Sara Foresti

TL;DR: A novel solution to the enforcement of access control and the management of its evolution is presented, based on the application of selective encryption as a means to enforce authorizations.

TL;DR: This article proposes a solution to enforce the privacy of data collections that combines data fragmentation with encryption, and formalizes the problem of minimizing the impact of fragmentation in terms of number of fragments and their affinity and presents two heuristic algorithms for solving such problems.

TL;DR: The article presents a formal model for access control management and illustrates how an authorization policy can be translated into an equivalent encryption policy while minimizing the amount of keys and cryptographic tokens to be managed and introduces a two-layer encryption approach.

TL;DR: This paper illustrates the basic principles on which an architecture for combining access control and cryptography can be built and illustrates an approach for enforcing authorization policies and supporting dynamic authorizations, allowing policy changes and data updates at a limited cost in terms of bandwidth and computational power.

TL;DR: This paper presents the approach for the implementation of access control through selective encryption, and the presentation of the experimental results, which demonstrate the applicability of the proposal.