone, Adam J. Lee and Silvio Ranise
    Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization
    In: 15th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2020) (DOI, complementary material, news)

Involved People

Berlato Stefano

Stefano Berlato

Carbone Roberto

Roberto Carbone

Ranise Silvio

Silvio Ranise