DeepSec Video: Cryptographic Enforcement of Segregation of Duty within Work-Flows

Calling for encryption and implementing it may be easy at a first glance. The problem starts  when you have to grant access to data including a segregation of duty. Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose interesting challenges in often neglected security dimensions. Cryptographic approaches are presented to technically enforce strict auditability, traceability and multi-party-authorized access control and thus, also enable exoneration from allegations.

At DeepSec 2015 Thomas Maus held a presentation explaining the problems and possible solutions.

Tags: , , ,

2 Responses to "DeepSec Video: Cryptographic Enforcement of Segregation of Duty within Work-Flows"