Privacy-preserving multi-party access control

Mina Sheikhalishahi, Gamze Tillem, Zekeriya Erkin, Nicola Zannone

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review


Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by different stakeholders for jointly-managed resources, thus determining whether access to those resources should be granted or not. While providing effective solutions for the protection of co-owned resources, existing approaches do not address the protection of policies themselves, whose disclosure can leak sensitive information about, e.g., the relationships of co-owners with other parties. In this paper, we propose a privacy-preserving multi-party access control mechanism, which preserves the confidentiality of user policies. In particular, we propose secure computation protocols for the evaluation of multi-party policies, based on two privacy-preserving techniques, namely homomorphic encryption and secure function evaluation. An experimental evaluation of our approach shows its practical feasibility in terms of both computation and communication costs.

Original languageEnglish
Title of host publicationWPES'19
Subtitle of host publicationProceedings of the 18th ACM Workshop on Privacy in the Electronic Society
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Number of pages13
ISBN (Print)978-1-4503-6830-8
Publication statusPublished - 2019
EventWPES 2019: The 18th ACM Workshop on Privacy in the Electronic Society - London, United Kingdom
Duration: 11 Nov 201911 Nov 2019


ConferenceWPES 2019
CountryUnited Kingdom


  • Collaborative systems
  • Homomorphic encryption
  • Secure function evaluation


Dive into the research topics of 'Privacy-preserving multi-party access control'. Together they form a unique fingerprint.

Cite this