Access control and signatures via quorum secret sharing

Moni Naor*, Avishai Wool

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

We suggest a method of controlling the access to a secure database via quorum systems. A quorum system is a collection of sets (quorums) every two of which have a nonempty intersection. Quorum systems have been used for a number of applications in the area of distributed systems. We propose a separation between access servers, which are protected and trustworthy, but may be outdated, and the data servers, which may all be compromised. The main paradigm is that only the servers in a complete quorum can collectively grant (or revoke) access permission. The method we suggest ensures that, after authorization is revoked, a cheating user Alice will not be able to access the data even if many access servers still consider her authorized and even if the complete raw database is available to her. The method has a low overhead in terms of communication and computation. It can also be converted into a distributed system for issuing secure signatures. An important building block in our method is the use of secret sharing schemes that realize the access structures of quorum systems. We provide several efficient constructions of such schemes which may be of interest in their own right.

Original languageEnglish
Pages (from-to)909-922
Number of pages14
JournalIEEE Transactions on Parallel and Distributed Systems
Volume9
Issue number9
DOIs
StatePublished - 1998
Externally publishedYes

Keywords

  • Cryptography
  • Quorum systems
  • Replication
  • Secret sharing
  • Security

Fingerprint

Dive into the research topics of 'Access control and signatures via quorum secret sharing'. Together they form a unique fingerprint.

Cite this