Description
CryptoAC (Cryptographic Access Control) provides end-to-end protection of sensitive data–such as documents, files and messages–through cryptographic enforcement of access control policies.
CryptoAC is an open-source tool written in the (multiplatform) Kotlin language; it comes either with an easy microservice-based architecture including an optimisation step to maximise the performance and the security of the deployment or, potentially, even as a programming library or plugin. CryptoAC is highly modular, can be easily extended to fit the needs of new scenarios and its APIs allow for straightforward integration with other services.
Please see the repository for more details on CryptoAC.
Related Publications
-
Stefano Berlato, Roberto Carbone, Umberto Morelli, Silvio Ranise
End-to-End Protection of IoT Communications Through Cryptographic Enforcement of Access Control Policies
In: Proceedings of the 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2022) (DOI, complementary material) -
Stefano Berlato, Roberto Carbone, Silvio Ranise
Cryptographic Enforcement of Access Control Policies in the Cloud: Implementation and Experimental Assessment
In: 18th International Conference on Security and Cryptography (SECRYPT 2021) (complementary material, news) -
Stefano Berlato, Roberto Carbone, Adam J. Lee, Silvio Ranise
Formal Modelling and Automated Trade-Off Analysis of Enforcement Architectures for Cryptographic Access Control in the Cloud
In: ACM Transactions on Privacy and Security (TOPS) (complementary material) -
Stefano Berlato, Roberto Carbone, Adam J. Lee, Silvio Ranise
Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization
In: 15th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2020) (DOI, complementary material, news)
