Attribute-Based Data Access Control for Multi-Authority System.

Access control and authorization in universal basic services is one of the main security issues in distributed systems. In particular, access control in distributed systems, such as in healthcare systems, are crucial to improve facility safety and security. This can lead to the provision of better quality of life and contribute to a healthier future. In order to provide better services, it is necessary to develop a suitable and acceptable authorization system to prevent unauthorized access to data shared in these highly dynamic distributed environments. In practice, several types of service providers, institutes, and authorities generate a variety of data in a shared environment via central authority for their entities. Generally, the use of a central authority introduces several security and privacy issues due to the increased risk if the central authority is compromised. To address this issue, several traditional access control models have been developed and introduced. These models, however, have raised several critical security issues, and there is often a need to combine it with a cryptographic approach to offer and create better access control service to users in multi-domains. To achieve this, we provide an appropriate solution to this issue. In this paper, we introduce an access control policy model for the multi-authority system, which enables attribute authorities to control the security setting. We present a new access control framework for a dynamic authorization model that uses Attribute-Based Access Control (ABAC) and digital signature. We first define and present our system and then formalize the construction of the proposed system. Our system provides flexible access control and enhanced privacy in applied and distributed environments.