Katholieke Universiteit Leuven
Oblivious transfer allows the construction of privacy preserving databases, i.e., databases that protect users' anonymity and that prevent the data holder from learning which information is accessed. Nevertheless, in practical applications the data holder needs to apply access control policies to ensure that data is only obtained by authorized users. The authors propose an oblivious transfer with access control scheme that maintains the privacy properties of oblivious transfer and offers two main advantages over previous constructions. First, it allows the enforcement of a larger class of access control policies. Second, it improves communication complexity. As in previous solutions, the communication complexity of the initialization phase is linear in the number of records of data.