Over-Encryption: Management of Access Control Evolution on Outsourced Data

Data outsourcing is emerging today as a successful paradigm allowing users and organizations to exploit external services for the distribution of resources. A crucial problem to be addressed in this context concerns the enforcement of selective authorization policies and the support of policy updates in dynamic scenarios. In this paper, the authors present a novel solution to the enforcement of access control and the management of its evolution. The proposal is based on the application of selective encryption as a means to enforce authorizations.