What is CryptoAC?

CryptoAC (Cryptographic Access Control) provides end-to-end protection of sensitive data–such as documents, files and messages–through cryptographic enforcement of access control policies.

CryptoAC is an open-source tool written in the (multiplatform) Kotlin language; it comes either with an easy microservice-based architecture including an optimisation step to maximise the performance and the security of the deployment or, potentially, even as a programming library or plugin. CryptoAC is highly modular, can be easily extended to fit the needs of new scenarios and its APIs allow for straightforward integration with other services.

Note

CryptoAC can be deployed in JVM-based environments only. Support for native and mobile environments is currently under development.

Motivation

Cloud-Edge services, blockchain-based applications and the Internet of Things (IoT) have become pervasive in our society leading to the rise of, to mention a few scenarios, industry 4.0, smart cities and intelligent mobility. All these interconnected devices and services use, store and exchange a large amount of sensitive data. However, the steady rise of cyber attacks–along with increasingly stringent privacy regulations and the presence of “honest but curious” service providers–requires greater security guarantees for data protection, especially given the impossibility to rely solely on curious providers for enforcing access control policies (see [2]).

In this context, CryptoAC guarantees end-to-end protection of sensitive data through cryptographic access control. Differently from traditional security mechanisms enforcing centralized access control such as XACML and OPA, CryptoAC enforces access control in a decentralized fashion, being therefore suitable for use in complex scenarios involving untrusted or partially trusted agents. For more details on CryptoAC, see the Design section.

Ok, But What Does CryptoAC Actually Do?

Consider an organization (e.g., a medical center) in the process of digitalizing its IT infrastructure and moving it to the Cloud. Besides technical concerns, the organization has to reason about the security of its (possibly sensitive) data and those of its customers, as previously discussed. In this context, CryptoAC can be installed on the employees’ devices to help the organization in protecting the data so that neither external attackers nor malicious insiders (e.g., disgruntled employees) nor the “honest but curious” Cloud service provider itself can access the data. In other words, CryptoAC allows employees to upload, share and collaborate over sensitive files and documents through the Cloud securely.

Concretely, CryptoAC employs advanced and robust cryptographic primitives to enforce rich and expressive access control policies over sensitive data–a methodology known as cryptographic access control–which amounts at encrypting data through symmetric cryptography and then distributing the symmetric keys–which embody the permission to read the encrypted data–to authorized users with asymmetric cryptography. This is far from being trivial, especially when considering the issues–such as balancing performance with the need of refreshing cryptographic keys and the associated ciphertexts–arising when, e.g., distributing and revoking permissions (see [1–4]).

Intuitively, this is just one possible scenario; for more information on how CryptoAC can be used, see the Design section.

Features

Warning

This section is under construction.

Background

CryptoAC is the subject of several scientific publications describing its design, architecture and features:

Note

Always refer to this documentation for up-to-date information on CryptoAC, as the following publications may be outdated.

Authors

CryptoAC is being developed and maintained by the Security&Trust research unit of the Bruno Kessler Foundation, Italy. If you are interested in using CryptoAC or you are just curious and want to know more, feel free to contact the developers at sberlato@fbk.eu.

License

Warning

This section is under construction.